Requirements for IPv6 Firewalls

William Herrin bill at
Fri Apr 18 17:38:32 UTC 2014

On Fri, Apr 18, 2014 at 1:15 PM, Timothy Morizot <tmorizot at> wrote:
> On Apr 18, 2014 10:04 AM, "William Herrin" <bill at> wrote:
>> That's correct: you don't understand. Until you do, just accept: there
>> are more than a few folks who want to, intend to and will use NAT for
>> IPv6. They will wait until NAT is available in their preferred
>> products before making any significant deployment efforts.
> Actually, the few like you will hold off until they are behind the curve,
> then scramble to catch up. Good luck with that strategy!

You know, you zealots are playing this stupid. You've already won: no
NAT in consumer devices means that when (if) IPv4 starts its decline,
nat traversal will leave consumer-focused software. And sooner or
later there will be a consumer app that business has to have.

The only way you can snatch defeat from the jaws of victory is if IPv6
fails to launch. Look around you. IPv6 use on the Internet, actual
use, is still barely in the single digits. If you let us get used to
extending IPv4 with carrier NAT, markets and so on you lose
everything. And if you think the math says that can't happen, you
badly underestimate folks' ingenuity.

Bill Herrin

William D. Herrin ................ herrin at  bill at
3005 Crane Dr. ...................... Web: <>
Falls Church, VA 22042-3004

More information about the NANOG mailing list