Re: [squid-users] Question about transparent proxy + duplicate IPs: is it possible?

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Tue, 03 Oct 2006 14:32:19 +0200

tis 2006-10-03 klockan 11:26 +0200 skrev Marco Simioni:

> The real problem is: what happens if 2 device with the same IP connect
> to this network?

Disaster happens, for those two stations..

> I assume that there is no "collision" in the client devices protocol
> stack, because of the Port-Based VLAN separation i did on the switch
> one device will not see each other.

Correct. There is a collision, but the clients won't be aware of it..

> Btw what happens on my linux box?

It won't know who is who of the two and things will behave very odd for
those stations.

To get around this you need to use a vlan per port, and some advanced
connection marking and policy routing on the linux box to route each to
their correct port (vlan). This will work most of the time, but it can
not be 100% guaranteed and will fail if the two stations choose the same
source port while talking to the same destination at the same time..

Regards
Henrik

Received on Tue Oct 03 2006 - 06:32:28 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Nov 01 2006 - 12:00:04 MST