[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RRG] What does incremental deployment mean



Hmmm, lets see what I have, just in my little old house:

Windows: 	1 XP box, updates weekly, no IPv6
MACOSX:		3 Macs, updates weekly, dual stack
Linux:		1 Ubuntu Server, updates weekly, dual stack
Apple Airport	2 (G+N), IPV6, Updates ~monthly
NAS 1 ReadyNAS with some embedded OS (probably Linux), updates yearly, no IPv6
IP phone	1 Cisco 7960, updates essentially never, no IPv6
Cisco router 1 871 VPN router, no IPv6 on image I run, updates about every 6 months Cisco switch 1 CAT3650 router/switch, no IPv6 on image I run, updates yearly
Linksys WRT	1 Home router, no IPv6, updates never
Tivos		3 no IPv6, some embedded OS, updates ~ each 6 months
Squeezebox	1 no IPv6, updates never
MoCA ECBS	3 NO IPV6, Updates ???
HP printers	2 no IPv6, updates never

So I can imagine it being reasonable to handle host changes on about half of these. At best. And certainly not with a flag day just inside my little orandom.net domain.

DaveO.


On Mar 29, 2008, at 11:57 AM, Tony Li wrote:


|Even if all Windows 2000 or XP users were applying security patches
|(which they aren't), making a fundamental change as this cannot be
|deployed as a security fix.  By definition it is going to break a lot
|of applications or at least change their communication patterns in
|such a way that in the deployed base of O(million) various kinds of
|bizarre apps and O(100 million) hosts the result would be a chaos.
|
|There is no way any vendor could unilaterally deploy significant host
|changes in a channel meant only for critical software updates for a
|product well beyond its end-of-life cycle.


Deploying host changes is tractable if it doesn't have a significant impact on the applications. If the semantics of the API aren't violated, then
there's no significant issue.  For example, one could provide a new
transport layer (ala Mark's proposal) in parallel with existing TCP and
there would be no disruption.

One could deploy GSE-style solutions for v6 and that would only affect v6
applications that embedded v6 addresses.  Also a reasonable approach.

Tony


--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg


--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg