IPv6 uptake (was: The Reg does 240/4)
Michael Thomas
mike at mtcc.com
Sat Feb 17 18:02:56 UTC 2024
On 2/16/24 5:37 PM, William Herrin wrote:
> On Fri, Feb 16, 2024 at 5:33 PM Michael Thomas <mike at mtcc.com> wrote:
>> So you're not going to address that this is a management plain problem.
> Hi Mike,
>
> What is there to address? I already said that NAT's security
> enhancement comes into play when a -mistake- is made with the network
> configuration. You want me to say it again? Okay, I've said it again.
The implication being that we should keep NAT'ing ipv6 for... a thin
veil of security. That all of the other things that NAT breaks is worth
the trouble because we can't trust our fat fingers on firewall configs.
Mike
More information about the NANOG
mailing list