On 4/10/2013 11:16 p.m., Alfredo Rezinovsky wrote:
> I have a squid in tproxy mode running in a bridge.
> Let name LAN side the one connected to the clients and WAN side the
> one connected to the gateway.
> I'm using Ubuntu server LTS with a 3.5.0 kernel
>
> The LAN network has various sub-networks, handled with many different
> IPs in the gateway.
>
> When a client starts a connection to an external server, port 80, the
> proxy intercepts it, process, and answers, allways using the client IP
> for the outgoing packets and the external server ip for the packets
> sent to the client.
>
> The proxy still needs is own IP for 3 reasons:
>
> * Ask DNS queries to a local DNS server (still can't force squid to
> use the original destination IP without asking DNS, or to use the
> TPROXY client ip for the DNS query)
> * Ask ARP to the clients
> * Remote access to the proxy for administration.
* serving error page embeded objects to clients.
>
> Some clients that are in strict mode, refuses to answer ARP when the
> proxy asking IP is not in the same IP network.
>
> There's a way to let linux learn ARP in passive mode when no one
> answers ARP?
>
You will have to ask the networking people for Linux that question.
Amos
Received on Sun Oct 06 2013 - 11:20:22 MDT
This archive was generated by hypermail 2.2.0 : Mon Oct 07 2013 - 12:00:08 MDT