Multi squid redirections

From MikroTik Wiki
Jump to: navigation, search

Multi squid redirections

By using this scenario You can redirect HTTP-traffic to multi SQUID proxies and load balancing the SQUID usage.

By Kashif Ali Bukhari +92 345 8444420. 
[ http://kashifbukhari.com]

Squid-proxy-load.png

Step. 1

Mark routing for HTTP-packet.

 /ip firewall mangle add chain=prerouting protocol=tcp dst-port=80 action=mark-routing \
    new-routing-mark=http passthrough=no

Step. 2

Add a default route for HTTP-traffic to all SQUID proxies and check them using ping.

  / ip route 
  add dst-address=0.0.0.0/0 gateway=10.1.2.4,10.1.2.3,10.1.2.2 \
   check-gateway=ping scope=255 target-scope=10 routing-mark=http comment="" \
   disabled=no

Note: Now Mikrotik will start routing the http-requests to all three proxies in round-robin.

Step. 3

Configure all SQUID proxies to listen transparent and redirect HTTP-traffic on SQUID's port ( i.e transparent SQUID is running on 3128 port).

 iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j \
   REDIRECT --to-ports 3128

Now we configure ( squid.conf ) all proxies to use cache Peering using ICP protocol.

proxy1

icp_port 3130
cacher_peer 10.1.2.3 sibling 3128 3130
cacher_peer 10.1.2.4 sibling 3128 3130

proxy2

icp_port 3130
cacher_peer 10.1.2.2 sibling 3128 3130
cacher_peer 10.1.2.4 sibling 3128 3130


proxy3

icp_port 3130
cacher_peer 10.1.2.2 sibling 3128 3130
cacher_peer 10.1.2.3 sibling 3128 3130