nanog mailing list archives

RE: backbone transparent proxy / connection hijacking

From: Jamie Scheinblum <jamie () fast net>
Date: Thu, 25 Jun 1998 21:16:47 -0400

Digex was the first carrier to publicly announce support for the inktomi
proxy.

http://www.inktomi.com/new/press/caching.html

From memory, the alteon switch was a layer 4 switch that changed the

destination interface.

The Solaris box then, in turn, pulled the destination address out of the
received packet, and fired up an outgoing connection based on that
destination address.  I did the same thing with Squid and IPFilter on my
personal solaris box, transparently proxying.  I didn't think that the
Alteon talked any special protocol, just re-routed traffic based on
destination port.

How does the Mirror Image box do anything different?  I thought this was a
common hack used by MI, NetApp, NetCache and the Squid users out there, do
they all do something fancier/simpler?

Best regards,

Jamie Scheinblum - FASTNET(tm) / You Tools Corporation
jamie () fast net (888)321-FAST(3278) http://www.fast.net
FASTNET - Business and Personal Internet Solutions

The views stated above are representative of myself, not my employer.

-----Original Message-----
From: Jon Lewis [SMTP:jlewis () inorganic5 fdt net]
Sent: Thursday, June 25, 1998 8:36 PM
To:   Paul Vixie
Cc:   nanog () merit edu
Subject:      Re: backbone transparent proxy / connection hijacking

On 25 Jun 1998, Paul Vixie wrote:

I don't think Digex is using one of our boxes, and if they are using one
of the "just run Inktomi software on a Solaris box and put an Alteon

next

to it" then there are going to be some wierd little unspecified protocol
violations that only Alteon, and a new protocol between Alteon and

Inktomi,

The proxy we seem to be trapped with is:
REMOTE_HOST = dca1-wc2.atlas.digex.net
REMOTE_ADDR = 165.117.17.251

Trying 165.117.17.251...
Connected to 165.117.17.251.
Escape character is '^]'.


SunOS 5.6

login: 


------------------------------------------------------------------
 Jon Lewis <jlewis () fdt net>  |  Spammers will be winnuked or 
 Network Administrator       |  drawn and quartered...whichever
 Florida Digital Turnpike    |  is more convenient.
______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key____

Current thread:

Re: backbone transparent proxy / connection hijacking, (continued)
- Re: backbone transparent proxy / connection hijacking Paul Gauthier (Jun 26)
  - Re: backbone transparent proxy / connection hijacking alex (Jun 26)
    - Re: backbone transparent proxy / connection hijacking Rich Sena (Jun 26)
  - Re: backbone transparent proxy / connection hijacking Michael Dillon (Jun 26)
    - Re: backbone transparent proxy / connection hijacking Patrick McManus (Jun 29)
  - Re: backbone transparent proxy / connection hijacking Hank Nussbacher (Jun 27)
    - Re: backbone transparent proxy / connection hijacking Jeremy Porter (Jun 27)
    - Re: backbone transparent proxy / connection hijacking Patrick W. Gilmore (Jun 28)
    - Re: backbone transparent proxy / connection hijacking Jeremy Porter (Jun 28)
    - Re: backbone transparent proxy / connection hijacking Paul Vixie (Jun 29)
- RE: backbone transparent proxy / connection hijacking Jamie Scheinblum (Jun 25)
- Re: backbone transparent proxy / connection hijacking Sean M. Doran (Jun 26)
- Re: backbone transparent proxy / connection hijacking Owen DeLong (Jun 26)
  - Re: backbone transparent proxy / connection hijacking Jon Lewis (Jun 26)
- Re: backbone transparent proxy / connection hijacking Danny McPherson (Jun 27)
  - Re: backbone transparent proxy / connection hijacking Jeremy Porter (Jun 28)
- Re: backbone transparent proxy / connection hijacking John Fraizer (Jun 29)
- RE: backbone transparent proxy / connection hijacking Pete Farmer (Jun 29)
- Re: backbone transparent proxy / connection hijacking Eric Wieling (Jun 30)
  - Re: backbone transparent proxy / connection hijacking Paul Vixie (Jun 30)
    - Re: backbone transparent proxy / connection hijacking czmok (Jun 30)