[170092] in North American Network Operators' Group
Re: misunderstanding scale
daemon@ATHENA.MIT.EDU (Karl Auer)
Mon Mar 24 03:01:09 2014
From: Karl Auer <kauer@biplane.com.au>
To: nanog@nanog.org
Date: Mon, 24 Mar 2014 18:00:46 +1100
In-Reply-To: <201403240838.27974.mark.tinka@seacom.mu>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Mon, 2014-03-24 at 08:38 +0200, Mark Tinka wrote:
> In an ideal IPv6 world, all hosts have GUA's, and in this
> case, host security becomes a bigger problem, because now
> the host is directly accessible without a NAT66 in between
> (we hope).
The mantras from my training courses: Addressable is not the same as
accessible; routable is not the same as routed.
Just because you give every host a globally routable address doesn't
mean you have to route them. Just because you route them doesn't mean
you have to forward all traffic to or from them.
Regards, K.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer@biplane.com.au)
http://www.biplane.com.au/kauer
http://twitter.com/kauer389
GPG fingerprint: EC67 61E2 C2F6 EB55 884B E129 072B 0AF0 72AA 9882
Old fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A
