nanog mailing list archives

RE: I don't need no stinking firewall!

From: "George Bonser" <gbonser () seven com>
Date: Sun, 10 Jan 2010 21:56:14 -0800

And I don't believe anyone is necessarily advocating exposing

individual

servers directly to the internet either.


Actually, some of us are.


That can be difficult to do when you have maybe 300 or 400 servers that
handle one service.  Let's say you have a site called www.foobar.com and
you have several hundred servers on the front end that handle that
domain.  You aren't going to put several hundred A records in DNS; at
least I hope you aren't.  One would probably have a load balancer of
some sort in front of those machines.  That is the device that would be
fielding any DoS.

There are other devices that
can handle isolation of the servers and protect them against such

things

as syn floods.


What is the point of that when the servers can do it themselves?


I have a feeling you are talking about relatively small amounts of
traffic.

Current thread:

Re: I don't need no stinking firewall!, (continued)
- - - Re: I don't need no stinking firewall! Joel Jaeggli (Jan 08)
    - Re: I don't need no stinking firewall! harbor235 (Jan 09)
    - Re: I don't need no stinking firewall! Dobbins, Roland (Jan 09)
    - Re: I don't need no stinking firewall! harbor235 (Jan 09)
    - Re: I don't need no stinking firewall! Dobbins, Roland (Jan 09)
    - Re: I don't need no stinking firewall! Dobbins, Roland (Jan 09)
    - Re: I don't need no stinking firewall! Michael K. Smith (Jan 10)
    - RE: I don't need no stinking firewall! George Bonser (Jan 10)
    - Re: I don't need no stinking firewall! Randy Bush (Jan 10)
    - Re: I don't need no stinking firewall! Brian Keefer (Jan 10)
    - RE: I don't need no stinking firewall! George Bonser (Jan 10)
    - Re: I don't need no stinking firewall! Dobbins, Roland (Jan 10)
    - RE: I don't need no stinking firewall! George Bonser (Jan 10)
    - Re: I don't need no stinking firewall! Warren Kumari (Jan 13)
    - Re: I don't need no stinking firewall! Dobbins, Roland (Jan 13)
    - Re: I don't need no stinking firewall! Bill Stewart (Jan 14)
    - Re: I don't need no stinking firewall! Joe Maimon (Jan 14)
    - Re: I don't need no stinking firewall! Valdis . Kletnieks (Jan 08)
    - Re: I don't need no stinking firewall! Joe Greco (Jan 08)
    - Re: I don't need no stinking firewall! James Hess (Jan 10)
    - Re: I don't need no stinking firewall! Dobbins, Roland (Jan 10)

(Thread continues...)