Peter Deutsch wrote:
>
> g'day,
>
> "Michael B. Bellopede" wrote:
> ...
> > Regardless of what occurs at higher layers, there is still the problem of
> > changing the source address in an IP packet which occurs at the network(IP)
> > layer.
>
> The Content Services Business Unit of Cisco (Fair Disclosure time -
> that's my employer and my business unit) sells a product called
> "Local Director". LD is intended to sit in front of a cluster of
> cache engines containing similar data, performing automatic
> distribution of incoming requests among the multiple caches. It does
> this by intercepting the incoming IP packets intended for a specific
> IP address and multiplexing it among the caches. Are we doing
> something illegal or immoral here? No, we're offering hot spare
> capability, load balancing, increased performance, and so on. The
> net is a better place than it was a few years ago, when a web page
> would contain a list of links and an invitation to "please select
> the closest server to you".
>
> We also have a product called "Distributed Director", which is
> essentially a DNS server appliance which can receive incoming DNS
> requests (e.g for "www.cnn.com") and reroute it to one or more cache
> farms for distributed load balancing. If intercepting IP addresses
> is evil, then presumably intercepting DNS requests is more evil,
> since it's higher up the IP stack? No, it's a legitimate tool for
> designing massive Content Service Networks of the scale needed in
> the coming years.
These are both conformant with RFC 1122/1123 (together STD-3) because
they redistribute IP addresses within a stub network. Same with DHCP.
The questionable practices (wrt STD-3) arise when sourcing IP addresses
not delegated to your authority (i.e., running these services on transit
to someone else's server), rather than running them as a head-end to
your own stub.
Joe
