This is not unlike some of the techniques used a few years years back to phyisically segment networks, and not let internal nodes see each other. Another one like this which has fallen out of favor was "protocol switching". Anyone ever remember running ProxyServer? Run IPX on the internal network and TCP on the outside only?

At the time it was actually a cheap and effective way to keep your internal structures protected, since the management ports from the two protocols were masked from each other Even if a hacker could get to the proxy, it was fairly difficult to push any further, given the protocol incompatibilties. Nowadays - once the hacker gets into your router most of the time they have full knowledge of where everything is and what to go after.