Proxy Servers vs IP Masquerade

[Patrick McManus]

In a previous episode Glenn Burkhardt said...
:: 
:: On a tangential topic, why would anyone want to use proxy services when
:: IP masquerading was available?

* l4 switches are a massive layering violation.

* the l3 end-to-end design of the network is impt.

* because HTTP is an extensible protocol and proxies need to reject
methods they don't understand.. so hijacking HTTP requests can result
in a defacto firewall when that's not what you wanted.. case in point
would be Microsoft Outlook's new beta that does DAV stuff that gets
stymied by this kind of thing (which, if done at the application level
Outlook could fallback to direct connect if its primary proxy couldn't
handle a method).. Outlook is doing nothing wrong here.

a more interesting question in my mind is why would you want
transparent servicing/redirection of any kind of protocol? I can only
think of one answer: automatic client configuration. Frankly there are
much better ways to do service discovery and I certainly hope that it
becomes the norm for this class of problem.

-P
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).