nanog mailing list archives

Re: Google wants to be your Internet

From: Joseph S D Yao <jsdy () center osis gov>
Date: Wed, 31 Jan 2007 15:15:07 -0500


On Tue, Jan 30, 2007 at 08:19:12AM -0000, michael.dillon () bt com wrote:

IPv6 makes NAT obsolete because IPv6 firewalls can provide all
the useful features of IPv4 NAT without any of the downsides.

IPv6 firewalls?  Where?  Good ones?


Why good ones. NAT is a basic IPv4 firewall. All IPv6 needs to obsolete
NAT is a firewall that offers all the features of NAT without requiring
the address translation. Then, instead of setting up a port translation
for a particular incoming protocol, you simply open up that port without
modifying the packets as they flow through. Suddenly, SIP works and
incoming VoIP phonecalls work just like on the phone network.



There is more to firewalls than NAT and packet filtering, no matter what
the Cisco Pix people say.


-- 
Joe Yao
-----------------------------------------------------------------------
   This message is not an official statement of OSIS Center policies.

Current thread:

Re: Google wants to be your Internet, (continued)
- - - Re: Google wants to be your Internet Joseph S D Yao (Jan 31)
    - Re: Google wants to be your Internet Bernhard Schmidt (Jan 29)
    - Re: Google wants to be your Internet Joel Jaeggli (Jan 29)
    - Re: Google wants to be your Internet Steven M. Bellovin (Jan 29)
    - IPv6 Firewalls J. Oquendo (Jan 30)
    - Re: IPv6 Firewalls Joseph S D Yao (Jan 30)
    - Re: IPv6 Firewalls J. Oquendo (Jan 30)
    - Re: IPv6 Firewalls JORDI PALET MARTINEZ (Jan 31)
- RE: Google wants to be your Internet michael.dillon (Jan 30)
  - RE: Google wants to be your Internet Crist Clark (Jan 30)
  - Re: Google wants to be your Internet Joseph S D Yao (Jan 31)