Date: Fri, 29 May 1998 23:37:47 +0900 From: Jun-ichiro itojun Itoh <itojun@itojun.org> To: Eivind Eklund <eivind@yes.no> Cc: freebsd-net@FreeBSD.ORG Subject: Re: ipv6 network addresses Message-ID: <12552.896452667@coconut.itojun.org> In-Reply-To: eivind's message of Fri, 29 May 1998 16:26:37 %2B0200. <19980529162637.32681@follo.net>
next in thread | previous in thread | raw e-mail | index | archive | help
>> There's something called "site local address" defined in rfc1884. >> However, scoped address has so many twists. You must be very careful >> configuring nameservers for site local addresses. Also, there's is >> very hard problem for site border routers... >> I believe people would like to get rid of NAT when v6 is deployed, >> so there will be no private address, I believe... >I don't agree. The use of NAT is partially to protect against attacks >- if you're not routed, an attack is that much harder. even without address translation, you can have "non-routed" network space. If you use NAT, you are actually "routing" external packet to your host. In this case the security level degrades very much. Lengthy discussion was done in IETF IPng working group, so I would not repeat that here. I highly recommend the following message. (I do not copy the message here since this was not by me...) http://www.cs-ipv6.lancs.ac.uk/ipv6/mail-archive/IPng/1998-05/0057.html itojun Message-Id: <199804071422.KAA03813@postal.research.att.com> To: "Jennings, Robert" <RJennings@IKON.com> cc: bound@zk3.dec.com, Jun-ichiro itojun Itoh <itojun@itojun.org>, thartric@mentat.com, ipng@sunroof.Eng.Sun.COM Subject: (IPng 5597) Re: Basic Sockets API Date: Tue, 07 Apr 1998 10:22:23 -0400 From: Steve Bellovin <smb@research.att.com> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?12552.896452667>