nanog mailing list archives

Re: Requirements for IPv6 Firewalls

From: "Dobbins, Roland" <rdobbins () arbor net>
Date: Thu, 17 Apr 2014 12:51:17 +0000


On Apr 17, 2014, at 7:35 PM, Dustin Jurman <dustin () rseng net> wrote:

- packets per second
      - Firewall Level
      - Hosts level


This is getting into QoS territory . . .

- packet size information


Concur - packet-length.

      - Average for FW of all Network hosts


This isn't very operationally useful, IMHO.

      - Negotiated Between Hosts


I'm not sure what this means?

But classifiers for everything in the IP, TCP, UDP, and ICMP headers, along with packet length, makes a lot of sense.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com>

          Luck is the residue of opportunity and design.

                       -- John Milton

Current thread:

Requirements for IPv6 Firewalls Fernando Gont (Apr 17)
- RE: Requirements for IPv6 Firewalls Dustin Jurman (Apr 17)
  - Re: Requirements for IPv6 Firewalls Dobbins, Roland (Apr 17)
    - Re: Requirements for IPv6 Firewalls David Newman (Apr 17)
    - Re: Requirements for IPv6 Firewalls Dobbins, Roland (Apr 17)
    - Re: Requirements for IPv6 Firewalls Fernando Gont (Apr 17)
    - RE: Requirements for IPv6 Firewalls Dustin Jurman (Apr 17)
    - Re: Requirements for IPv6 Firewalls Dobbins, Roland (Apr 17)
- Re: Requirements for IPv6 Firewalls William Herrin (Apr 17)
  - Re: Requirements for IPv6 Firewalls Fernando Gont (Apr 17)
    - Re: Requirements for IPv6 Firewalls William Herrin (Apr 17)
    - Re: Requirements for IPv6 Firewalls Eugeniu Patrascu (Apr 17)
    - Re: Requirements for IPv6 Firewalls William Herrin (Apr 17)

(Thread continues...)