Mailinglist Archive: opensuse-factory (808 mails)

[Frederic Crozat <fcrozat@xxxxxxxx>]

Le mardi 02 août 2011 à 14:15 +0200, Lars Müller a écrit :
> On Tue, Aug 02, 2011 at 11:11:21AM +0200, Frederic Crozat wrote:
> > Le mardi 02 août 2011 à 10:55 +0200, Ludwig Nussel a écrit :
> [ 8< ]
> > > Let's accept your assumption that home routers would actually route
> > > all traffic into your network for a moment. That would mean opening
> > > some port, even for a little while is even more wrong. You'd expose
> > > your cups/avahi/rpc ports not only to the local network but the
> > > whole internet! So you'd have to restrict access to your local IP
> > > range at which point things get difficult to squeeze into a usable
> > > UI. Esp with v6 where you get multiple, dynamically assigned and
> > > potentially even changing prefixes depending on connectivity (e.g.
> > > ULAs if router is offline).
> > >
> > > So either the router takes care of filtering traffic or the network
> > > really is untrusted in which case you don't want to suggest the user
> > > to open ports.
> >
> > From what I see, such routers aren't common in SOHO market (and I'm not
> > sure they will be in the near future). And I'm not convinced explaining
> > those concepts to average users (or even a SOHO admin) will be
> > successful.
>
> IPv6 enabled Integrated Access Devices (IAD) are more and more common.
>
> Also more and more Internet Service Providers (ISP) have v6 on the
> agenda.  For Germany they're also driven by the decision of Deutsche
> Telekom to offer v6 to all customers till end of 2011.

Agreed (my own ISP Free.fr is one of the first big ISP to enable IPv6 on
its IAD years ago) but I'm not sure those IAD will have filtering
capabilities for IPv6.

-- 
Frederic Crozat <fcrozat@xxxxxxxx>
SUSE

-- 
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx