transparent mode using L4 switch

Unanswered Question
Jul 22nd, 2009

I don't understand how can I use transparent mode using L4 switch (it's load-balancer, right?). I'm friendly with L4 switches, even though I can not imagine the topology and data flow.

I have two WSA boxes and I need configure active-backup model (therefore I can't use WCCP). I think, only one method is use WSA in forwarding mode and set 'proxy server' on clients.

Do you have any other idea?
What is better, one-arm, or routed mode for this situation?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jowolfer Wed, 07/22/2009 - 16:59

An L4 switch is one that can utilize PBR (policy based routing) to make routing decisions based on the port information.

So instead of sending traffic destined for an outside webserver on port 80 to the default route, it will send it to the WSA.

The configuration for this will differ depending on the particular L4 switch you are using. The configuration for active failover should be possible as well.

angfeglandagan Mon, 10/19/2009 - 07:02

hi, is layer 4 switch better than wccp router?

and does WSA supports the web 2.0 applications?

khoanguy Mon, 10/19/2009 - 23:41

the WSA should work fine with "web 2.0" application (it's still http/https), there might be issues with specific site where the app fails to authenticate from auth request, but a auth bypass policy can be implemented.

As for wccp vs L4 switch?

wccp is the better choice because when wccp fails, it fails open and users still have internet access (depend on admin config with FW) and you can load balance with multiple web cache.

L4 switch is policy based routing, very specific, not as flexible with changes in environment, unless a load-balance appliance is considered.


This Discussion