[171199] in North American Network Operators' Group

home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Requirements for IPv6 Firewalls

daemon@ATHENA.MIT.EDU (Simon Perreault)
Tue Apr 22 08:02:26 2014

Date: Tue, 22 Apr 2014 08:01:28 -0400
From: Simon Perreault <simon@per.reau.lt>
To: Florian Weimer <fw@deneb.enyo.de>
In-Reply-To: <87k3alty6u.fsf@mid.deneb.enyo.de>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

Le 2014-04-19 06:23, Florian Weimer a écrit :
>>> I agree with Bill.  You can poopoo NAT all you want, but it's a fact
>>> of most networks and will continue to remain so until you can make a
>>> compelling case to move away from it.
>>
>> Does that mean all IPv6 firewalls should support NAT?
> 
> In the sense that they "MUST be able to provide email filtering
> features": yes.

That requirement should be removed.

>> Remember, we're aiming for a base set of requirements applying to
>> all IPv6 firewalls.
> 
> The document has more than just base requirements.

The document is flawed as-is.

Simon

home	help	back	first	fref	pref	prev	next	nref	lref	last	post