From mboxrd@z Thu Jan 1 00:00:00 1970 From: Richard C Bilson Message-Id: <200309301947.h8UJlZC02108@plg2.math.uwaterloo.ca> To: 9fans@cse.psu.edu Subject: Re: [9fans] NAT Date: Tue, 30 Sep 2003 15:47:35 -0400 Topicbox-Message-UUID: 5928a860-eacc-11e9-9e20-41e7f4b1d025 > whats wrong with it? I think those boxes works well (and act as plug-and- > play firewalls). Plug-and-play is good, no question. But you're placing your trust in a vendor who has undoubtedly disclaimed all responsibility for providing you with any real security. You don't know what's going on under the hood, and have no guarantee that the vendor is actually fixing security problems, or that they will continue to do so. There have been enough network-accessible back-doors to make me nervous. At least if I have the code I have control. I also have the responsibility, but it's better than having responsibility without control. > > I realize that IPv6-IPv4 is a different kind of translation, but it > > would be nice to have something to start with. > this is for use in the IPv6/IPv4 network. if your ISP gives you IPv4 > network connectivity, you wouldnt need it. am i right? or am i missing > something? The point is that they did stateful NAT, which is what I'm considering. If there is code available, I could potentially modify it to do internal/external translation.