In message <3cd3a697-8d3c-4ede-8e4e-53c0e103e...@sackheads.org>, John Payne writes: > > On Feb 2, 2011, at 2:54 PM, Owen DeLong wrote: > > >=20 > > On Feb 2, 2011, at 11:40 AM, John Payne wrote: > >=20 > >>=20 > >> On Feb 2, 2011, at 6:18 AM, Owen DeLong wrote: > >>=20 > >>> NAT66 is different. NAT66 breaks things in ways that impact sites = > outside of the site choosing to deploy NAT. > >>=20 > >> Examples? > >=20 > > SIP > > Network enabled Video Games > > Peer to Peer services of various forms > > etc. > > I chose NAT66. How does that affect you or any other site? > > Note that I have already blocked games and peer to peer either = > technically or via policy.... and I have no SIP end points that have any = > business talking outside the enterprise.
Today you don't. Tomorrow you might. > Just rephrasing you slightly. NAT66 will break applications that many = > enterprises will already have blocked at their perimeters. And it makes applications they do use (current and future) more complicated as they have to deal with all the issues that arise from using a NAT'd address. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org