I know it cannot work right now. I was answering the question: "what can we as a community do to prevent breakage of the net on a global scale by poorly designed routing hacks?"
Unless you have the proxy and the router on the same machine, getting the original target ip to the proxy is complicated
It's easy in Squid+Cisco+WCCP case, and Squid box certainly doesn't have to be a router. You may substitute Cisco+WCCP with any policy routing solution in this example.
This wouldn't work in the case of DNS-conflicts. The only real solution would be to add an http-header which tells the proxy which server to connect to, numerically.
Additional headers are not needed. Just use destination IP from packets sent by the client.
That would of course cause some serious cache poisening issues.
Unless proxy identifies an object not by URL alone but by (URL, server_ip) pair. Unfortunally, in this case content from sites which use DNS round-robin for load balancing will be duplicated in the cache, thus making caching less efficient.
A lot of routers can't properly route-cache if you try policy-based routing (which you must in order to route by port and not just destination IP + routing table).
If you mean Cisco routers, that's why they invented WCCP. It's the most effective way to make cisco route port 80 packets to a proxy server.
FTP is very inefficient to transfer large number of small files as it opens new TCP connection for each and requires quite a few round-trips before file transfer starts. And FTP directory listing was not designed to be parsed by a program so mirroring is unreliable.
Slashdot Mirror
There are several, ICP (RFC2186) beeing the most popular.
I know it cannot work right now. I was answering the question: "what can we as a community do to prevent breakage of the net on a global scale by poorly designed routing hacks?"
It's easy in Squid+Cisco+WCCP case, and Squid box certainly doesn't have to be a router. You may substitute Cisco+WCCP with any policy routing solution in this example.
Additional headers are not needed. Just use destination IP from packets sent by the client.
Unless proxy identifies an object not by URL alone but by (URL, server_ip) pair. Unfortunally, in this case content from sites which use DNS round-robin for load balancing will be duplicated in the cache, thus making caching less efficient.
If you mean Cisco routers, that's why they invented WCCP. It's the most effective way to make cisco route port 80 packets to a proxy server.
There exists even an RFC describing this.
RFC2052 -- A DNS RR for specifying the location of services (DNS SRV)
Support wide use of IPSEC.
Encrypted payload will prevent broken routers from looking into it.
FTP is very inefficient to transfer large number of small files as it opens new TCP connection for each and requires quite a few round-trips before file transfer starts. And FTP directory listing was not designed to be parsed by a program so mirroring is unreliable.
What if game masters (or anyone with root access to game servers) decides to cheat themselves some money? Could they become filthy rich in real life?
It is smbmount, not smbclient that is Linux-only and is not part of Samba.