-----Original Message----- From: Valdis.Kletnieks@vt.edu [mailto:Valdis.Kletnieks@vt.edu] Sent: Wednesday, January 06, 2010 3:46 PM To: nanog@nanog.org Subject: Re: I don't need no stinking firewall!
On Tue, 05 Jan 2010 23:14:05 CST, Ryan Brooks said:
Everyone needs to listen to Roland's mantra: "stateless ACLs in hardware than can handle Mpps". It's more than just a hint.
I suspect that more than a few need to be reminded that "stateless ACLs in switch hardware" is just another name for "switch that also does stateless firewall".
I don't think so: "stateless ACLs in switch hardware" != " switch that also does stateless firewall" IMHO... "stateless ACLs in [switch|router] hardware" = ACLs applied to interfaces that filter packets based on source or destination IP addresses and ports, or protocols. Correct me if I'm wrong Roland. - Brian CONFIDENTIALITY NOTICE: This email message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, copying, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. Thank you.