Date: Tue, 2 Jun 1998 09:23:05 +0100 From: Chrisy Luke <chrisy@flix.net> To: Paul Emerson <paul@gta.com> Cc: freebsd-net@FreeBSD.ORG Subject: Re: ipv6 network addresses Message-ID: <19980602092305.52419@flix.net> In-Reply-To: <199806012000.QAA14487@gta.gta.com>; from Paul Emerson on Mon, Jun 01, 1998 at 03:51:25PM -0400 References: <199806012000.QAA14487@gta.gta.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Paul Emerson wrote (on Jun 01): > Repeat after me: All NAT solutions are not created equal. However NAT does make traceability significantly more difficult. It also adds quite a few CPU cycles into the packet forwarding loop. I don't see why "Making everyone come from the same address" is so desirable. In itself it has no security built in, certainly none that can't better be provided and tracked by a firewall. Good network numbering can do effectively the same job significantly better and without overhead. NAT is not a security measure, but an administrative mechanism for saving IPv4 address space and nothing more. Chris. -- == chris@easynet.net, chrisy@flix.net, chrisy@flirble.org. == Head of Systems for Easynet Group PLC. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980602092305.52419>