[Linux-aus] bigpond now uses proxy servers to spy on 'us'

Brendan O'Dea bod at optus.net
Wed Jul 5 23:46:01 UTC 2006

On Tue, Jul 04, 2006 at 09:03:19AM +1000, James Turnbull wrote:
>Bigpond (Cable at least) have had transparent proxies for years.  
>Terrible at admitting they exist when trouble-shooting problems but they 
>are there.  Certainly Bigpond aren't the only carrier/provider to use 
>them or Akamai - I am fairly sure PIPE, iinet, Internode and Netspace 
>and a few other players have all installed Akamai cluster proxies a 
>while back.

Akamai is NOT a transparent proxy.  It is a way for content providers to
host content close to the consumer.  ISPs often host Akamai servers to
speed access for their customers and reduce international bandwidth.

DNS magic is employed such that requests for a hostname return A record
for the Akamai servers nearest the source of the query.  For example,
the current CNN front page contains an image of Kim Jong Il:


This host resolves (for me on Optus) to:

  $ host i.a.cnn.net        
  i.a.cnn.net             CNAME   custom.i.cnn.net.edgesuite.net
  custom.i.cnn.net.edgesuite.net  CNAME   a1921.aol.akamai.net
  a1921.aol.akamai.net    A
  a1921.aol.akamai.net    A

Since these servers are in the Optus datacenter:

  $ traceroute
  traceroute to (, 30 hops max, 40 byte packets
   1 (  6.979 ms  9.839 ms  5.547 ms
   2  sbr2-pos3-1.gw.optusnet.com.au (  7.203 ms  8.142 ms 8.163 ms
   3  mas2-pos5-2.gw.optusnet.com.au (  9.812 ms  18.430 ms 8.910 ms
   4  mas4-ge1-1.gw.optusnet.com.au (  7.093 ms  9.242 ms 11.498 ms
   5  a198-142-23-15.deploy.akamaitechnologies.com (  7.981 ms  7.069 ms  7.718 ms

my download of the image is fast.


More information about the linux-aus mailing list