nanog mailing list archives

Re: Addressing plan exercise for our IPv6 course

From: Matthew Palmer <mpalmer () hezmatt org>
Date: Mon, 26 Jul 2010 15:07:02 +1000

On Mon, Jul 26, 2010 at 06:24:04AM +0200, Jens Link wrote:

Owen DeLong <owen () delong com> writes:

The correct answer is "No, you don't have to configure rules, you just need
one rule supplied by default which denies anything that doesn't have a
corresponding outbound entry in the state table and it works just like NAT
without the address mangling".


They used NAT as an excuse not to let some applications to the
outside.


That's OK, if it's NAT unfriendly, chances are it requires deep packet
inspection to make the state tables do the right thing anyway.

- Matt

-- 
Skippy was a wallaby. ... Wallabies are dumb and not very trainable...  The
*good* thing...is that one Skippy looks very much like all the rest,
hence..."one-shot Skippy" and "plug-compatible Skippy".  I don't think they
ever had to go as far as "belt-fed Skippy"      -- Robert Sneddon, ASR

Current thread:

Re: Addressing plan exercise for our IPv6 course, (continued)
- - - Re: Addressing plan exercise for our IPv6 course Valdis . Kletnieks (Jul 22)
    - Re: Addressing plan exercise for our IPv6 course Matthew Kaufman (Jul 22)
    - Re: Addressing plan exercise for our IPv6 course Owen DeLong (Jul 22)
    - Re: Addressing plan exercise for our IPv6 course Akyol, Bora A (Jul 22)
    - Re: Addressing plan exercise for our IPv6 course Mark Smith (Jul 22)
    - RE: Addressing plan exercise for our IPv6 course Frank Bulk - iName.com (Jul 22)
    - Re: Addressing plan exercise for our IPv6 course Owen DeLong (Jul 22)
    - Re: Addressing plan exercise for our IPv6 course Jens Link (Jul 23)
    - Re: Addressing plan exercise for our IPv6 course Owen DeLong (Jul 23)
    - Re: Addressing plan exercise for our IPv6 course Jens Link (Jul 25)
    - Re: Addressing plan exercise for our IPv6 course Matthew Palmer (Jul 25)
    - Re: Addressing plan exercise for our IPv6 course Akyol, Bora A (Jul 27)
    - Re: Addressing plan exercise for our IPv6 course Owen DeLong (Jul 27)
    - Re: Addressing plan exercise for our IPv6 course Mark Smith (Jul 29)
    - Re: Addressing plan exercise for our IPv6 course Tim Franklin (Jul 29)
    - Re: Addressing plan exercise for our IPv6 course Valdis . Kletnieks (Jul 24)
    - Re: Addressing plan exercise for our IPv6 course Saku Ytti (Jul 24)
    - Re: Addressing plan exercise for our IPv6 course Owen DeLong (Jul 24)
    - Re: Addressing plan exercise for our IPv6 course Saku Ytti (Jul 24)
    - Re: Addressing plan exercise for our IPv6 course Matthew Kaufman (Jul 24)
    - Re: Addressing plan exercise for our IPv6 course Karl Auer (Jul 24)

(Thread continues...)