Vyatta Load-Balancing With Squid + Sarg
I am using 3 lan card :- eth0 – 192.168.1.100 ( Airtel Line ) eth1 – 192.168.2.100 ( BSNL Line ) eth2 – 192.168.0.100 ( Private Line ) Set ip to the your lan card of vyatta machine # configure # set interface ethernet eth0 address 192.168.1.100/24 # set interface ethernet eth1 address 192.168.2.100/24 # set interface ethernet eth2 address 192.168.0.100/24 # commit # save set the name-server and gateway of your vyatta machine # set system name-server 4.2.2.2] # set system gateway-address 192.168.1.1 # set system gateway-address 192.168.2.1 # commit # save Enabling the ssh and https service # set service ssh # set service https # commit >>>Load-balancing # set protocols static route 192.168.1.0/24 next-hop 192.168.1.1 # set protocols static route 192.168.2.0/24 next-hop 192.168.2.1 # commit # set load-balancing wan interface-health eth0 failure-count 2 # set load-balancing wan interface-health eth0 nexthop 192.168.1.1 # set load-balancing wan interface-health eth0 test 2 type ping # set load-balancing wan interface-health eth0 test 2 target 192.168.1.1 # set load-balancing wan interface-health eth1 failure-count 10 # set load-balancing wan interface-health eth1 nexthop 192.168.2.1 # set load-balancing wan interface-health eth1 test 10 type ping # set load-balancing wan interface-health eth1 test 10 target 192.168.2.1 # set load-balancing wan rule 10 inbound-interface eth2 # set load-balancing wan rule 10 interface eth0 # set load-balancing wan rule 10 interface eth1 # commit # save # show load-balancing
================Set
the squid in the vyatta machine ===========================
#
vim.tiny /etc/squid3/squid.conf
search
http_port and Change (line near by 1075) =>
(line
no 36)
http_port
192.168.0.100:3128 transparent
Search
CONNECT (near by line in 666)
copy
the below lines in acl acl land line.
acl
CONNECT method CONNECT
http_access allow net
http_access deny all
=========================
===============================================================
This
is for webproxy address setting for squid..(transparent proxy setting
)
set
service webproxy listen-address eth2
set
service webproxy
set
service webproxy listen-address 192.168.0.100
Enabling
the ssh and https service
#
set service ssh
#
set service https
#
commit
iptables -t
nat -A PREROUTING -i eth2 -p tcp --dport 80 -j REDIRECT --to-port
3128
commit
save
restart the
squid3 service .
===================Sarg
=============================================
SARG
– Squid Analysis Report Generator Configuration is a tool that
allow you to view “where” your users are going to on the
Internet. SARG provides many information about Squid users activities
like, times, bytes, sites, etc…
apt-get
install apache2
then
service restart
Download
sarg-2.2.3.1.tar.gz.
tar
-xvf sarg-2.2.3.1.tar.gz
mv
sarg-2.2.3.1 sarg-report
find
/ -name sarg-report
cd
sarg-report
apt-get
install g++
apt-get
install make
./configure
vim
/usr/local/sarg/sarg.conf
Edit
the below line in this:
access_log
/var/log/squid3/access.log
graphs
yes
graph_days_bytes_bar_color
orange
title
"Squid User Access Report"
temporary_dir
/tmp
output_dir
/var/www/Vyatta/reports/
=>
sarg (run this command)
go
to url and type
http://192.168.0.100/sarg-reports
go
to /var/www/
ln
-s Vyatta/reports sarg-reports (This
is for softlink)
make
a script for to start sarg
put
in crontab
*
/1 * * * sh /root/sarg.sh
#
/etc/init.d/squid3 restart
Won't the first gw be over written by the second gateway when you issue the commands below?
ReplyDelete# set system gateway-address 192.168.1.1
# set system gateway-address 192.168.2.1