From owner-freebsd-net@FreeBSD.ORG  Mon Aug  4 19:15:57 2003
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A252B37B401
	for <net@freebsd.org>; Mon,  4 Aug 2003 19:15:57 -0700 (PDT)
Received: from mail.cs.ait.ac.th (mail.cs.ait.ac.th [192.41.170.16])
	by mx1.FreeBSD.org (Postfix) with ESMTP id EFAEE43F93
	for <net@freebsd.org>; Mon,  4 Aug 2003 19:15:55 -0700 (PDT)
	(envelope-from on@cs.ait.ac.th)
Received: from banyan.cs.ait.ac.th (on@banyan.cs.ait.ac.th [192.41.170.5])
	by mail.cs.ait.ac.th (8.12.3/8.9.3) with ESMTP id h752FpEH079337;
	Tue, 5 Aug 2003 09:15:52 +0700 (ICT)
Received: (from on@localhost)
	by banyan.cs.ait.ac.th (8.8.5/8.8.5) id JAA01320;
	Tue, 5 Aug 2003 09:17:50 +0700 (ICT)
Date: Tue, 5 Aug 2003 09:17:50 +0700 (ICT)
Message-Id: <200308050217.JAA01320@banyan.cs.ait.ac.th>
X-Authentication-Warning: banyan.cs.ait.ac.th: on set sender to
	on@banyan.cs.ait.ac.th using -f
From: Olivier Nicole <on@cs.ait.ac.th>
To: notsane@sveitt.org
In-reply-to: <3F2F1178.8060106@sveitt.org> (notsane@sveitt.org)
References: <1060008117.a01537208ba27@mail.worldinternet.org>
	<200308050106.IAA01216@banyan.cs.ait.ac.th> <3F2F1178.8060106@sveitt.org>
X-Virus-Scanned: by amavisd-milter (http://amavis.org/)
cc: net@freebsd.org
Subject: 
 Re: ipfw - natd - squid - 3 Nic's - 1 FBSD 5.1 server and routing
 question
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Aug 2003 02:15:57 -0000

> Not only outgoing traffic for squid will be traversing that link, but 
> also the answers to those requests sent out. So even thought your not 
> really interested in the outgoing traffic as such, you have to send it 
> out on that link to get responses back on the same link.

Not always true, and on another hand, when you are multihomed, it
becomes almost impossible to decide what interface the incoming
traffic will come through. You are not responsible of the way others
route the traffic to you (well you have very little leverage on that
at least).

As it was mentionned in the original mail, he had set-up his squid to
use the IP of the second ISP (cable), so hopefully the incoming will
be router through that ISP. It will be even more true if that
interface is not advertised on the other interface.

Olivier