nanog mailing list archives

Re: Security gain from NAT

From: David Conrad <drc () virtualized org>
Date: Wed, 6 Jun 2007 09:45:01 -0700


On Jun 6, 2007, at 8:59 AM, Stephen Sprunk wrote:

The thing is, with IPv6 there's no need to do NAT.


Changing providers without renumbering your entire infrastructure.

Multi-homing without having to know or participate in BGP games.

(yes, the current PI-for-everybody allocation mindset would addressthe first, however I have to admit I find the idea of every smallenterprise on the planet playing BGP games a bit ... disconcerting)

However, NAT in v6 is not necessary, and it's still evil.

Even ignoring the two above, NAT will be a fact of life as long aspeople who are only able to obtain IPv6 addresses and need/want tocommunicate with the (overwhelmingly IPv4 for the foreseeable future)Internet. Might as well get used to it. I for one welcome our newNAT overlords...


Rgds,
-drc

Current thread:

Re: Security gain from NAT, (continued)
- - Re: Security gain from NAT brett watson (Jun 04)
- Re: Security gain from NAT Roger Marquis (Jun 05)
  - Re: Security gain from NAT Donald Stahl (Jun 05)
    - Re: Security gain from NAT Donald Stahl (Jun 05)
    - Re: Security gain from NAT Roger Marquis (Jun 05)
    - Re: Security gain from NAT Valdis . Kletnieks (Jun 05)
    - Re: Security gain from NAT Roger Marquis (Jun 05)
    - Re: Security gain from NAT Bill Stewart (Jun 06)
    - Re: Security gain from NAT Nathan Ward (Jun 06)
    - Re: Security gain from NAT Stephen Sprunk (Jun 06)
    - Re: Security gain from NAT David Conrad (Jun 06)
    - Re: Security gain from NAT Mark Smith (Jun 06)
    - Dead Thread (Re: Security gain from NAT) alex (Jun 06)
    - Re: Security gain from NAT Nathan Ward (Jun 06)