[111641] in North American Network Operators' Group
Re: v6 & DSL / Cable modems [was: Private use of non-RFC1918 IP space
daemon@ATHENA.MIT.EDU (Mark Newton)
Mon Feb 9 19:40:10 2009
From: Mark Newton <newton@internode.com.au>
To: Jack Bates <jbates@brightok.net>
In-Reply-To: <4990CB72.6090205@brightok.net>
Date: Tue, 10 Feb 2009 11:09:52 +1030
Cc: north American Noise and Off-topic Gripes <nanog@merit.edu>
Errors-To: nanog-bounces@nanog.org
On 10/02/2009, at 11:03 AM, Jack Bates wrote:
>>
>> There is if you have a dual-stack device, your L4-and-above protocols
>> are the same under v4 and v6, and you don't want to reinvent the
>> ALG wheel.
>
> ALG only fixes some problems, and it's not required for as much when
> address translations are not being performed.
On a commodity consumer CPE device, the ALG code doubles as a
stateful inspection engine.
So it _is_ required when address translations are not being performed.
Is security something that gets thought about now, or post-deployment?
- mark
--
Mark Newton Email: newton@internode.com.au
(W)
Network Engineer Email:
newton@atdot.dotat.org (H)
Internode Pty Ltd Desk: +61-8-82282999
"Network Man" - Anagram of "Mark Newton" Mobile: +61-416-202-223
