[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-morrow-filter-caps-00 comments

To: opsec@ops.ietf.org
Subject: Re: draft-morrow-filter-caps-00 comments
From: John Kristoff <jtk@northwestern.edu>
Date: Mon, 7 Mar 2005 07:26:36 -0600
In-reply-to: <Pine.GSO.4.58.0503070730510.18073@sharpie.argfrp.us.uu.net>
References: <Pine.LNX.4.61.0503061734000.7043@netcore.fi> <Pine.GSO.4.58.0503070730510.18073@sharpie.argfrp.us.uu.net>

On Mon, 07 Mar 2005 07:37:05 +0000 (GMT)
"Christopher L. Morrow" <christopher.morrow@mci.com> wrote:

> > Note: it might be that it's more important for some operators to be able to
> > perform a specific function _to the device_ rather than on any possible
> > interface.
> >
> 
> ala juniper loopback filter? or "just drop all protocol FOO on this
> device" ?

Both of those are/would be nice.  It would also be nice to be able
to accept and process certain types of packets on an interface, but
not actually forward them.  The classic case here is for things like
OSPF and PIM, protocols which usually only have meaning on the local
link.  This would be a global filter, but could be enabled/disabled
per interface if necessary.  This and the 'drop all packet (not just
protocol) FOO on this device' was being looked at by at least one
vendor last I heard.

John

References:
- draft-morrow-filter-caps-00 comments
  - From: Pekka Savola <pekkas@netcore.fi>
- Re: draft-morrow-filter-caps-00 comments
  - From: "Christopher L. Morrow" <christopher.morrow@mci.com>

Prev by Date: RE: draft-morrow-filter-caps-00 comments
Next by Date: RE: draft-morrow-filter-caps-00 comments
Previous by thread: Re: draft-morrow-filter-caps-00 comments
Next by thread: RE: draft-morrow-filter-caps-00 comments
Index(es):
- Date
- Thread