Thanks for your help!
I manage how to configure rules on shorewall fixing squid on DMZ:
http://www.shorewall.net/Shorewall_Squid_Usage.html
In addition of HTTP traffic loading, this extra flow interfere on
Internet browsing speed?
Joćo
> > Hi everyone!
> >
> > Today I'm running squid on firewall and it is very easy to manage.
> > Despite of that, we are trying to decentralize services and adding new
> > virtual machines on DMZ for each of the servers we need.
> >
> > I would like to know if you recommend to install Squid on DMZ, if it
> > is use to manage and how I could manage rules on firewall (we use
> > shorewall).
> > I don't have any recommendations either way. The pros and cons balance out
> > for most intents and purposes. If its working fine for you as-is then there
> > really isn't anything to fix.
> >
> > If you do make the move, be aware that with interception the firewall will
> > need to take into account the squid box IP and make exceptions. Also an
> > added flow of traffic client->router->squid->router->internet which does
> > not currently occur on the internal router interface. This effectively
> > doubles or triples the internal HTTP traffic load on the router.
> > Amos
Joćo K.
Received on Tue Jun 16 2009 - 11:43:38 MDT
This archive was generated by hypermail 2.2.0 : Wed Jun 17 2009 - 12:00:04 MDT