November 25, 2024, 06:06:11 PM

News : LinuxSolved.com Linux Help Community Forum..

 

Poll

Configure squid for two isp connection with load balancing ,failover

fail over with two connections
1 (50%)
load balancing with two connections
1 (50%)

Total Members Voted: 2

« previous next »
Pages: [1]

Author Topic: how to configure linux squid proxy server with two isp connections  (Read 16455 times)

Offline rambca

  • New Member
  • Posts: 1
how to configure linux squid proxy server with two isp connections
« on: May 19, 2009, 03:38:27 AM »
These settings i have to configure in fedora core 9.0 and squid proxy 3.0with stable 2.6.

etho -LAN
IP - 192.168.1.125/255.255.255.0

eth1 -WAN 1
IP - 192.168.1.124/255.255.255.0
Gateway(router1) - 192.168.1.1
DNS1(isp1) - 218.248.240.180
DNS2(isp1) - 218.248.240.79

eth2 - WAN2
IP - 192.168.1.123/255.255.255.0
Gateway(router2) - 192.168.1.2
DNS1(isp2) - 203.124.20.100
DNS2(isp2) - 203.124.16.100

Wan1 and WAN2 are having 2MBPS dedicated(Leased Line) bandwith. Currently i confgured wan1 only through squid proxy. eth2 has been disabled. Otherwise it wont work (through gui mode i can configure only two dns ip only -primary and alternate dns server)and there is no problem and working fine. when wan1 is failed, I have to change the dns (isp1) to (isp2) and enable the eth2 and disable the eth1 and restart the network service. then it will work fine(through isp2).

Normally two types of problem will occure in the internet line.
1. Line failed or disconnected.
2. DNS server failed (assume both(Primary and alternative dns server) will get failed).

now my questions are,
1.How can i configure fail over ( wan1(isp1) fails the traffic are automatically sent through WAN2(isp2) without manual operation)

2.if both isp are active, the traffic should be shared on both isp.

In Microsft windows XP professional each interface having separate dns entry and gateway entry. In linux each interface having separate gateway entry but dns entry is comman for all interface(i am talking about gui mode interface configuration).

I have to control the browsing and restricting adult websites. so that i have choosed linux with squid proxy server. I didnt configure or enable dns service. if required i will do it.

waiting for your valuable suggestion.
Logged

Offline kaushalpatel1982

  • LST CareTaker
  • Linux Learner
  • *****
  • Posts: 87
Re: how to configure linux squid proxy server with two isp connections
« Reply #1 on: September 28, 2009, 08:58:54 AM »
1.How can i configure fail over ( wan1(isp1) fails the traffic are automatically sent through WAN2(isp2) without manual operation)
Ans : You can write a script that help you to find out the current status of the gateway using simple ping. If ping of the destination not available from the interface it will remove the route and all the traffic pass through the single gateway.

You can download the script given below and do necessory changes according to your requirement.
==============================================================================
#!/bin/bash

# Time between checks in seconds
SLEEPTIME=10

#IP Address or domain name to ping. The script relies on the domain being
#pingable and always available
TESTIP=www.yahoo.com

#Ping timeout in seconds
TIMEOUT=2

# External interfaces
EXTIF1=eth1
EXTIF2=eth2

#IP address of external interfaces. This is not the gateway address.
IP1=192.168.1.10
IP2=192.168.0.10

#Gateway IP addresses. This is the first (hop) gateway, could be your router IP
#address if it has been configured as the gateway
GW1=192.168.1.1
GW2=192.168.0.1

# Relative weights of routes. Keep this to a low integer value.
W1=1
W2=4

# Broadband providers name; use your own names here.
NAME1=WAN1
NAME2=WAN2

#No of repeats of success or failure before changing status of connection
SUCCESSREPEATCOUNT=4
FAILUREREPEATCOUNT=1

# Do not change anything below this line

# Last link status indicates the macro status of the link we determined. This is down initially to force routing change upfront. Don't change these values.
LLS1=1
LLS2=1

# Last ping status. Don't change these values.
LPS1=1
LPS2=1

# Current ping status. Don't change these values.
CPS1=1
CPS2=1

# Change link status indicates that the link needs to be changed. Don't change these values.
CLS1=1
CLS2=1

# Count of repeated up status or down status. Don't change these values.
COUNT1=0
COUNT2=0

while : ; do
        ping -W $TIMEOUT -I $IP1 -c 1 $TESTIP > /dev/null  2>&1
        RETVAL=$?

        if [ $RETVAL -ne 0 ]; then
      echo $NAME1 Down
      CPS1=1
        else
      CPS1=0
        fi

   if [ $LPS1 -ne $CPS1 ]; then
      echo Ping status changed for $NAME1 from $LPS1 to $CPS1
      COUNT1=1
   else
      if [ $LPS1 -ne $LLS1 ]; then
         COUNT1=`expr $COUNT1 + 1`
      fi
   fi

        if [[ $COUNT1 -ge $SUCCESSREPEATCOUNT || ($LLS1 -eq 0 && $COUNT1 -ge $FAILUREREPEATCOUNT) ]]; then
      echo Uptime status will be changed for $NAME1 from $LLS1
      CLS1=0
      COUNT1=0
      if [ $LLS1 -eq 1 ]; then
         LLS1=0
      else
         LLS1=1
      fi
   else
      CLS1=1
        fi

   LPS1=$CPS1

   ping -W $TIMEOUT -I $IP2 -c 1 $TESTIP > /dev/null  2>&1
          RETVAL=$?

   if [ $RETVAL -ne 0 ]; then
      echo $NAME2 Down
                CPS2=1
        else
                CPS2=0
        fi

        if [ $LPS2 -ne $CPS2 ]; then
      echo Ping status changed for $NAME2 from $LPS2 to $CPS2
                COUNT2=1
        else
                if [ $LPS2 -ne $LLS2 ]; then
                        COUNT2=`expr $COUNT2 + 1`
                fi
        fi

        if [[ $COUNT2 -ge $SUCCESSREPEATCOUNT || ($LLS2 -eq 0 && $COUNT2 -ge $FAILUREREPEATCOUNT) ]]; then
      echo Uptime status will be changed for $NAME2 from $LLS2
      CLS2=0
      COUNT2=0
                if [ $LLS2 -eq 1 ]; then
                        LLS2=0
                else
                        LLS2=1
                fi
   else
      CLS2=1
        fi

   LPS2=$CPS2

   if [[ $CLS1 -eq 0 || $CLS2 -eq 0 ]]; then
      if [[ $LLS1 -eq 1 && $LLS2 -eq 0 ]]; then
         echo Switching to $NAME2
                        ip route replace default scope global via $GW2 dev $EXTIF2
      elif [[ $LLS1 -eq 0 && $LLS2 -eq 1 ]]; then
         echo Switching to $NAME1
                        ip route replace default scope global via $GW1 dev $EXTIF1
      elif [[ $LLS1 -eq 0 && $LLS2 -eq 0 ]]; then
         echo Restoring default load balancing
                        ip route replace default scope global nexthop via $GW1 dev $EXTIF1 weight $W1 nexthop via $GW2 dev $EXTIF2 weight $W2
      fi
   fi
        sleep $SLEEPTIME
done
===================================================================

2.if both isp are active, the traffic should be shared on both isp.
Ans: The above script also help you to resolve the issue.

You will have to configure cache-only dns server on linux machine. You have to just check whether you having cache-only dns server installed on your linux machine or not. If Yes, just add your network in /etc/named.caching-nameserver.conf and restart the named service. Configure this linux server as your client's DNS Server and you have done.

 You have choose right operating system for your proxy as well as DNS Server. Linux is very flexible operating system. I hope the script helps you to resolve your problem.
Logged
Pages: [1]
« previous next »