North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: backbone transparent proxy / connection hijacking
At 09:37 PM 6/27/98 -0500, Jeremy Porter wrote: > >Cisco policy routing can use source IP address for deciding to pass >traffic to the cache engine. The cache engine, normaly can be >configured to exempt destination. I believe that this fixes both >issues. Expecting the customer to be able to have a clue to >go to a www page is a bit much, tho. Some customers have setup I find it ridiculous to suggest that an ACL be built and modified for each and every "broken" thing you find. I wouldn't be surprised if the resources necessary to keep this up - especially considering the potential customer dissatisfaction it *will* cause - outweighs the benifit of the cache. >IP based authentication on their NT server, but can't figure out how >to configure SLL which wouldn't be cached, and would be more secure. >The burden of making this work is on the cache operator. Also it turns >out that the sites with the most problems with the cache are the ones >paying the least money for service. Its hard to feel very sorry for >a $20/month dialup customer, who is connecting to his coporate site >with a broken NT server. If you are just now figuring out that there are users who are clueless on the Internet, you're way behind the curve. If you figured this out a long time ago and have simply dismissed those users - even the $20/mo dialup customers - as "hard to feel very sorry for", then I'm surprised you are still in business. I give all of my users transit to their desired destination when the pay me for it. Not just those cluefull enough to configure exceptions to the proxy services I have decided to ram down their throat - without their foreknowledge or consent. You are, of course, welcome to do as you please on your network. >Jeremy Porter, Freeside Communications, Inc. [email protected] TTFN, patrick ************************************************************** Patrick W. Gilmore voice: +1-650-482-2840 Director of Operations, CCIE #2983 fax: +1-650-482-2844 PRIORI NETWORKS, INC. http://www.priori.net "Tomorrow's Performance.... Today" **************************************************************
|