Re: [Netrqmts] IETF 105 Minutes

Michael Breuer <michael.breuer@ilsf.de> Thu, 01 August 2019 06:53 UTC

Return-Path: <michael.breuer@ilsf.de>
X-Original-To: netrqmts@ietfa.amsl.com
Delivered-To: netrqmts@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E8DA12000F for <netrqmts@ietfa.amsl.com>; Wed, 31 Jul 2019 23:53:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pHmL9cyKFVpd for <netrqmts@ietfa.amsl.com>; Wed, 31 Jul 2019 23:53:31 -0700 (PDT)
Received: from vwp3261.webpack.hosteurope.de (vwp3261.webpack.hosteurope.de [IPv6:2a01:488:42:1000:57e6:2d0c::]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4E3E912006B for <netrqmts@ietf.org>; Wed, 31 Jul 2019 23:53:31 -0700 (PDT)
Received: from [2a01:598:a901:572c:f08c:bf60:f7f2:b32]; authenticated by vwp3261.webpack.hosteurope.de running ExIM with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) id 1ht4xr-0001OI-HU; Thu, 01 Aug 2019 08:53:27 +0200
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (1.0)
From: Michael Breuer <michael.breuer@ilsf.de>
X-Mailer: iPad Mail (16F203)
In-Reply-To: <FC556CD4-3DBD-4F4D-87E3-CE1BDB088250@cisco.com>
Date: Thu, 1 Aug 2019 08:53:26 +0200
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, "netrqmts@ietf.org" <netrqmts@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <53ED5C6D-F2ED-4911-9D4A-7BD726141692@ilsf.de>
References: <DF3803B7-C05B-4A31-B873-73A86B1416CE@vigilsec.com> <19915.1564514403@localhost> <20190730202439.zl6gjvzasxofvej2@faui48f.informatik.uni-erlangen.de> <27837.1564524525@localhost> <67849904-0195-d913-f4f5-3ce068039b71@sandelman.ca> <FC556CD4-3DBD-4F4D-87E3-CE1BDB088250@cisco.com>
To: "Joe Clarke (jclarke)" <jclarke@cisco.com>
X-bounce-key: webpack.hosteurope.de; michael.breuer@ilsf.de; 1564642411; 5a27984f;
X-HE-SMSGID: 1ht4xr-0001OI-HU
Archived-At: <https://mailarchive.ietf.org/arch/msg/netrqmts/Nk55j5tmwK20T69UT3mbW0ZUkYE>
Subject: Re: [Netrqmts] IETF 105 Minutes
X-BeenThere: netrqmts@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Meeting Network Requirements <netrqmts.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netrqmts>, <mailto:netrqmts-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netrqmts/>
List-Post: <mailto:netrqmts@ietf.org>
List-Help: <mailto:netrqmts-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netrqmts>, <mailto:netrqmts-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Aug 2019 06:53:34 -0000

Hej,

> On 1. Aug 2019, at 00:38, Joe Clarke (jclarke) <jclarke@cisco.com> wrote:
> 
>> On Jul 31, 2019, at 14:27, Michael Richardson <mcr+ietf@sandelman.ca> wrote:
>> 
>> Actually, I realized in the shower this morning, that the ietf-nat64 network provides all the "security" of a home router, in that TCP SYN packets leave, but can never enter.
> 
> Not exactly.  You still have a public IPv6 address on this network.  IPv6 TCP SYNs can still enter.
> 

That’s exactly how my home network works, I get public IPv6 open to/from the internet. My ISP offers a „security“ feature which includes some basic firewall but also dns redirects (you get redirected to the ISP‘s portal page in case of missing dns etc, generating ad revenue for them). I switched that off.

Michael