Community discussions

 
ruhanda
just joined
Topic Author
Posts: 9
Joined: Wed May 12, 2010 12:02 pm
Location: Balikpapan, Indonesia

Another MikroTik and Squid question

Fri Jun 24, 2011 12:12 pm

All,

I got MikroTik and Squid configuration suggestion as picture attached.
squid proxy.jpg
and configuration in Mikrotik:
/ip firewall nat add chain=dstnat dst-address=192.168.100.1 protocol=tcp dst-port=80 action=dst-nat
to-addresses=172.16.5.1 to-ports=80

the idea is only http traffic will go to squid proxy server.

What is advantage and disadvantage to implement this configuration.
I need some comment, recommendation and suggestion from mikrotik expert.

Thanks,
Ruhanda
You do not have the required permissions to view the files attached to this post.
 
User avatar
Egate
Long time Member
Long time Member
Posts: 547
Joined: Thu May 15, 2008 10:43 am
Location: South Africa

Re: Another MikroTik and Squid question

Fri Jun 24, 2011 6:27 pm

No expert but will give it a start. First of, don’t think you have to have two interfaces on you proxy in this scenario.
The main reason for a proxy is to speed up web page access. If you have got 10 users accessing News24, the first user would access the web site on the internet, at which time the proxy would cash the data. When the second user access News24, he will get his data from the proxy, that is at lan speeds and also, you would safe on actual internet data.
Happy days. :-)
 
User avatar
Chupaka
Forum Guru
Forum Guru
Posts: 8319
Joined: Mon Jun 19, 2006 11:15 pm
Location: Minsk, Belarus
Contact:

Re: Another MikroTik and Squid question

Fri Jun 24, 2011 7:51 pm

I have just installed Squid + TProxy =) one ethernet for Squid, two ethernets for RouterOS machine (Squid is on the same subnet as CPEs)

I'll play with that setup (now Squid processes NATted addresses, I'd like to NAT after Squid)
Russian-speaking forum: https://forum.mikrotik.by/. Welcome!

For every complex problem, there is a solution that is simple, neat, and wrong.

MikroTik. Your life. Your routing.
 
User avatar
Egate
Long time Member
Long time Member
Posts: 547
Joined: Thu May 15, 2008 10:43 am
Location: South Africa

Re: Another MikroTik and Squid question

Fri Jun 24, 2011 11:18 pm

Hi Chupaka. Let us know how it goes. Balancing few ADSL lines with PCC and that is the only solution that looks like it might work in this kind of scenario if i want to use a proxy. Which Linux did u use?
Happy days. :-)
 
ruhanda
just joined
Topic Author
Posts: 9
Joined: Wed May 12, 2010 12:02 pm
Location: Balikpapan, Indonesia

Re: Another MikroTik and Squid question

Sat Jun 25, 2011 2:36 am

Thanks for all response,

the idea is not only speed up the http but also using different gateway to the internet but the bandwidth still manage by mikrotik.

I'm using RB1100 and core 2 duo PC+4GB RAM+500GB HDD with below mikrotik setup.

/ip fi nat add chain=dstnat protocol=tcp port=80 action=dst-nat to-addresses=172.16.5.1 to-ports=3128
/ip firewall mangle add chain=prerouting protocol=tcp dst-port=80 action=mark-routing new-routing-mark=http-proxy passthrough=no
/ip route add dst-address=0.0.0.0/0 gateway=172.16.5.1 check-gateway=ping routing-mark=http-proxy comment="Proxy"

I will try this configuration on today, hopefully it works.

Chupaka,

Can you share your configuration? It will useful for me.
 
User avatar
Egate
Long time Member
Long time Member
Posts: 547
Joined: Thu May 15, 2008 10:43 am
Location: South Africa

Re: Another MikroTik and Squid question

Sat Jun 25, 2011 11:04 am

That’s something completely different, don’t need proxy for that, actually works better without proxy, unless you could get Tproxy working. Have a look at the wiki, lots of load balancing examples.
Happy days. :-)

Who is online

Users browsing this forum: No registered users and 120 guests