hello
In the faq there is answered the question of whether the destination
server can have exposed to it the ip address of the client rather than
that of the requesting proxy. Answer being no, due to some fundamental
aspects of the way tcp works.
One reason for wanting the client address exposed I suppose is that one
has all requests go through the proxy but have the destination know
where they actually originated.
It would useful to me to be able to have the destination servers see
different requesting ip addresses (not, naturally, the originating
clients), but without deploying multiple physical proxy servers. Would
it be possible to run multiple instances of squid on the one box and
use the cache_peer_access parameter to direct each request from a
"master" squid instance to one of the others AND have each instance of
the other squid processes bound to a different ip address?
Assuming that the box's interface has been assigned multiple addresses
(eg ethernet has 1.2.3.4, 1.2.3.5, 1.2.3.6 ...). Then using the ACLs
define something that is then directed to one of the squid instances
which then makes the request using the corresponding ip address. The
net effect is that the destination server would see one of several
source addresses, which the proxy can determine using its ACL
structure. I can't seem to find any indication that multiple squid
instances could "bind" to individual ip addresses on the one server -
of course using multiple physical servers the idea could be achieved
quite easily.
Is this completely silly? Is it feasible (pointers would be helpful)?
Is there a different (sensible) way to do this?
thanks
r.
Received on Tue Oct 05 2004 - 23:28:36 MDT
This archive was generated by hypermail pre-2.1.9 : Mon Nov 01 2004 - 12:00:01 MST