nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IPv6 /64 links (was Re: ipv6 book recommendations?)

From: valdis.kletnieks () vt edu
Date: Wed, 13 Jun 2012 12:14:30 -0400
On Wed, 13 Jun 2012 14:47:35 +0900, Masataka Ohta said:

Dave Hart wrote:



is inadequate for carrier NAT due to its model assuming the NAT trusts
its clients.


UPnP gateway configured with purely static port mapping needs
no security.

Assuming shared global address of 131.112.32.132, TCP/UDP port
100 to 199 may be forwarded to port 100 to 199 of 192.168.1.1,
port 200 to 299 be forwarded to port 200 to 299 of 192.168.1.2,


And you tell the rest of the world that customer A's SMTP port is on
125, and B's is on 225, and Z's is up at 2097, how?

(HInt - we haven't solved that problem for NAT yet, it's one of the big
reasons that NAT breaks stuff)

(Totally overlooking the debugging issues that arise when a customer tries
to run a combination of applications that in aggregate have 101 ports open..)

Attachment: _bin
Description:

Previous By Date Next
Previous By Thread Next

Current thread: