misunderstanding scale

Karl Auer kauer at biplane.com.au
Mon Mar 24 07:00:46 UTC 2014


On Mon, 2014-03-24 at 08:38 +0200, Mark Tinka wrote:
> In an ideal IPv6 world, all hosts have GUA's, and in this 
> case, host security becomes a bigger problem, because now 
> the host is directly accessible without a NAT66 in between 
> (we hope).

The mantras from my training courses: Addressable is not the same as
accessible; routable is not the same as routed.

Just because you give every host a globally routable address doesn't
mean you have to route them. Just because you route them doesn't mean
you have to forward all traffic to or from them.

Regards, K.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au)
http://www.biplane.com.au/kauer
http://twitter.com/kauer389

GPG fingerprint: EC67 61E2 C2F6 EB55 884B E129 072B 0AF0 72AA 9882
Old fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A





More information about the NANOG mailing list