nanog mailing list archives

Re: Important IPv6 Policy Issue -- Your Input Requested

From: Valdis.Kletnieks () vt edu
Date: Tue, 09 Nov 2004 16:15:41 -0500

On Wed, 10 Nov 2004 03:14:51 EST, Jerry Eyers said:

"Get a firewall" is not a valid response when you have lusers
to drop the latest netgear whatever onto their PC and dial
to some provider somewhere.  Your firewall is useless to
protect that segment.  In many cases NAT is the ONLY
protection you end up with in this scenario, a scenario that
is far to common in the corporate world.


And NAT does what, exactly, to defend you against a PC that has
one interface on the NAT'ed network and one interface "elsewhere/elsewhen"
(be it a netgear, or somebody at the far end of a VPN, or a laptop
that was connected externally, and now is on the corporate LAN)?

There's a *reason* why Bill Cheswick said "A crunchy shell around
a soft, chewy inside"......

Attachment: _bin
Description:

Current thread:

Re: Important IPv6 Policy Issue -- Your Input Requested, (continued)
- Re: Important IPv6 Policy Issue -- Your Input Requested Fergie (Paul Ferguson) (Nov 08)
- RE: Important IPv6 Policy Issue -- Your Input Requested Jason Frisvold (Nov 08)
- RE: Important IPv6 Policy Issue -- Your Input Requested Hannigan, Martin (Nov 08)
  - RE: Important IPv6 Policy Issue -- Your Input Requested Randy Bush (Nov 08)
- Re: Important IPv6 Policy Issue -- Your Input Requested Jerry Eyers (Nov 09)
  - Re: Important IPv6 Policy Issue -- Your Input Requested James (Nov 09)
  - Re: Important IPv6 Policy Issue -- Your Input Requested Randy Bush (Nov 09)
    - Re: Important IPv6 Policy Issue -- Your Input Requested Michael . Dillon (Nov 10)
    - Re: Important IPv6 Policy Issue -- Your Input Requested Jeroen Massar (Nov 10)
    - Re: Important IPv6 Policy Issue -- Your Input Requested Randy Bush (Nov 10)
  - Re: Important IPv6 Policy Issue -- Your Input Requested Valdis . Kletnieks (Nov 09)
- RE: Important IPv6 Policy Issue -- Your Input Requested Network.Security (Nov 09)
  - Re: Important IPv6 Policy Issue -- Your Input Requested Adam Rothschild (Nov 09)
    - Re: Important IPv6 Policy Issue -- Your Input Requested Jørgen Hovland (Nov 09)
    - Re: Important IPv6 Policy Issue -- Your Input Requested Randy Bush (Nov 09)
    - Re: Important IPv6 Policy Issue -- Your Input Requested Paul G (Nov 09)
    - Re: Important IPv6 Policy Issue -- Your Input Requested Paul Vixie (Nov 09)
    - Re: Important IPv6 Policy Issue -- Your Input Requested Paul G (Nov 09)
    - RE: Important IPv6 Policy Issue -- Your Input Requested Ray Plzak (Nov 10)
    - RE: Important IPv6 Policy Issue -- Your Input Requested Tony Hain (Nov 10)
    - Re: Important IPv6 Policy Issue -- Your Input Requested Jørgen Hovland (Nov 09)

(Thread continues...)