Is NAT can provide some kind of protection?
Jack Bates
jbates at brightok.net
Wed Jan 12 20:36:14 UTC 2011
On 1/12/2011 2:13 PM, Scott Helms wrote:
> Until someone makes an effort to create either a DMZ entry or starts
> doing port forwarding all (AFAIK) of the common routers will drop
> packets that they don't know where to forward them.
This can be easily implemented in stateful firewalls for home routers.
The code is almost identical to NAT, just no address mangling. I suspect
that v4 NAT and v6 stateful inspection will actually use the same code
in many cases.
Not to say NAT doesn't have other uses, but they generally are useful
for enterprise networks or sometimes service providers, not home routers.
Jack
More information about the NANOG
mailing list