Re: [squid-users] Re: acl arp and vlan

From: Amos Jeffries <>
Date: Thu, 17 Oct 2013 19:43:22 +1300

On 17/10/2013 4:23 p.m., Ding Guigeng wrote:
> i read the document.
> there is one NOTE:
> # NOTE: Squid can only determine the MAC address for clients that are on the
> same subnet. If the client is on a different subnet, then Squid cannot find
> out its MAC address.
> so the mac address from other vlan,canot be denied by arp control?

Correct. The MAC on the TCP packets delivered to Squid will be the MAC
of the router doing packet relay from vlan1 to vlan2. Since it is the
machine "directly plugged" into the Squid box and where the packets are
going to/from Squid.

Please read up on how MAC addresses and ARP protocol operate:

Received on Thu Oct 17 2013 - 06:43:37 MDT

This archive was generated by hypermail 2.2.0 : Thu Oct 17 2013 - 12:00:06 MDT