1 May
2014
1 May
'14
8:06 p.m.
On Fri, May 2, 2014 11:57 am, Fred Baker (fred) wrote:
On May 1, 2014, at 4:10 PM, Jean-Francois Mezei <jfmezei_nanog@vaxination.ca> wrote:
Pardon my ignorance here. But in a carrier-grade NAT implementation that serves say 5000 users, when happens when someone from the outside tries to connect to port 80 of the shared routable IP ?
More to the point, your trust boundary includes 5000 people. Do you know them all? Who maintains their systems and software? Do you trust them?
What happens if they approach you from behind the NAT?
Strikes me as a red herring; CGNat is not shifting your security boundary, wheras the typical NAT device used on a shared IPv4 connection usually does.