Mailinglist Archive: opensuse (671 mails)

< Previous Next >
Re: [opensuse] Router? Splitter?...
On 06/28/2011 06:49 PM, Jim Flanagan pecked at the keyboard and wrote:
On 6/28/11 5:11 PM, James Knott wrote:
Jim Flanagan wrote:
OK, but what about something like we have now where we have one or
more internal computers or devices connected to and protected from
outside by our router, but that does have access to the internet for
email, browsing, patching, upgrading etc.? Basically a firewall that
protects internal computers, and even prevents them from being known
or exposed to the internet? How will this be handled by IPv6?

If a device needs to access the internet, it'll need a public address.
Hiding behind NAT does nothing that a properly configured firewall
can't do. You'd configure the firewall to allow access only to what
you want to be available and block everything else, just like with
IPv4. Also, NAT breaks a lot of things.

OK, so each device that needs internet access will need/have a separate
unique public address? I guess we'll get a block of these from our ISPs?

Probably at a cost. I don't know of any business now a days that doesn't charge extra for every little thing.

BTW, my firewall and some commercial firewall/routers runs Linux. My
firewall is configured only to allow specific services, such as SSH,
VPN and IMAPS. With NAT on IPv4, I forward to the appropriate computer
behind the firewall, with IPv6, you'd simply allow that specific
address & port combination.

Ok so here, my IMAP machine for example will have its own public IP
address, and my firewall will allow IMAP traffic to that IP address?

I have flashed my router to a linux version of firmware, so it is IPv6
capable. I've notice just in the last week or so my ISP is showing and
IPv6 address along with my IPv4 address. However for some reason I
beleive that is a tunneled address at the moment, but I'm not there to
check it right now.

Jim F

Ken Schneider
SuSe since Version 5.2, June 1998
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >
Follow Ups