Mladen Turk wrote:
OK, but still what are the remotes to connect to? If they are dynamically determined then I'll need to fix the way the workers are determined. Right now each physical box we can connect to has to be at least once specified in the config. The question is: Is it OK to resolve that on the first successful request on the unspecified host?
It is not a problem to add the worker dynamically if never specified, but I'm worried about the security in that case. Is the NoProxy meant to be used in such situations?
This is why there was a split between determining the one (or more) IP addresses to potentially connect to, and then deciding which of those addresses is the best to connect to based on load balancer / round robin / whatever - sometime the downstream servers are client specified, rather than preconfigured in a config.
Here, the balancer might say "You are asking proxy to connect to an IP address that balancer has no clue about in my config. Let me just DNS round robin this one".
Regards, Graham --
smime.p7s
Description: S/MIME Cryptographic Signature
