Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 17 Sep 2007 19:37:17 +0800
From:      "Adrian Chadd" <adrian@freebsd.org>
To:        "Aristedes Maniatis" <ari@ish.com.au>
Cc:        FreeBSD Stable <freebsd-stable@freebsd.org>
Subject:   Re: BIND 9.3.1 - How to get rid of AAAA querys?
Message-ID:  <d763ac660709170437n2d4a0894gb0beb6d4478ce477@mail.gmail.com>
In-Reply-To: <DB7A4FF2-0232-4560-A9AA-B8D041EF9C32@ish.com.au>
References:  <Pine.BSF.3.96.1070914122107.11716A-100000@gaia.nimnet.asn.au> <DB7A4FF2-0232-4560-A9AA-B8D041EF9C32@ish.com.au>

next in thread | previous in thread | raw e-mail | index | archive | help
On 17/09/2007, Aristedes Maniatis <ari@ish.com.au> wrote:

> Personally, I cannot wait until NAT, STUN and all that nonsense goes
> away.

You'll be prying NAT out of random certified security administrators'
cold dead fingers, unfortunately.

(There was a thread on nanog@merit.edu about it a few months ago which
I covered major points about this; I'm sure you could find it with a
bit of googling. I'm not going to repeat it here.)

Suffice to say, a lot of the busted NAT behaviours you're used to will
pop up again thanks to the power of stateful firewalls regardless of
IPv4 or IPv6. Thats going to piss you off more than the IP/port
NAT/PAT ever did.


Adrian

-- 
Adrian Chadd - adrian@freebsd.org



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d763ac660709170437n2d4a0894gb0beb6d4478ce477>