Are you not understanding that I need to receive packets back? I am not going
to open incoming firewall ports to do this. If you have a way to receive
IPV6 response packets back without opening up your firewall, please enlighten
us.
This is a problem everyone else has too, if they are using the standard kernel
2.6 IPV6 stack.
I am skeptical about this assertion that the whole internet needs to be hashed
if connection tracking. This does not seem to be true on its face. Only
those nodes which are in active virtual circuits would need to be hashed.
This is well within most machines' capability. So barring some inherent IPV6
way of doing this, connection tracking is on.
Carl Cook
On Sunday 27 February 2005 13:58, Jeff Garzik wrote:
> Quantum Scientific wrote:
> > On Sunday 27 February 2005 12:59, Jeff Garzik wrote:
> >
> >>Connection tracking doesn't scale. It's impossible to hash the entire
> >>Internet.
> >
> >
> > I have read this.
> >
> > And I've seen inferences that IPV6 takes care of this problem somehow
> > automatically. But no one seems to know how.
>
> The solution is to not use connection tracking.
>
> You don't want to break the end-to-end connection model that founded the
> Internet.
>
> Jeff
|