v6 & DSL / Cable modems [was: Private use of non-RFC1918 IP space

Roger Marquis marquis at roble.com
Thu Feb 5 04:39:08 UTC 2009

Seth Mattinen wrote:
> Far too many people see NAT as synonymous with a firewall so they think
> if you take away their NAT you're taking away the security of a firewall.

NAT provides some security, often enough to make a firewall unnecessary.
It all depends on what's inside the edge device.  But really, I've never
heard anyone seriously equate a simple NAT device with a firewall.

People do, and justifiably, equate NAT with the freedom to number, subnet,
and route their internal networks however they choose.  To argue against
that freedom is anti-consumer.  Continue to ignore consumer demand and the
marketplace will continue to respond accordingly.

Give consumers a choice (of NAT or not) and they will come (to IPv6).  It's
just about as simple as that.  Well, that and a few unresolved issues with
CAMs, routing tables, and such.

Roger Marquis

More information about the NANOG mailing list