[nsp] Port 80 redirect
Gert Doering
gert at greenie.muc.de
Tue Jul 15 00:07:58 EDT 2003
Hi,
On Mon, Jul 14, 2003 at 11:03:30PM +0200, Gert Doering wrote:
> On Mon, Jul 14, 2003 at 03:01:33PM -0400, Carl Jagerski wrote:
> > Using only a 7206 router running 12.2(13), Can I take certain /24s
> > (ie. 10.10.1.0, 10.10.2.0, 10.10.3.0 etc.) that are assigned to
> > workstations and take any port 80 requests from them and route these
> > request to a single web server to return a web page of my choosing no
[..]
> There are a number of possible approaches. On the router side, all of it
> is easy ("ip route 10.10.1.0 255.255.255.0 <someconnectedhost>").
Stupid me. You have asked for connections *sourced* from those /24s.
In that case, you *need* to have some sort of "transparent cache" on the
server box that doesn't actually care about the destination of the packet,
but just grabs it. The Squid proxy/cache can do it. Then redirect all
traffic from the squid through another HTTP server that will respond
with a single page, no matter what you ask (we've done that with Apache
in the past, mod_rewrite should do that just fine).
To get the packets to the squid box, the "automatic" solution is wccp, and
the "manual" solution would be policy routing.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
More information about the cisco-nsp
mailing list