On 2024-11-12 07:24, Lew Wolfgang wrote:
On 11/10/24 11:08, James Knott wrote:
On 11/10/24 13:11, Lew Wolfgang wrote:
So what is to be gained from IPv6 adoption? From my perspective it increases complexity while reducing security and reliability.
Seems to me, the use of NAT, STUN, etc. increases complexity and problems. NAT breaks things. The first I was aware of was command line FTP, back in the dark ages, when it became necessary to use passive mode to get through NAT. In those days, most FTP clients didn't support it. These days, it breaks VoIP and games, requiring the use of STUN. It also breaks authentication headers in IPSec. There may be other things I'm not aware of.
Sorry I'm late to reply. I don't know about VoIP, but Zoom, Teams, Signal, and others work quite well on NAT subnets.
Define well. All of those systems use an intermediary. You can not do a direct connection with full privacy. ...
I have had IPv6 on my home network for over 14 years. One nice thing is I can make any IPv6 device directly accessible, firewall rules permitting, just as the network gods intended the Internet should work.
I remember getting compromised twice with hosts directly connected to the Internet. One was an ssh v1.2 bug, the other a mountd bug. Now I use a router-based firewall, NAT, and host-based firewalls.
Also, things like NAT & SLI put more of a load on routers. Incidentally, some carriers moved to IPv6 because there weren't enough IPv4 addresses to create a flat network. This creates network management problems.
Carrier NAT also solves the address starvation problem for carriers.
Define "solve". I can not ssh to locations using CGNAT. ... -- Cheers / Saludos, Carlos E. R. (from 15.5 x86_64 at Telcontar)