[126077] in North American Network Operators' Group
Re: Rate of growth on IPv6 not fast enough?
daemon@ATHENA.MIT.EDU (Mark Smith)
Thu Apr 29 17:24:37 2010
Date: Fri, 30 Apr 2010 06:54:03 +0930
From: Mark Smith <nanog@85d5b20a518b8f6864949bd940457dc124746ddc.nosense.org>
To: William Herrin <bill@herrin.us>
In-Reply-To: <z2t3c3e3fca1004211124jbc027005zbd68830894f544fb@mail.gmail.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Wed, 21 Apr 2010 14:24:37 -0400
William Herrin <bill@herrin.us> wrote:
> On Tue, Apr 20, 2010 at 9:34 PM, Karl Auer <kauer@biplane.com.au> wrote:
> > On Tue, 2010-04-20 at 12:59 -0700, Owen DeLong wrote:
> >> On Apr 20, 2010, at 12:31 PM, Roger Marquis wrote:
> >> > NAT _always_ fails-closed
> >> Stateful Inspection can be implemented fail-closed.
> >
> > Not to take issue with either statement in particular, but I think there
> > needs to be some consideration of what "fail" means.
>
> Fail means that an inexperienced admin drops a router in place of the
> firewall to work around a priority problem while the senior engineer
> is on vacation. With NAT protecting unroutable addresses, that failure
> mode fails closed.
>
Fail is expecting a low level staff member, who doesn't know better, to
substitute for a senior one, who does. Would you also let a
helpdesk teamleader (low level, relatively inexperienced management
position) take over the CEO's job if the CEO was available and there was
a business crisis? A medical student take over from a doctor in an
emergency ward?
> Regards,
> Bill Herrin
>
>
>
> --
> William D. Herrin ................ herrin@dirtside.com bill@herrin.us
> 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
> Falls Church, VA 22042-3004
>
