On 29.12.2020 15:32, Chris Adams wrote:
Once upon a time, Neal Becker <ndbecker2@xxxxxxxxx> said:Let me say up front I'm not very knowledgeable about v6 yet. One reason I don't want to enable it is the exact flip side of the address scarcity of v4. Because of that, external connections are nat'd. That seems to me to offer an additional layer of protection for devices on my network, they don't have externally routeable addresses. I think that is not true if I turn on v6. Is this correct?There is no NAT for IPv6, but that's a feature.
indeed, there is no need for NAT, but you can have it, if you want see RFC 4193, the pendant to RFC 1918 ...
NAT doesn't really add any security;
this is wrong, the best security at all for which you don't have to do anything is included with NAT
or how can you access my PC with e.g. 10.0.8.15?
NAT is a combination of two things: a stateful firewall
this is wrong, NAT is not a stateful firewall; or in other words your two sentences disagree or you really mean by"NAT doesn't really add any security" that a stateful firewall doesn't have any security and is useless ...
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
