Building network automation solutions

9 module online course

Start now!

3 & 5 Years Ago (May 2013)

In May 2008 I wrote about asymmetric routing, OSPF across a PIX/ASA firewall and control plane protection.

The most popular article from May 2010 is still Tunneling VPNs and Zone-Based Firewalls with NAT64 and DNS64 in 30 minutes being close second. I also wrote about iSCSI and Moore’s Law and IPv6 myths.

Interesting posts from May 2008

Interesting posts from May 2010


  1. What are your thoughts on IPV6 to IPV6 NAT?

    There are obvious security-related concerns including:

    Giving an attacker the MAC OUI which is useful in network reconissance attacks.

    Enabling Traffic Footprinting in MITM Attacks.

    Hardware failure issues; if you're running a smaller environment and have Load balancer, Firewall, and other rules that tie to a specific specific address, if a NIC fails you may be forced to change the config on a dozen different systems. There's an argument to be made for abstraction using DNS but in most instances that's probably a bad idea.

    Etc Etc.
Add comment