[prev in list] [next in list] [prev in thread] [next in thread]
List: openbsd-misc
Subject: Re: UVM, UBC, and PF criticisms in comp.unix.solaris
From: Marc Espie <espie () schutzenberger ! liafa ! jussieu ! fr>
Date: 2002-01-02 7:44:37
[Download RAW message or body]
On Wed, Jan 02, 2002 at 03:44:44PM +1100, Darren Reed wrote:
> For starters, if you have two hosts, inside, which both want to ping
> the same external host, at exactly the same time, what do you do when
> you get 1 reply back instead of 2? Does the firewall get heavy and
> put its own data in the data part of the ICMP payload? What if the
> user is sending 0 bytes data? You can't exactly just add more because
> that has an effect on the measurement, however small or big.
It's already great having firewalls/NAT configured to let pings and
similar things through. I've often had to deal with sysadmins who configure
their network to not let anything through.
> The only answer is to say that NAT is evil.
Well, of course it is. But then, convincing everyone to switch to IPv6
is a tall order. Maybe this will change in a few years time.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic