Mailinglist Archive: opensuse (1777 mails)

< Previous Next >
Re: [opensuse] Moving to IPv6
  • From: Adam Tauno Williams <awilliam@xxxxxxxxxxxxx>
  • Date: Thu, 09 Sep 2010 06:09:51 -0400
  • Message-id: <1284026991.16809.8.camel@xxxxxxxxxxxxxxx>
On Wed, 2010-09-08 at 14:49 -0700, John Andersen wrote:
On 9/8/2010 2:44 PM, Per Jessen wrote:
Adam Tauno Williams wrote:

On Wed, 2010-09-08 at 14:25 -0700, John Andersen wrote:
On 9/8/2010 2:03 PM, James Knott wrote:
It's time for you to find a new ISP. NAT is broken in a number of
ways. For example, it breaks some protocols and makes it
impossible for
a user to reach their network from elsewhere. Also, it's possible
for an ISP to overload NAT, as each IP address has a limited number
of ports that can be remapped.
Well, in some ways, making it harder to reach your own net is not
totally a bad idea. What you can reach, others can reach, and with a
nat-less internet you end up requiring protection in every device.
Golly - NAT IS NOT A SECURITY MEASURE! How many times does that have
to be said to sink in?
It doesn't matter, it still does pretty well as such.
Exactly.
NAT IS a router.

*FALSE*

You pretty much can't have nat without a router.

Correct, NAT is meaningless without a router. That doesn't make NAT a
router.

And a router is a pretty good form of a firewall.

Seriously?

A far simpler firewall than would be required if you had to
protect a couple dozen IPs in the typical home in a flat internet
that ipv6 is capable of providing.

Easy. I set the firewall to block-all-incoming-connections. Done.
Even simpler than NAT.

--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >
This Thread