[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: UVM, UBC, and PF criticisms in comp.unix.solaris

To: misc@openbsd.org
Subject: Re: UVM, UBC, and PF criticisms in comp.unix.solaris
From: Marc Espie <espie@schutzenberger.liafa.jussieu.fr>
Date: Wed, 2 Jan 2002 08:44:37 +0100
Content-Disposition: inline
Mail-Followup-To: misc@openbsd.org
References: <001701c19251$1d4d5c60$02e3a2d1@orion> <200201020444.g024ii75026581@cairo.anu.edu.au>
User-Agent: Mutt/1.2.5i

On Wed, Jan 02, 2002 at 03:44:44PM +1100, Darren Reed wrote:
> For starters, if you have two hosts, inside, which both want to ping
> the same external host, at exactly the same time, what do you do when
> you get 1 reply back instead of 2?  Does the firewall get heavy and
> put its own data in the data part of the ICMP payload?  What if the
> user is sending 0 bytes data?  You can't exactly just add more because
> that has an effect on the measurement, however small or big.

It's already great having firewalls/NAT configured to let pings and
similar things through. I've often had to deal with sysadmins who configure
their network to not let anything through.

> The only answer is to say that NAT is evil.

Well, of course it is.  But then, convincing everyone to switch to IPv6
is a tall order. Maybe this will change in a few years time.

References:
- Re: UVM, UBC, and PF criticisms in comp.unix.solaris
  - From: Darren Reed <avalon@cairo.anu.edu.au>

Prev by Date: Re: Problem upgrading to 2.9
Next by Date: Re: uname -n output from where?
Prev by thread: Re: UVM, UBC, and PF criticisms in comp.unix.solaris
Next by thread: Re: UVM, UBC, and PF criticisms in comp.unix.solaris
Index(es):
- Date
- Thread