I don't need no stinking firewall!

Mark Smith nanog at 85d5b20a518b8f6864949bd940457dc124746ddc.nosense.org
Tue Jan 5 17:38:43 CST 2010


On Tue, 5 Jan 2010 20:51:47 +0000
Tony Finch <dot at dotat.at> wrote:

> On Tue, 5 Jan 2010, Brian Johnson wrote:
> >
> > Given this information, and not prejudging any responses, exactly what
> > is a firewall for and when is statefull inspection useful?
> 
> Stateful inspection is useful for breaking things in subtle and
> hard-to-debug ways.
> http://fanf.livejournal.com/102206.html
> http://fanf.livejournal.com/95831.html
> 

Your second article (with the pointer to "end-to-end arguments in
systems design") reminded me of this thread that came up on the Linux
networking development mailing list recently. TCP was flaking out, but
if the same traffic was tunnelled over the same connection, all was
good.

Strange TCP behavior over HSDPA
http://www.spinics.net/lists/netdev/msg116809.html




> Tony.
> -- 
> f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/
> GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS.
> MODERATE OR GOOD.
> 




More information about the NANOG mailing list