Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




311 posts

Ultimate Geek
+1 received by user: 3


Topic # 92580 2-Nov-2011 10:07
Send private message

Hi,

I recall the last time I checked I was using Telecom's transparent proxy but it seems it's no longer the case:

# telnet 1.1.1.1 80
Trying 1.1.1.1...
^C

 
My network knowledge tells me that transparrent proxies capture all traffic, including the one for IP addresses that don't run a web server and/or are down.

Am I mistaken?

Thanks. 

PS: I am comfortable not using their proxies so I'm not looking to have it enabled, I am just wondering if they have disabled the "feature" or they are using a different method. I'm on a Total Home 60GB broadband plan. 

Create new topic
2606 posts

Uber Geek
+1 received by user: 1106

Trusted
Lifetime subscriber

  Reply # 540226 2-Nov-2011 10:23
Send private message

tcpdump: Hi,

I recall the last time I checked I was using Telecom's transparent proxy but it seems it's no longer the case:

# telnet 1.1.1.1 80
Trying 1.1.1.1...
^C

 
My network knowledge tells me that transparrent proxies capture all traffic, including the one for IP addresses that don't run a web server and/or are down.

Am I mistaken?


Yes, you are.

Transparent proxies only cache http traffic to allow for faster browsing experience and reduced usage of international connectivity.  It won't cache https or any other traffic such as vpn's or tcp sessions that are reset due to the remote site being down.

tcpdump: PS: I am comfortable not using their proxies so I'm not looking to have it enabled, I am just wondering if they have disabled the "feature" or they are using a different method. I'm on a Total Home 60GB broadband plan. 


You can request a static IP, and have that IP added to the no-proxy list.

Transparent proxies by their nature shouldn't be affecting your browsing experience in any other way than a positive one by making it go faster.  That is of course if the cache hasn't got corrupted and the proxies are all bent out of shape :)







311 posts

Ultimate Geek
+1 received by user: 3


  Reply # 540231 2-Nov-2011 10:34
Send private message

I have a remote linux machine and I launched a tcpdump -n port 80 and host $telecom_ip

10:29:34.858398 IP $telecom_ip.36881 > $remote_server.80: Flags [S], seq 1524399974, win 14600, options [mss 1340,sackOK,TS val 208051953 ecr 0,nop,wscale 5], length 0
10:29:34.859587 IP $remote_server:80 > $telecom_ip.36881: Flags [R.], seq 0, ack 1524399975, win 0, length 0
 
This would point to a transparent proxy not being used, correct?

Thanks.

PS: Based on http://www.telecom.co.nz/packages/packages/plansandpricing/totalhomebroadband - does the "static ip address - included" mean it's free? :) 

 
 
 
 


2606 posts

Uber Geek
+1 received by user: 1106

Trusted
Lifetime subscriber

  Reply # 540336 2-Nov-2011 14:02
Send private message

tcpdump: I have a remote linux machine and I launched a tcpdump -n port 80 and host $telecom_ip

10:29:34.858398 IP $telecom_ip.36881 > $remote_server.80: Flags [S], seq 1524399974, win 14600, options [mss 1340,sackOK,TS val 208051953 ecr 0,nop,wscale 5], length 0
10:29:34.859587 IP $remote_server:80 > $telecom_ip.36881: Flags [R.], seq 0, ack 1524399975, win 0, length 0
 
This would point to a transparent proxy not being used, correct?

Thanks.

PS: Based on http://www.telecom.co.nz/packages/packages/plansandpricing/totalhomebroadband - does the "static ip address - included" mean it's free? :) 


You wouldn't be able to tell if you are going via the transparent proxy unless you took a trace on both end and saw different sequence numbers between source and destination.  You might see additional http headers injected into the payload but that's at layer 5 rather than 3.

I suggest you request a static IP, to me I don't see a issue with it since it only improves browsing, but if you have a specific business need / reason then put in the request and see how you go.





1598 posts

Uber Geek
Inactive user


  Reply # 540352 2-Nov-2011 14:31
Send private message

BarTender:
tcpdump: I have a remote linux machine and I launched a tcpdump -n port 80 and host $telecom_ip

10:29:34.858398 IP $telecom_ip.36881 > $remote_server.80: Flags [S], seq 1524399974, win 14600, options [mss 1340,sackOK,TS val 208051953 ecr 0,nop,wscale 5], length 0
10:29:34.859587 IP $remote_server:80 > $telecom_ip.36881: Flags [R.], seq 0, ack 1524399975, win 0, length 0
 
This would point to a transparent proxy not being used, correct?

Thanks.

PS: Based on http://www.telecom.co.nz/packages/packages/plansandpricing/totalhomebroadband - does the "static ip address - included" mean it's free? :) 


You wouldn't be able to tell if you are going via the transparent proxy unless you took a trace on both end and saw different sequence numbers between source and destination.  You might see additional http headers injected into the payload but that's at layer 5 rather than 3.

I suggest you request a static IP, to me I don't see a issue with it since it only improves browsing, but if you have a specific business need / reason then put in the request and see how you go.

Would I be correct in saying that you couldn't use an Alternate DNS if you we're on the transparent proxy?



311 posts

Ultimate Geek
+1 received by user: 3


  Reply # 540354 2-Nov-2011 14:35
Send private message


Would I be correct in saying that you couldn't use an Alternate DNS if you we're on the transparent proxy?


Not necessarily. They are two different things as the transparent proxy intercepts requests at the IP level (layer 3) , not on the DNS level (layer 7).
 
However, I have read quite a few topics on various issues when using non-Telecom provided DNS servers.

 

8029 posts

Uber Geek
+1 received by user: 387

Trusted
Subscriber

  Reply # 540361 2-Nov-2011 14:51
Send private message

My understanding is that Telecom use a large cluster of Bluecoat devices for caching (some of the newer Cacheflow, some of the older Proxy SG).

In practice they only intercept international http requests (not https or other protocols) and serve those from the cache.

I believe a http request served from the cache will have an the cache domain name added to the http headers in the server field.  You can inspect the response headers in the dev tools in any modern browser (IE9, Chrome, Firefox + Firebug addon).

It will look something like this (this is Firefox w/ Firebug addon), except the server field will have additional text like: AKmdrL2CacheBC4.telecom.co.nz



So you will probably need to inspect a http request for a static resource eg: css, js, images from an international site where the cache-control headers have been set for caching in order to see this in action.

677 posts

Ultimate Geek
+1 received by user: 27

Trusted

  Reply # 540536 2-Nov-2011 23:48
Send private message

Ragnor is pretty much on the money, with the exception that the the high end cacheflows didnt allow the insertion of the via header, so if you pass through one of those you wont see it.

The Telecom cache was setup so that if your HTTP request didnt match certain criteria it would bypass the cache farm, this was to catch port 80 international traffic that wasnt actually HTTP, so if you simply open a telnet connection to international IP on port 80 and send any random char down it you will bypass the cache:)

There are other tricks you can try and use to see if you are being proxy cached, some are reliable and others arent, things like window scaling size etc. All depends on the cache...

The Telecom caches do secondary DNS resolution before filling a request (it is also a dns cache) so if you use a DNS cache other than the one the caches do then it will screw with your requests.
Common things like requesting facetube from google dns returning a server in the states and the cache seeing it as some where a lot closer, you start getting responses from servers you didnt request them from.

Also be wary of testing to a server the is international, always make sure both the request and response paths are international routes, they are not always and this causes other issues...

Paul (please Telecom, help me purge the cache from my brain:))




meat popsicle

1948 posts

Uber Geek
+1 received by user: 469
Inactive user


  Reply # 540563 3-Nov-2011 07:56
Send private message

ptinson: Paul (please Telecom, help me purge the cache from my brain:))


Cheers Paul for the insightful response... And no.. you won't ever be able to purge the cache ;).

677 posts

Ultimate Geek
+1 received by user: 27

Trusted

  Reply # 540567 3-Nov-2011 08:16
Send private message

Insightful? mmm, just factual i think, nothing in that post is new.
I would still be pushing for a big change in how they run if I was still there, ah well. Such is life.




meat popsicle

Create new topic


Donate via Givealittle


Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Amazon introduces new Kindle with adjustable front light
Posted 21-Mar-2019 20:14


A call from the companies providing internet access for the great majority of New Zealanders, to the companies with the greatest influence over social media content
Posted 19-Mar-2019 15:21


Two e-scooter companies selected for Wellington trial
Posted 15-Mar-2019 17:33


GeForce GTX 1660 available now
Posted 15-Mar-2019 08:47


Artificial Intelligence to double the rate of innovation in New Zealand by 2021
Posted 13-Mar-2019 14:47


LG demonstrates smart home concepts at LG InnoFest
Posted 13-Mar-2019 14:45


New Zealanders buying more expensive smartphones
Posted 11-Mar-2019 09:52


2degrees Offers Amazon Prime Video to Broadband Customers
Posted 8-Mar-2019 14:10


D-Link ANZ launches D-Fend AC2600 Wi-Fi Router Protected by McAfee
Posted 7-Mar-2019 11:09


Slingshot commissions celebrities to design new modems
Posted 5-Mar-2019 08:58


Symantec Annual Threat Report reveals more ambitious, destructive and stealthy attacks
Posted 28-Feb-2019 10:14


FUJIFILM launches high performing X-T30
Posted 28-Feb-2019 09:40


Netflix is killing content piracy says research
Posted 28-Feb-2019 09:33


Trend Micro finds shifting threats require kiwis to rethink security priorities
Posted 28-Feb-2019 09:27


Mainfreight uses Spark IoT Asset Tracking service
Posted 28-Feb-2019 09:25



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.