From owner-freebsd-net Tue Jun 2 01:23:12 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id BAA12381 for freebsd-net-outgoing; Tue, 2 Jun 1998 01:23:12 -0700 (PDT) (envelope-from owner-freebsd-net@FreeBSD.ORG) Received: from vorbis.noc.easynet.net (qmailr@vorbis.noc.easynet.net [195.40.1.254]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id BAA12368 for ; Tue, 2 Jun 1998 01:23:08 -0700 (PDT) (envelope-from chrisy@vorbis.noc.easynet.net) Received: (qmail 2964 invoked by uid 1943); 2 Jun 1998 08:23:05 -0000 Message-ID: <19980602092305.52419@flix.net> Date: Tue, 2 Jun 1998 09:23:05 +0100 From: Chrisy Luke To: Paul Emerson Cc: freebsd-net@FreeBSD.ORG Subject: Re: ipv6 network addresses References: <199806012000.QAA14487@gta.gta.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.88 In-Reply-To: <199806012000.QAA14487@gta.gta.com>; from Paul Emerson on Mon, Jun 01, 1998 at 03:51:25PM -0400 Organization: The Flirble Internet Exchange X-URL: http://www.flix.net/ X-FTP: ftp://ftp.flirble.org/ Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Paul Emerson wrote (on Jun 01): > Repeat after me: All NAT solutions are not created equal. However NAT does make traceability significantly more difficult. It also adds quite a few CPU cycles into the packet forwarding loop. I don't see why "Making everyone come from the same address" is so desirable. In itself it has no security built in, certainly none that can't better be provided and tracked by a firewall. Good network numbering can do effectively the same job significantly better and without overhead. NAT is not a security measure, but an administrative mechanism for saving IPv4 address space and nothing more. Chris. -- == chris@easynet.net, chrisy@flix.net, chrisy@flirble.org. == Head of Systems for Easynet Group PLC. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message