Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Missing websites (Part II)

To: "'[email protected]'" <[email protected]>, [email protected]
Subject: RE: [FW1] Missing websites (Part II)
From: Jean-Pierre Harvey <[email protected]>
Date: Mon, 21 May 2001 10:56:55 +1000
Sender: [email protected]

Title: RE: [FW1] Missing websites (Part II)

Jerry,

We have similar problems attempting to stream Real Media through a proxy from Akamai. This is what happens to us: Because Akamai uses DNS round robin as a form of load balancing, the proxy server (perhaps FW-1 in your case) caches the DNS entry, and actually performs the round robin as well. A normal request without a proxy just sends all packets to one IP address. Since the proxy is performing the round robin, it effectively sends part one of the request to one server and the second part of the request to the next server in the round-robin configuration. Naturally since the second server has never received the second packet the packet is dropped.

This may not be your problem. Akamai recommend disabling DNS caching on the proxy if this is the case (we have not done so). It might be worth checking those other urls that do not work and seeing if they are also part of a round robin configuration. Our proxy server works fine with web content that runs off dns round robin, and so does Windows Media, just not Real from Akamai. It might be worth disabling DNS caching on the FW and seeing if that resolves the issue.

Hope that helps.

-----Original Message-----
From: [email protected] [mailto:[email protected]]
Sent: Friday, May 18, 2001 1:14 AM
To: [email protected]
Subject: [FW1] Missing websites (Part II)

I'm still having trouble accessing various websites from behind my CP
4.1(Nokia) SP1 firewall.
I am using it as a proxy for users to authenticate going out. Certain
websites fail to come back.
The firewall reports that it can't find the server. I can ping and tracert
the sites but the browser won't
work. If I turn off the proxy, I can most likely get to the site. One
thing I noticed, a lot of the sites
in question use akamai.net as a host or service site. Could this have
anything to do with the problems?
Has anyone had anyother problems with CP proxy?

Jerry Atchley

Sr. Network Security Administrator
RCI Global Technology Group/Security Ops
RCI, LLC

The sender believes that this E-mail and any attachments were free of any
virus, worm, or Trojan horse when sent.
This message and its attachments could have been infected during
transmission. By reading the message and opening
any attachments, the recipient accepts full responsibility for taking
remedial action about viruses and other defects.
Cendant/RCI is not liable for any loss or damage arising in any way from
this message or its attachment.

"The sender believes that this E-mail and any attachments were free of any
virus, worm, or Trojan Horse when sent. This message and its attachments
could have been infected during transmission. By reading the message and
opening any attachments, the recipient accepts full responsibility for
taking remedial action about viruses and other defects. Cendant/RCI
is not liable for any loss or damage arising in any way from this message
or its attachment."

================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================

Follow-Ups:
- Re: [FW1] Missing websites (Part II)
  - From: Jabal P Raval <[email protected]>
- [FW1] NAT with ftp
  - From: Brad Van Orden <[email protected]>

Prev by Date: [FW1] lot of drops on token-ring network
Next by Date: RE: [FW1] connect to exchange over the internet
Previous by thread: Re: [FW1] Missing websites (Part II)
Next by thread: Re: [FW1] Missing websites (Part II)
Index(es):
- Date
- Thread