Routeros netmap6/24/2023 ![]() We've all used FTP, SIP, and all of that jazz for 2 decades now with NAT. Plus not all networks are connected to the public internet but may need a quick n dirty 'gateway' to it without changing tons of IPs just 'because'. Not all networks are the same, or are able to change because of this arbitrary 'requirement' of end to end connectivity. Regardless of what some applications/protocols do or don't, having some form of NAT (at least NPT) in your toolbox is useful. Don't deprive the rest of us of the opportunity to have it. I honestly cannot understand why anyone would oppose to a feature that they don't need. I don't think that a company that deals only with enterprise clients would spend time implement a feature that wasn't asked for. If Juniper - which is among the leaders that actually route the whole internet - implements it then there is a reason and a use for it. But some of us need to use it so please enough with this 'propaganda' about NAT. ![]() What I really don't understand is what is the problem? If someone does not want to use NAT (for ideological IPv6 nonsense or because there is no need) then don't use it. Or just because the so called IPv6-evangellists say there shouldn't be NAT, that does not mean that there are not legit use cases for some networks. Just because you don't need it or you don't like it doesn't make it 'wrong'. By that logic if you are using NAT on IPv4 (which I am sure you do) then you are doing something wrong. No offense, but that's just a lame argument and you know it. If you need to use NAT with IPv6 you're doing something wrong. It won't hurt those who oppose NAT but it will help those who need it for whatever reasons (good or bad - in network engineering terms). I am sure many people will appreciate it. Please consider adding support for NAT66. Since RouterOS is essentially linux based, and since the linux kernel in recent versions does support NAT66 it's merely a matter of integrating an already implemented feature on ROS UI/CLI (ok that's a speculation on my part, but I mean the hard work - implementation - has already been done ). It would be a shame to not implement it when giants like Juniper do. Regardless of the RFCs though, I believe NAT66 is an extremely useful feature. ![]() There is also an RFC about NPT (Network prefix translation) - also useful. rview.htmlĪlso CentOS for example with kernel 3.7+ already supports NAT66 See the documentation for the unpwdb library.IPv6-to-IPv6 NAT (NAT66), defined in Internet draft draft-mrw-behave-nat66-01, IPv6-to-IPv6 Network Address Translation (NAT66), is fully supported by the Junos OS. passdb, unpwdb.passlimit, unpwdb.timelimit, erlimit, userdb See the documentation for the creds library. ![]() See the documentation for the brute library. Default: 1 brute.credfile, lay, brute.emptypass, brute.firstonly, brute.guesses, brute.mode, brute.passonly, brute.retries, brute.start, brute.threads, brute.unique, eraspass Script Arguments mikrotik-routeros-brute.threads Performs brute force password auditing against Mikrotik RouterOS devices with the API RouterOS interface enabled. Script Arguments Example Usage Script Output Script mikrotik-routeros-brute
0 Comments
Leave a Reply. |