nanog mailing list archives
Re: mh (RE: OMB: IPv6 by June 2008)
From: David Andersen <dga+ () cs cmu edu>
Date: Thu, 7 Jul 2005 15:51:59 -0400
On Jul 7, 2005, at 3:41 PM, Andre Oppermann wrote:
Fergie (Paul Ferguson) wrote: >I'd have to counter with "the assumption that NATs are going away with v6 is a rather risky assumption." Or perhaps I misunderstood your point...There is one thing often overlooked with regard to NAT. That is, it has prevented many network based worms for millions of home users behind NAT devices. Unfortunatly this fact is overlooked all the time. NAT has its downsides but also upsides sometimes.
Yes, but keep in mind that this benefit is completely unrelated to NAT's purpose as an address space extender. A stateful firewall with a very simple rule (permit anything originated from the inside, deny anything from outside except a few pesky protocols) would accomplish exactly the same goal.
And it would be much easier to punch holes through when you needed to.From my perspective, the biggest benefit from home NAT devices is that they were a vehicle for delivering such a firewall to millions of windows boxes. Unfortunately, this drug comes with a number of harmful side effects, including nausea, blurred vision, and the inability to deploy a number of new protocols.
-Dave
Current thread:
- Re: mh (RE: OMB: IPv6 by June 2008), (continued)
- Re: mh (RE: OMB: IPv6 by June 2008) Crist Clark (Jul 07)
- Message not available
- Re: mh (RE: OMB: IPv6 by June 2008) Jay R. Ashworth (Jul 08)
- Re: mh (RE: OMB: IPv6 by June 2008) David Andersen (Jul 08)
- Message not available
- Re: mh (RE: OMB: IPv6 by June 2008) Jay R. Ashworth (Jul 08)
- Re: mh (RE: OMB: IPv6 by June 2008) Crist Clark (Jul 08)
- Re: mh (RE: OMB: IPv6 by June 2008) Fred Baker (Jul 08)
- Re: mh (RE: OMB: IPv6 by June 2008) Iljitsch van Beijnum (Jul 08)
- Re: mh (RE: OMB: IPv6 by June 2008) Crist Clark (Jul 08)
- Re: mh (RE: OMB: IPv6 by June 2008) Sean Doran (Jul 08)
- Re: mh (RE: OMB: IPv6 by June 2008) Sean Doran (Jul 08)
- Re: mh (RE: OMB: IPv6 by June 2008) David Andersen (Jul 07)
- Re: mh (RE: OMB: IPv6 by June 2008) Daniel Senie (Jul 09)
- RE: mh (RE: OMB: IPv6 by June 2008) Tony Hain (Jul 07)
- Re: mh (RE: OMB: IPv6 by June 2008) Steven M. Bellovin (Jul 07)
- Re: mh (RE: OMB: IPv6 by June 2008) Sean Doran (Jul 08)
- Re: mh (RE: OMB: IPv6 by June 2008) Joseph S D Yao (Jul 08)