v6 & DSL / Cable modems [was: Private use of non-RFC1918 IP space

Mark Newton newton at internode.com.au
Mon Feb 9 18:39:52 CST 2009


On 10/02/2009, at 11:03 AM, Jack Bates wrote:
>>
>> There is if you have a dual-stack device, your L4-and-above protocols
>> are the same under v4 and v6, and you don't want to reinvent the  
>> ALG wheel.
>
> ALG only fixes some problems, and it's not required for as much when  
> address translations are not being performed.

On a commodity consumer CPE device, the ALG code doubles as a
stateful inspection engine.

So it _is_ required when address translations are not being performed.

Is security something that gets thought about now, or post-deployment?

   - mark

--
Mark Newton                               Email:  newton at internode.com.au 
  (W)
Network Engineer                          Email:   
newton at atdot.dotat.org  (H)
Internode Pty Ltd                         Desk:   +61-8-82282999
"Network Man" - Anagram of "Mark Newton"  Mobile: +61-416-202-223









More information about the NANOG mailing list