[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewalls-gc
Subject:    Re: clarification on rfc-1597 addresses and transparent proxies
From:       Paul Ferguson <pferguso () cisco ! com>
Date:       1995-11-10 6:20:28
[Download RAW message or body]

Apologies if this has already been suggested, but have you taken a look
at http://www.translation.com?

- paul


At 07:22 AM 11/9/95 -0700, Dieter Dworkin Muller wrote:

>
>I wrote:
>:  However, my user community needs to be
>:  able to do things like ftp and telnet from their desks.
>
>In writing that, I left out the important bits, aka the implementation
>requirements:
>
>- I'm not allowed to modify what software they run
>- it has to be completely transparent
>- isolate us from having to change network addresses
>
>Partly, it's a political restriction (``I won't change how I do
>things, therefore anything you do has to work with my existing tools
>without me seeing any difference''), and partly practical (I don't
>want to deal with trying to create proxy-aware dos, windows, nt, and
>os/2 applications for the non-standard things being done on our net).
>
>The address change requirement is because we are currently in the
>`swamp', as it is referred to by various major ISPs.  They're
>threatening to stop routing single networks in that range, so we're
>looking at having to renumber soon.  We'd rather do it once (to an
>ISP-provided net number), and not have to worry about it again if we
>ever change ISPs.  Changing to an internal rfc-1597 network and an
>external-only ISP-provided network should give us the desired
>isolation -- no one internal will have to do anything if/when we
>change to a different ISP and ISP-provided network number.
>
>These restrictions are why I am looking at the (admittedly
>non-trivial) concept of virtual addresses and weird DNS.
>


--
Paul Ferguson                                           ||        ||
Consulting Engineering                                  ||        ||
Reston, Virginia   USA                                 ||||      ||||
tel: +1.703.716.9538                               ..:||||||:..:||||||:..
e-mail: pferguso@cisco.com                         c i s c o S y s t e m s

[prev in list] [next in list] [prev in thread] [next in thread]