Sanity check please....Got in an argument today and now I don't know what to think...
If a host is IPv4 only ( NOT dual stacked) and the corporate firewall has an IPv6 only public IP the only thing you can really do is NAT64 for INBOUND sessions from IPv6 hosts on the internet.
Can the IPv4 PC initiate outbound connections to anything in the world of IPv4 or IPv6, I believe it certainly cant talk to IPv6 hosts on the Internet since the PC doesn't even know what IPv6 is ( not dual stacked). How about IPv4? The firewall only has an IPv6 address....if it fired off packets to an IPv4 hosts with a source of IPv6 it would fail unless that target host was DUAL stacked.
Correct me if I am wrong but the only way any of this works is if the host is dual stacked...and yes I understand this is best practice, this is why I got in an argument in the first place :)
No comments:
Post a Comment