Requirements for IPv6 Firewalls
bill at herrin.us
Fri Apr 18 18:57:13 UTC 2014
On Fri, Apr 18, 2014 at 2:32 PM, Simon Perreault <simon at per.reau.lt> wrote:
> Le 2014-04-18 14:20, William Herrin a écrit :
>> That would either be a very short document or a document so
>> ideologically loaded that it has no technical utility. The Internet is
>> pretty resilient. There isn't much a firewall can do to break it.
> In IETF we routinely use the phrase "breaking the Internet" to mean
> something rather more limited than "breaking all of the Internet". There
> are tons of things firewalls can do, and some do today, that would be
> considered breaking the Internet.
> FYI, we had a similar document targeted at CGNs:
Excluding references and remarks RFC 6888 is 8 pages long with 15
total requirements. Short.
I'll let the firewall document's authors speak for themselves about
their document's purpose. In the abstract, they said: ''This has
typically been a problem for network operators, who typically have to
produce a "Request for Proposal" from scratch that describes such
That says, "discriminator for potential purchases" to me. What's your take?
I agree that a "don't break the Internet' firewall requirements
document could have utility. But that doesn't appear to be this
document. And if done well, such a document would be short just like
William D. Herrin ................ herrin at dirtside.com bill at herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004
More information about the NANOG