On 09/08/2016 04:09 PM, Pshem Kowalczyk wrote:
> With NAT I have a single entry/exit point to those infrastructure subnets
> which can be easily policed.
I have used NAT in IPv4 scenarios as an alternative for lack of routing
control in the return direction.
However, this does not mean that this
On Thu, Sep 8, 2016 at 7:17 PM, Ca By wrote:
> NAT is bad
https://www.youtube.com/watch?v=v26BAlfWBm8
794.5033 (d) | +1.734.846.2053 (m)
www.arbornetworks.com<http://www.arbornetworks.com/>
From: NANOG on behalf of Karl Auer
Sent: Thursday, September 8, 2016 8:49:34 PM
To: nanog@nanog.org
Subject: Re: Use of unique local IPv6 addressing rfc4193
On Thu, 20
On Thu, 2016-09-08 at 23:43 +, Pshem Kowalczyk wrote:
> both ways - if we decide to use it we'll have to either overlay it
> with public IPv6 space (and provide the NAT/proxy for where we don't
> have any public IPv6 assigned) or simply not use the fc00::/7 and
> skip the NAT/proxy aspects of i
On Thursday, September 8, 2016, Pshem Kowalczyk wrote:
> With NAT I have a single entry/exit point to those infrastructure subnets
> which can be easily policed.
> If I give them public IPs then they're routable and potentially can reach
> the internet via devices that don't police the traffic.
>
Hi,
That's why I asked the question - if anyone actually puts its as an
additional IP on their interfaces to keep it simple (and in-line with IPv4
policies, address allocation schemes, etc) or not. I can see the argument
both ways - if we decide to use it we'll have to either overlay it with
publi
In message
, Pshem
Kowalczyk writes:
> With NAT I have a single entry/exit point to those infrastructure subnets
> which can be easily policed.
> If I give them public IPs then they're routable and potentially can reach
> the internet via devices that don't police the traffic.
If you wish to be
On Thu, 08 Sep 2016 23:09:28 -, Pshem Kowalczyk said:
> If I give them public IPs then they're routable and potentially can reach
> the internet via devices that don't police the traffic.
They can potentially reach the Internet even without public IPs.
All it takes is one idiot with a laptop
You can also easily police a subnet.
On Sep 8, 2016 6:11 PM, "Pshem Kowalczyk" wrote:
> With NAT I have a single entry/exit point to those infrastructure subnets
> which can be easily policed.
> If I give them public IPs then they're routable and potentially can reach
> the internet via devices
With NAT I have a single entry/exit point to those infrastructure subnets
which can be easily policed.
If I give them public IPs then they're routable and potentially can reach
the internet via devices that don't police the traffic.
My real question is does anyone bother with the fc00::/7 addressi
In message
, Pshem
Kowalczyk writes:
> Hi,
>
> We're looking at rolling out IPv6 to our internal DC infrastructure. Those
> systems support only our internal network and in the IPv4 world they all
> live in 'private' space of 10.0.0.0/8. I was wondering if anyone uses the
> fc00::/7 space for t
Hi,
We're looking at rolling out IPv6 to our internal DC infrastructure. Those
systems support only our internal network and in the IPv4 world they all
live in 'private' space of 10.0.0.0/8. I was wondering if anyone uses the
fc00::/7 space for these sort of things or do ppl use a bit of their pub
12 matches
Mail list logo
