On 16 January 2012 09:35, Brandon Butterworth <[email protected]> wrote:
> > Firstly, I believe PAC files are for HTTP proxies, not SOCKS proxies. > > For clients, usually used by browsers but as you're extending > current functionality why not recycle these existing facilities > which would need to be set up for this v6 only client world anyway The PAC file is essentially a javascript thing that needs to be interpreted by a javascript interpreter, so that's another dependency you would have to include in the DHCP client stack. Some might not be happy with that. > > I'm afraid my SOCKS experience is severely lacking - I've done > > transparent squid proxying, and I've done the old "ssh -D 3333" trick, > > but that's the limit of my proxy experience; that is to say, only > > scratching the surface! > > That's not real old SOCKS, usually there's a box running a SOCKS > daemon between you and the other net. There may be many of these > connecting to different nets (interconnected corporates with their > own firewalls gets messy) Indeed. I just feel that with all this DNS64/NAT64 mangling, it's very messy whereas a SOCKS host would give the same level of transparency without breaking things (like FTP/SIP etc) that put addressing information within the control stream. -- Kind regards, Matthew Walster Network Engineer IX Reach mail: [email protected] web: http://ixreach.com tel: +44 845 217 8577 fax: +44 845 217 8399
