Web Cache Question
This is purely an effort to discover the cause of a recent problem that has surfaced inside our organization. About the time the whole web cacheing/digex issue broke here, the organization I work for began experiencing unstability in IIS4 web servers that provide real time market data via the internet to customers all over the world. These servers show an incredible increased rate in FIN_WAIT connections, compared against the amount they used to show on average (literally one week ago.) It is a problem because the inetinfo process simply stops responding. My question is this: is it possible there are web cacheing servers still in-line with major transit providers that we don't know about? If these servers exist: do they all operate on the premise of spoofing the source address as coming from the client, or would I actually see the cacheing servers source address? At this point, the only evident proxies in a server netstat are from AOL, but this is nothing new. The real increase in unexplained stale sockets are from random source addresses (spoofed?). Again, this mail is solely for the purpose of troubleshooting an exasperating, unexplained problem, not a blame the cache mail, so no return spam please. Any thoughts or recent similar experience sharing would be greatly appreciated. Jayson Anderson An Organization
On Mon, 29 Jun 1998 sonick@mediaone.net wrote:
about? If these servers exist: do they all operate on the premise of spoofing the source address as coming from the client, or would I actually see the cacheing servers source address? At this point, the only evident proxies in a server netstat are from AOL, but this is nothing new. The real increase in unexplained stale sockets are from random source addresses (spoofed?). Again, this mail is solely for the purpose of troubleshooting an exasperating, unexplained problem, not a blame the cache mail, so no return spam please. Any thoughts or recent similar experience sharing would be greatly appreciated.
The only proxie /web cache on the market that could have spoofed the source address was vixie's and it is not in any backbone scenarios to the best of my knowledge - plus it wouldn't have caused a problem - you would have never known it was there in your instance. -- I am nothing if not net-Q! - ras@poppa.clubrich.tiac.net
participants (2)
-
Rich Sena
-
sonick@mediaone.net