Re: (ASCEND) DNS Caching on the TNT

["willp2" <willp2@dreamscape.com>]

We used something similar to this for implementing a "web page intercept" for
"hijacking" a dialin session and sending them to an intercept-web-page during
their normal browsing.  We used the Ascend-Private-Route to specify a different
default route for specific users.  This route then pointed all their packets to
a solaris server on the same lan segment as the max 40xx's that received the
dialin sessions.  This solaris server was then configured as a router, and we
would use ipnat to remap their port80 traffic to a local web server.

The application was to be able to inform users that they had not yet changed
their access number.  For some reason, some people just don't read their email
or care when we send them several email notices.  The solaris server could just
as easily remap their session to a squid proxy.

Using "Ascend-Private-Route" as a radius entry to set a default route on a
per-user basis is only useful when the transparent cache server is located on
the same lan segment as the maxes.

The nice thing is that you can remove the ipnat filters at any time, and all
packets will be forwarded as usual-- so if your transparent cache craps out, you
can disable the nat re-mapping at any time.

If you're looking at web proxies for thousands of simultaneous connections, stay
far away from the apache proxy.

For a remote LAN situation with only a few users, I'd recommend using WinGate.
You can find it at http://www.deerfield.com/wingate/  It's not the best, but
there's nothing really wrong with it either.  Just be sure not to enable the
telnet proxy unless you know that it's secured properly.

To speed up DNS lookups, I dunno.  The local DNS table on the TNT won't be used
to "proxy" user DNS requests.  The dns table is used by the terminal server as
far as I know.  DNS lookups by users are not going to be processed by the tnt,
they will be sent to the DNS server that your users' are configured for.  If I'm
wrong on this, someone please correct me.

-Will

-----Original Message-----
From: claudio@tasco.cl <claudio@tasco.cl>
To: ascend-users@bungi.com <ascend-users@bungi.com>; occ.treas.gov@tasco.cl
<occ.treas.gov@tasco.cl>
Date: Friday, March 19, 1999 12:51 PM
Subject: (ASCEND) DNS Caching on the TNT


>For Web Transparent Caching there a number of alternatives.
>Cacheflow has one, www.cacheflow.com
>Netapp also has it, www.netapp.com
>
>You would alneed to but Layer 4 Switch, that will redirect all the traffic to
>port 80 to the cache box
>Those are the expensive ways. 30K almost.
>
>The other way to go is to get it from http://squid.nlanr.net and if you have
>Solaris in your network then you donī`t need to buy the L4 switch.
>Check with http://squid.nlanr.net/Squid/FAQ/FAQ-17.html
>
>--Claus
>
>Just wondering if anyone is using the dns-local-table on a TNT.  Is this
>option similar to DNS Caching (my documentation is about a year or so old
>and does not have this option defined)?  If this option functions like I
>hope, it may provide quicker DNS responses to my dial-in users.
>
>Also, I am looking into some form of Web caching device for my remote
>users.  Anyone have any ideas or recommendations?
>
>Any advice or recommendation is appreciated.
>
>Thanks in advance.
>
>Mitch
>
>++ Ascend Users Mailing List ++
>To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
>To get FAQ'd:   <http://www.nealis.net/ascend/faq>
>
>++ Ascend Users Mailing List ++
>To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
>To get FAQ'd: <http://www.nealis.net/ascend/faq>
>

++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>