v6 & DSL / Cable modems [was: Private use of non-RFC1918 IP space
jfbeam at gmail.com
Mon Feb 9 22:01:25 UTC 2009
On Fri, 06 Feb 2009 22:32:10 -0500, Owen DeLong <owen at delong.com> wrote:
> IPTables is decent firewall code.
Not really. It's quite complicated for a non-engineer type to manage.
Think of all the unpatched windows xp/vista users of the world.
> It's free.
> Further, since more and more CPE is being built on embedded linux,
> there's no reason
> that IPTables isn't a perfectly valid approach to the underlying
> firewall code.
No. It's not. While you might not be paying anyone for the software, it
does come with some significant costs... a moderately powerful processor
and a lot of memory. Ah, "but both are cheap these days, and getting
cheaper", you say. Tell me where I can get 500MHz+ processors and 16+ MB
of ram for "pennies". Case in point... (in case you missed it) Linksys
stopped using Linux on their popular WRT54G line years ago in favor of
vxWorks because it took less resources and therefor meant they could use
less memory (flash and ram) and save money despite paying a license fee
for vxWorks. (They still use vxWorks on the 54g, but have used linux on
their newer (much more expensive) hardware.)
DSL and cable modems are extremely simple devices. I'm amazed they have
any amount of "router" in them at all. And I've yet to see one running
Linux. (the 2 popular brands around here -- westell and motorola -- run
More information about the NANOG