[nznog] Web Servers: Dual-homing or DNAT/Port Forwarding?

Sholes, Joshua Joshua_Sholes at cable.comcast.com
Wed Dec 11 14:49:04 UTC 2013


Public ipv6 address : firewall :: public street address : locked
door/fence/guard dog

Just because something is public doesn¹t mean you have to accept ALL
traffic, it just means you have to anticipate any potential problems based
on Larry knowing your address rather than imagining him standing at the
front gate of your gated community. ;) (let¹s torture that analogy!)
 
-- 
Josh Sholes




On 12/10/13, 7:47 PM, "Larry Sheldon" <LarrySheldon at cox.net> wrote:

>On 12/10/2013 4:30 PM, Geraint Jones wrote:
>
>>>> Number 1 gets you thinking along the IPv6 route (no pun, and imho :) )
>>>> since you have to treat each boxes as if it was public.
>>>
>>> I see this kind of statement surprisingly often. Having a public
>>>address
>>> doesn't make a device public.
>>
>> Yes it does,
>
>Glad to hear that. We (the family, 8 of us, and the 4 dogs will be
>arriving at your house, with its public address, in time for your
>Christmas dinner and we will be staying at least through your New Years
>eve party--maybe longer depending on the weather here.
>
>-- 
>Requiescas in pace o email           Two identifying characteristics
>                                         of System Administrators:
>Ex turpi causa non oritur actio      Infallibility, and the ability to
>                                         learn from their mistakes.
>                                           (Adapted from Stephen Pinker)
>




More information about the NANOG mailing list