Re: [squid-users] Question about configuration directive http_port

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Wed, 19 Oct 2011 12:19:50 +1300

 On Mon, 17 Oct 2011 08:27:20 -0700, - Mikael - wrote:
> Amos,
>
> What are the benefits of having Squid on the LAN?
>
> Our firewall (Sonicwall NSA) explicitly forbids proxies on the LAN
> for
> some reason.
> The firewall will forward all traffic to Squid only if its on public
> IP address.
>
> This is how we are setup right now:
> (LAN) -> (Sonicwall firewall, NAT, DPI, DHCP) -> (Squid) -> WWW
> WAN routing is done by the ISP's router that's on site.
> Latency from LAN to Squid box is <1ms.
>

 It is closer to the clients. With usually faster internal bandwidth
 available for HIT responses from the cache. That is pretty much all the
 benefits of being on the LAN, all other benefits are available on the
 WAN as well.

 We were not talking about LAN vs WAN though. NAT does not matter where
 Squid sits. The only difference to NAT is what the bypass rule syntax
 looks like. For Squid on the LAN you bypass the proxy IP or MAC or NIC.
 For Squid on the WAN you bypass all of port 80 traffic (routing to the
 proxy for NATing).

 Amos
Received on Tue Oct 18 2011 - 23:19:53 MDT

This archive was generated by hypermail 2.2.0 : Wed Oct 19 2011 - 12:00:06 MDT