backbone transparent proxy / connection hijacking

Rich Sena ras at poppa.clubrich.tiac.net
Fri Jun 26 09:24:26 UTC 1998


The Vixie Interceptor is really the only product on the market that
handles this particualr situation correctly - it is a fine product in that
respect. Paul and his group - worked thorugh that issue with very fine
detail.

To the best of my knowledge Digex is using the Inktomi/Alteon solution.

On 25 Jun 1998, Paul Vixie wrote:

> Odd.  The box we used to sell through Mirror Image Internet has no problems
> reaching Cybercash's site -- though I'll admit that we had a lot of angry
> customers for a long time while we found all the wierd little unspecified
> protocol violations that "just work" if no "hijacking" takes place.
> 
> I don't think Digex is using one of our boxes, and if they are using one
> of the "just run Inktomi software on a Solaris box and put an Alteon next
> to it" then there are going to be some wierd little unspecified protocol
> violations that only Alteon, and a new protocol between Alteon and Inktomi,
> could fix.  (Our box integrates forwarding and "hijacking" and this is why.)

<snip>

> The box we built was designed for access providers -- you know, put 1,000
> modems in a room and sell dialup accounts.  It works fine in that context.
> And, dialup users are usually not terribly deep as technologists, and they
> are used to having their bits mutilated in the great cause of "overcommit."
> 
> While a T1 data rate would present no real problem, a T1 customer who would
> usually recognize what was happening to them AND care about it, *would*
> represent a problem.  And besides, a T1 customer would probably be willing
> and able to use ICP or at least run their own local cache and point their
> browsers at it nontransparently.

--
I am nothing if not net-Q! - ras at poppa.clubrich.tiac.net




More information about the NANOG mailing list