Peer selection based on IP with multiple ports?

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Peer selection based on IP with multiple ports?

Roeeklinger60
Hey,

I am using Squid to route users to different peers based on their usernames, I was asked to add support for IP whitelisting recently but I ran into an issue. 

If one IP wants to access to different peers, I will have to do it based on on the listening port number, as there is no other way to differentiate the traffic, however, Squid is limited to 128 listening ports, which means I will have to use a max of 128 peers.

I know I can increase the maximum to more than 128 listening ports, but apparently, this will result in performance issues.

I was wondering what is the accepted way to do this?

Thanks,
Roee

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Peer selection based on IP with multiple ports?

Amos Jeffries
Administrator
On 17/01/21 1:52 am, roee klinger wrote:

> Hey,
>
> I am using Squid to route users to different peers based on their
> usernames, I was asked to add support for IP whitelisting recently but I
> ran into an issue.
>
> If one IP wants to access to different peers, I will have to do it based
> on on the listening port number, as there is no other way to
> differentiate the traffic, however, Squid is limited to 128 listening
> ports, which means I will have to use a max of 128 peers.
>

What about using the ext_SQL_session_acl helper?

You would have a URL/page that these clients visit to select which peer
they are going to use. That updates the database to start/change their
session with username that allows access to the relevant peer.


Amos
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Peer selection based on IP with multiple ports?

Alex Rousskov
In reply to this post by Roeeklinger60
On 1/16/21 7:52 AM, roee klinger wrote:

> I am using Squid to route users to different peers based on their
> usernames, I was asked to add support for IP whitelisting recently but I
> ran into an issue. 
>
> If one IP wants to access to different peers, I will have to do it based
> on on the listening port number, as there is no other way to
> differentiate the traffic,

If Amos suggestion does not apply, please note that I do not understand
the last part of your assertion above. You are already differentiating
and routing traffic by user names. Why do you feel there is a need to
add some listening port-based rules to your configuration?

Alex.
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users