[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CPE equipments and stateful filters

To: Jun-ichiro itojun Hagino <itojun@itojun.org>
Subject: Re: CPE equipments and stateful filters
From: Iljitsch van Beijnum <iljitsch@muada.com>
Date: Tue, 24 Jul 2007 13:41:05 -0500
Cc: v6ops@ops.ietf.org
In-reply-to: <20070724181810.67FD1233CB@coconut.itojun.org>
References: <AAAC3FDC-005A-4551-9AC8-E9DAD5D2332D@muada.com> <20070724181810.67FD1233CB@coconut.itojun.org>

On 24-jul-2007, at 13:18, Jun-ichiro itojun Hagino wrote:

That may very well be, but if you have a firewall and/or NAT device,
NOT having something that can punch holes means you pretty much never
get to talk to anyone else in the same situation, so no peer to peer
applications, IM, voice/video chat... So either kill the firewall or
live with the complexity.

	as i mentioned before, i do not have any kind of firewall in my home.

Neither do I (and there doesn't seem to be one between the IETFnetwork and the rest of the world, either) but that's not really thepoint, apparently, we now have consensus that a firewall is neededfor residential use but these people want to do peer-to-peer and runservers so we need the hole punching.

If you can formulate an argument powerful enough to convince the restof the world that firewalls aren't needed, this would be the momentto do it...


http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1338

Follow-Ups:
- Re: CPE equipments and stateful filters
  - From: itojun@itojun.org (Jun-ichiro itojun Hagino)

References:
- Re: CPE equipments and stateful filters
  - From: Iljitsch van Beijnum <iljitsch@muada.com>
- Re: CPE equipments and stateful filters
  - From: itojun@itojun.org (Jun-ichiro itojun Hagino)

Prev by Date: Re: Distributing site-wide RFC 3484 policy
Next by Date: Re: CPE equipments and stateful filters
Previous by thread: Re: CPE equipments and stateful filters
Next by thread: Re: CPE equipments and stateful filters
Index(es):
- Date
- Thread