Results 1 to 2 of 2
hi.
if my understanding is correct, when a client enters a url ie: google.com, the firewall's dnat changes that destination ip address to that of the squid server. but then ...
- 02-11-2009 #1Just Joined!
- Join Date
- Jan 2009
- Posts
- 5
question about dnat and squid
hi.
if my understanding is correct, when a client enters a url ie: google.com, the firewall's dnat changes that destination ip address to that of the squid server. but then how does squid know how to send the packet to google if that address has been changed?
- 02-12-2009 #2Linux Newbie
- Join Date
- Feb 2009
- Posts
- 99
you misunderstanding.. example.com:
(10.1.1.1) client [ package] --> (10.1.1.2) [squid] (20.2.2.2) --> google.com
package include
[ source ip : 10.1.1.1 ] [destination ip : 10.1.1.2 ]
[ source port: 1025] [ destination port 3128 ]
package data type : google.com web access
because client access internet do not use DNAT or route, all package would send to [ squid server ] and then [ squid server ] access cache or access internet after that keep one copy to cache.
google.com get one package
[ source ip : 20.2.2.2 ] [destination ip : google.com ]
[ source port: 1025] [ destination port 80 ]
^__^
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts