[Cialug] Slightly OT - IPv6 sillyness

Matt matt at itwannabe.com
Wed Jul 9 16:12:46 CDT 2014


The nice thing about NAT was that every router on the planet supports it.  Having a stateful firewall on every router is going to be a requirement for  all consumer equipment that supports IPv6, otherwise the vast majority of people will be running Chinese/Romanian/Russian botnets as soon as "the switchover" goes live.

I have always felt more comfortable knowing that a NAT is providing a bit of safety for my LAN, and I have also enjoyed the mental segregation provided when I wanted to create my own little private internet (complete with its own top-level ".home" domain.  IPv6 will definitely take some getting used to.

-- Matt (N0BOX)

Sent from my iPod Touch 5G

> On Jul 9, 2014, at 2:52 PM, David Champion <dchamp1337 at gmail.com> wrote:
> 
> Not really up on IPv6 yet... but I believe you would still be able to use a
> firewall, the same way you could with IPv4, where anything you want to be
> "behind" the firewall uses the firewall's IPv6 address as the gateway.
> 
> -dc
> 
> 
>> On Wed, Jul 9, 2014 at 2:45 PM, Nathan C. Smith <NSmith at hhlawpc.com> wrote:
>> 
>> It blows the mind how many IPv6 addresses are available.  I think NAT has
>> been very helpful for internal address management and device administration
>> in small businesses and home networks even though the technology itself is
>> considered a kludge.
>> 
>> 
>> -----Original Message-----
>> From: cialug-bounces at cialug.org [mailto:cialug-bounces at cialug.org] On
>> Behalf Of L. V. Lammert
>> Sent: Wednesday, July 09, 2014 2:31 PM
>> To: Central Iowa Linux Users Group
>> Subject: [Cialug] Slightly OT - IPv6 sillyness
>> 
>> I have been trying to grok IPv6 and how it fits into our infrascture, ..
>> and one thing blows my mind - if I understand correctly, there is NO WAY
>> TO SETUP A PRIVATE SUBNET? In my mind the first step of any security is to
>> put all the user machines on a 10-net behind a firewall doing NAT, which is
>> impossible with IPv6, as every v6 address is publicly accessible!
>> 
>> We had a big discussion about this last month, and the IPv6 chap was
>> dumbfounded that I even wanted to DO a private network.
>> 
>> Is this really true? How is one *supposed* to create a sane user subnet
>> with IPv6?
>> 
>>        Lee
>> _______________________________________________
>> Cialug mailing list
>> Cialug at cialug.org
>> http://cialug.org/mailman/listinfo/cialug
>> 
>> ________________________________
>> 
>> [http://owa.hhlawpc.com/graphics/HHLogo.jpg]<http://www.hhlawpc.com>
>> This E-mail (including any attachments) is covered by the Electronic
>> Communications Privacy Act, 18 U.S.C. §§ 2510-2521, is confidential and may
>> contain attorney-client materials and/or attorney work product, legally
>> privileged and protected from disclosure.  If you are not the intended
>> recipient, you are hereby notified that any retention, dissemination,
>> distribution, or copying of this communication is strictly prohibited.
>> Please respond to the sender that you have received the message in error,
>> then delete it and destroy any and all copies of it.  If you are a client
>> of our firm, this e-mail confirms that communication to you by e-mail is an
>> acceptable way to transmit attorney-client information.  Thank you.
>> 
>> _______________________________________________
>> Cialug mailing list
>> Cialug at cialug.org
>> http://cialug.org/mailman/listinfo/cialug
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug


More information about the Cialug mailing list