nanog mailing list archives

RE: IPv4 flag day

From: Gary Sparkes via NANOG <nanog () lists nanog org>
Date: Thu, 18 Jun 2026 18:52:03 +0000

Correct, I specified both firewalls have an inbound default deny, accept only related/established.

The standard CPE configuration for any NAT scenario, and the usual standard for any non-NAT scenario as well. 

NAT allows me to *bypass* this. 

-----Original Message-----
From: William Herrin <bill () herrin us> 
Sent: Thursday, June 18, 2026 2:49 PM
To: Gary Sparkes <gary () kisaracorporation com>
Cc: North American Network Operators Group <nanog () lists nanog org>
Subject: Re: IPv4 flag day

On Thu, Jun 18, 2026 at 11:41 AM Gary Sparkes <gary () kisaracorporation com> wrote:

Simply, the inbound firewall rules prevent it from working.


What inbound firewall rules? The requirement was that the firewalls are identical except for NAT. If there's an inbound 
firewall rule, it's present on the NAT firewall too.

Regards,
Bill Herrin



--
For hire. https://bill.herrin.us/resume/
_______________________________________________
NANOG mailing list 
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/GHQHNSAUZNFFYRZM337A7MACH4YG4FSN/

Current thread:

RE: IPv4 flag day, (continued)
- - - RE: IPv4 flag day Gary Sparkes via NANOG (Jun 18)
    - Re: IPv4 flag day William Herrin via NANOG (Jun 18)
    - RE: IPv4 flag day Gary Sparkes via NANOG (Jun 18)
    - Re: IPv4 flag day William Herrin via NANOG (Jun 18)
    - RE: IPv4 flag day Gary Sparkes via NANOG (Jun 18)
    - Re: IPv4 flag day Dorn Hetzel via NANOG (Jun 18)
    - RE: IPv4 flag day Gary Sparkes via NANOG (Jun 18)
    - Re: IPv4 flag day William Herrin via NANOG (Jun 18)
    - RE: IPv4 flag day Gary Sparkes via NANOG (Jun 18)
    - Re: IPv4 flag day William Herrin via NANOG (Jun 18)
    - RE: IPv4 flag day Gary Sparkes via NANOG (Jun 18)
    - Re: IPv4 flag day William Herrin via NANOG (Jun 18)
    - RE: IPv4 flag day Gary Sparkes via NANOG (Jun 18)
    - Re: IPv4 flag day Arie Vayner via NANOG (Jun 18)
    - RE: IPv4 flag day Gary Sparkes via NANOG (Jun 18)
    - Re: IPv4 flag day Dorn Hetzel via NANOG (Jun 18)
    - RE: IPv4 flag day Gary Sparkes via NANOG (Jun 18)
    - Re: IPv4 flag day Dorn Hetzel via NANOG (Jun 18)
    - RE: IPv4 flag day Gary Sparkes via NANOG (Jun 18)
    - Re: IPv4 flag day William Herrin via NANOG (Jun 18)
    - RE: IPv4 flag day Gary Sparkes via NANOG (Jun 18)

(Thread continues...)