Is NAT can provide some kind of protection?

Stephen Davis stephend at
Sat Jan 15 16:06:07 CST 2011

> I'm a full supported for getting rid of NAT when deploying IPv6, but
> have to say the alternative is not all that great either.
> Because what do people want, they want privacy, so they use the
> IPv6 privacy extensions. Which are enabled by default on Windows
> when IPv6 is used on XP, Vista and 7.
> And now you have no idea who had that IPv6-address at some point
> in time. The solution to that problem is ? I guess the only solution is to
> have the IPv6 equivalant of arpwatch to log the MAC-addresses/IPv6-
> address combinations ?
> Or is their an other solution I'm missing.

You can solve this problem any of the ways you could solve it in IPv4.
Either assign static addresses from DHCPv6, or assign static addresses
by hand.

More information about the NANOG mailing list