On 4/28/23 09:09, Carlos E. R. wrote:
On 2023-04-28 17:06, Lew Wolfgang wrote:
On 4/28/23 04:18, Carlos E. R. wrote:
If you are not going to use IPv6 internally, having source zone for 192.168.1.0/24 (or whatever your internal addresses are) and fallback zone for external traffic would be much more clean.
I expect^H^H^H^H^H^Hhope to have proper IPv6 one day...
What will IPv6 actually do for you? It's a serious question, what will it give you that you don't already have with IPv4 and NAT?
From my experience at work it's nothing but a PITA that reduces reliability. Well, it allows direct connection from outside to an internal computer, if wanted, without tricks.
Allow direct outside connection to an internal computer? What could possibly go wrong!?
This is interesting to gamers, for instance, or for direct VoIP. Or remote working.
If a coworker needs files you have, you can just share them from your computer, no intermediate server needed.
Again, that's a security risk. Better to just forward ssh through your NAT router to the inside host.
As it is, there are providers in Spain that do not give you a public IPv4 address, but one in the 10.*.*.* network. This directly blocks those people from accessing home from outside.
That could be an issue, if you need outside access. You could bounce through an external proxy that you control if needed. I bet Per could offer one to you.
All this are uses that were originally designed for Internet, but rendered impossible when NAT was implemented, because there were not enough addresses for everybody. This doesn't affect USAians as much as others. Nor Spaniards as much as Indians, for instance.
IMHO NAT has worked remarkably well.
Then came Telefónica with their stupidity of not issuing static addresses by default and against quelled the dreams.
My ISP doesn't issue static address either, but it really doesn't matter to me with my current configuration. It's static anyway for long periods of time. Regards, Lew