kauer at biplane.com.au
Mon Mar 24 07:00:46 UTC 2014
On Mon, 2014-03-24 at 08:38 +0200, Mark Tinka wrote:
> In an ideal IPv6 world, all hosts have GUA's, and in this
> case, host security becomes a bigger problem, because now
> the host is directly accessible without a NAT66 in between
> (we hope).
The mantras from my training courses: Addressable is not the same as
accessible; routable is not the same as routed.
Just because you give every host a globally routable address doesn't
mean you have to route them. Just because you route them doesn't mean
you have to forward all traffic to or from them.
Karl Auer (kauer at biplane.com.au)
GPG fingerprint: EC67 61E2 C2F6 EB55 884B E129 072B 0AF0 72AA 9882
Old fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A
More information about the NANOG