[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Nat

Subject: Nat
From: chuckchurch at gmail.com (Chuck Church)
Date: Sun, 20 Dec 2015 22:54:49 -0500
In-reply-to: <[email protected]>
References: <[email protected]> <D29747F0.11F8D4%[email protected]> <[email protected]> <CAAbPayKVqf7r=77Jjks8WJOgm5eqFpD4OqUyTopKBPa2TRvQNA@mail.gmail.com> <[email protected]> <m24mfhj2d1.wl%[email protected]> <CAEmG1=oX3uf4OGg586SiBJxQDZoNurNicx-K0Ouaw0MESwwnNQ@mail.gmail.com> <[email protected]> <[email protected]> <[email protected]> <[email protected]>

-----Original Message-----
From: NANOG [mailto:nanog-bounces at nanog.org] On Behalf Of Matt Palmer
Sent: Sunday, December 20, 2015 10:29 PM
To: nanog at nanog.org
Subject: Re: Nat

>Depends on how many devices you have on it.  Once you start filling your
home with Internet of Unpatchable Security Holes devices, having everything
on a single ethernet >segment might start to get a little...  noisy.

>Thankfully, IPv6 has well-defined multicast scopes, which makes it
trivially easy to do cross-L2-segment service discovery without needing to
resort to manually berking around >with firewall rules.

>- Matt

If your home is full of unpatched or compromised hosts, and they're using
these well-defined multicast scopes, doesn't that mean they can now
communicate and infect one another?  For years I've seen people on this list
insist on "NAT/PAT != firewall".   Well, a router routing everything it sees
is even less of a firewall.  I'm really not trying to be argumentative here,
but I'm just having a hard time believing Joe Sixpack will be applying
business networking principals such as micro-segmenting to a home network
with 3 to 7 devices on it.  If anything, these complexities we keep
adding/debating such as DHCP vs RA, prefix delegation, etc are only slowing
down the general deployment of IPv6.

Chuck

Follow-Ups:
- Nat
  - From: mpalmer at hezmatt.org ('Matt Palmer')
- Nat
  - From: jlewis at lewis.org (Jon Lewis)

References:
- Nat
  - From: ahmed.dalaali at hrins.net (Ahmed Munaf)
- Nat
  - From: Jason_Livingood at cable.comcast.com (Livingood, Jason)
- Nat
  - From: marka at isc.org (Mark Andrews)
- Nat
  - From: charles.lists at camonson.com (Charles Monson)
- Nat
  - From: marka at isc.org (Mark Andrews)
- Nat
  - From: randy at psg.com (Randy Bush)
- Nat
  - From: mpetach at netflight.com (Matthew Petach)
- Nat
  - From: chuckchurch at gmail.com (Chuck Church)
- Nat
  - From: marka at isc.org (Mark Andrews)
- Nat
  - From: chuckchurch at gmail.com (Chuck Church)
- Nat
  - From: mpalmer at hezmatt.org (Matt Palmer)

Prev by Date: Nat
Next by Date: Nat
Previous by thread: Nat
Next by thread: Nat
Index(es):
- Date
- Thread