[Info-vax] implementing IPv6 on the internet
Richard Levitte
richard at levitte.org
Wed Sep 21 11:56:06 EDT 2016
Den onsdag 21 september 2016 kl. 14:28:20 UTC+2 skrev Dirk Munk:
> Chris wrote:
> > On 09/21/16 12:00, Richard Levitte wrote:
> >
> >>
> >> No. NAT was never designed for network security, but
> > can be used as a cheap'n'dirty piece of shit firewall.
> >>
> >> With IPv6, you'll have to do firewalling for real.
> >>
> >> Cheers,
> >> Richard
> >
> > Just another opinion and whatever it was originally designed for,
> > it's turned out to be quite a sound and cost effective solution
> > to the problem.
> >
> > With IPV6, just what is meant by "firewalling for real" ?...
> >
> > Regards,
> >
> > Chris
> >
> >
>
> I've explained that already. By default IPv6 access from the internet is
> blocked on a CE router.
>
> If you want to allow access to an IPv6 device on your LAN, you have to
> configure on your router access to that IPv6 address *and* to the
> appropriate ports.
>
> With IPv4 you have to route a port number on the WAN port of your router
> to an IPv4 address and port on the LAN. (port forwarding)
>
> No real difference.
Except you're into a world of complication of you want to open up port 22 to every device at home... Ah-yup, let the fun begin.
Cheers,
Richard
More information about the Info-vax
mailing list