On Mon, Sep 7, 2009 at 6:32 AM, Girish Venkatachalam<girishvenkatacha...@gmail.com> wrote: > On Sun, Sep 6, 2009 at 9:33 PM, mettur salem<metturmohan2...@gmail.com> wrote: > >> I have problem in the following issues >> >> 1. Squid connectivity --- lan not able to ping from client to server ( 10 >> to 20 minutes once this problemoccur -- network connection not respond, >> connection timed out ) >> 2. squid browsing in very slow -- i increased the cache mem 1024 in >> squid.conf files
Am assuming you have also configured a SNAT. If squid works but ping fails, check if the linux machine is dropping echo requests in IPTables. How do you know squid works? Do logs show HTTP requests going thro' squid and not via SNAT? >> 3. My outlook mails are not able to delivered to outerworld via linux >> server not able to know the dns ip to name or name to ip. If DNS is failing, then browsing will not work too and will return an unknown host error. I find it odd that browsing works but POP/SMTP DNS resolution fails. Have you tried using IP in the mail config to arrive at this conclusion? >> 4. my linux server is act as a router and i put DNAT in Transparent Proxy > > Does this work? Transparent proxy is very hard to setup. Girish - why is it hard to set up? There are very many lucid howtos. This has worked well for quite some time and does not have any gotchas. > Did you first test whether the DNAT is working properly? Check squid logs and this will be evident. > You can check that with netcat and by connecting from outside your network > to a computer behind your Squid box. > > Unless the returning packets also go through squid DNAT will not work. If the outgoing request goes from squid, the returning packet will also go thro' squid as the TCP connection to/from outside terminates on the squid machine. I've found redirect DNAT works as intended in transforming connections. To check this, set up IPTables log using the -j LOG target for sport being port 80 to internal LAN IPs on the squid machines. -- Mohan Sundaram _______________________________________________ To unsubscribe, email ilugc-requ...@ae.iitm.ac.in with "unsubscribe <password> <address>" in the subject or body of the message. http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
