Re: Cisco 2501 & Squid 1.1.9 (fwd)

> Recently, John Todd talked about "Re: Cisco 2501 & Squid 1.1.9 (fwd)", and said
> >
> >
> > The Alteon products are not quite what the doctor ordered, or at least,
> > they're not what this doctor can afford. The initial verbal quote was about
> > $9k for the hardware, and then an additional $3k for the software. Gaaa!
>
> Sorry, I thought when you said "Cisco" you were looking for something
> along the lines of their Web Cache Engine thingie for $45,000; currently,

Actually, I didn't post the original message; I'm just following up.

> that's the only thing I know of in a Cisco that will do what you were
> looking today, and $12K makes the Alteon box darned cheap compared to
> the Cisco box. The Alteon box is also the _only_ box that I know
> of that is an "invisible" something that will do web redirection;
> all others are actual IP "hops" that show up in traceroutes, and
> are attackable as actual IP addresses.

True, yet not complete. You can use the policy routing features within a
Cisco to perform the "port-stripping" features. Not particularly fast, but
it serves the purpose in some limited circumstances. The Cisco Cache Engine
is waaay overpriced, but Cisco knows that. It's a 50/50 chance that they'll
let other people use their WCP protocol, and even then it'll be an
additional charge for the software. I'm still kind of irked that they
charge extra for NAT... but that's a different gripe.

You can get a Cisco 4500 with two ethernet interfaces for about $6k that
will serve the purpose for a T1-speed connection, and it will do the
"port-stripping" for you as well as any other nifty tricks that you care to
stuff into the IOS (NAT, filter lists, etc.)

The Cisco will show up as a "hop" on your traceroutes only if you are using
it as a port-stripper. If you're using it also as a border router (since
it's got the ability to connect to WAN or alternate media,) you won't see
any additional "hops." Not like "hops" really matter, anyway...

> I think the only thing you're going to find that's cheaper than
> the Alteon box is a Linux/BSD box with multiple ethernet cards. :-(

Agreed, but I don't like the management issues of putting spinning disks and
PCs in the way of my traffic as a router.

Alteon needs to come up with a low-price, 10bT box whose only function is to
move traffic in one port and re-distribute to 2 or 3 boxes in a load-sharing
or failover mode. Make lots of knobs, and market it for <$4.5k. They'll
make more money than they know what to do with. If it works as a
transparent redirector (for LAN managers looking to control their users'
habits) and also as a load sharing/failover device (for low-end web servers
to have some measure of redundancy without spending $34k (!!!) for a
LocalDirector) then Alteon might be able to pull the rug out from under
Cisco before Cisco has a product ready for market. I live and die by
Cisco's hardware, but their prices are nothing short of insulting on the
non-router ("Internet Products") boxes.

JT

> Best of luck!
>
> Matt
>
> > The hardware has two gigabit ethernet ports (overkill for this application)
> > and then (?) 8 10/100 ports. Once again, all I really need is a 4-port 10bT
> > swrouter that can be had for $3k. This can be easily done with a Linux or
> > BSD-based box, but I don't WANT such a cumbersome animal in the path of the
> > important data. I want something that is "invisible" from the higher layers
> > of the (broken) OSI model.
> >
> > <sigh> Back to policy routing... Good news: policy routing is
> > fast-switched in 11.3 of the "standard issues" releases on 2xxx/4xxx
> > routers.
> >
> > JT
> >
> >
> > On Tue, 30 Dec 1997, Matthew Petach wrote:
> >
> > > Recently, George M. Ellenburg talked about "Cisco 2501 & Squid 1.1.9", and
> > > said
> > > >
> > > >
> > > > Is it possible to set up some sort of NAT in a Cisco 2501 Router to
> > > > have the router blindly redirect all packets destined for port 80 to
> > > > our proxy server on port 3128 so our users don't have to specify a
> > > > proxy server address in their browsers?
> > >
> > > Alteon has added such a feature into their AceSwitch 180 line
> > > of fast ethernet switches; it has the advantage of doing the
> > > redirection at layer 2, so there's no IP "hop" associated with
> > > the redirection, unlike with a router-based solution. It's
> > > pretty cool. It'll even do load-balancing among several
> > > squid caches with the redirection!
> > >
> > > Definitely worth checking out!
> > >
> > > Matt
> > >
> > > > -----
> > > > George M. Ellenburg Sundial Internet Services Systems Administrator 4853-B
> > > > S. Orange Ave. <gme@sundial.net> Orlando, FL 32806 www.sundial.net
> > > > (407)438-6710
> > > > PGP Public Key: <http://www.sundial.net/~gme/gme__sundial_net.txt
> > > >
> > > > "Contrary to popular belief, Unix is user friendly. It just happens to be
> > > > very selective about who it decides to make friends with."
> > > >
> --
> InterNex Information Services | Matthew Petach {MP59}
> Network Engineering | mpetach@internex.net
> 2306 Walsh Avenue | Tel: (408) 327-2211
> Santa Clara, CA 95051 | Fax: (408) 496-5484
Received on Wed Dec 31 1997 - 20:55:53 MST