Firewall Wizards mailing list archives
RE: Transparent proxying
From: "Victoria of Borg" <vicofborg () myrealbox com>
Date: Fri, 13 Feb 2004 09:11:53 -0800
From: firewall-wizards-admin () honor icsalabs com [mailto:firewall-wizards-admin () honor icsalabs com] On Behalf Of kaptain Subject: RE: [fw-wiz] Transparent proxying WCCP is more elegant. It doesn't force default routes and it uses health checks with proxies that support it. If the proxy goes down, the router will bypass the proxy and go directly to the origin server.
A couple of months ago, I helped setup a WCCP-based system using Squid (www.squid-cache.org) as the cache-engine. This worked remarkably well. When we brought up the Squid engine, after making sure our WCCP config was correct, every single outbound HTTP request was routed through the proxy. Not a single change was needed on the desktop. It was a wonderous event. To make matters more interesting, the WCCP protocol supports multiple cache-engines. It then parcels out a portion of traffic to each engine based on a hash of the URL. That way, all traffic heading to http://www.cisco.com/ hits the same cache, where traffic going to http://www.hotmail.com/ could go through a different one. If any of the engines drops out, within 30 seconds WCCP will notice and repartition traffic accordingly. And if all engines fail, traffic goes out the default route instead. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Transparent proxying Yachera, Stanley (Feb 12)
- RE: Transparent proxying kaptain (Feb 13)
- RE: Transparent proxying Victoria of Borg (Feb 16)
- RE: Transparent proxying kaptain (Feb 13)