Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 25 Jan 2022 12:22:24 +0000
From:      bugzilla-noreply@freebsd.org
To:        ports-bugs@FreeBSD.org
Subject:   [Bug 261464] www/squid: 5.3 ignores tcp_outgoing_address setting
Message-ID:  <bug-261464-7788@https.bugs.freebsd.org/bugzilla/>

next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D261464

            Bug ID: 261464
           Summary: www/squid: 5.3 ignores tcp_outgoing_address setting
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs@FreeBSD.org
          Reporter: zarychtam@plan-b.pwste.edu.pl
                CC: timp87@gmail.com
                CC: timp87@gmail.com
             Flags: maintainer-feedback?(timp87@gmail.com)

It looks like 5.3 is ignoring this and using all available ipv4 addresses i=
n a
round-robin manner.

To reproduce on hosts with multiple intefraces (LAN/WAN) set in config:

acl localdst dst 10.0.0.0/21
tcp_outgoing_address 10.0.0.x localdst     #LAN
tcp_outgoing_address x.y.z.126             #WAN
tcp_outgoing_address 2001:db8:0:0:ffff::10 #WAN

Squid 4.15 handled this correctly and hosts from 10.0.0.0/21 subnet were
accessed with src address 10.0.0.255. After upgrading to 5.3 it sometimes
works, sometimes doesn't since some requests on LAN interface originate with
public address x.y.z.126 like below:

12:55:05.972434 IP x.y.z.126.38231 > 10.0.0.y.443: Flags [SEW], seq 2645213=
960,
win 65535, options [mss 8960,nop,wscale 10,sackOK,TS val 2976375790 ecr 0],
length 0
12:55:07.012899 IP x.y.z.126.38231 > 10.0.0.y.443: Flags [SEW], seq 2645213=
960,
win 65535, options [mss 8960,nop,wscale 10,sackOK,TS val 2976376831 ecr 0],
length 0
12:55:09.221192 IP x.y.z.126.38231 > 10.0.0.y.443: Flags [S], seq 264521396=
0,
win 65535, options [mss 8960,nop,wscale 10,sackOK,TS val 2976379038 ecr 0],
length 0
12:55:09.829276 ARP, Request who-has 10.0.7.81 tell 10.0.0.y, length 46
12:55:13.425196 IP x.y.z.126.38231 > 10.0.0.y.443: Flags [S], seq 264521396=
0,
win 65535, options [mss 8960,nop,wscale 10,sackOK,TS val 2976383243 ecr 0],
length 0
12:55:21.655716 IP x.y.z.126.38231 > 10.0.0.y.443: Flags [S], seq 264521396=
0,
win 65535, options [mss 8960,nop,wscale 10,sackOK,TS val 2976391473 ecr 0],
length 0

--=20
You are receiving this mail because:
You are the assignee for the bug.=



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-261464-7788>