[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03



On Wed, 27 Aug 2008 13:48:23 +0200, Rémi Després <remi.despres@free.fr>

wrote:

> Indeed, if a cell phone would open just a few (address,port) couples,

> possibly none, for incoming connections, and would have this enforced by

> its service provider, it would be much better protected against battery

> exhaustion due to malevolent (address,port) scanning.



Well, that's a double edged sword.



The fact that most 3G IP access are currently heavily firewalled forces end

devices into sending frequent keep-alive packets. That affects the battery

lifetime VERY BADLY. In practice, no firewall would damage battery lifetime

_much_less_ than a statefull firewall.

Discarding a few bogus _received_ packets is much less current-expensive

than _sending_ frequent keep-alive packets.



-- 

Rémi Denis-Courmont