North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Routescience?

  • From: E.B. Dreger
  • Date: Wed Aug 22 13:38:47 2001

(Please wrap lines at ~72 chars)

> If I am reading the "detailed" report right, the RS box actually
> is the border router:
> "Entry-level pricing includes a modular, 14-slot chassis that
> occupies eight rack units and support for two ISP links. Optional
> modules can be added to support additional ISP links and enhanced
> reporting features."

Ah.  I skipped the part about "support for two ISP links".

> In which case, perhaps it is trying to pop open HTTP packets and
> insert its stealth GIF on the fly, at line speed.
> That's a lot of hardware for a function that might be better off
> embedded in the actual servers themselves ...

In-server is what I initially thought of, too.  However, then one
must coordinate between servers... what's wrong with a simple box
in promiscuous mode snagging eq 80 and eq 443 packets and dumping
the rest?

It just seems a shame to have to store and forward all the traffic
when one can analyze it from another viewpoint.  Yes, managed
switches complicate sniffing, but many (most? all?) managed
switches have a "monitor port" that can wiretap traffic.


Brotsman & Dreger, Inc. - EverQuick Internet Division
Phone: +1 (316) 794-8922 Wichita/(Inter)national
Phone: +1 (785) 865-5885 Lawrence

Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <[email protected]>
To: [email protected]
Subject: Please ignore this portion of my mail signature.

These last few lines are a trap for address-harvesting spambots.  Do NOT
send mail to <[email protected]>, or you are likely to be blocked.