RE: Dropping stealthing from opsec; Anyone for a little I>R<TF work ?

[James Carlson <james.d.carlson@sun.com>]

George Jones writes:
> Sorry....I guess I should have been more clear...the goal IS to
> make the core invisible beyond the edge.

I'm not sure I understand the point of this[1], but please do consider
the effect of such a plan on path MTU discovery.  The ICMP messages
from within the core do need to make it out to the sender in _some_
form.

[1] It's not just to hide the IP addresses, is it?  That'd just be
    security-by-obscurity.  I don't think that treating IP addresses
    as secrets is a viable plan.

-- 
James Carlson, IP Systems Group                <james.d.carlson@sun.com>
Sun Microsystems / 1 Network Drive         71.234W   Vox +1 781 442 2084
MS UBUR02-212 / Burlington MA 01803-2757   42.497N   Fax +1 781 442 1677