Vyatta Load-Balancing With Squid + Sarg

- 
I am using 3 lan card  :-
eth0 – 192.168.1.100  ( Airtel Line )
eth1 – 192.168.2.100 ( BSNL  Line )
eth2 – 192.168.0.100 ( Private Line )

Set  ip to the your lan card of vyatta machine

# configure
# set interface ethernet eth0 address 192.168.1.100/24
# set interface ethernet eth1 address 192.168.2.100/24
# set interface ethernet eth2 address 192.168.0.100/24
# commit
# save

set the name-server and gateway of your vyatta machine

# set system name-server 4.2.2.2]
# set system gateway-address  192.168.1.1
# set system gateway-address  192.168.2.1 
# commit
# save

Enabling the ssh and https service

# set service ssh
# set service https
# commit

>>>Load-balancing

#  set protocols static route 192.168.1.0/24 next-hop 192.168.1.1
#  set protocols static route 192.168.2.0/24 next-hop 192.168.2.1
#  commit
 
# set load-balancing wan interface-health eth0 failure-count 2
# set load-balancing wan interface-health eth0 nexthop 192.168.1.1
# set load-balancing wan interface-health eth0 test 2 type ping
# set load-balancing wan interface-health eth0 test 2 target 192.168.1.1
# set load-balancing wan interface-health eth1 failure-count 10
# set load-balancing wan interface-health eth1 nexthop 192.168.2.1
# set load-balancing wan interface-health eth1 test 10 type ping
# set load-balancing wan interface-health eth1 test 10 target 192.168.2.1
# set load-balancing wan rule 10 inbound-interface eth2
# set load-balancing wan rule 10 interface eth0
# set load-balancing wan rule 10 interface eth1
# commit
# save
# show load-balancing 
 
================Set the squid in the vyatta machine ===========================
# vim.tiny /etc/squid3/squid.conf

search http_port and Change (line near by 1075) =>
(line no 36)
http_port 192.168.0.100:3128 transparent
Search CONNECT (near by line in 666)
copy the below lines in acl acl land line.
acl CONNECT method CONNECT
http_access allow net
http_access deny all


=========================

===============================================================

This is for webproxy address setting for squid..(transparent proxy setting )
set service webproxy listen-address eth2
set service webproxy
set service webproxy listen-address 192.168.0.100

Enabling the ssh and https service

# set service ssh
# set service https
# commit

iptables -t nat -A PREROUTING -i eth2 -p tcp --dport 80 -j REDIRECT --to-port 3128
commit
save
restart the squid3 service .

===================Sarg =============================================
SARG – Squid Analysis Report Generator Configuration is a tool that allow you to view “where” your users are going to on the Internet. SARG provides many information about Squid users activities like, times, bytes, sites, etc…

apt-get install apache2
then service restart
Download sarg-2.2.3.1.tar.gz.
tar -xvf sarg-2.2.3.1.tar.gz
mv sarg-2.2.3.1 sarg-report
find / -name sarg-report
cd sarg-report
apt-get install g++
apt-get install make
./configure
vim /usr/local/sarg/sarg.conf
Edit the below line in this:
access_log /var/log/squid3/access.log
graphs yes
graph_days_bytes_bar_color orange
title "Squid User Access Report"
temporary_dir /tmp
output_dir /var/www/Vyatta/reports/

=> sarg (run this command)
go to url and type
http://192.168.0.100/sarg-reports
go to /var/www/
ln -s Vyatta/reports sarg-reports (This is for softlink)
make a script for to start sarg
put in crontab
* /1 * * * sh /root/sarg.sh
# /etc/init.d/squid3 restart

Comments

  1. Unknown29 April 2013 at 08:16

    Won't the first gw be over written by the second gateway when you issue the commands below?

    # set system gateway-address 192.168.1.1
    # set system gateway-address 192.168.2.1

    ReplyDelete

Post a Comment

Popular posts from this blog

PCS Corosync Pacemaker Cluster Mariadb using NFS

-
              PCS Corosync Pacemaker Cluster Mariadb using NFS I have use 2 node cluster with nfsserver  (NODE1,NODE2 and nfsserver )  OS RHEL7.6 Minimal Install IP 192.168.122.50 node1.example.com node1 IP 192.168.122.51 node2.example.com node2 IP 192.168.122.49 nfsserver.example.com nfsserver [root@node1 ~]# vi /etc/hosts  ( edit in NODE1,NODE2 and nfsserver ) 127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.122.49 nfsserver.example.com nfsserver 192.168.122.50 node1.example.com node1 192.168.122.51 node2.example.com node2 #####  Stop Firewall in NODE1,NODE2 and nfsserver  ####### [root@node1 ~]# iptables -F [root@node1 ~]# iptables -F -t nat [root@node1 ~]# systemctl stop firewalld [root@node1 ~]# systemctl disable firewalld [root@node1 ~]# systemctl stop NetworkManager [root@node1 ~]# systemctl disable NetworkManager [root@node1 ~]# vi /etc/sy
Read more

How to install and configure node js and PM2 in rhel7

-
OS RHEL7.6 Minimal Install Download :  libuv-1.7.5-3.el7.x86_64.rpm , nodejs-4.7.2-1.el7.x86_64.rpm [root@node1 ~]# rpm -ivh nodejs-4.7.2-1.el7.x86_64.rpm warning: nodejs-4.7.2-1.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY error: Failed dependencies: libuv >= 1:1.7.5 is needed by nodejs-4.7.2-1.el7.x86_64 libuv.so.1()(64bit) is needed by nodejs-4.7.2-1.el7.x86_64 [root@node1 ~]# rpm -ivh libuv-1.7.5-3.el7.x86_64.rpm warning: libuv-1.7.5-3.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY Preparing...                          ################################# [100%] Updating / installing...    1:libuv-1:1.7.5-3.el7              ################################# [100%] [root@node1 ~]# rpm -ivh nodejs-4.7.2-1.el7.x86_64.rpm warning: nodejs-4.7.2-1.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY Preparing...                          ################################# [100%] Updating / installing.
Read more

How to Create or Configure iSCSI Server and Clinet

-
Server: server.example.com IP Address: 192.168.122.246 OS: CentOS 7.9 Client: client.example.com IP Address: 192.168.122.245 Server: [root@server ~]# pvcreate /dev/vdb [root@server ~]# vgcreate newvg /dev/vdb [root@server ~]#  lvcreate -L 10G -n iscsi newvg [root@server ~]# yum install targetcli -y [root@server ~]# targetcli > cd /backstores/block /backstores/block> create iscsi_disk1 /dev/newvg/iscsi Created block storage object iscsi_disk1 using /dev/newvg/iscsi. /backstores/block> cd /iscsi /iscsi> create iqn.2016-02.local.cass2.server:disk1 Created target iqn.2016-02.local.cass2.server:disk1. Created TPG 1. Global pref auto_add_default_portal=true Created default portal listening on all IPs (0.0.0.0), port 3260. /iscsi> cd /iscsi/iqn.2016-02.local.cass2.server:disk1/tpg1/acls  /iscsi/iqn.20...sk1/tpg1/acls> create iqn.2016-02.local.cass2.server:cass1 Created Node ACL for iqn.2016-02.local.cass2.server:cass1 /iscsi/iqn.20...sk1/tpg1/acls> cd /iscsi/iqn.2016-02.
Read more