Re: Rate of growth on IPv6 not fast enough?

[Owen DeLong <owen () delong com>]

On Apr 23, 2010, at 6:17 AM, Jack Bates wrote:

> Matthew Kaufman wrote:
> > But none of this does what NAT does for a big enterprise, which is to *hide internal topology*. Yes, addressing the 
> > privacy concerns that come from using lower-64-bits-derived-from-MAC-address is required, but it is also necessary 
> > (for some organizations) to make it impossible to tell that this host is on the same subnet as that other host, as 
> > that would expose information like which host you might want to attack in order to get access to the financial or 
> > medical records, as well as whether or not the executive floor is where these interesting website hits came from.
>
> Which is why some firewalls already support NAT for IPv6 in some form or fashion. These same firewalls will also 
> usually have layer 7 proxy/filtering support as well. The concerns and breakage of a corporate network are extreme 
> compared to non-corporate networks.
>
>
> Jack

That is sad news, indeed. Hopefully it won't lead to NAT-T becoming a common part of software as the ISVs catch on to 
IPv6.

Owen