But Kriss, does firewall apply to router or to client connected to router?
And when I talk about router I d mean the real thing, not the client end of things like at home where a device receive one IP and have a non routable to the internet local netork that need to NAT all the traffic to it's client.
How do you firewall anything if you need to route traffic back and fort as a real router on the internet?
Firewall is not a routing protocol. It is not at the same network layer at all.
We are trying to fix a layer 3 problem with a layer 4 solution.
________________________________________ De : 44Net 44net-bounces+petem001=hotmail.com@mailman.ampr.org de la part de Kris Kirby via 44Net 44net@mailman.ampr.org Envoyé : 14 août 2021 21:40 À : Af6ep via 44Net Cc : Kris Kirby Objet : Re: [44net] A new era of IPv4 Allocations : Agree - No I don't
On Sat, 14 Aug 2021, Af6ep via 44Net wrote:
Yes, the roblem we have is that of bad actors and those not following thu amprnet AUP. We have that problem if we have one address space or multiple address spaces. splitting the space does not solve that. This is yet another example of attempting to solve a human socal problem by technical means. It' won't work, because it can't work.
He's right, BGP hijacking is a thing, and it can happen to us as well as it can happen to anyone else. There were even some threat actors at one time who were trying to make private peering agreements to use address space that was already allocated to other organization but not announced via BGP to the world.
The world is not a nice place. If you're going to use live 44net IPs, you need to have a firewall in place and defense in depth to keep safe.
-- Kris Kirby, KE4AHR Disinformation Architect, Systems Mangler, & Network Mismanager _________________________________________ 44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net