Intel 1520 ユーザーズマニュアル
126
Intel NetStructure Cache Appliance Administrator’s Guide
✔ NNTP packet destination IPs are readdressed with the IP address of the
appliance. If the appliance uses a port other than 119 for NNTP, the
destination NNTP port is readdressed as well.
destination NNTP port is readdressed as well.
Adaptive interception bypass
The Intel NetStructure Cache Appliance contains an adaptive learning module
that recognizes inter operability problems caused by transparent proxy caching
and automatically bypasses the traffic around the proxy without operator
intervention.
that recognizes inter operability problems caused by transparent proxy caching
and automatically bypasses the traffic around the proxy without operator
intervention.
Web proxies are very common in corporate and Internet use, so the frequency of
inter operability problems is extremely rare. However, when problems do exist,
the reasons usually can be attributed to the following:
inter operability problems is extremely rare. However, when problems do exist,
the reasons usually can be attributed to the following:
✔ Client software bugs (homegrown, noncommercial browsers).
✔ Server software bugs.
✔ Applications that send non-HTTP traffic over HTTP ports as a way of
defeating security restrictions.
✔ Server IP authentication. In this case the Web server limits access to itself to a
few client IP addresses. Since the appliance IP address is different it cannot
get access to the server. A server limiting IP addresses is not infrequent.
Limitations occur because ISPs dynamically allocate client IP dial-up
addresses and use more secure cryptographic protocols.
get access to the server. A server limiting IP addresses is not infrequent.
Limitations occur because ISPs dynamically allocate client IP dial-up
addresses and use more secure cryptographic protocols.
Appliance adaptive bypass
The appliance watches for certain protocol inter operability errors, and as it
detects errors, it configures the ARM to bypass the proxy for the clients and/or
servers causing the errors.
detects errors, it configures the ARM to bypass the proxy for the clients and/or
servers causing the errors.
In this way, the very small number of clients or servers that do not operate
correctly through proxies are auto detected and routed around the proxy, so they
can continue to function normally (but without the improvement of caching).
correctly through proxies are auto detected and routed around the proxy, so they
can continue to function normally (but without the improvement of caching).
Dynamic
rules are
temporary
Dynamically generated bypass rules are purged after the appliance restarts.
More about bypass rules
The ARM can bypass the proxy based on the client IP address, the destination
server IP address, or both.
server IP address, or both.
You can manually configure bypass rules to direct requests from certain clients or
to particular servers. For example, you might want client IP addresses that did not
pay for a caching service to be steered around the cache, while paying-clients can
obtain the benefits of caching. Or you can remove some servers from caching
lists, because the servers don’t want to have their pages cached.
to particular servers. For example, you might want client IP addresses that did not
pay for a caching service to be steered around the cache, while paying-clients can
obtain the benefits of caching. Or you can remove some servers from caching
lists, because the servers don’t want to have their pages cached.