[CentOS] IPV4 is nearly depleted, are you ready for IPV6?

Nico Kadel-Garcia nkadel at gmail.com
Wed Dec 8 00:41:57 UTC 2010


On Tue, Dec 7, 2010 at 10:04 AM, Adam Tauno Williams
<awilliam at whitemice.org> wrote:

> Bogus.  The reason is that they haven't been pressured into adoption by
> higher powers; so we will get into a nice scramble to migrate in a
> pinch.
>
> "most people" have no idea what NAT is, don't care, and shouldn't have
> to care.
>
> Some people's belief that NAT is some magic sauce that makes them more
> secure [it does not] or provides them more flexibility [it does not]
> than real addresses ... causes the people who understand networking to
> have to spend time explaining that their love of NAT is misguided and
> their beliefs about NAT are bogus.

*I'm* a fairly expert network person. (10base2, baby, I remember
crimping those cables!) Forcing people to specifically select the
services they wish to expose, rather than selecting what to cut off in
configuring a typical firewall, is basic policy automatically enforced
by NAT. It's especially helpful to ISP's, who *do not want* to try to
remember all those furshlugginer individual policies and find it far
simpler in routing and firewall terms to force all traffic to the NAT.



More information about the CentOS mailing list