On 04/07/13 04:15, David Lang wrote:
also, as you move from one zone to another, all your connections will
drop as the new router won't have them in it's masquerade tables.
Yes, that would be true. I spaced on the NAT state table, though, you
could probably find a way to sync them, across routers. Depending on
the router. :) But, definitely not a "supported" feature.
subnet size should not be a problem, very few places need to support
more than 64K (/16) users, and even fewer would need more than 16M users
(/8)
Just needs to not clash with any other subnet that they need to get to.
But that is usually easy.
IPv6 is another story...
How would IPv6 change anything here? I don't see IPv4 really being a limit.
Supporting v6 in this method would break some of v6s pieces, I think.
IPv6 does not like NAT (it can do it, as long as you don't use any of
the security features.) Remember IPsec is backported from IPv6. IPsec
cannot be NATed, only tunneled.
I think with IPv6, a single campus wide VLAN would work fine. It has no
broadcast, only multicast.
--
Mr. Flibble
King of the Potato People
_______________________________________________
Tech mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
