The End-To-End Internet (was Re: Blocking MX query)

Izaac izaac at setec.org
Wed Sep 5 16:48:47 CDT 2012


On Tue, Sep 04, 2012 at 03:45:32PM -0400, William Herrin wrote:
> That's what firewalls *are for* Jay. They intentionally break
> end-to-end for communications classified by the network owner as
> undesirable. Whether a particular firewall employs NAT or not is
> largely beside the point here. Either way, the firewall is *supposed*
> to break some of the end to end communication paths.

Which has had two basic results:

First, we've raised at least two generations of programmers who cannot
write a network-facing service able to stand up in so much as a stiff
breeze.  "Well it's behind the firewall, so no one will be able to see
it."

Second, we've killed -- utterly and completely -- countless promising
technologies and forced the rest to somehow figure out either how to
pretend to be HTTP or tunnel themselves.  That's just sad.

But even then, we're not talking about an end user choosing not to
permit certain kinds of inbound connectivity.  We're talking about
carriers inspecting and selectively interfering with (and in some cases
outright manipulating) communication in transit.  That's just plain
wrong.  

-- 
. ___ ___  .   .  ___
.  \    /  |\  |\ \
.  _\_ /__ |-\ |-\ \__



More information about the NANOG mailing list