On Tue, Jan 30, 2007 at 08:19:12AM -0000, michael.dillon@bt.com wrote:
IPv6 makes NAT obsolete because IPv6 firewalls can provide all the useful features of IPv4 NAT without any of the downsides.
IPv6 firewalls? Where? Good ones?
Why good ones. NAT is a basic IPv4 firewall. All IPv6 needs to obsolete NAT is a firewall that offers all the features of NAT without requiring the address translation. Then, instead of setting up a port translation for a particular incoming protocol, you simply open up that port without modifying the packets as they flow through. Suddenly, SIP works and incoming VoIP phonecalls work just like on the phone network.
There is more to firewalls than NAT and packet filtering, no matter what the Cisco Pix people say. -- Joe Yao ----------------------------------------------------------------------- This message is not an official statement of OSIS Center policies.