----- Original Message -----
From: "Jimmy Hess" <mysidia@gmail.com>
On 4/1/13, Jay Ashworth <jra@baylink.com> wrote:
It would just be way too much luck and convenience for that to happen by coincidence.
Once in a while, you win.
The trouble with winning by coincidence or winning as a side-effect... Do you keep winning?
Depends on how you won.
What happens with IPv6 CPE devices, when there is no NAT?
Well, that's going to be an interesting question in general: will v6 edge routers a) exist, b) handle the addressing, c) handle DHCP, d) actually not do NAT, or e) NAT a v4 home network to a v6 address/network?
No translation occurs, so possibly rogue source IP packets get through, unless the device specifically applies uRPF or clamping source addresses to the LAN interface subnet.
It would be nice if the RFCs specified Ingress filtering by default in router requirements for IPv4 and IPv6, as a MUST requirement; instead of some 2nd class citizen, optional best practices document.
Nah. That's *not* ingress filtering, for all practical purposes; it's *egress* filtering -- filtering that's under control of the network operating entity, and thus semi-useless for the purposes at hand. (On re-reading that, I see I'm not entirely clear: any filtering has to be done on the upsptream end of the link, so that it is *not* in control of the entity which might be originating the bad packets; John Carmack illustrated why in his piece about Quake cheating. What; you haven't read that piece? And you run networks? :-) Cheers, -- jra Cheers, -- jra -- Jay R. Ashworth Baylink jra@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA #natog +1 727 647 1274