>>>>> "Yves" == Yves Dorfsman <y...@zioup.com> writes:
Yves> -half of the people thought it was important to hide the internal Yves> network and wanted to carry on some form of NATing with IPv6 Yves> -the other half thought firewalling was sufficient and that the Yves> advantages of each device using its own ip address was worth more Yves> than the feeling of security provided by hiding the internal Yves> network. And if your devices don't need a fixed address internally, learn about autoconfiguration, especially the net.inet6.ip6.use_tempaddr=1 option. Using that with "outbound only" ipv6 rules will effectively be as good as NAT is now, if not better. Seriously, ipv6 solves a lot of the issues in a nicely elegant way. Don't bring ipv4 mentality into the mix. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <mer...@stonehenge.com> <URL:http://www.stonehenge.com/merlyn/> Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc. See http://methodsandmessages.posterous.com/ for Smalltalk discussion _______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
