Rate of growth on IPv6 not fast enough?
Owen DeLong
owen at delong.com
Thu Apr 22 03:31:09 UTC 2010
On Apr 21, 2010, at 3:26 PM, Roger Marquis wrote:
> William Herrin wrote:
>>> Not to take issue with either statement in particular, but I think there
>>> needs to be some consideration of what "fail" means.
>>
>> Fail means that an inexperienced admin drops a router in place of the
>> firewall to work around a priority problem while the senior engineer
>> is on vacation. With NAT protecting unroutable addresses, that failure
>> mode fails closed.
>
> In addition to fail-closed NAT also means:
>
> * search engines and and connectivity providers cannot (easily)
> differentiate and/or monitor your internal hosts, and
>
Right, because nobody has figured out Javascript and Cookies.
> * multiple routes do not have to be announced or otherwise accommodated
> by internal re-addressing.
>
I fail to see how NAT even affects this in a properly structured network.
Owen
More information about the NANOG
mailing list