Security gain from NAT (was: Re: Cool IPv6 Stuff)

Donald Stahl don at
Tue Jun 5 00:56:40 UTC 2007

> Surely that second quote should be "crap, now macrumors can tell that one
> person in our office follows them obsessively"?  Unless there's
> publically-available information that indicates that IP address is your
> CEO's (which is a whole other topic -- publically available rDNS for
> company-internal IPv6 ranges).
In addition, IPv6 supports temporary addresses that can change every day. 
If your browser binds to a temporary address, and it changes daily, then 
the anonymizing feature of NAT becomes a whole lot less useful.

>> NAT is still evil though, the problems it causes operationally are
>> just plain not worth it.
> Amen to that.
I think evil sums up NAT nicely :)


More information about the NANOG mailing list