Re: Netfilter (Linux) Does IPv6 NAT

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Sabahattin Gucukoglu wrote:
> 
> In case you didn't see this:
> http://www.h-online.com/open/news/item/Netfilter-developers-working-on-NAT-for-ip6tables-1385877.html
> 
> It's a complete IPv6 NAT implementation with the functionality of
> the IPv4 one in the same stack.  ALGs.  Port translation.  Connection
> tracking.  You don't need me to tell you why I don't like this.


I fail to understand the issue that you have with this.

Doing home gateways and *NOT* using dynamic temporary IPv6 addresses for
outbound connections by default (i.e. *NO* static network prefix that
can be linked to a single ISP customer) would be extremely irresponsible
with respect to data privacy protection.

Without that, I consider IPv6 a complete no-go.

And many DSL routers are based on Linux, so having an implementation
of such a NAT is a prerequisite before IPv6 can be reasonably offered
to home customers in Europe.

I'm perfectly OK with folks getting static IPv6 network prefixes for
specific applications that desperately need it.  But the default
definitely ought to be temporary dynamic IPv6 addresses, especially
for outbound connections.


-Martin
_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]