Rate of growth on IPv6 not fast enough?

• Previous message (by thread): Rate of growth on IPv6 not fast enough?
• Next message (by thread): Rate of growth on IPv6 not fast enough?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 21 Apr 2010 14:24:37 -0400
William Herrin <bill at herrin.us> wrote:

> On Tue, Apr 20, 2010 at 9:34 PM, Karl Auer <kauer at biplane.com.au> wrote:
> > On Tue, 2010-04-20 at 12:59 -0700, Owen DeLong wrote:
> >> On Apr 20, 2010, at 12:31 PM, Roger Marquis wrote:
> >> > NAT _always_ fails-closed
> >> Stateful Inspection can be implemented fail-closed.
> >
> > Not to take issue with either statement in particular, but I think there
> > needs to be some consideration of what "fail" means.
> 
> Fail means that an inexperienced admin drops a router in place of the
> firewall to work around a priority problem while the senior engineer
> is on vacation. With NAT protecting unroutable addresses, that failure
> mode fails closed.
> 

Fail is expecting a low level staff member, who doesn't know better, to
substitute for a senior one, who does. Would you also let a
helpdesk teamleader (low level, relatively inexperienced management
position) take over the CEO's job if the CEO was available and there was
a business crisis? A medical student take over from a doctor in an
emergency ward?




> Regards,
> Bill Herrin
> 
> 
> 
> -- 
> William D. Herrin ................ herrin at dirtside.com  bill at herrin.us
> 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
> Falls Church, VA 22042-3004
> 

• Previous message (by thread): Rate of growth on IPv6 not fast enough?
• Next message (by thread): Rate of growth on IPv6 not fast enough?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]