Greg,
On Jul 29, 2009, at 10:54 GMT+02:00, Gregory M. Lebovitz wrote:
At 12:32 AM 7/29/2009, Pekka Savola wrote:
On Tue, 28 Jul 2009, Gregory M. Lebovitz wrote:
James,
Layered filtering should be included in the document. It is an
OPTION that people really need in an environment where the use of
tunneling is growing rapidly. I would appreciate it if others who
agree would ack this email to the list.
Could you provide a list of, say, 5 CPE equipments from various
vendors in sub-100$ price range that currently provide this feature
(with v4)? That might go a long way in convincing those unbelievers
in the WG such as myself that this is a common and important
feature in this context?
Point well taken in v4, Pekka. But the Internet is changing. There
wasn't tons of encapsulation layering in the past. It's becoming
more and more relevant now, and especially in v6. I'm sitting in
Softwires WG right now. Most of this is about tunneling one IP think
over another. We're on the 5 proposal now, or so.
Conclusion: I don't think looking at what vendors have been doing
for the past 10 years is a good indicator of what is needed in the
next 10 years, because the networking is dramatically changing.
I agree with what Pekka said, however I'll add an additional twist.
Specifically, it's important to bear in mind the principle of "least
surprise". IOW, if this isn't widely implemented in v4 CPE routers
today, then it's a new thing non-technical users will have to
specifically learn to disable in v6 CPE routers to get things working
in a v6 world.
On a separate, but related, note, I would also add the obvious
argument that if the proposal is to enable filtering for protocols
within the tunnel, then this will restrict a significant avenue of
deployment and/or expansion of new (Internet) protocols over tunnels,
which IMO is NOT a good thing. For better or worse, tunneling seems
to be a default avenue for building new protocols on top of legacy
infrastructure.