[CentOS] IPV4 is nearly depleted, are you ready for IPV6?
Adam Tauno Williams
awilliam at whitemice.org
Tue Dec 7 16:20:13 UTC 2010
On Tue, 2010-12-07 at 10:16 -0600, Les Mikesell wrote:
> On 12/7/10 9:04 AM, Adam Tauno Williams wrote:
>> Some people's belief that NAT is some magic sauce that makes
themmore
> > secure [it does not] or provides them more flexibility [it does not]
> > than real addresses ... causes the people who understand networking to
> > have to spend time explaining that their love of NAT is misguided and
> > their beliefs about NAT are bogus.
> If the ipv6 routers come with defaults that work the same as current NAT
> routers, people will be able to continue to misunderstand them happily. That is,
> permit outbound client connections from anything connected behind them without
> much regard to how many devices there are, and block everything else.
And doesn't that sound like you just describe a firewall?
"permit outbound client connections from anything connected behind them
without much regard to how many devices there are, and block everything
else" isn't NAT. That's a router/firewall. Happily IPv6 does that
exactly.
More information about the CentOS
mailing list