[ale] V6 question
Mike Harrison
cluon at geeklabs.com
Sat Feb 5 15:10:07 EST 2011
On Sat, 5 Feb 2011, Michael B. Trausch wrote:
> On Sat, 2011-02-05 at 12:39 -0500, Mike Harrison wrote:
>> It also keeps the outside world from connecting to the inside (behind
>> firewall) world, What functions that way in your above scenerio,
>> firewall
>> rules ?
>
> Everyone gather round. Say it with me:
>
> NAT is not a security mechanism.
I know that.. I've NAT'd some very large networks with full mapping from
Network A IP's to Network B ip's.. All public IP's. I built ASN-3901, and
help build several other ISP's. Renumbering was a specialty of mine for a
while. I don't do much networking anymore.. I'm rusty and haven't followed
the IPv6 trends since 2003 when I cared deeply about such things.
In the common every day small office or home. NAT is PART
of the overall strategy of network configuration.
You made a startling (to me) declaration that NAT is essentially DEAD in
IPv6 and we would run public IP's into our home and office network.
What replaces the common current practice of a private address space
(192.168.x.x typically) being used internally for business and home use?
Surely we don't run it all wide open and public.. or at least, I won't be.
Even so, I still treat my internal home and office network as hostile.
Old habits die hard.
More information about the Ale
mailing list