[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ocean: do not boil
> - NAT-PT ensures, using the DNS ALG, that the host only receives AAAA
> records,
> thus the host doesn't do anything special.
>
> this doesn't prevent IPv4 traffic - it only eliminates one source of
> IPv4 addresses. DNS is not the only such source.
Yep. But it is far from clear to me that NAT-PT handles the case when an
IPv4 address is used by an application (whether it came from some application
protocol payload or elsewhere). I think this is just the NAT+ALG issue
restated; if IP addresses appear in the payload of packets an ALG is needed in
the NAT to map those IP addresses.
Erik