|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: [arin-announce] IPv4 Address Space (fwd)
In article <[email protected]ard.edu>, Scott McGrath <[email protected]> wrote: >And sometimes you use NAT because you really do not want the NAT'ed device >to be globally addressible but it needs to have a link to the outside to >download updates. Instrument controllers et.al. I don't understand. What is the difference between a /24 internal NATted network, and a /64 internal IPv6 network that is firewalled off: only paclets to the outside allowed, and packets destined for the inside need to have a traffic flow associated with it. As I see it, NAT is just a stateful firewall of sorts. A broken one, so why not use a non-broken solution ? We can only hope that IPv6 capable CPE devices have that sort of stateful firewalling turned on by default. Or start educating the vendors of these el-cheopo CPE devices so that they will all have that kind of firewalling enabled before IPv6 becomes mainstream. Mike.
|