- From: Patrik Fältström <paf@cisco.com>
- Date: Wed, 22 Aug 2001 18:25:11 +0200
- To: Keith Moore <moore@cs.utk.edu>
- cc: Keith Moore <moore@cs.utk.edu>, Eric Brunner-Williams in Portland Maine <brunner@nic-naa.net>, jpalme@dsv.su.se, discuss@apps.ietf.org
--On 01-08-22 11.23 -0400 Keith Moore <moore@cs.utk.edu> wrote: >> Is (1) and/or (2) ok? > > no. the last thing we need is to legitimize things that put brittle > per-flow state inside the network, intercept traffic for third parties, > increase the dependence on DNS reliability (making the network less > reliable), break existing applications, and reduce the flexibility of new > applications. > > you can't fix the NAT problem with hacks like this. it only makes it > worse. I was not talking about NAT's, but things that block traffic on certain ports, like normal firewalls, but you are completely right that this can be used for NAT purposes aswell. But, I get your point. Doing DHCP request, pppoe authentication etc when a host "wakes up" and get's an IP address is one thing. Doing the same or similar things when it for example starts it's "SIP telephony listener" or initiates some other flow is not good. That is what I read in your message. paf
Received on Wednesday, 22 August 2001 12:29:21 UTC