Does anyone know how to mark traffic FROM the (transparent) Web Proxy TO the Internet?
Thx,
Steve @ TBI
Should be possible to do. How did you try to do it?
I’ve got 2 gateways, and all clients on a masquraded LAN go through the transparent proxy. I’m trying to get Squid to make use both gateways, and have so far failed. I haven’t tried marking the traffic yet - I thought that would be a good start though!
Steve @ TBI
OK…
I have 2 WAN NIC’s 1.1.1.0 and 2.2.2.0
I have Gateway 1.1.1.1 and Gateway 2.2.2.2
The (Transparent) Proxy has a source address of 1.1.1.0 (WAN1)
I flowmark traffic generated from 1.1.1.0 dst Port 80 to 0.0.0.0. This picks up ‘Web requests’ out to the Net.
I have a main routing table with gateway 1.1.1.1 as the last rule
I have a ‘dual Gateway’ routing table with gateways 1.1.1.1 and 2.2.2.2, and a rule that sends flow mark ‘Web Requests’ to dual gateway.
When I go browsing, and shine the Torch on WAN 2.2.2.0, packets are arriving FROM the Internet Webserver TO 1.1.1.0
I can see traffic leaving WAN2, but it returns to WAN2 with a destination of WAN1 and doesn’t make it throuth the Router.
I wish there was a Mikrotik Userguide for this; I can’t be (and from these forums I can see I’m not) the first person to ask how to get the proxy to use dual gateways??
Steve @ TBI