Re: WCCP - cache only , no proxy

From: fooler <fooler@dont-contact.us>
Date: Thu, 20 Apr 2000 13:06:29 +0800

Lincoln Dale wrote:

> At 13:44 19/04/00, Henrik Nordstrom wrote:
> > > actually, no.
> > > there are other products in the marketplace which _do_ masquerade as the
> > > client ip address when talking to web-servers.
> >
> >I was not talking about masquerading but TCP based redirection in
> >general. Such redirection requires that all traffic being redirected
> >passes thru the redirection point, and that no other communication is
> >taking place to the host being redirected/spoofed (i.e. origin web
> >server in WCCP). If other traffic are taking place then IP fragmentation
> >windows and other interesting TCP/IP aspects won't work reliably.
>
> not sure i agree with you entirely here.
> in theory, any form of fragmented IP packets may cause problems.
>
> in reality, this doesn't happen.
> remember that the _entire_ http flow, from initial SYN to the FIN/RST has
> been intercepted and redirected to a cache.
>
> providing the interception is as close as possible to the access-edge
> (customer), you don't really have a window-of-opportunity to get into IP
> Fragmentation issues.
>
> of course, i'm making an assumption that the cache's IP stack is capable of
> negotiating suitable tcp-window-sizes (MSS) such that fragmentation won't
> occur.
>

if i understand you correctly what you mean here, to avoid ip fragmentation in a
transparent environment, im using a cisco switch using _store_and_forward_ in
switching mode to solve this problem.

fooler.
Received on Wed Apr 19 2000 - 22:52:44 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:52:59 MST