[182311] in North American Network Operators' Group
Re: ARIN IPV4 Countdown
daemon@ATHENA.MIT.EDU (Mark Andrews)
Tue Jul 14 21:43:13 2015
X-Original-To: nanog@nanog.org
To: Curtis Maurand <cmaurand@xyonet.com>
From: Mark Andrews <marka@isc.org>
In-reply-to: Your message of "Tue, 14 Jul 2015 21:33:39 -0400."
<55A5B873.5010602@xyonet.com>
Date: Wed, 15 Jul 2015 11:43:04 +1000
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
In message <55A5B873.5010602@xyonet.com>, Curtis Maurand writes:
>
> Since IPV6 does not have NAT, it's going to be difficult for the layman
> to understand their firewall. deployment of ipv4 is pretty simple.
> ipv6 on the otherhand is pretty difficult at the network level. yes,
> all the clients get everything automatically except for the router/firewall.
>
> -C
Absolute garbage. CPE already ship with basically the same controls
for IPv6 as for IPv4. Default block in except reply traffic +
specified holes for services you want to open up to the world. The
is same paradigm that has been in use in IPv4 for a years now.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
