[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ale] V6 question
- Subject: [ale] V6 question
- From: cluon at geeklabs.com (Mike Harrison)
- Date: Sat, 5 Feb 2011 15:10:07 -0500 (EST)
- In-reply-to: <1296927981.32259.37.camel@aloe>
- References: <[email protected]> <1296927120.32259.26.camel@aloe> <[email protected]> <1296927981.32259.37.camel@aloe>
On Sat, 5 Feb 2011, Michael B. Trausch wrote:
> On Sat, 2011-02-05 at 12:39 -0500, Mike Harrison wrote:
>> It also keeps the outside world from connecting to the inside (behind
>> firewall) world, What functions that way in your above scenerio,
>> firewall
>> rules ?
>
> Everyone gather round. Say it with me:
>
> NAT is not a security mechanism.
I know that.. I've NAT'd some very large networks with full mapping from
Network A IP's to Network B ip's.. All public IP's. I built ASN-3901, and
help build several other ISP's. Renumbering was a specialty of mine for a
while. I don't do much networking anymore.. I'm rusty and haven't followed
the IPv6 trends since 2003 when I cared deeply about such things.
In the common every day small office or home. NAT is PART
of the overall strategy of network configuration.
You made a startling (to me) declaration that NAT is essentially DEAD in
IPv6 and we would run public IP's into our home and office network.
What replaces the common current practice of a private address space
(192.168.x.x typically) being used internally for business and home use?
Surely we don't run it all wide open and public.. or at least, I won't be.
Even so, I still treat my internal home and office network as hostile.
Old habits die hard.