IETF Logo Mail Archive

Re: [v6ops] draft-ietf-v6ops-balanced-ipv6-security WGLC

Ted Lemon <Ted.Lemon@nominum.com> Wed, 13 November 2013 18:19 UTC

Return-Path: <Ted.Lemon@nominum.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B5D511E81C3 for <v6ops@ietfa.amsl.com>; Wed, 13 Nov 2013 10:19:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.584
X-Spam-Level:
X-Spam-Status: No, score=-106.584 tagged_above=-999 required=5 tests=[AWL=0.015, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ptllLh6xMLCY for <v6ops@ietfa.amsl.com>; Wed, 13 Nov 2013 10:19:21 -0800 (PST)
Received: from exprod7og114.obsmtp.com (exprod7og114.obsmtp.com [64.18.2.215]) by ietfa.amsl.com (Postfix) with ESMTP id 0F21211E81BC for <v6ops@ietf.org>; Wed, 13 Nov 2013 10:19:18 -0800 (PST)
Received: from shell-too.nominum.com ([64.89.228.229]) (using TLSv1) by exprod7ob114.postini.com ([64.18.6.12]) with SMTP ID DSNKUoPCpgokbfyOigrbrgfVRkeb1k9l2aXD@postini.com; Wed, 13 Nov 2013 10:19:19 PST
Received: from archivist.nominum.com (archivist.nominum.com [64.89.228.108]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*.nominum.com", Issuer "Go Daddy Secure Certification Authority" (verified OK)) by shell-too.nominum.com (Postfix) with ESMTP id 8B4041B8052 for <v6ops@ietf.org>; Wed, 13 Nov 2013 10:19:18 -0800 (PST)
Received: from webmail.nominum.com (cas-02.win.nominum.com [64.89.228.132]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "mail.nominum.com", Issuer "Go Daddy Secure Certification Authority" (verified OK)) by archivist.nominum.com (Postfix) with ESMTPS id 6B4A1190043; Wed, 13 Nov 2013 10:19:18 -0800 (PST) (envelope-from Ted.Lemon@nominum.com)
Received: from MBX-01.WIN.NOMINUM.COM ([64.89.228.133]) by CAS-02.WIN.NOMINUM.COM ([64.89.228.132]) with mapi id 14.03.0158.001; Wed, 13 Nov 2013 10:19:18 -0800
From: Ted Lemon <Ted.Lemon@nominum.com>
To: Tarko Tikan <tarko@lanparty.ee>
Thread-Topic: [v6ops] draft-ietf-v6ops-balanced-ipv6-security WGLC
Thread-Index: AQHO3kcgifX5dH755Eqorh2n2HqLtpoih2QAgAAloACAALU7gIAAcbEAgAAIDYCAACdFAA==
Date: Wed, 13 Nov 2013 18:19:17 +0000
Message-ID: <0B7E8354-F5DE-4E18-A4A5-2D2E6B999CBB@nominum.com>
References: <201311101900.rAAJ0AR6025350@irp-view13.cisco.com> <CAB0C4xOfz_JAjEEJZ-Zz7MBEyZhVzrAE+8Ghf1ggC3+9pyHmNg@mail.gmail.com> <989B8ED6-273E-45D4-BFD8-66A1793A1C9F@cisco.com> <52833B8F.10708@lanparty.ee> <A453058E-C40C-4D3A-83F0-FB6851A501DD@nominum.com> <5283A1AF.1070806@lanparty.ee>
In-Reply-To: <5283A1AF.1070806@lanparty.ee>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.1.10]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <548ABF1E32E024478C85222CADFEE946@nominum.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "v6ops@ietf.org WG" <v6ops@ietf.org>
Subject: Re: [v6ops] draft-ietf-v6ops-balanced-ipv6-security WGLC
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Nov 2013 18:19:28 -0000

On Nov 13, 2013, at 10:58 AM, Tarko Tikan <tarko@lanparty.ee> wrote:
> There are pros and cons like always. Considering people put subscriber awareness, CGN (stateful) etc. into PEs, adding firewalls is not that big of a deal. Scale is an issue but current hardware can already do tens of gigabits worth of stateful firewalling.

You completely missed my point.   Do you really want your ISP filtering your data stream?

v2.23.0 | Report a Bug | By Email