RE: [fw-wiz] Transparent proxying
From: Victoria of Borg (vicofborg_at_myrealbox.com)
To: <email@example.com> Date: Fri, 13 Feb 2004 09:11:53 -0800
> From: firstname.lastname@example.org
> [mailto:email@example.com] On Behalf
> Of kaptain
> Subject: RE: [fw-wiz] Transparent proxying
> WCCP is more elegant. It doesn't force default routes and it
> uses health checks with proxies that support it. If the
> proxy goes down, the router will bypass the proxy and go
> directly to the origin server.
A couple of months ago, I helped setup a WCCP-based system using Squid
(www.squid-cache.org) as the cache-engine. This worked remarkably well.
When we brought up the Squid engine, after making sure our WCCP config was
correct, every single outbound HTTP request was routed through the proxy.
Not a single change was needed on the desktop. It was a wonderous event.
To make matters more interesting, the WCCP protocol supports multiple
cache-engines. It then parcels out a portion of traffic to each engine
based on a hash of the URL. That way, all traffic heading to
http://www.cisco.com/ hits the same cache, where traffic going to
http://www.hotmail.com/ could go through a different one. If any of the
engines drops out, within 30 seconds WCCP will notice and repartition
traffic accordingly. And if all engines fail, traffic goes out the default
firewall-wizards mailing list