Re: [v6ops] network topology hiding
Fernando Gont <fernando@gont.com.ar> Mon, 27 December 2010 06:08 UTC
Return-Path: <fernando.gont.netbook.win@gmail.com>
X-Original-To: v6ops@core3.amsl.com
Delivered-To: v6ops@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A44223A685B for <v6ops@core3.amsl.com>; Sun, 26 Dec 2010 22:08:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.048
X-Spam-Level:
X-Spam-Status: No, score=-3.048 tagged_above=-999 required=5 tests=[AWL=-0.441, BAYES_00=-2.599, DATE_IN_PAST_12_24=0.992, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IFZHV0VqVpY9 for <v6ops@core3.amsl.com>; Sun, 26 Dec 2010 22:08:16 -0800 (PST)
Received: from mail-yw0-f66.google.com (mail-yw0-f66.google.com [209.85.213.66]) by core3.amsl.com (Postfix) with ESMTP id DB09E3A6855 for <v6ops@ietf.org>; Sun, 26 Dec 2010 22:08:15 -0800 (PST)
Received: by ywi6 with SMTP id 6so2296010ywi.1 for <v6ops@ietf.org>; Sun, 26 Dec 2010 22:10:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:sender:message-id:date:from :user-agent:mime-version:to:cc:subject:references:in-reply-to :x-enigmail-version:openpgp:content-type:content-transfer-encoding; bh=NoVMXOs7fq84yEZalRXbdM+sSD+w9ByXzNrTBFCoYrs=; b=BrvNm3LxcX+N1oUI08nUkHGiBkZw9nor7ep8eddoj8QINgnOwJZARr3+qh69F/bdCL vZGuUMsYO+A1or80nvXkoWOMPOL8cdgo3FCjnjtJ+8b71+69REH08ihJRSbKJyyV2lh9 xWpiBV5byg1mr6ep7qktcQUK+gKMOecPwanNI=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:x-enigmail-version:openpgp:content-type :content-transfer-encoding; b=ONQTEYI2DRvywcbTc/qzQ2FZnnaRfRgBbWm+NAtVWJ8y7tXvUgpk2OY+bbePJ6eYCR zw84MNigMEE+tl9CAstK79MYEeTRhkRQFgyqJMni1ISlR26hJAAN6BfDhYiT4Hu81ze0 3CJOnyPX68t06eIR2NXR4FM0UPnh1ryF6NLW4=
Received: by 10.91.27.24 with SMTP id e24mr2738869agj.164.1293430220232; Sun, 26 Dec 2010 22:10:20 -0800 (PST)
Received: from [192.168.0.125] (61-128-17-190.fibertel.com.ar [190.17.128.61]) by mx.google.com with ESMTPS id a76sm6387194yhd.30.2010.12.26.22.10.14 (version=TLSv1/SSLv3 cipher=RC4-MD5); Sun, 26 Dec 2010 22:10:18 -0800 (PST)
Sender: Fernando Gont <fernando.gont.netbook.win@gmail.com>
Message-ID: <4D16E08D.5060506@gont.com.ar>
Date: Sun, 26 Dec 2010 03:28:29 -0300
From: Fernando Gont <fernando@gont.com.ar>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2.8) Gecko/20100802 Thunderbird/3.1.2
MIME-Version: 1.0
To: "Gunter Van de Velde (gvandeve)" <gvandeve@cisco.com>
References: <AANLkTik248vSqAb79=oEWmzNwZ4xOP7ZSp01b6A4bXZ4@mail.gmail.com><00ff01cb9c3b$a51c7420$4001a8c0@gateway.2wire.net><20101216074536.6f10447e@opy.nosense.org><016401cb9d09$f5669b80$4001a8c0@gateway.2wire.net><20101218092942.728ac161@opy.nosense.org><AANLkTimre0KetNCA1Ai_Vv=85o35O_E3UK=hpLC8Onjv@mail.gmail.com><AANLkTinGvtHU7FYX9V5kfXO69eO2YUP5o-KpR1C33YQ7@mail.gmail.com><50C073CF-5AF2-401E-B753-5E20550F9AD2@cisco.com><AANLkTinS2r+gss88+nievMx5og4HNozz2PWHyrf+5sZw@mail.gmail.com><4D11B631.40406@bogus.com><1B3E2DA6-EF0B-42A1-873D-15FCD1060023@merike.com><4D128024.6010608@gont.com.ar><A4C28CA7-AEFC-432B-BD82-B8228F02E81E@cisco.com><4D12B9A6.5050307@gont.com.ar><AANLkTikPMZM=fe9Uv1=iFcJOx9=0_m-uw0h97Ld17yp-@mail.gmail.com><4D12C529.8040404@gont.com.ar><4269EA985EACD24987D82DAE2FEC62E502CDB101@XMB-AMS-101.cisco.com> <AANLkTim+2Ug8ne-XcBzVNDJqF2zOzej4FF9ikJZyAXE1@mail.gmail.com> <4269EA985EACD24987D82DAE2FEC62E502D58041@XMB-AMS-101.cisco.com>
In-Reply-To: <4269EA985EACD24987D82DAE2FEC62E502D58041@XMB-AMS-101.cisco.com>
X-Enigmail-Version: 1.1.1
OpenPGP: id=D076FFF1
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: v6ops@ietf.org
Subject: Re: [v6ops] network topology hiding
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Dec 2010 06:08:16 -0000
Hi, On 23/12/2010 12:53 p.m., Gunter Van de Velde (gvandeve) wrote: > Two things get confused here.... > > 1a) the functionality of the address translation to assist sharing an IP > address > 1b) the security the simple reflexive Access filter provides > 2) is confused with the fact that (1) and (2) do not provide 'real' > security in case of actual treat This explanation is indeed confusing ;-) Anyway, please see my other post on this thread about how a NAPT ends up providing what you seem to be referring to as "reflexive filter". Thanks, -- Fernando Gont e-mail: fernando@gont.com.ar || fgont@acm.org PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
- [v6ops] network topology hiding Toru Kuboshiki
- Re: [v6ops] network topology hiding Fred Baker
- Re: [v6ops] network topology hiding t.petch
- Re: [v6ops] network topology hiding Erik Kline
- Re: [v6ops] network topology hiding Carlos Martinez-Cagnazzo
- Re: [v6ops] network topology hiding Arturo Servin
- Re: [v6ops] network topology hiding Ted Lemon
- Re: [v6ops] network topology hiding Roland Bless
- Re: [v6ops] network topology hiding Joel Jaeggli
- Re: [v6ops] network topology hiding james woodyatt
- Re: [v6ops] network topology hiding Fernando Gont
- Re: [v6ops] network topology hiding Sander Steffann
- Re: [v6ops] network topology hiding Mark Smith
- Re: [v6ops] network topology hiding Roland Bless
- Re: [v6ops] network topology hiding Michael Newbery
- Re: [v6ops] network topology hiding Fernando Gont
- Re: [v6ops] network topology hiding Merike Kaeo
- Re: [v6ops] network topology hiding t.petch
- Re: [v6ops] network topology hiding Erik Kline
- Re: [v6ops] network topology hiding Mark Smith
- Re: [v6ops] network topology hiding Toru Kuboshiki
- Re: [v6ops] network topology hiding Mark Smith
- Re: [v6ops] network topology hiding Gunter Van de Velde (gvandeve)
- Re: [v6ops] network topology hiding Erik Kline
- Re: [v6ops] network topology hiding Fred Baker
- Re: [v6ops] network topology hiding Erik Kline
- Re: [v6ops] network topology hiding Joel Jaeggli
- Re: [v6ops] network topology hiding Merike Kaeo
- Re: [v6ops] network topology hiding Brian E Carpenter
- Re: [v6ops] network topology hiding Fernando Gont
- Re: [v6ops] network topology hiding Fernando Gont
- Re: [v6ops] network topology hiding Fred Baker
- Re: [v6ops] network topology hiding Fernando Gont
- Re: [v6ops] network topology hiding Erik Kline
- Re: [v6ops] network topology hiding Fernando Gont
- Re: [v6ops] network topology hiding Gunter Van de Velde (gvandeve)
- Re: [v6ops] network topology hiding Fernando Gont
- Re: [v6ops] network topology hiding Gunter Van de Velde (gvandeve)
- Re: [v6ops] network topology hiding Fernando Gont
- Re: [v6ops] network topology hiding Toru Kuboshiki
- Re: [v6ops] network topology hiding Joel Jaeggli