Addressing plan exercise for our IPv6 course

• Previous message (by thread): Addressing plan exercise for our IPv6 course
• Next message (by thread): Addressing plan exercise for our IPv6 course
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In all reality:

1.	NAT has nothing to do with security. Stateful inspection provides
	security, NAT just mangles addresses.

2.	In the places where NAT works, it does so at a terrible cost. It
	breaks a number of things, and, applications like Skype are
	incredibly more complex pieces of code in order to solve NAT
	traversal.

The elimination of NAT is one of the greatest features of IPv6.

Most customers don't know or care what NAT is and wouldn't know the
difference between a NAT firewall and a stateful inspection firewall.

I do think that people will get rid of the NAT box by and large, or, at least
in IPv6, the box won't be NATing.

Whether or not they NAT it, it's still better to give the customer enough
addresses that they don't HAVE to NAT.

Owen

On Jul 22, 2010, at 7:53 PM, Akyol, Bora A wrote:

> As long as customers believe that having a NAT router/"firewall" in place is a security feature,
> I don't think anyone is going to get rid of the NAT box.
> 
> In all reality, NAT boxes do work for 99% of customers out there.
> 
> 
> Bora
> 
> 
> On 7/22/10 7:34 PM, "Owen DeLong" <owen at delong.com> wrote:
> 
> 
> Well, wouldn't it be better if the provider simply issued enough space to
> make NAT66 unnecessary?
> 
> Owen
> 
> 

• Previous message (by thread): Addressing plan exercise for our IPv6 course
• Next message (by thread): Addressing plan exercise for our IPv6 course
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]