Thanks for your reply. > The redirection in both directions must match for this to work. See the > wiki for a configuration example > > http://wiki.squid-cache.org/ConfigExamples/FullyTransparentWithTPROXY The configuration example does not mention the scenario that one router talks to *MULTIPLE* squid servers. As far as I know, cisco routers does not fully track connections, they just redirect packets by their IP addresses and source/destination ports. With TPROXY enabled, router can not tell which outgoing request packet to original destination server is sent by which squid server, as the source IP address is original client's address. So the question arises: I have 2 squid servers, squid A and squid B, both implented TPROXY and connected to the same Cisco router: Internet | | squid A----Router----squid B | | Customers Here squid A wants to send a HTTP request to original destination server, the routers just forwards this packet, it's OK; but when the response packet from the original server returns in, how does the router redirect that packet? Redirect it to squid A or squid B? As there's no connection table in router memory or any mark in the packet, how can the router determine that this response packet should be forwarded to squid A? squid A -- (request to original server) --> router --> original server -- (response) --> router --> squid A or B? Many thanks again. Regards
