Simon Lyall wrote:
On Wed, 9 Mar 2005, Nathan Ward wrote:
Why don't you cache semi-transparently? (IE, connections to web servers come from the external IP address of the proxy server). I'm not aware of any real life cases of that breaking things, and as far as I am aware, it's what most NZ providers do.. Feel free to prove me wrong here, of course.
It breaks a few places that use the IP address to auth http sessions, apparently some sites don't believe these weird cookie thingies are ready for prime time.
Hmm. This would be a problem if your requests for the same site were going to different proxy servers. I don't think that happens with Foundys, by default. If it does, it's easily 'fix'-able.
SETI(a)Home and some stupid remote mail thing use by a couple of academic sites around NZ break. There was also a "access to paid databases gateway" type thing at one of the universities that broke (although they said they had fixed it).
There were a couple of others too, Windows update was one I think.
Really? I've done semi-transparently proxying a number of times before, and had no issues with windows update.. My opinion would be that it is easier/better to keep a list of broken sites, rather than a list of broken networks. Customers would be more likely to call to get sites added to this list, and when 'broken' routing is 'fixed' you don't have to go and remove things from the list. -- Nathan Ward