RE: [squid-users] Transparent mode with just 1 Ethernet port ?

Thanks Kinkie, and Chris - much appreciated!

I am definitely going to upgrade Squid.

Regarding changing to transparent mode, I'm glad to learn that I can do it with a single Ethernet port, however, I am rethinking doing this, based on your input. I certainly don't want to complicate things for no solid reason.

We recently upgraded our network to MPLS (over a mix of DSL and T1 lines), and our network provider recommended that we switch to transparent mode on our proxy server. They manage all of the routers, and they have set our Squid box as the default route for all of our remote locations. I am questioning their recommendation: My thought now is that the Cisco's should default route everything out to the proper Internet portal based on location, and we leave the Squid box to do caching and proxying, and leave the routing to the Cisco's.


-Kevin


-----Original Message-----
From: Kinkie [mailto:gkinkie_at_gmail.com]
Sent: Tuesday, July 28, 2009 12:08 PM
To: Kevin C. Connell
Cc: squid-users_at_squid-cache.org
Subject: Re: [squid-users] Transparent mode with just 1 Ethernet port ?


On Tue, Jul 28, 2009 at 7:48 PM, Kevin C.
Connell<kevin.connell_at_millerpaint.com> wrote:
> Greetings,

Hello!

> We are running v 2.6.STABLE18 on an Ubuntu box that has (1) Ethernet port. We are successfully running Squid in non-transparent mode, and it works very well.
>
> My first question:
>
> Is there a compelling reason to upgrade to a newer version of Squid?

In addition to the reasons Chris mentioned, there's also
 * increased performance
 * increased standards compliance

> My second question:
>
> Can I run our current version of Squid in transparent mode... with a single Ethernet port?  All of the info I've seen on the web points to having (2) Ethernet ports, and the hardware I'm using is a 1U server box with just 1 Ethernet port on board.  If transparent mode can be done with 1 Ethernet port, any specifics on how to do it would be much appreciated.

Sure. You can either use VLANs or multinetting. The latter is not very
clean, and would give a networking engineer fits, but it works.
Whether it's viable only dipends on your particular environment.

In general going transparent is not really a nice thing to do, as it
makes things complicated. But in the end only you can know if it's the
right thing for you.


--
    /kinkie
Received on Tue Jul 28 2009 - 19:53:30 MDT