Re: IPV4 is nearly depleted, are you ready for IPV6?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Tue, 2010-12-07 at 10:16 -0600, Les Mikesell wrote: 
> On 12/7/10 9:04 AM, Adam Tauno Williams wrote:
>> Some people's belief that NAT is some magic sauce that makes
themmore 
> > secure [it does not] or provides them more flexibility [it does not]
> > than real addresses ... causes the people who understand networking to
> > have to spend time explaining that their love of NAT is misguided and
> > their beliefs about NAT are bogus.
> If the ipv6 routers come with defaults that work the same as current NAT 
> routers, people will be able to continue to misunderstand them happily. That is, 
> permit outbound client connections from anything connected behind them without 
> much regard to how many devices there are, and block everything else.

And doesn't that sound like you just describe a firewall?

"permit outbound client connections from anything connected behind them
without  much regard to how many devices there are, and block everything
else" isn't NAT.  That's a router/firewall.  Happily IPv6 does that
exactly.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux