On Sunday 27 February 2005 23:35, David S. Miller wrote:
On Sun, 27 Feb 2005 14:10:39 -0600
Quantum Scientific <Info@xxxxxxxxxxxxxxx> wrote:
I am skeptical about this assertion that the whole internet needs to be hashed
if connection tracking.
Connection tracking and NAT broke entirely the end-to-end host
assumption that used to be valid on the internet.
There are many very important optimizations we've had to disable
by default just in TCP alone because of NAT.
I don't think future Internet will be safe enough to open
corporate networks. I definitely won't do it.
NAT firewall in front of my net is an absolute requirement
for me.
However, IPv6 in Internet won't happen tomorrow,
no rush...