Neighbors and Firewalls

From: Chris Jason Richards <richards@dont-contact.us>
Date: Mon, 28 Oct 1996 23:23:40 -0600

We are behind a firewall. All outbound traffic is passed through, Inbound
traffic is selectively let through depending on which machine and its port
the packets are going to.

I have set up two proxy caches.

bob.firewall.net and jon.nofirewall.net. bob sets jon as sibling; jon sets
bob as sibling.

bob.firewall.net makes requests to jon.nofirewall.net, and cachemgr on bob
tells me that jon is Up. One thing I haven't yet determined is if jon has
something that bob doesn't, can jon send it to bob?

jon.nofirewall.net cannot make requests to bob.firewall.net, and cachemgr on
jon tells me that bob is Down.

I have not messed with any settings in the .conf file regarding firewalls.
It seems that bob can use proxy caches in the outside world (not 100% sure).

On our firewall server, should we allows port 3128 and 3130 to pass through
if it is going to bob? Would this allows neighbor relationships to and from
our cache?

Is there a better alternative, or rather, another *intended* alternative?

cjr

-- 
_______________________________________________________________________
Chris Richards                         | Texas A&M University          
richards@tamu.edu                      | Department of Computer Science
http://www.cs.tamu.edu/people/richards | Internet Publishing Services
http://grover.bre.com/                 | Internet System Programmer
Received on Mon Oct 28 1996 - 21:25:22 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:33:23 MST