I guess I don't understand why you are tunnelling traffic between boxes.
Is that to make it easier when you start to load balance? Are you going
to set the tunnels so that the router uses them all. Although I think
you could do this with standard iproute2 commands and no tunnel.
I think the way we setup transparent proxy was
- -Assume squid is on proxy at port 8080
- -Firewall allows all port 80 traffic from proxy
- -firewall re-routes all port 80 packets from other (not proxy) machines
to port 8080 on proxy machine
- -proxy gets all traffic at port 8080 and handles proxying for all non
configured browsers
- -port 80 on proxy is still available for running real http services on
proxy
Another page I found that might be helpful but it's fairly old:
http://www.squid-cache.org/Doc/FAQ/FAQ-17.html
Keep in mind that transparent proxies are neat but your bandwitdth can
go up trememdously because traffic is now being rerouted all over. It
is best to configure the browsers to use proxies. I'm guessing you've
already considered this.
There is an automatic proxy feature in most browsers where you put some
javascript code on a web page and it tells the browser what to do to
proxy. This page details security and setup details
http://homepages.tesco.net/J.deBoynePollard/FGA/web-browser-auto-proxy-configuration.html
- --
JT Morée
PC Xperience, Inc.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
MailScanner thanks transtec Computers for their support.
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change you mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)