(D)NAT with IPv6 (was "nf_conntrack & NAT")
Harald Welte
laforge at netfilter.org
Fri Dec 9 05:56:31 CET 2005
On Thu, Dec 08, 2005 at 12:56:32PM +0100, Patrick Schaaf wrote:
> > So each time you add a service on a host, you should assign a new IP to it
> > (and create the respective DNS name for this IP/service couple!), just in
> > case you may have to redirect its traffic one day? (even if temporary)
>
> This has proven to be a very valuable strategy, at work, even for normal
> IPv4 operation. Saves headaches every time we want to migrate something.
> I can warmly recommend this practise.
I totally agree. Esp. with IPv6 there is no reason to do otherwise...
A /64 for every physical network segment, guess people still need to get
used to it.
--
- Harald Welte <laforge at netfilter.org> http://netfilter.org/
============================================================================
"Fragmentation is like classful addressing -- an interesting early
architectural error that shows how much experimentation was going
on while IP was being designed." -- Paul Vixie
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/netfilter-devel/attachments/20051209/c90e0dcc/attachment.pgp
More information about the netfilter-devel
mailing list