From: Mick <michaelkintzios@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Proxy questions
Date: Tue, 24 Jan 2012 18:14:22 +0000 [thread overview]
Message-ID: <201201241814.43970.michaelkintzios@gmail.com> (raw)
In-Reply-To: <20120124170843.GW5190@crowfix.com>
[-- Attachment #1: Type: Text/Plain, Size: 2102 bytes --]
On Tuesday 24 Jan 2012 17:08:43 felix@crowfix.com wrote:
> I know, in general, what proxies do -- caching, filtering, and
> bypassing firewalls. I have even written a couple of very special
> purpose proxies. Now I need one for work, and don't realy want to
> write another custom special purpose when it seems there must be a
> canned one which can do the job.
>
> We have some vendors who transact business over special ports with
> custom protocols. We pay for these connections, and we only have two
> of them, good enough for QA, but when a developer needs to test code,
> they have to drag their machine over to QA and schedule time with one
> of these connections. What we need is a proxy which can take any
> number of connections on our side and funnel everything into one or
> two vendor connections. I don't know enough of the proxy jargon to
> know how to describe it. I imagine some kind of NAT. No filtering or
> caching; firewall penetration will be taken care of elsewhere.
>
> Any suggestions, or proxy education hints?
I'm not entirely clear of your use case scenarios and the constraints you are
trying to address with a proxy (e.g. why the developer does not connect
directly to the vendors port(s) to access their service? ) but I'll guess that
you probably need a reverse proxy/load balancer arrangement - something like
pound, portfusion, or even nginx? BTW, did I mention apache mod_proxy? I am
not sure what authentication arrangements you need to access your vendors
ports, if you have VPNs or other secure tunnels between your site and the
vendors', but let's say I'd read up on reverse proxies as a start.
This should make the transaction transparent for your devs, they won't
necessarily know which vendor they end up with after they hit your URL, but I
am not sure if it will satisfactorily address the issue of scheduling time for
a connection with your vendors at times of high demand. Once ports or vendor
service limitations are reached the connections will eventually become
saturated.
--
Regards,
Mick
[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 198 bytes --]
next prev parent reply other threads:[~2012-01-24 18:15 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-01-24 17:08 [gentoo-user] Proxy questions felix
2012-01-24 18:14 ` Mick [this message]
2012-01-25 17:11 ` felix
2012-01-25 20:49 ` Mick
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201201241814.43970.michaelkintzios@gmail.com \
--to=michaelkintzios@gmail.com \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox