Thread: How to view the automatic proxy arps NGX
View Single Post
  #28 (permalink)  
Old 2006-10-12
RobertGraham RobertGraham is offline
Senior Member
  
Join Date: 2006-02-02
Posts: 212
Rep Power: 3
RobertGraham has an average reputation (10+)
Send a message via MSN to RobertGraham Send a message via Yahoo to RobertGraham
Default Re: How to view the automatic proxy arps NGX
After reflecting on this and speaking with a colleague about it, I've become convinced that it's best to use a separate but smaller network(/28 or /29) for the segment between the CPE router and the enforcement point.

I know that in the past it was necessary to be very frugal with IPs, but between NAT, CIDR, and IPv6 on the way it shouldn't be such an issue. Incidentally, there are quite a few networks that haven't yet been assigned and several more that could be VLSMed.

I guess it's because I feel like: after the firewall it's the Internet and private addresses shouldn't be used on the Internet. (I know ISPs use 1918 IPs for their backbones which are definitely part of the Internet, but I'm not talking about that.)
Reply With Quote