Source: PacketShaper and Proxies : together
Posted by Tech in Field on December 13, 2008
Are you wondering where you should put your Blue Coat [Packeteer] PacketShaper and your in-line proxy / cache in your network?
The PacketShaper should be as close to the router (or firewall) as possible. The proxy or cache (if it sits in-line) should sit on the LAN side of the PacketShaper.
INTERNET <-> ROUTER <-> FIREWALL <-> PACKETSHAPER <-> WEB CACHE/PROXY <-> LAN
Can the Shaper and Cache deployment be reversed? Yes, but you will be shaping requests made to the cache. There can be some advantages to this deployment if you are attempting to shape individual connections to the web.
I prefer the cache inside and to see all web connections originating from the proxy.
If your web cache/proxy [Blue Coat, Barracuda, Ironport, etc] supports WCCP v2, you can use your PacketShaper to hand off all port 80 requests to your web filter. In this setup, you usually do not need your web proxy in-line any more.
For this article I use the terms web cache, web proxy and web filter interchangably — if you are using a good one it is all of those things.
Posts
2 comments:
Hi,thanks for the informative post.
i am new to work with packetshaper. I have a client where they have 5 squid proxy server and used approximate 5 mb bandwidth to each server. they want deploy packetshaper integrate with those proxy server. Would you like to give me a solution about the deployment process.
It would be very useful to me.
Thanks again
It depends on how the proxies themselves are deployed, but you want to make sure the PacketShapers are inline with the proxies, so they see all the traffic going to or from the proxies. If proxies are inline, it may be best to put them on the WAN side of the traffic if that's the traffic you're interested in seeing.
Post a Comment