On Fri, Mar 16, 2001 at 07:25:14PM +0100, RoMaN SoFt / LLFB!! wrote: > I'm not a kernel hacker. But I suppose the "good" solution would be > to patch kernel for removing TOS checking. This way our problem > wouldn't exist. > > Arthur van Leeuwen <arthurvl@xxxxxxxxxx> kindly suggested a trick > with static routes involved, to solve this last problem. But I want to > set up a transparent proxy on the gateway machine. Therefore almost > all traffic will (virtually) originate on the gateway machine (where > the proxy will be located) and I need this traffic to be balanced too > (as the other local traffic does). > > If I'm missing something or I'm wrong, please, correct me. Also I'd > like to receive more (working if possible) ideas. > > Thanks all (specially to Arthur). > > Román.- > > I would find an old pci machine, and use that as the "equalizing" machine. You can have the proxy behind that, and have the eq box send the connections needing proxying to the squid box. Are you using the eq box as a firewall too? Under best conditions, the only open service on the firewall would be ssh or none. Mike