IPv6 /64 links (was Re: ipv6 book recommendations?)

valdis.kletnieks at vt.edu valdis.kletnieks at vt.edu
Wed Jun 13 16:14:30 UTC 2012


On Wed, 13 Jun 2012 14:47:35 +0900, Masataka Ohta said:
> Dave Hart wrote:

> > is inadequate for carrier NAT due to its model assuming the NAT trusts
> > its clients.
>
> UPnP gateway configured with purely static port mapping needs
> no security.
>
> Assuming shared global address of 131.112.32.132, TCP/UDP port
> 100 to 199 may be forwarded to port 100 to 199 of 192.168.1.1,
> port 200 to 299 be forwarded to port 200 to 299 of 192.168.1.2,

And you tell the rest of the world that customer A's SMTP port is on
125, and B's is on 225, and Z's is up at 2097, how?

(HInt - we haven't solved that problem for NAT yet, it's one of the big
reasons that NAT breaks stuff)

(Totally overlooking the debugging issues that arise when a customer tries
to run a combination of applications that in aggregate have 101 ports open..)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 865 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20120613/9f0840f2/attachment.sig>


More information about the NANOG mailing list