On Fri, Apr 18, 2014 at 1:40 PM, Simon Perreault <simon@per.reau.lt> wrote:
Le 2014-04-18 13:35, William Herrin a écrit :
Your document specifies "Enterprise" firewalls. Frankly I think that's wise. Consumer and enterprise users have very different needs and very different cost points.
Over here we have no use for IPv6 NAT. We have our own PI space. I suspect many other enterprises would be in a similar situation.
I totally get your position, but I don't see how it can justify an Internet-wide requirement.
As I understand your document, you're trying to scope a set of minimum required features for a firewall that will be able to describe itself as "RFC whatever compliant." The idea is for folks working for large enterprises to be able to use such a tag as a discriminator for potential purchases. Since a pretty humongous number of them are using NAT with IPv4 and are likely to want to do so with IPv6, leaving that out of the required feature list seems counter-productive to your goal of a document which has utility to them. Besides, you have spam control and URL filtering in there. Do you seriously propose that spam control and URL filtering rank above NAT on the *firewall* requirements list? Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004