Brian J. Murrell <br...@interlinx.bc.ca> wrote: > On Sun, 2015-09-27 at 08:46 -0700, Tom Eastep wrote: >> Using SNAT and packet marking, you can do the same thing on your >> router >> with IPv6 as you can with IPv4, AFAIK.
I was under the impression that while NAT had originally been defined, it was deprecated ages ago. > Yes, I had considered that. But the idea of IPv6 eliminating NAT is so > magnificent. :-) Indeed, working in networking, I've more clue than most just how much stuff NAT breaks, and how much work has been done getting around it. But for situations like this, I do think some form of prefix translation would be useful - not port translation, not host part address translation, just prefix translation (so avoiding the "break everything as much as we can" approach to NAT that Zyxel do). But with the "starting with a cleanish sheet" state of IPv6 it could have been done where there were specific protocols for the end device to explicitly ask routers what the translations are - neatly avoiding the need for "guess what my network is" protocols like STUN. ------------------------------------------------------------------------------ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
