[afnog] privacy vs caching

Graham Beneke graham at apolix.co.za
Mon Dec 22 21:47:49 UTC 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On 22/12/2014 15:56, Mark Tinka wrote:
> Centralized web caching was marginally useful in the late 90's to
> early 2000's where there was much more static content; and even
> then, achieving anything higher than a 40% hit ratio was hard
> enough.
> 
> I can't imagine what the hit ratios would be today. I gave up on
> this type of caching in 2007. It does not scale well.

My experience has been largely the same.

I have helped to maintain caches for some relatively large eyeball
networks. Some of the best bang-for-buck content (large static objects
like pictures, video & software) was being served in ways that were
specifically designed to be difficult to cache. At the same time most
of this content was being served out of CDN caches between 5 and 50 ms
from the consuming eyeballs anyway. This left caches operated by
eyeball networks filling a niche and typically ineffective gap.

>> With the advent of GGC caches, Facebook caches, and large scale
>> CDN devices on net and on continent, I¹m just not sure that
>> caching to the point of breaking encryption is really worth it.
>> Especially when in Africa, we are busy moving away from the
>> paradigm of 500ms latencies and traffic all looping back through
>> Europe, and into an era where real bandwidth, decent latencies
>> and proper on-continent peering is a reality.
> 
> We run a wholesale network, and as such, do not beleive in touching
> customer's packets (I have the same belief if it were a retail
> network). If customers want centralized web caching, they can do it
> themselves (and many of them do).
> 
> We do support CDN's, as those scale better when it comes to 
> localizing/distributing content.
> 
> I know that some CDN's in Africa now support HTTPS content. I would
> welcome looking at this as a possible solution for achieving
> encryption and low latency simultaneously.

Allowing the content owner/originator to control the flow of their
data through the delivery channels they choose is important. Messing
with the HTTPS transport would break that. If the content owner has
gone to the effort of delivering their content over HTTPS then I
expect that they have a reason for it not to be tampered with.

Building your own content delivery platform using off-the-shelf cache
technology is also quite easy to do if you prefer not to use one of
the existing CDNs.

- -- 
Graham Beneke
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJUmJF2AAoJEECWfA0XWHN7QPAH/2Lywb0bI0jKcfNgO3rz71Qe
b7klE5Sm454IdzGjp8nGkoNwSVeBfhTbAld4VdLJyVMawa9dz03EZOOurWc87oDn
sXsfbJdWFOP4alrWag4T3rDUdTNlikyo6Hf3JKzoigB3ikCCg6rBMlrSCLCXYJVP
vXFzV2TgkpVBYS/EfV/tGcJaYHB2FjRWuqxlLDL5E6tltRYS1yTnLQLptIaWm22i
lnEKaClmLLUMLifNTRqRpjoGJW4UX60dtiU59U9b6NRbNsIB6Uf1z2wvucaR3sJY
DIPyBv1mK7vg0a22VOoHtflco3cPHNds3+oYPSI58js/fJQotKmmqMOaxPg8vdk=
=K0KD
-----END PGP SIGNATURE-----



More information about the afnog mailing list