Iljitsch van Beijnum
iljitsch at muada.com
Thu Feb 3 10:49:44 CST 2011
On 3 feb 2011, at 17:40, Jon Lewis wrote:
>> Hm, if you turn off the NAT66 function, wouldn't the traffic pass through unhindered, too?
> Outbound traffic would. Inbound, if on the inside, you're using IPv6 space that's not globally routed, won't. Just like what happens now with NAPT with rfc1918 space on the inside when you stop doing translation...private IP traffic leaks out...but nothing comes back because there is no return path.
Don't be so sure. Just like I can set my Airport base station up for NAT or bridge mode now, in a NAT66 future there would be a choice between "obtain addresses from ISP and advertise them on the LAN side" and "obtain addresses from ISP, advertise ULAs on the LAN side and translate". So if the setting gets flipped from the latter to the former you're still wide open.
More information about the NANOG