Re: Security gain from NAT: Top 5

> > #1 NAT advantage: it protects consumers from vendor > > lock-in. > > > Speaking of FUD... NAT does nothing here that is not also accomplished > through the use of PI addressing. True, diy PI (mmm, PI) is a major reason people use it for v4 and why they'll want something similar for v6. N

Re: Security gain from NAT: Top 5

#1 NAT advantage: it protects consumers from vendor lock-in. Speaking of FUD... NAT does nothing here that is not also accomplished through the use of PI addressing. #2 NAT advantage: it protects consumers from add-on fees for addresses space. More FUD. The correct solution to thi

Re: Security gain from NAT: Top 5

On Wed, Jun 06, 2007 at 08:49:21PM -0700, Roger Marquis wrote: > Problem is that NAT will not go away or even become less common in > IPv6 networks for a number of reasons. > > #1 NAT advantage: it protects consumers from vendor > lock-in. > > Consider the advantage of globally unique public

Re: Security gain from NAT: Top 5

Mark Smith wrote: For all those people who think IPv4 NAT is quite fine, I challenge them to submit RFCs to the IETF that resolve, without creating worse or more even more complicated problems, the list of problems here. All the IPv6 RFCs do ...

Dead Thread (Re: Security gain from NAT)

I think at this point, everything that could possibly be said about NAT and security has been said. Unless you have something profound to add which hasn't been mentioned in this thread before, please refrain from adding to this thread. -Alex (for the mailing list team)

Re: Security gain from NAT

On Wed, 6 Jun 2007 09:45:01 -0700 David Conrad <[EMAIL PROTECTED]> wrote: > > On Jun 6, 2007, at 8:59 AM, Stephen Sprunk wrote: > > The thing is, with IPv6 there's no need to do NAT. > > Changing providers without renumbering your entire infrastructure. > > Multi-homing without having to know

Re: Security gain from NAT

On Jun 6, 2007, at 8:59 AM, Stephen Sprunk wrote: The thing is, with IPv6 there's no need to do NAT. Changing providers without renumbering your entire infrastructure. Multi-homing without having to know or participate in BGP games. (yes, the current PI-for-everybody allocation mindset would

Re: Security gain from NAT

Thus spake "Roger Marquis" <[EMAIL PROTECTED]> I, for one, give up. No matter what you say I will never implement NAT, and you may or may not implement it if people make boxes that support it. Most of the rest of us will continue to listen to both sides and continue to prefer NAT, in no small

[Fwd: Last Call: draft-hutzler-spamops (Email Submission: Access and Accountability) to BCP]

(Apologies if you receive this more than once. I am sending it to each list that is relevant to the topic, in order to make sure the community is aware of the opportunity and need for comment. /d) Folks, The enclosed announcement is solicits comments on "Email Submission: Access and Accounta

Re: Security gain from NAT

On 6/06/2007, at 2:53 PM, Roger Marquis wrote: So now the cruft extends and embraces, and you have to play DNS view games based on whether it's on company A's legacy net, company B's legacy net, or the DMZ in between them, and start poking around in the middle of DNS packets to tweak the rep

Re: Security gain from NAT

On 6/5/07, Roger Marquis <[EMAIL PROTECTED]> wrote: Are you proposing that every company use publicly routable address space? How about the ones that don't qualify for a /19 and so are dependent on addresses owned by their upstream? This discussion evolved from an IPv6 discussion, so there's