[AusNOG] FW: [Ap-ipv6tf] official shutdown date for IPv4. The date he is pushing for is April 4, 2024. "IPv4 can't go on forever, " Latour said. "

[Mark Newton]

On Nov 6, 2014, at 9:12 AM, Nathanael Bettridge <nathanael at prodigy.com.au> wrote:

> I like and regularly use the ability to remap ports between disparate machines or to different ports transparently, without having to use a port proxy.
> I like and regularly use the ability to present an arbitrary number of addresses as one to another network, or map between different address structures.

I like and regularly use networks which keep concentrations of state on the edge.

(why do you even care about ports? Oh, substandard application architecture which forces you to micromanage 16 bit numbers. Never mind, carry on…)

> These are really handy tools to have to solve problems.

They’re also really handy tools to turn yourself into a DoS-magnet.

An important plank of security is “availability.”  You’re reducing that every time you put another bit of state in your core. These people who claim that NAT is helping their security seem to have a somewhat more limited view of “security” than the commonly accepted one that network professionals strive to attain.

  - mark