Jim Flanagan wrote:
On 6/25/11 2:52 PM, James Knott wrote:
Jim Flanagan wrote:
Every device on a public IP address? Better keep your toaster and fridge patched!
It's also possible to configure "private" IPv6 addresses that are not routable over the public internet, in a manner similar to the RFC 1918 IPv4 addresses. Of course, you can still use a firewall to allow/deny access. I was not aware of that. I understood the IPv6 addresses were designed to be non NATable. How would a private IPv6 address work thru an IPv6 router?
You're confusing private addresses with NAT. NAT uses private addresses to get around the address shortage. However, there's no reason why you couldn't have a network using private addresses, without any consideration for accessing the internet. You could also have some devices with more that one address, perhaps one one private, for talking to other local devices and a public address for talking to the rest of the world. IPv6 has 3 different private address types. There's "link local", which is non routable and starts with FE80. Every IPv6 capable device has one of these and is often used for local management, connecting to routers etc. There are also site local, which are not globally unique and unique local, which are globally unique, but are not supposed to be routed over the internet. Site local address, however, have been deprecated. There's an excellent book from O'Reilly called "IPv6 Essentials", which covers this and much more. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org