nanog mailing list archives
Re: backbone transparent proxy / connection hijacking
From: "Patrick W. Gilmore" <patrick () priori net>
Date: Sun, 28 Jun 1998 01:49:19 -0700
At 09:37 PM 6/27/98 -0500, Jeremy Porter wrote:
Cisco policy routing can use source IP address for deciding to pass traffic to the cache engine. The cache engine, normaly can be configured to exempt destination. I believe that this fixes both issues. Expecting the customer to be able to have a clue to go to a www page is a bit much, tho. Some customers have setup
I find it ridiculous to suggest that an ACL be built and modified for each and every "broken" thing you find. I wouldn't be surprised if the resources necessary to keep this up - especially considering the potential customer dissatisfaction it *will* cause - outweighs the benifit of the cache.
IP based authentication on their NT server, but can't figure out how to configure SLL which wouldn't be cached, and would be more secure. The burden of making this work is on the cache operator. Also it turns out that the sites with the most problems with the cache are the ones paying the least money for service. Its hard to feel very sorry for a $20/month dialup customer, who is connecting to his coporate site with a broken NT server.
If you are just now figuring out that there are users who are clueless on the Internet, you're way behind the curve. If you figured this out a long time ago and have simply dismissed those users - even the $20/mo dialup customers - as "hard to feel very sorry for", then I'm surprised you are still in business. I give all of my users transit to their desired destination when the pay me for it. Not just those cluefull enough to configure exceptions to the proxy services I have decided to ram down their throat - without their foreknowledge or consent. You are, of course, welcome to do as you please on your network.
Jeremy Porter, Freeside Communications, Inc. jerry () fc net
TTFN, patrick ************************************************************** Patrick W. Gilmore voice: +1-650-482-2840 Director of Operations, CCIE #2983 fax: +1-650-482-2844 PRIORI NETWORKS, INC. http://www.priori.net "Tomorrow's Performance.... Today" **************************************************************
Current thread:
- Re: backbone transparent proxy / connection hijacking, (continued)
- Re: backbone transparent proxy / connection hijacking Mark Skinner (Jun 26)
- Re: backbone transparent proxy / connection hijacking Robert Watson (Jun 26)
- Re: backbone transparent proxy / connection hijacking Rob Quinn (Jun 26)
- Re: backbone transparent proxy / connection hijacking Paul Gauthier (Jun 26)
- Re: backbone transparent proxy / connection hijacking alex (Jun 26)
- Re: backbone transparent proxy / connection hijacking Rich Sena (Jun 26)
- Re: backbone transparent proxy / connection hijacking Michael Dillon (Jun 26)
- Re: backbone transparent proxy / connection hijacking Patrick McManus (Jun 29)
- Re: backbone transparent proxy / connection hijacking Hank Nussbacher (Jun 27)
- Re: backbone transparent proxy / connection hijacking Jeremy Porter (Jun 27)
- Re: backbone transparent proxy / connection hijacking Patrick W. Gilmore (Jun 28)
- Re: backbone transparent proxy / connection hijacking Jeremy Porter (Jun 28)
- Re: backbone transparent proxy / connection hijacking Paul Vixie (Jun 29)
- Re: backbone transparent proxy / connection hijacking alex (Jun 26)
- Re: backbone transparent proxy / connection hijacking Jon Lewis (Jun 26)
- Re: backbone transparent proxy / connection hijacking Jeremy Porter (Jun 28)