On Thu, 2010-08-05 at 10:25 +0300, HG wrote:
Slightly off-topic (but so this seems to be already anyhow), I personally like to have all my home computers behind NAT. It acts as nice firewall.
No, it doesn't. NAT is *NOT* a security solution.
IPv6 settings in my router are "link-local" and none of the other settings (static IPv6, DHCPv6, PPPoE, IPv6 in IPv4 tunnel, 6to4 mode) seem to offer similar hiding of the local computers.
NAT does not "hide" computers. Capture a NAT'd stream of traffic and it isn't very hard to separate the conversations of multiple computers behind the NAT. NAT is just a coping mechanism for IPv4's constrained address space [good riddance!]
Well, that's how it seems - of course, there is no real documentation and I'm just guessing :-(
For IPv6 you just use a firewall to filter routed traffic, the way IP is
supposed to work. NAT does nothing at all, except break things.
--
Adam Tauno Williams