We had a discussion today about IPv6 today. During our open thinking the topic
of client equipment came up.
We all commented that we have not seen any consumer grade IPv6 enable internet gateways (routers/firewalls), a
kin to the ever popular Linksys 54G series, DLinks , SMCs or Netgears.
Does
Wade Peacock wrote:
We had a discussion today about IPv6 today. During our open thinking
the topic of client equipment came up.
We all commented that we have not seen any consumer grade IPv6 enable
internet gateways (routers/firewalls), a kin to the ever popular
Linksys 54G series, DLinks , SMC
-09 6:16 PM
To: nanog@nanog.org
Subject: Consumer Grade - IPV6 Enabled Router Firewalls.
We had a discussion today about IPv6 today. During our open thinking the
topic of client equipment came up.
We all commented that we have not seen any consumer grade IPv6 enable
internet gateways (routers
Apple has been shipping the Airport Extreme and Express (consumer
router) with v6 support since 2007, if I recall correctly. They can
also create a 4to6 tunnel automatically.
-Matt Dodd
On Dec 2, 2009, at 6:16 PM, Wade Peacock
wrote:
We had a discussion today about IPv6 today. During
Matthew Dodd wrote:
Apple has been shipping the Airport Extreme and Express (consumer
router) with v6 support since 2007, if I recall correctly. They can also
create a 4to6 tunnel automatically.
By 4to6 to you mean IPv4 on the inside and IPv6 on the outside?
Wade Peacock
Sun Country Cablev
On 3/12/2009, at 12:44 PM, Wade Peacock wrote:
Matthew Dodd wrote:
Apple has been shipping the Airport Extreme and Express (consumer
router) with v6 support since 2007, if I recall correctly. They can
also create a 4to6 tunnel automatically.
By 4to6 to you mean IPv4 on the inside and IPv6
I meant to say 6to4, sorry about that. Nothing special there.
-Matt
On Dec 2, 2009, at 6:44 PM, Wade Peacock
wrote:
Matthew Dodd wrote:
Apple has been shipping the Airport Extreme and Express (consumer
router) with v6 support since 2007, if I recall correctly. They can
also create a
On Wed, Dec 2, 2009 at 5:52 PM, Matthew Dodd wrote:
> I meant to say 6to4, sorry about that. Nothing special there.
>
> -Matt
>
>
4to6 would be a mighty nice feature on a CPE =)
--
Brandon Galbraith
Mobile: 630.400.6992
FNAL: 630.840.2141
On 12/2/09 7:24 PM, "Brandon Galbraith" wrote:
> On Wed, Dec 2, 2009 at 5:52 PM, Matthew Dodd wrote:
>
>> > I meant to say 6to4, sorry about that. Nothing special there.
>> >
>> > -Matt
>> >
>> >
> 4to6 would be a mighty nice feature on a CPE =)
===> If you are thinking about only giving a v6
Wade Peacock wrote:
> We had a discussion today about IPv6 today. During our open thinking
> the topic of client equipment came up. We all commented that we have
> not seen any consumer grade IPv6 enable internet gateways
> (routers/firewalls), a kin to the ever popular Linksys 54G series,
> DLi
There are specifications for them being developed in the IETF, BBF,
and Cable Labs. Basically, all of the usual suspects are interested in
having product that meets needs.
On Dec 2, 2009, at 3:16 PM, Wade Peacock wrote:
We had a discussion today about IPv6 today. During our open thinking
t
On 03/12/2009, at 11:24 AM, Fred Baker wrote:
> There are specifications for them being developed in the IETF, BBF, and Cable
> Labs. Basically, all of the usual suspects are interested in having product
> that meets needs.
I challenge the usual suspects to deliver actual working dual stack IP
> There are specifications for them being developed in the IETF, BBF,
> and Cable Labs. Basically, all of the usual suspects are interested in
> having product that meets needs.
>
>> We had a discussion today about IPv6 today. During our open thinking
>> the topic of client equipment came up
Would you consider Juniper SSG5 as a Consumer Grade router?
They do IPv6 and they are pretty good in general, and cheap as well.
Mehmet
On Dec 2, 2009, at 3:16 PM, Wade Peacock wrote:
> We had a discussion today about IPv6 today. During our open thinking the
> topic of client equipment came up
Wade Peacock wrote:
> We had a discussion today about IPv6 today. During our open thinking the
> topic of client equipment came up.
> We all commented that we have not seen any consumer grade IPv6 enable
> internet gateways (routers/firewalls), a kin to the ever popular Linksys
> 54G series, DLinks
On 03/12/2009, at 12:45 PM, Matthew Moyle-Croft wrote:
> Come on CPE vendors - most of your run Linux in your CPEs these days. How
> hard is it to make it work? Someone got an image working for us with
> OpenWRT in his spare time in a week, surely you CPE vendors can cobble
> something toget
On 03/12/2009, at 12:53 PM, Mehmet Akcin wrote:
> Would you consider Juniper SSG5 as a Consumer Grade router?
Depends. Can I get one at Frys for $69.95 and set it up with
a web browser?
- mark
--
Mark Newton Email: new...@internode.com.au (W)
Network Engineer
On Wed, Dec 2, 2009 at 18:23, Mehmet Akcin wrote:
> Would you consider Juniper SSG5 as a Consumer Grade router?
No. Way too expensive and virtually 100% of consumers would not be
able to install it on their own.
On 03/12/2009, at 9:51 AM, Dave Temkin wrote:
> You're correct, out of the box there aren't many. The first couple that come
> to mind are the Apple Airport Express and Airport Extreme, but I don't
> believe Linksys/Netgear/etc. have support out of the box.
The Apple products do 6to4 out of t
On Wed, Dec 2, 2009 at 8:30 PM, Mark Newton wrote:
>
> On 03/12/2009, at 12:53 PM, Mehmet Akcin wrote:
>
>> Would you consider Juniper SSG5 as a Consumer Grade router?
>
> Depends. Can I get one at Frys for $69.95 and set it up with
> a web browser?
That would be cool, a nice box running JUNOS f
On Dec 2, 2009, at 6:53 PM, Jorge Amodio wrote:
> On Wed, Dec 2, 2009 at 8:30 PM, Mark Newton wrote:
>>
>> On 03/12/2009, at 12:53 PM, Mehmet Akcin wrote:
>>
>>> Would you consider Juniper SSG5 as a Consumer Grade router?
>>
>> Depends. Can I get one at Frys for $69.95 and set it up with
>>
I think they're (all) listed here:
http://www.getipv6.info/index.php/Broadband_CPE
Frank
-Original Message-
From: Wade Peacock [mailto:wade.peac...@sunwave.net]
Sent: Wednesday, December 02, 2009 5:16 PM
To: nanog@nanog.org
Subject: Consumer Grade - IPV6 Enabled Router Firewalls
Bill Fehring wrote:
On Wed, Dec 2, 2009 at 18:23, Mehmet Akcin wrote:
Would you consider Juniper SSG5 as a Consumer Grade router?
No. Way too expensive and virtually 100% of consumers would not be
able to install it on their own.
If they can't plug it in (that's a huge task on its own for
>
> Frank
>
> -Original Message-
> From: Wade Peacock [mailto:wade.peac...@sunwave.net]
> Sent: Wednesday, December 02, 2009 5:16 PM
> To: nanog@nanog.org
> Subject: Consumer Grade - IPV6 Enabled Router Firewalls.
>
> We had a discussion today about IPv6 to
A Mikrotik Routerboard supports IPv6. Fairly cheap, under $100. But
not easy enough for a novice home user to configure on their own. Could
be a good cpe if it was pre-configured from the service provider though.
I use a MT box at home which serves as my router, dual stack, and then
set's u
Once upon a time, Mehmet Akcin said:
> Noted on the christmas tree for santa ;) let's see if it will happen..
> SSG5s are still on ScreenOS and going to be..., SRX series run JunOS
> but little too pricey for a home router :)
I think the SRX100 is the intended replacement for the SSG5.
--
Chris
I believe that the Fritz box and the Apple Airport series gateways
both qualify, although there
is a price difference on the Apple gear. I am not sure about the price
of the Fritz.
Owen
On Dec 2, 2009, at 3:16 PM, Wade Peacock wrote:
We had a discussion today about IPv6 today. During our op
On Dec 2, 2009, at 6:41 PM, Mark Newton wrote:
On 03/12/2009, at 9:51 AM, Dave Temkin wrote:
You're correct, out of the box there aren't many. The first couple
that come to mind are the Apple Airport Express and Airport
Extreme, but I don't believe Linksys/Netgear/etc. have support out
Probably the same time they'll figure out the over-3-yrs-old IGMP ver3
support (for a *multimedia-oriented* company, multicast seem to still be
foreign ... oh, well...)
***Stefan Mititelu
http://twitter.com/netfortius
http://www.linkedin.com/in/netfortius
On Wed, Dec 2, 2009 at 10:56 PM, Owen De
On 03/12/2009, at 3:26 PM, Owen DeLong wrote:
>>> You're correct, out of the box there aren't many. The first couple that
>>> come to mind are the Apple Airport Express and Airport Extreme, but I don't
>>> believe Linksys/Netgear/etc. have support out of the box.
>>
>> The Apple products do 6
On Thu, 3 Dec 2009, Mark Newton wrote:
On 03/12/2009, at 9:51 AM, Dave Temkin wrote:
You're correct, out of the box there aren't many. The first couple that come
to mind are the Apple Airport Express and Airport Extreme, but I don't believe
Linksys/Netgear/etc. have support out of the bo
Wade Peacock wrote:
> We had a discussion today about IPv6 today. During our open thinking the
> topic of client equipment came up.
> We all commented that we have not seen any consumer grade IPv6 enable
> internet gateways (routers/firewalls), a kin to the ever popular Linksys
> 54G series, DLin
Mohacsi Janos wrote:
According to Apple the latest Apple Airport Extreme does support
DHCPv6 prefix delegation and native IPv6 uplink not only 6to4.
Airports don't support DHCPv6 PD yet. I'm led to believe that they may
in the future from my Apple friends but not yet.
MMC
A list of CPEs, routers, firewalls and other hardware and software are at
http://www.ipv6-to-standard.org/
César Olvera
-Original Message-
From: Wade Peacock [mailto:wade.peac...@sunwave.net]
Sent: Wednesday, December 02, 2009 5:16 PM
To: nanog@nanog.org
Subject: Consumer Grade - IPV6
On Thu, 3 Dec 2009, Matthew Moyle-Croft wrote:
Mohacsi Janos wrote:
According to Apple the latest Apple Airport Extreme does support DHCPv6
prefix delegation and native IPv6 uplink not only 6to4.
Airports don't support DHCPv6 PD yet. I'm led to believe that they may in
the future fro
> From: Mark Newton [mailto:new...@internode.com.au]
> On 03/12/2009, at 9:51 AM, Dave Temkin wrote:
>
> > You're correct, out of the box there aren't many. The first couple that
> > come to mind are the Apple Airport Express and Airport Extreme, but I
don't
> > believe Linksys/Netgear/etc. have
On 03/12/2009, at 22:46, "TJ" wrote:
From: Mark Newton [mailto:new...@internode.com.au]
On 03/12/2009, at 9:51 AM, Dave Temkin wrote:
You're correct, out of the box there aren't many. The first
couple that
come to mind are the Apple Airport Express and Airport Extreme,
but I
don't
bel
Mark Newton wrote:
The fact that someone got OpenWRT working in less than a week of spare
time makes it totally clear why the commercial vendors haven't done
anything: They're just simply not interested, nothing more, nothing
less.
I suspect they didn't use DHCPv6-PD with that OpenWRT. I've ha
ay, December 03, 2009 7:06 PM
To: Mark Newton
Cc: nanog@nanog.org
Subject: Re: Consumer Grade - IPV6 Enabled Router Firewalls.
Mark Newton wrote:
> The fact that someone got OpenWRT working in less than a week of spare
> time makes it totally clear why the commercial vendors haven't done
AC?
Frank
-Original Message-
From: jason.w...@cox.com [mailto:jason.w...@cox.com]
Sent: Thursday, December 03, 2009 8:54 PM
To: jba...@brightok.net; new...@internode.com.au
Cc: nanog@nanog.org
Subject: RE: Consumer Grade - IPV6 Enabled Router Firewalls.
One of the better/only decent impleme
om.au
Cc: nanog@nanog.org
Subject: RE: Consumer Grade - IPV6 Enabled Router Firewalls.
One of the better/only decent implementations I have run across in the
retail world so far is the D-Link 615SW. Look for the IPv6_Ready Gold cert
emblem (found this on an encap at Fry's and nobody in the
I guess Cisco's 800's are out of the "Consumer Grade" price range, but
any comments
about v6 support on them and how they compare with other options.
Just looking for feedback about good options for sort remote/branch/home office.
Regards
Jorge
They work pretty well.
They're one of the few that you can buy which supports DSL and they work.
IPv6 support on the WIFI interfaces is IOS version dependent.
They support DHCPv6 PD etc. I'm using one right now with v6.
MMC
On 04/12/2009, at 10:41 PM, Jorge Amodio wrote:
> I guess Cisco'
>From: Mark Newton [mailto:new...@internode.com.au]
>
> > FWIW - The (Cisco) Linksys 610N does (and perhaps others do?) the same
> > amount of IPv6 the Airport Extreme does - 6to4, SLAAC - out of the
> > box, by default. In fact, I am not sure you can turn it off ..
>
> Yep -- which is worse than
On Fri, 4 Dec 2009, Jorge Amodio wrote:
I guess Cisco's 800's are out of the "Consumer Grade" price range, but
any comments
about v6 support on them and how they compare with other options.
Just looking for feedback about good options for sort remote/branch/home office.
Some 800's are supp
On Fri, Dec 04, 2009 at 10:59:49PM +1030, Matthew Moyle-Croft wrote:
> They work pretty well.
>
> They're one of the few that you can buy which supports DSL and they work.
> IPv6 support on the WIFI interfaces is IOS version dependent.
>
> They support DHCPv6 PD etc. I'm using one right now
Jorge Amodio writes:
> I guess Cisco's 800's are out of the "Consumer Grade" price range, but
> any comments about v6 support on them and how they compare with other
> options.
Once you find the right IOS version they are working great. ;-)
I had to upgrade my router @home in order to use IPv6
Brandon Ewing writes:
> Can you comment on what version you got it to work on? I haven't futzed
> with it much, but with 12.4(24)T2, you can't put an ipv6 address directly on
> the wireless subinterface. I tried putting it on a BVI interface, but
> didn't have much luck.
Version 12.4(20)T1 wo
--On Wednesday, December 02, 2009 6:23 PM -0800 Mehmet Akcin
wrote:
Would you consider Juniper SSG5 as a Consumer Grade router?
They do IPv6 and they are pretty good in general, and cheap as well.
Not as usable in the consumer space due to lack of UPnP (and Juniper is NOT
interested in
On Dec 10, 2009, at 4:56 PM, Michael Loftis wrote:
--On Wednesday, December 02, 2009 6:23 PM -0800 Mehmet Akcin > wrote:
Would you consider Juniper SSG5 as a Consumer Grade router?
They do IPv6 and they are pretty good in general, and cheap as well.
Not as usable in the consumer space
Once upon a time, Owen DeLong said:
> UPnP is a bad idea that (fortunately) doesn't apply to IPv6 anyway.
>
> You don't need UPnP if you'r not doing NAT.
You need UPnP for a stateful firewall, whether it is mangling packets
with NAT or not. I have an Xbox 360 behind an SSG-5 with no NAT, and I
On 11/12/2009, at 1:14 PM, Owen DeLong wrote:
>
> You don't need UPnP if you'r not doing NAT.
You kinda do if you're using a stateful firewall with a "deny
everything that shouldn't be accepted" policy. UPnP (or something
like it) would have to tell the firewall what should be accepted.
-
Mark Newton wrote, on 2009-12-11 03:09:
> You kinda do if you're using a stateful firewall with a "deny
> everything that shouldn't be accepted" policy. UPnP (or something
> like it) would have to tell the firewall what should be accepted.
That's putting the firewall at the mercy of viruses, worm
On Fri, 11 Dec 2009 07:41:59 EST, Simon Perreault said:
> Mark Newton wrote, on 2009-12-11 03:09:
> > You kinda do if you're using a stateful firewall with a "deny
> > everything that shouldn't be accepted" policy. UPnP (or something
> > like it) would have to tell the firewall what should be acce
valdis.kletni...@vt.edu wrote, on 2009-12-11 08:06:
> On Fri, 11 Dec 2009 07:41:59 EST, Simon Perreault said:
>> Mark Newton wrote, on 2009-12-11 03:09:
>>> You kinda do if you're using a stateful firewall with a "deny
>>> everything that shouldn't be accepted" policy. UPnP (or something
>>> like
> Mark Newton wrote, on 2009-12-11 03:09:
> > You kinda do if you're using a stateful firewall with a "deny
> > everything that shouldn't be accepted" policy. UPnP (or something
> > like it) would have to tell the firewall what should be accepted.
>
> That's putting the firewall at the mercy of v
Joe Greco wrote, on 2009-12-11 08:36:
> Everyone knows a NAT gateway isn't really a firewall, except more or less
> accidentally. There's no good way to provide a hardware firewall in an
> average residential environment that is not a disaster waiting to happen.
>
> If you make it "smart" (i.e.
On Fri, 11 Dec 2009, Simon Perreault wrote:
We have thus come to the conclusion that there shouldn't be a NAT-like
firewall in IPv6 home routers.
No, the conclusion is that for IPv6 there should be something that behaves
much like current IPv4 NAT boxes, ie do stateful firewalling and only le
Once upon a time, Joe Greco said:
> Everyone knows a NAT gateway isn't really a firewall, except more or less
> accidentally. There's no good way to provide a hardware firewall in an
> average residential environment that is not a disaster waiting to happen.
I don't think hardware vs. software
> Once upon a time, Joe Greco said:
> > Everyone knows a NAT gateway isn't really a firewall, except more or less
> > accidentally. There's no good way to provide a hardware firewall in an
> > average residential environment that is not a disaster waiting to happen.
>
> I don't think hardware
Joe Greco wrote:
Everyone knows a NAT gateway isn't really a firewall, except more or less
accidentally. There's no good way to provide a hardware firewall in an
average residential environment that is not a disaster waiting to happen.
Gotta love it. A proven technology, successfully implemen
On Fri, 11 Dec 2009, Roger Marquis wrote:
Joe Greco wrote:
Everyone knows a NAT gateway isn't really a firewall, except more or less
accidentally. There's no good way to provide a hardware firewall in an
average residential environment that is not a disaster waiting to happen.
Gotta love
rybody the effort.
>
> Not if the victim doesn't have rights on the firewall (e.g. enterprise).
Would you be using "Consumer Grade - IPV6 Enabled Router Firewalls" in the
enterprise? 'cos if you would, I think I might have entered the wrong
thread :)
- ma
On 12/12/2009, at 12:11 AM, Simon Perreault wrote:
> We have thus come to the conclusion that there shouldn't be a NAT-like
> firewall
> in IPv6 home routers.
Eh? What does NAT have to do with anything? We already know that IPv6
residential firewalls won't do NAT, so why bring it into this di
On 12/12/2009, at 4:15 PM, Roger Marquis wrote:
> Is there a natophobe in the house who thinks there shouldn't be stateful
> inspection in IPv6? If not then could you explain what overhead NAT
> requires that stateful inspection hasn't already taken care of?
I handwave past all that by pointing
On Fri, 2009-12-11 at 21:45 -0800, Roger Marquis wrote:
> If you're going to implement
> statefulness there is no technical downside to implementing NAT as well.
> No downside, plenty of upsides, no brainer...
Of course there are downsides to implementing NAT - adding any feature
to a device incre
On 12/12/2009 01:55 AM, Mark Newton wrote:
Would you be using "Consumer Grade - IPV6 Enabled Router Firewalls" in the
enterprise? 'cos if you would, I think I might have entered the wrong
thread :)
Yeah, I think I did. Sorry for the noise.
Simon
--
DNS64 open-so
d IPv6 to the
home several years ago, with explicit IPv6 advertisement on TV during
prime time.
Alex
Frank
-Original Message-
From: Wade Peacock [mailto:wade.peac...@sunwave.net]
Sent: Wednesday, December 02, 2009 5:16 PM
To: nanog@nanog.org
Subject: Consumer Grade - IPV6 En
Mohacsi Janos a écrit :
On Thu, 3 Dec 2009, Matthew Moyle-Croft wrote:
Mohacsi Janos wrote:
According to Apple the latest Apple Airport Extreme does support
DHCPv6 prefix delegation and native IPv6 uplink not only 6to4.
Airports don't support DHCPv6 PD yet. I'm led to believe that th
>> You're correct, out of the box there aren't many. The first couple that
>> come to mind are the Apple Airport Express and Airport Extreme, but I don't
>> believe Linksys/Netgear/etc. have support out of the box.
>
> The Apple products do 6to4 out of the box, but don't support v6 natively.
>
>
> I challenge the usual suspects to deliver actual working dual stack IPv6 ADSL
> CPE rather than feigning interest. None of the major CPE vendors appear to
> have a v6 plan despite your claims. We have an IPv6 dual stack trial for
> ADSL going on and not a single CPE from the _major consume
IPv4 addresses until enough of the internet is
dual-stack.
Frank
-Original Message-
From: Rubens Kuhl [mailto:rube...@gmail.com]
Sent: Saturday, December 12, 2009 12:48 PM
To: nanog@nanog.org
Subject: Re: Consumer Grade - IPV6 Enabled Router Firewalls.
> I challenge the usual s
c...@sunwave.net] Sent: Wednesday,
December 02, 2009 5:16 PM
To: nanog@nanog.org
Subject: Consumer Grade - IPV6 Enabled Router Firewalls.
We had a discussion today about IPv6 today. During our open thinking the
topic of client equipment came up.
We all commented that we have not seen any consumer gr
On Sat, 12 Dec 2009, Alexandru Petrescu wrote:
Mohacsi Janos a écrit :
On Thu, 3 Dec 2009, Matthew Moyle-Croft wrote:
Mohacsi Janos wrote:
According to Apple the latest Apple Airport Extreme does support DHCPv6
prefix delegation and native IPv6 uplink not only 6to4.
Airports don't
Owen DeLong wrote:
>
> On Dec 10, 2009, at 4:56 PM, Michael Loftis wrote:
>
>>
>>
>> --On Wednesday, December 02, 2009 6:23 PM -0800 Mehmet Akcin
>> wrote:
>>
>>> Would you consider Juniper SSG5 as a Consumer Grade router?
>>>
>>> They do IPv6 and they are pretty good in general, and cheap as
On 13/12/2009, at 10:10 AM, Frank Bulk wrote:
> While the support burden will be raised, I think the network needs to be
> dual-stack from end-to-end if SPs want to keep middle-boxes out. But for
> those who really do run out of IPv4 addresses, I'm not sure how middle-boxes
> can be avoided. Ki
--On Sunday, December 13, 2009 9:17 AM -0800 Joel Jaeggli
wrote:
UPnP is a bad idea that (fortunately) doesn't apply to IPv6 anyway.
You don't need UPnP if you'r not doing NAT.
wishful thinking.
you're likely to still have a staeful firewall and in the consumer space
someone is likely
In message , Mark Newton
writes:
> Of course, all of this is predicated on the notion that CGNs will
> actually exist. As far as I can tell they're all vapourware at the
> moment.
Comcast commissioned ISC to develop a working CGN. We are in the final
release stages of our CGN product, AFTR.
ss type
of box?
Frank
-Original Message-
From: ma...@isc.org [mailto:ma...@isc.org]
Sent: Sunday, December 13, 2009 4:14 PM
To: Mark Newton
Cc: frnk...@iname.com; nanog@nanog.org
Subject: Re: Consumer Grade - IPV6 Enabled Router Firewalls.
In message , Mark
Newton
writes:
> Of c
On 14/12/2009, at 9:38 AM, Frank Bulk wrote:
> I hope you're right. I really hope that there's this phenomenal transition
> in 2011 of content from 0.1% IPv6-accessible to 99% IPv6-accessible.
Forget content, they're just along for the ride.
When most service providers have eye-wateringly shit
I really am honestly sick of people thinking IPv6 is a panacea. It
isn't. UPnP is rather a bit of a hack for sure, protocols should be
better designed, but in this modern age of Peer To Peer you need a
way for applications to ask the firewall to selectively open
incoming ports.
If the a
UPnP is a bad idea that (fortunately) doesn't apply to IPv6 anyway.
You don't need UPnP if you'r not doing NAT.
wishful thinking.
you're likely to still have a staeful firewall and in the consumer
space
someone is likely to want to punch holes in it.
Yes, SI will still be needed. However
On Mon, 2009-12-14 at 00:58 -0800, Owen DeLong wrote:
> However, UPnP is, at it's heart a way
> to allow
> arbitrary unauthenticated applications the power to amend your security
> policy to their will. Can you possibly explain any way in which such a
> thing is at all superior to no firewall at
Once upon a time, Owen DeLong said:
> I would argue that a firewall that can be reconfigured by any applet a
> user
> clicks on (whether they know it or not) is actually less useful than no
> firewall because it creates the illusion in the users mind that there
> is a
> firewall protecting the
On Mon, 14 Dec 2009, Owen DeLong wrote:
UPnP is a bad idea that (fortunately) doesn't apply to IPv6 anyway.
You don't need UPnP if you'r not doing NAT.
wishful thinking.
you're likely to still have a stateful firewall and in the consumer space
someone is likely to want to punch holes in i
Owen DeLong wrote:
>>> UPnP is a bad idea that (fortunately) doesn't apply to IPv6 anyway.
>>>
>>> You don't need UPnP if you'r not doing NAT.
>>
>> wishful thinking.
>>
>> you're likely to still have a staeful firewall and in the consumer space
>> someone is likely to want to punch holes in it.
On Dec 14, 2009, at 11:47 PM, Joel Jaeggli wrote:
>
>
> Owen DeLong wrote:
UPnP is a bad idea that (fortunately) doesn't apply to IPv6 anyway.
You don't need UPnP if you'r not doing NAT.
>>>
>>> wishful thinking.
>>>
>>> you're likely to still have a staeful firewall and in th
* Steven Bellovin (s...@cs.columbia.edu) wrote:
>
> On Dec 14, 2009, at 11:47 PM, Joel Jaeggli wrote:
> > Owen DeLong wrote:
> > Stable outgoing connections for p2p apps, messaging, gaming platforms
> > and foo website with java script based rpc mechanisms have similar
> > properties. I don't slee
On 15/12/2009, at 11:19 PM, Joakim Aronius wrote:
> So what you are saying is that ease of use and service availability is
> priority one. Then what exactly are the responsibilities of the ISP and CPE
> manufacturer when it comes to security? CPEs with WiFi usually comes with the
> advice to c
On Dec 15, 2009, at 4:49 AM, Joakim Aronius wrote:
* Steven Bellovin (s...@cs.columbia.edu) wrote:
On Dec 14, 2009, at 11:47 PM, Joel Jaeggli wrote:
Owen DeLong wrote:
Stable outgoing connections for p2p apps, messaging, gaming
platforms
and foo website with java script based rpc mechanis
* Mark Newton (new...@internode.com.au) wrote:
>
> On 15/12/2009, at 11:19 PM, Joakim Aronius wrote:
>
> > So what you are saying is that ease of use and service availability is
> > priority one. Then what exactly are the responsibilities of the ISP and CPE
> > manufacturer when it comes to sec
rescu [mailto:alexandru.petre...@gmail.com]
Sent: Saturday, December 12, 2009 8:44 AM
To: Mohacsi Janos
Cc: nanog@nanog.org
Subject: Re: Consumer Grade - IPV6 Enabled Router Firewalls.
Mohacsi Janos a écrit :
>
>
>
> On Thu, 3 Dec 2009, Matthew Moyle-Croft wrote:
>
>>
>>
>> Moha
ru Petrescu [mailto:alexandru.petre...@gmail.com]
> Sent: Saturday, December 12, 2009 8:44 AM
> To: Mohacsi Janos
> Cc: nanog@nanog.org
> Subject: Re: Consumer Grade - IPV6 Enabled Router Firewalls.
>
> Mohacsi Janos a écrit :
>>
>>
>>
>> On T
gt; Frank
>
> -Original Message-
> From: Alexandru Petrescu [mailto:alexandru.petre...@gmail.com]
> Sent: Saturday, December 12, 2009 8:44 AM
> To: Mohacsi Janos
> Cc: nanog@nanog.org
> Subject: Re: Consumer Grade - IPV6 Enabled Router Firewalls.
>
> Mohacsi Janos a
On 27 Feb 2010, at 20:58, John Jason Brzozowski wrote:
Related to the comment below the latest release of the Apple Airport
Extremes and Time Capsules support IPv6 including prefix delegation
and
stateful DHCPv6 on the WAN interface.
Is that latest hardware releases or software releases?
I am testing with the latest hardware which I assume was released with a new
firmware.
On 2/27/10 4:02 PM, "Fearghas McKay" wrote:
>
> On 27 Feb 2010, at 20:58, John Jason Brzozowski wrote:
>
>> Related to the comment below the latest release of the Apple Airport
>> Extremes and Time Capsules
On 02/27/10 13:17, John Jason Brzozowski wrote:
> I am testing with the latest hardware which I assume was released with a new
> firmware.
That is not in any way a safe assumption.
--
... and that's just a little bit of history repeating.
-- Propellerheads
platform(s).
>>
>> This is good news.
>>
>> Frank
>>
>> -Original Message-
>> From: Alexandru Petrescu [mailto:alexandru.petre...@gmail.com]
>> Sent: Saturday, December 12, 2009 8:44 AM
>> To: Mohacsi Janos
>> Cc: nanog@nanog
98 matches
Mail list logo
