Thanks for that Niall, interesting.. I'm very keen to do it, if you want to try a beta version of the software in a production environment then let me know...

We can definitely keep you in mind ! :-) Thanks !

I know theres currently options on the netapp to allow spoofing,

Yes, the support needed on the cache server side is not too hard. Just accepting packets for us that were actually destined to a client instead ;-) (returning traffic)

but your document suggests this isnt actually workable at the moment as the l4 switches dont redirect the return traffic.. is that right?

Woah. I said Foundry can't do it (yet), but Alteon can. We have customers doing this already. Note that you need to make sure that your traffic is "symmetrical" - i.e., the returning traffic will definitely go through the same device - otherwise you'll have problems. You have to be *very* careful with this feature...

so right now theres no way to use my cache and maintain the client ip throughout the connection?

With Alteon you can - right now. With WCCP 2 you will be able to in the (near?) future. And Foundry will hopefully add the support soon too...

[ As you probably know, NetCache adds an X-Forwarded-For header (if none already exists) to all requests it sees. This contains the client IP address. So web servers can get access to it that way if they want to... ]

Cheers, Niall