Re: [arin-announce] IPv4 Address Space (fwd)

About Merit

Services

Network

Resources & Support

Network Research

News

Events

Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Re: [arin-announce] IPv4 Address Space (fwd)

From: Jack Bates
Date: Wed Oct 29 16:33:58 2003

David Raistrick wrote:

You seem to be arguing that NAT is the only way to prevent inbound access.
While it's true that most commercial IPv4 firewalls bundle NAT with packet
filtering, the NAT is not required..and less-so with IPv6.

I think the point that was being made was that NAT allows the filtering of the box to be more idiot proof. Firewall rules tend to be complex, which is why mistakes *do* get made and systems still get compromised. NAT interfaces and setups tend to be more simplistic, and the IP addresses of the device won't route publicly through the firewall or any unknown alternate routes.

-Jack

Follow-Ups:
- Re: [arin-announce] IPv4 Address Space (fwd) Scott McGrath
- Re: [arin-announce] IPv4 Address Space (fwd) E.B. Dreger
- Re: [arin-announce] IPv4 Address Space (fwd) Crist Clark

References:
- Re: [arin-announce] IPv4 Address Space (fwd) Scott McGrath
- Re: [arin-announce] IPv4 Address Space (fwd) David Raistrick

Prev by Date: RE: [arin-announce] IPv4 Address Space (fwd)
Next by Date: RE: The Evolution of the U.S. Peering Ecosystem
Date Index
Thread Index
Author Index
Historical