Hi,
I'm currently working on the next Layer 4 software release (4.0) for
the Alteon switches. Among other things (including Layer 3), I am
adding the ability for the switch to perform the transparent proxy
function that ipfilt and others currently provide for squid.
When an HTTP frame arrives at the switch, the switch remaps the
various address fields so that the frame is addressed to the cache
server and forwards the frame to the cache server.
Releases 2.1 and 3.0 only remapped the destination MAC address which
has two limitations:
1) A router cannot appear between the switch and cache server.
2) IP filtering software must be installed on the cache server.
Release 4.0 remaps both the source and destination MAC, IP address,
and TCP port. By remapping the source address fields (NAT), the
switch is acting as a proxy for the client, which eliminates most
network topology restrictions, ie, alternate paths to client. By
remapping the destination address fields, the switch is performing the
transparent proxy function, and the remaining topology restrictions
are eliminated, ie, there can be a router between the switch and cache
server.
So, looking at the Layer 2, 3, and 4 addresses, a frame the CLIENT
generates looks like:
Source Dest
---------------
CMAC SMAC
CIP SIP
CPort SPort(80)
(C stands for client, S for server)
The switch redirects the frame to the cache server remapping the
fields. The frame arrives at the cache server looking like this:
Source Dest
---------------
PMAC QMAC
PIP QIP
PPort QPort(80)
(P stands for proxy, Q for sQuid cache)
The frame arrives at the cache server on port 80. We've configured
squid to "accelerate many origin servers using the Host header." I
don't know Perl. Does someone have a redirector script that will do
what we want? The one on the web site seems pretty weak. We want to
accelerate ALL web servers.
Thanks,
John
Received on Thu Mar 12 1998 - 10:53:43 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:39:21 MST