Re: A simple question


On Tuesday, April 22, 2003, at 06:57  PM, Spencer Dawkins wrote:

Hi, Rob,

I agree with your take from the network side, I'm thinking Terry
may be looking at it from the applications side (what's the
difference between one perfectly lovely address that fails
unpredictably and another perfectly lovely address that also
fails unpredictably? and the unknowable firewall topology is
probably within a first approximation of the unknowable site
topology).


The differences:

- firewalls are a necessary evil for security, whereas site locals are(maybe) not- firewalls are a simple on/off switch and easy to change, whereas sitelocals have complex state and are hard to change

Firewalls and NAT / site-locals might seem to be entangled, but it'sjust a coincidence. They both work best in the same place in thenetwork, so many firewalls also do NAT.


simon

--
www.simonwoodside.com -- 99% Devil, 1% Angel

<Prev in Thread]	Current Thread	[Next in Thread>
Re: A simple question, (continued) Re: A simple question, Keith Moore Re: A simple question, Markku Savela Re: A simple question, Keith Moore Re: A simple question, S Woodside Re: A simple question, Terry Gray Re: A simple question, Keith Moore Re: A simple question, Stephen Sprunk Re: A simple question, Keith Moore Re: A simple question, Rob Austein Re: A simple question, Spencer Dawkins Re: A simple question, S Woodside <= Re: A simple question, Terry Gray Re: A simple question, Stephen Sprunk Re: A simple question, Keith Moore Re: A simple question, Robert Elz Re: A simple question, Valdis . Kletnieks Re: A simple question, Stephen Sprunk Re: A simple question, Stephen Sprunk Re: A simple question, Joe Abley Re: A simple question, Paul Vixie Re: A simple question, Keith Moore

Previous by Date:	Re: A simple question, Pekka Savola
Next by Date:	Re: A simple question, Tim Chown
Previous by Thread:	Re: A simple question, Spencer Dawkins
Next by Thread:	Re: A simple question, Terry Gray
Indexes:	[Date] [Thread] [Top] [All Lists]