On 26/10/2016 5:26 a.m., Eliezer Croitoru wrote: > Hey Henry, > > It's not about RFC at all from my point of view. > It's very simple to setup the system in a way that will work as you want but > with Let say Ubuntu 16.04 or Debian 8(latest). > These are very stable in my environment and if you need some help with the > design I would be able to assist you with it. > I cannot find right now the whole setup specs but it's very simple to mark > connections by the VLAN or the source network: > You will just need to change the next rules to be static and to not rely on > NFQUEUE: > http://wiki.squid-cache.org/EliezerCroitoru/Drafts/MwanLB#iptables_rules_example > > Then write a special routing table per vlan. > The reason to do so is since this is how it is suppose to be and not because > of the RFC.
Well, the RFC describe what "how it is suppose to be" is exactly. But that is as relevant as they get. It's a simple situation of; if you replace part of any protocol on-wire binary bytes with random or wrong data, dont expect it to continue working. > Your setup breaks good connections but maybe you are just not aware of it. No 'maybe' about it. It *is* breaking connections, guaranteed. Otherwise you (Henry) would not have noticed any issue when Squid stopped the breakage from happening. The TCP/IP level breakage is/was just happening in a way that hides itself from the admin sight and logs until Squid-3 started pointing it out. Amos _______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
