> You miss the point. If someone wants to build a big box that controls > traffic and sneakily fabricates headers, they can build a big box that > does it upfront and follows the end to end model without altering the > packets.
wtf? how does such a box follow the end to end model if it "sneakily fabricates headers"? either the box allows the endpoints to talk to each other without interference (i.e. the e2e model) or it doesn't. a box that munges traffic breaks the e2e model no matter whether it's doing it at layer 3 or layer 4 or layer 7. > A NAT firewall box that filters everything but the few applicatons that > they want to allow through smells alot like multiple application > gateways. I certainly won't claim that providers can't do this, but such a thing would break enough apps (whether deliberately or accidentally) that at least in any market resembling the current one I'd expect significant pushback from users. Keith _______________________________________________ nat66 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nat66
