Hi Robin,
|OK - I understand that you are suggesting that the routers not |filter by IP address at all, but by "something else". Not exactly. What I'm suggesting is that firewalls cannot reliably filter on any remote information. It will be spoofed unless it's strongly authenticated, such as an IPsec tunnel. They *can* reasonably filter on local information (e.g., destination IP address, destination port, protocol, destination identifier, destination locator). These are under the control of the local administration and can conceivably be well coordinated. Tony -- to unsubscribe send a message to [EMAIL PROTECTED] with the word 'unsubscribe' in a single line as the message text body. archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg
