nanog mailing list archives

Re: IPv6 NAT

From: "Stephen Sprunk" <stephen () sprunk org>
Date: Thu, 30 Oct 2003 11:42:06 -0600


Thus spake <Michael.Dillon () radianz com>

Now, I'm not claiming that every device capable of IPv4 NAT is currently
able to function in this way, but there are no technical barriers to

prevent

manufacturers from making IPv6 devices that function in this way. The
IPv6 vendor marketing folks can even invent terms like NAT (Network
Authority Technology) to describe this simple IPv6 firewall function, i.e.
IPv6 NAT.


Or you could simply call it what it is -- a firewall -- since that's what
most consumers think NAT is anyways.

While I disagree with the general sentiment that NATs create security, the
standard usage of such devices is certainly that of a stateful firewall.

S

Stephen Sprunk         "God does not play dice."  --Albert Einstein
CCIE #3723         "God is an inveterate gambler, and He throws the
K5SSS        dice at every possible opportunity." --Stephen Hawking

Current thread:

Re: IPv6 NAT Michael . Dillon (Oct 30)
- Re: IPv6 NAT Owen DeLong (Oct 30)
- Re: IPv6 NAT Stephen Sprunk (Oct 30)
  - Re: IPv6 NAT Scott McGrath (Oct 31)
    - RE: IPv6 NAT Tony Hain (Oct 31)
- <Possible follow-ups>
- RE: IPv6 NAT Kuhtz, Christian (Oct 30)
  - RE: IPv6 NAT Tony Hain (Oct 30)
    - Re: IPv6 NAT Stephen Sprunk (Oct 31)
    - Re: IPv6 NAT Owen DeLong (Oct 31)
    - Re: IPv6 NAT Patrick W. Gilmore (Oct 31)
    - Re: IPv6 NAT Joe Abley (Oct 31)
    - Re: IPv6 NAT Eliot Lear (Oct 31)
    - Re: IPv6 NAT Owen DeLong (Oct 31)

(Thread continues...)