> > > > > I'm just saying it's one valid > > security issue with using any sort of globally unique IP address (v4 > > or v6), in that analyzing a bunch of traffic from a particular > > netblock would allow one to build a topology map. It's easier with > > IPv6 since you can presume most if not all addresses are on /64s out > > of a /48 (so look to the fourth quad for the "subnet ID"). > > I understand and totally agree.
> > Obviously if someone is super concerned with revealing this sort of > > info there are other things besides NAT they can do, such as using a > > proxy server(s) for various internet applications, transparent > > proxies, etc. But it is a valid security concern for some. > > Could not agree more which is why I stated that there are other ways of > accomplishing the "hiding internal topology" using other methodoligies. > NAT/PAT has caused me many headaches which is why I am so opposed to using > it. > > Also, is that your real name? ;-) > No, but this list is great for buying and selling clue. In today's market, clue is equivalent to gold. :)