Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: backbone transparent proxy / connection hijacking

  • From: Jamie Scheinblum
  • Date: Thu Jun 25 21:23:04 1998

Digex was the first carrier to publicly announce support for the inktomi
proxy.

http://www.inktomi.com/new/press/caching.html

>From memory, the alteon switch was a layer 4 switch that changed the
destination interface.

The Solaris box then, in turn, pulled the destination address out of the
received packet, and fired up an outgoing connection based on that
destination address.  I did the same thing with Squid and IPFilter on my
personal solaris box, transparently proxying.  I didn't think that the
Alteon talked any special protocol, just re-routed traffic based on
destination port.

How does the Mirror Image box do anything different?  I thought this was a
common hack used by MI, NetApp, NetCache and the Squid users out there, do
they all do something fancier/simpler?

Best regards,

Jamie Scheinblum - FASTNET(tm) / You Tools Corporation
jamie@fast.net (888)321-FAST(3278) http://www.fast.net
FASTNET - Business and Personal Internet Solutions

The views stated above are representative of myself, not my employer.

> -----Original Message-----
> From:	Jon Lewis [SMTP:jlewis@inorganic5.fdt.net]
> Sent:	Thursday, June 25, 1998 8:36 PM
> To:	Paul Vixie
> Cc:	nanog@merit.edu
> Subject:	Re: backbone transparent proxy / connection hijacking
> 
> On 25 Jun 1998, Paul Vixie wrote:
> 
> > I don't think Digex is using one of our boxes, and if they are using one
> > of the "just run Inktomi software on a Solaris box and put an Alteon
> next
> > to it" then there are going to be some wierd little unspecified protocol
> > violations that only Alteon, and a new protocol between Alteon and
> Inktomi,
> 
> The proxy we seem to be trapped with is:
> REMOTE_HOST = dca1-wc2.atlas.digex.net
> REMOTE_ADDR = 165.117.17.251
> 
> Trying 165.117.17.251...
> Connected to 165.117.17.251.
> Escape character is '^]'.
> 
> 
> SunOS 5.6
> 
> login: 
> 
> 
> ------------------------------------------------------------------
>  Jon Lewis <jlewis@fdt.net>  |  Spammers will be winnuked or 
>  Network Administrator       |  drawn and quartered...whichever
>  Florida Digital Turnpike    |  is more convenient.
> ______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key____




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.