The Journey of a Network Engineer

Dec 27 2011   1:11AM GMT

Moving from Explicit Proxy to Transparent Proxy – part 2

Sulaiman Syed Profile: Sulaiman Syed

If you have read the first part of this series, you would know that there is major upgrade plan move from explicit proxy to transparent. One of the major objective that during migration to the new network, there should be minimal downtime. But since we are going to utilize the same hardware, downtime can’t be totally avoided. The current firewall is not able to handle the traffic going to the internet by itself.

Transparent proxy design

with that in mind, we have few things to workout to finilize the network design:

  1. IP addressing scheme throughout the network.
  2. The integration of older firewall with the new firewall.
  3. The implementation of packet shaping for provisioning IP based, and group based bandwidth.
  4. How the traffic will route from the PBR to IR going by two firewalls contexts.
  5. The integration of new LB by keeping the proxy traffic/control plane segregated from the other traffic.

In the above diagram, we are showing a basic idea of the connectivity. I would go into the details of hardware and logical connectivity in the next blog entry.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: