From: Jason T. Slack-Moehrle <slackmoehrle at gmail.com> > Here is where I draw some confusion. Where do items such as Varnish Cache, > HAProxy go in relationship to firewall, DMZ, etc? Here, we use 2 keepalived/lvs servers in direct routing for HA, then n cache servers with nginx (for consistent hashing + some basic http/php) and, behind, varnish (or squid, not decided yet... varnish memory/disk handling seems "cleaner" and a little bit faster, but on the other hand squid cache will survive a restart (maybe varnish new version 3.x implemented it, not sure)). JD