[arin-ppml] Set aside round deux
Roger Marquis
marquis at roble.com
Thu Aug 5 14:31:23 EDT 2010
michael.dillon at bt.com wrote:
> If you are going to install a firewall, then this whole discussion
> of IPv6 NAT gateways does not apply to you. A firewall has far more
> features than a NAT box. We are really discussing boxes which have
> had a bit of firewall functionality (called NAT) added to them but
> which do not deserve the name, "firewall".
There is no such thing as a "NAT box". Firewalls == NAT == firewalls
whichever way you look at it.
Getting back to the technical reasons for NAT, or at least trying to, are
there no takers for these questions?
* If you can explain how multihoming will work without NAT and without
internal renumbering then please do. If you think internal renumbering
is feasible please explain how to maintain persistent connections across
a renumbering?
* How to would you do transparent load-balancing and fail-over, ingress
or egress, without NAT?
* Also, since nobody has yet made a good business case for GUA (other
that upstream lock-in), please explain how consumers' privacy and vendor
independence would be preserved in the GUA world you're advocating.
* How would you deal with routing table growth in absence of NAT?
* And most importantly, please explain what NAT breaks that stateful
inspection has not already "fixed-up"?
Roger Marquis
More information about the ARIN-PPML
mailing list