| To: | Denis Vlasenko <vda@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> |
|---|---|
| Subject: | Re: Kernel 2.6 IPV6 Busted |
| From: | Jeff Garzik <jgarzik@xxxxxxxxx> |
| Date: | Wed, 02 Mar 2005 14:12:40 -0500 |
| Cc: | "David S. Miller" <davem@xxxxxxxxxxxxx>, Quantum Scientific <Info@xxxxxxxxxxxxxxx>, netdev@xxxxxxxxxxx |
| In-reply-to: | <200503021602.53663.vda@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> |
| References: | <200502270928.44402.Info@xxxxxxxxxxxxxxx> <200503011207.34029.vda@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <422497BA.9090606@xxxxxxxxx> <200503021602.53663.vda@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
| User-agent: | Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040922 |
Denis Vlasenko wrote: On Tuesday 01 March 2005 18:26, Jeff Garzik wrote:There are many very important optimizations we've had to disable by default just in TCP alone because of NAT.I don't think future Internet will be safe enough to open corporate networks. I definitely won't do it. NAT firewall in front of my net is an absolute requirement for me. However, IPv6 in Internet won't happen tomorrow, no rush...You don't need NAT to secure a corporate network.I don't want outside world to even KNOW that I have a network behind the firewall box. I don't want them to know internal hosts' IPs.
...thus breaking the end-to-end connection model, and various protocols.
Jeff
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [2.6.11-rc4-mm1 patch] fix buggy IEEE80211_CRYPT_* selects, Jeff Garzik |
|---|---|
| Next by Date: | Re: creating a netdevice, Stephen Hemminger |
| Previous by Thread: | Re: Kernel 2.6 IPV6 Busted, Denis Vlasenko |
| Next by Thread: | Re: Kernel 2.6 IPV6 Busted, Andre Tomt |
| Indexes: | [Date] [Thread] [Top] [All Lists] |