On 2014-07-29 0:07, Kevin Oberman wrote: > And all IPv6 NAT is evil and should be cast into (demonic residence of your > choosing) on sight! > > NAT on IPv6 serves no useful purpose at all. It only serves to complicate > things and make clueless security officers happy. It adds zero security. It > is a great example of people who assume that NAT is a security feature in > IPv4 (it's not) so it should also be in IPv6. ...... > So putting support for NAT66 or any IPv6 NAT into a firewall is just > making things worse. Please don't do it! Well said.... I'm actually rather relieved that natd can/should go away. Stops giving me migraines with all those special protocl cases that don't like to be natted.. Which of course started as early as FTP. --WjWReceived on Tue Jul 29 2014 - 05:32:24 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:51 UTC