Am 19.06.26 um 21:04 schrieb William Herrin via NANOG:
Enterprise, on the other hand, is definitely going NAT. Renumbering is painful even with IPv6. And they're very leery of 1:1 NAT -- they've made security configuration mistakes before and trust 1:many NAT to offer a layer of protection while those mistakes are detected and fixed. They take arguments against NAT to mean that IPv6 is not yet ripe for deployment with the sort of robust security frameworks they enjoy in IPv4.
Then they should go to training regarding IPv6 SPI firewalls. Every residential customer CPE has it, so they can use it too. The devices that support IPv4 NAT will most likely also support SPI-FW for IPv6. At least Cisco does. -- Gruß Marco Junk-Mail bitte an trashcan@stinkedores.dorfdsl.de