From owner-freebsd-stable@FreeBSD.ORG  Mon Sep 17 12:05:05 2007
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 284C416A418
	for <freebsd-stable@freebsd.org>; Mon, 17 Sep 2007 12:05:05 +0000 (UTC)
	(envelope-from adrian.chadd@gmail.com)
Received: from wa-out-1112.google.com (wa-out-1112.google.com [209.85.146.180])
	by mx1.freebsd.org (Postfix) with ESMTP id E5F7513C4B7
	for <freebsd-stable@freebsd.org>; Mon, 17 Sep 2007 12:05:04 +0000 (UTC)
	(envelope-from adrian.chadd@gmail.com)
Received: by wa-out-1112.google.com with SMTP id k17so1990415waf
	for <freebsd-stable@freebsd.org>; Mon, 17 Sep 2007 05:05:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta;
	h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth;
	bh=IotO+CHYA2v5D87YKcIgfNBkJYfN2Ud4/Nnj1W0o6X0=;
	b=DtGicu2cvMxZlbaqNY2QcvOK64fnybm2g4KnVHBDxXSXGE7OlXft4/CasZvFjBtAaL/qQfZP22YaKs6Q8zH/P8olcmDirzgaea5BovuPzbPIL3VYCBVTvR4pC+CSzyWYjZTp3Yjuj8U9qnu1DYcVG3uW0FGaQWAyKfU/fiKL3lc=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta;
	h=received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth;
	b=LAs8Kaqt3/Hc9a2Jn/Fne6PVWixM+6i4IHQ2y5vgNXv4xQuJU6wos0ZuDaJyrce0BqRFtqhmp+YKUEffJatFEGPGEJa981fApAXEQlgWSRycQ+K2BgOzXdzdY+2cs74gp14dBqBh7DBjQ1+k/wVixzMJ85VHJuPBxniUk32nTNg=
Received: by 10.114.131.9 with SMTP id e9mr1478830wad.1190029037136;
	Mon, 17 Sep 2007 04:37:17 -0700 (PDT)
Received: by 10.114.74.13 with HTTP; Mon, 17 Sep 2007 04:37:17 -0700 (PDT)
Message-ID: <d763ac660709170437n2d4a0894gb0beb6d4478ce477@mail.gmail.com>
Date: Mon, 17 Sep 2007 19:37:17 +0800
From: "Adrian Chadd" <adrian@freebsd.org>
Sender: adrian.chadd@gmail.com
To: "Aristedes Maniatis" <ari@ish.com.au>
In-Reply-To: <DB7A4FF2-0232-4560-A9AA-B8D041EF9C32@ish.com.au>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <Pine.BSF.3.96.1070914122107.11716A-100000@gaia.nimnet.asn.au>
	<DB7A4FF2-0232-4560-A9AA-B8D041EF9C32@ish.com.au>
X-Google-Sender-Auth: bda21b3911e7208c
Cc: FreeBSD Stable <freebsd-stable@freebsd.org>
Subject: Re: BIND 9.3.1 - How to get rid of AAAA querys?
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Sep 2007 12:05:05 -0000

On 17/09/2007, Aristedes Maniatis <ari@ish.com.au> wrote:

> Personally, I cannot wait until NAT, STUN and all that nonsense goes
> away.

You'll be prying NAT out of random certified security administrators'
cold dead fingers, unfortunately.

(There was a thread on nanog@merit.edu about it a few months ago which
I covered major points about this; I'm sure you could find it with a
bit of googling. I'm not going to repeat it here.)

Suffice to say, a lot of the busted NAT behaviours you're used to will
pop up again thanks to the power of stateful firewalls regardless of
IPv4 or IPv6. Thats going to piss you off more than the IP/port
NAT/PAT ever did.


Adrian

-- 
Adrian Chadd - adrian@freebsd.org