[64670] in North American Network Operators' Group
Re: IPv6 NAT
daemon@ATHENA.MIT.EDU (Stephen Sprunk)
Thu Oct 30 12:52:53 2003
From: "Stephen Sprunk" <stephen@sprunk.org>
To: <Michael.Dillon@radianz.com>
Cc: "North American Noise and Off-topic Gripes" <nanog@merit.edu>
Date: Thu, 30 Oct 2003 11:42:06 -0600
Errors-To: owner-nanog-outgoing@merit.edu
Thus spake <Michael.Dillon@radianz.com>
> Now, I'm not claiming that every device capable of IPv4 NAT is currently
> able to function in this way, but there are no technical barriers to
prevent
> manufacturers from making IPv6 devices that function in this way. The
> IPv6 vendor marketing folks can even invent terms like NAT (Network
> Authority Technology) to describe this simple IPv6 firewall function, i.e.
> IPv6 NAT.
Or you could simply call it what it is -- a firewall -- since that's what
most consumers think NAT is anyways.
While I disagree with the general sentiment that NATs create security, the
standard usage of such devices is certainly that of a stateful firewall.
S
Stephen Sprunk "God does not play dice." --Albert Einstein
CCIE #3723 "God is an inveterate gambler, and He throws the
K5SSS dice at every possible opportunity." --Stephen Hawking
