* Claudio Jeker <[EMAIL PROTECTED]> [2007-10-22 08:17]: > Fragment Reassembly does not happen in the forwarding plane, it happens on > the end system. By doing "flow" based forwarding on the router you're no > longer able to do all the additional checks that pf(4) is doing in its > stateful forwarding path.
and we don't actually need these on a non-edge router. I'd go so far to say they hurt in that case. > > There is probably a huge market out there for a commodity standards > > based hardware (if it could be done) > I doubt it, the necessary HW is just to expensive and complex. I totlly agree with the statement that there is a hugfhe market for that - but getting supported, fully working hardware at reasonable prices for it is indeed a gigantic challenge. -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam
