i guess its a matter of where you deploy them within your network.
Yep.
certainly, i wouldn't see deployment of transparent proxy boxes in the middle of a large backbone working particularly well -- both in terms of scaling issues, but perhaps more as a political issue
It actually is an architectural hazard, not just a cosmetical booboo.
(as recently shown by the testostorone-charged-thread in this list not-so- long-ago when digex put a netapp netcache transparently on some customers -- presumably via some vendors' L4 switch).
Yep. Inktomi via Alteon. And the latter is the former's biggest weakness in an otherwise fine product.
where they _do_ win, however, is at the access-router-edge of your network.
Yep. Do you really see the market in providing just bigger IP cores, though? Only in that assumption, all value add is at the edge. I happen to strongly disagree with that.
there are currently things that some vendors' boxes can do, that can't be done (yet) in IOS. .. and for some of them, they are scaling beyond a DS3 already.
True. But, can they manage hundreds of pipes across an infrastructure? Do they have the ability to tie into provisioning systems, billing systems etc? Nope.
for one vendor's gear (alteon), for transparent proxying, i took it up to 2 x DS3's without it skipping a beat. i stopped there, as it is academic in this country (australia) to be going beyond that, for a pool of dialup customers of the largest dialup isp and the only cablemodem offering.
i guess the point being that limitations were hit in the actual proxy-cache- boxes well before limitations were hit in layer-4 switch functionality. (biggest factor being: (total-transaction-time x trans-per-sec) > max-fd's).
cheers,
lincoln.
(nb, yes, cisco do have WCCP - however, with it effectively being a proprietary protocol, and whilst some of the functionality is possible in policy-based-routing,
Policy based routing is not what WCCP is about. But I am glad Inktomi's (or whoever) drill worked on ya :).
you lose out big time when your cache isn't functioning and the router is still (blindly) feeding it all the http-flows).
That's why WCCP is more than just policy routing, 'cause it doesn't do that. Don't get me wrong, Inktomi and Alteon is a fine product, having spent plenty of time with both products and with the Inktomi folks. But it doesn't fit the backbone integration bill as the flyers make you want to believe. Simply because not everything up there is Ether or has to ever traverse through it. I don't see infrastructure pick'n'chose, lowest common denominator networking (="best of breed") as a viable long term strategy. And I'm not getting paid to provide quick fixes ;). Cheers, Chris -- Christian Kuhtz, BellSouth Corp., Sr. Network Architect <ck@bellsouth.net> 1100 Ashwood Parkway, Atlanta, GA 30338 <ck@gnu.org>