Re: IPV4 is nearly depleted, are you ready for IPV6?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Tue, Dec 7, 2010 at 10:04 AM, Adam Tauno Williams
<awilliam@xxxxxxxxxxxxx> wrote:

> Bogus.  The reason is that they haven't been pressured into adoption by
> higher powers; so we will get into a nice scramble to migrate in a
> pinch.
>
> "most people" have no idea what NAT is, don't care, and shouldn't have
> to care.
>
> Some people's belief that NAT is some magic sauce that makes them more
> secure [it does not] or provides them more flexibility [it does not]
> than real addresses ... causes the people who understand networking to
> have to spend time explaining that their love of NAT is misguided and
> their beliefs about NAT are bogus.

*I'm* a fairly expert network person. (10base2, baby, I remember
crimping those cables!) Forcing people to specifically select the
services they wish to expose, rather than selecting what to cut off in
configuring a typical firewall, is basic policy automatically enforced
by NAT. It's especially helpful to ISP's, who *do not want* to try to
remember all those furshlugginer individual policies and find it far
simpler in routing and firewall terms to force all traffic to the NAT.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux