Re: [Spud] ??????: Numbers...
Yoav Nir <ynir.ietf@gmail.com> Sat, 13 June 2015 08:17 UTC
Return-Path: <ynir.ietf@gmail.com>
X-Original-To: spud@ietfa.amsl.com
Delivered-To: spud@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id CC1931B2EF7
for <spud@ietfa.amsl.com>; Sat, 13 Jun 2015 01:17:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9,
DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 7Ax5fhKuC3gY for <spud@ietfa.amsl.com>;
Sat, 13 Jun 2015 01:17:22 -0700 (PDT)
Received: from mail-wi0-x22f.google.com (mail-wi0-x22f.google.com
[IPv6:2a00:1450:400c:c05::22f])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 4FB141B2EF6
for <spud@ietf.org>; Sat, 13 Jun 2015 01:17:22 -0700 (PDT)
Received: by wifx6 with SMTP id x6so33778931wif.0
for <spud@ietf.org>; Sat, 13 Jun 2015 01:17:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=content-type:mime-version:subject:from:in-reply-to:date:cc
:content-transfer-encoding:message-id:references:to;
bh=mYUbAbYm7SIRXinj2qHzjJY9EemofUB5Xlx0Yijr7Ew=;
b=rWMehVr8mnvUim39BUU3D6dTXIVkoLWUhsj0k5HpbBAFjdzICyJczFgUBdyHEXkEgL
MUqjdNKkPb+FRBOirnLgfG+t44u0F+BB0fY11f9Vqdb5sEtcYVmDjJtKcreelE66HAKc
FFg1UlCT0OP3XFPB6VrwnF6XHtW6XY6fVnoCJeYJrFmn+uYqdv7jDKAbxZG7f51FTev2
iOEVGNmiJeN3BKf6JFKZEjnDvp0d8Ef/f9g6M44eHbYDZfmdl/YPxRvI9ZJbn4Tez+JV
X7FQQYIkpMlrhETJS1kTVN2W25L3xlpfLQhPsMLPXkSpyOlCTNIW/+S9ZARVuXhrvTbM
k1Kw==
X-Received: by 10.194.187.170 with SMTP id ft10mr33753152wjc.26.1434183440843;
Sat, 13 Jun 2015 01:17:20 -0700 (PDT)
Received: from [192.168.1.17] ([46.120.13.132])
by mx.google.com with ESMTPSA id fm8sm6201878wib.9.2015.06.13.01.17.19
(version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
Sat, 13 Jun 2015 01:17:20 -0700 (PDT)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2098\))
From: Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <CALx6S34z-9gi7+VVnyVdFmLroR_QYeZMWPpbCeES_TJ46iSR0A@mail.gmail.com>
Date: Sat, 13 Jun 2015 11:17:17 +0300
Content-Transfer-Encoding: quoted-printable
Message-Id: <C12E3372-942E-4E28-AB4E-7C8C137D7616@gmail.com>
References: <20150612143838.GJ27147@cisco.com>
<DM2PR0301MB06555A1F115E2551C3D1BC8FA8BB0@DM2PR0301MB0655.namprd03.prod.outlook.com>
<CALx6S34z-9gi7+VVnyVdFmLroR_QYeZMWPpbCeES_TJ46iSR0A@mail.gmail.com>
To: Tom Herbert <tom@herbertland.com>
X-Mailer: Apple Mail (2.2098)
Archived-At: <http://mailarchive.ietf.org/arch/msg/spud/JZT5gHzfQnpG6a4UDW-_hRvksfs>
Cc: Youjianjie <youjianjie@huawei.com>,
Christian Huitema <huitema@microsoft.com>,
Martin Stiemerling <mls.ietf@gmail.com>,
"mirja.kuehlewind@tik.ee.ethz.ch" <mirja.kuehlewind@tik.ee.ethz.ch>,
"spud@ietf.org" <spud@ietf.org>
Subject: Re: [Spud] ??????: Numbers...
X-BeenThere: spud@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Session Protocol Underneath Datagrams <spud.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spud>,
<mailto:spud-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/spud/>
List-Post: <mailto:spud@ietf.org>
List-Help: <mailto:spud-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spud>,
<mailto:spud-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Jun 2015 08:17:24 -0000
> On Jun 13, 2015, at 2:37 AM, Tom Herbert <tom@herbertland.com> wrote: > > On Fri, Jun 12, 2015 at 10:22 AM, Christian Huitema > <huitema@microsoft.com> wrote: >>> I have never heard 99% of UDP is trash to be true. Security folks in Cisco told me >>> "a lot of unix networking apps from the 80th/90th based on UDP where >>> extremely insecure", and i think thats definitely true and has lead the first wave >>> of firewalling off UDP. The second wave was p2p sharing apps which also >>> caused a lot of enterprises to be weary of UDP and firewall it. >> >> Two big applications that are running over UDP: voice and video with Skype, video-games with Xbox Live. Of course, there are places where UDP is blocked, in which case UDP applications will try tunneling over HTTPS. But in the vast majority of consumer networks, these applications use UDP just fine. >> > Christian, > > You present a very interesting datapoint, but I'm not sure how to > interpret it. Is UDP getting far reach now because most users are not > behind firewalls, firewalls are allowing all UDP to pass, or holes > have been commonly punched in firewalls for specific applications? > Would this imply there is less need to implement a UDP based protocol > to work with stateful firewalls? Most modern firewalls can recognize these different applications, so it is possible to configure a firewall to let Skype or WebRTC through without just allowing any and all UDP to pass. But the usual configuration for firewalls is to block the unknown. So making something that is easy to recognize is definitely a good idea. Yoav
- Re: [Spud] ??????: Numbers... Youjianjie
- Re: [Spud] ??????: Numbers... Christian Huitema
- Re: [Spud] ??????: Numbers... Tom Herbert
- Re: [Spud] ??????: Numbers... Christian Huitema
- Re: [Spud] ??????: Numbers... Yoav Nir
- Re: [Spud] ??????: Numbers... Pal Martinsen (palmarti)
- Re: [Spud] ??????: Numbers... Yoav Nir