[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03
On Wed, 27 Aug 2008 13:48:23 +0200, Rémi Després <remi.despres@free.fr>
wrote:
> Indeed, if a cell phone would open just a few (address,port) couples,
> possibly none, for incoming connections, and would have this enforced by
> its service provider, it would be much better protected against battery
> exhaustion due to malevolent (address,port) scanning.
Well, that's a double edged sword.
The fact that most 3G IP access are currently heavily firewalled forces end
devices into sending frequent keep-alive packets. That affects the battery
lifetime VERY BADLY. In practice, no firewall would damage battery lifetime
_much_less_ than a statefull firewall.
Discarding a few bogus _received_ packets is much less current-expensive
than _sending_ frequent keep-alive packets.
--
Rémi Denis-Courmont