Multi squid redirections with Mikrotik Router OS
Written by vaheeD on January 2, 2013
Multi squid redirections
By using this scenario You can redirect HTTP-traffic to multi SQUID proxies and load balancing the SQUID usage.
Step. 1
Mark routing for HTTP-packet.
/ip firewall mangle add chain=prerouting protocol=tcp dst-port=80 action=mark-routing \
new-routing-mark=http passthrough=no
Step. 2
Add a default route for HTTP-traffic to all SQUID proxies and check them using ping.
/ ip route add dst-address=0.0.0.0/0 gateway=10.1.2.4,10.1.2.3,10.1.2.2 \ check-gateway=ping scope=255 target-scope=10 routing-mark=http comment="" \ disabled=no
Note: Now Mikrotik will start routing the http-requests to all three proxies in round-robin.
Step. 3
Configure all SQUID proxies to listen transparent and redirect HTTP-traffic on SQUID’s port ( i.e transparent SQUID is running on 3128 port).
iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j \ REDIRECT --to-ports 3128
Now we configure ( squid.conf ) all proxies to use cache Peering using ICP protocol.
proxy1
icp_port 3130 cacher_peer 10.1.2.3 sibling 3128 3130 cacher_peer 10.1.2.4 sibling 3128 3130
proxy2
icp_port 3130 cacher_peer 10.1.2.2 sibling 3128 3130 cacher_peer 10.1.2.4 sibling 3128 3130
proxy3
icp_port 3130 cacher_peer 10.1.2.2 sibling 3128 3130 cacher_peer 10.1.2.3 sibling 3128 3130