[33448] in North American Network Operators' Group
RE: should use firewall when peering?
daemon@ATHENA.MIT.EDU (Barry Raveendran Greene)
Thu Jan 11 12:24:16 2001
From: "Barry Raveendran Greene" <bgreene@cisco.com>
To: "bgp4cn" <bgp4cn@sina.com>, <nanog@merit.edu>
Date: Thu, 11 Jan 2001 09:10:49 -0800
Message-ID: <NCBBLBFHCNNFFCBBHDEHGEPIJPAA.bgreene@cisco.com>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
In-Reply-To: <20010111134747.2964.qmail@sina.com>
Errors-To: owner-nanog-outgoing@merit.edu
Hello LaiSheng,
You did the right thing to sanity check what someone says via a list like
NANOG. Your vendor is BSing you. Let me know if the person working for this
vendor resembles my E-mail so I can bong him/her on the head. I do not know
any US Tier 1/2 ISPs who use a firewall between them and their peers. I know
of a few ISPs that use Firewalls on single homed upstream links to do
political/porn filtering. Otherwise their peer connection is point to point
or via an IXP - with no "firewalls" in between.
Barry
> -----Original Message-----
> From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of
> bgp4cn
> Sent: Thursday, January 11, 2001 5:48 AM
> To: nanog@merit.edu
> Cc: majordomo@merit.edu
> Subject: should use firewall when peering?
>
>
>
> Hi,everyone,
>
> yesterday our parner tell me that almost all carriers in North
> America implementing firewalls when they interlink with another carriers.
> I do not think so.But he came from one of US's carriers,and who
> insist on that opinion and suggest our new-building carrier network to use
> firewalls between Chinanet and Internet.
> who came from Sprint/MCI/UUNET or other ISP's,can you tell me
> what really the things?
> And our parner also said we can use private IP on our carrier's
> networks,who said that we use NAT on the internet access
> router(runing BGP,and have our
> own public AS),I think NAT is too low performance to use at the
> inter-ISP link router,and have problems of multi-ISPs interlink's
> torlance,and
> have problems with some applications which go to another ISP,do
> you think so?
> Bye the way, I came from China,any suggestion will be appreciated.
>
>
>
> Regards,
> miao laisheng
> miaols@bridge.net.cn
> ______________________________________
>
> ===================================================================
> 新浪免费电子邮箱 http://mail.sina.com.cn
>
> 你选手机我买单!(http://mall.sina.com.cn/yesmobile/)
>
>
