jmwills 284 Posted September 30, 2015 Share Posted September 30, 2015 So you want to expose your internal network directly to the internet? Go ahead. Link to post Share on other sites
nrf 135 Posted October 1, 2015 Share Posted October 1, 2015 this seems like a blunt statement. aren't there still firewall protections provided by the 'router' component? Link to post Share on other sites
mnbf9rca 2 Posted October 1, 2015 Share Posted October 1, 2015 this seems like a blunt statement. aren't there still firewall protections provided by the 'router' component? indeed - just because it's routable doesnt mean all traffic can pass. The router is still acting as a firewall to allow in only traffic relating to existing sessions, or traffic i specifically allow (like to specific ports on servers etc.) Link to post Share on other sites
jmwills 284 Posted October 1, 2015 Share Posted October 1, 2015 But you're still only getting one external IP address from the ISP, unless you are running a business class model. I know of NO ONE running IPv6 on their internal networks and I work for one of those three letter agencies. Link to post Share on other sites
GotNoTime 219 Posted October 1, 2015 Share Posted October 1, 2015 But you're still only getting one external IP address from the ISP, unless you are running a business class model.Which is why IPv6 gives you so much more flexibility. You avoid NAT which causes a lot of unnecessary complication and breakage. You don't need to setup static port forwarding rules. You don't need to deal with the security hole that is UPnP. You're able to have multiple servers using the standard defined ports. I know of NO ONE running IPv6 on their internal networks and I work for one of those three letter agencies.Comcast 100% completed their roll out of dual stack IPv4 + IPv6 last year. The large ISPs in the UK are rolling out IPv6 as well now. Smaller nice ISPs have already had IPv6 for years now. Link to post Share on other sites
Trig0r 210 Posted October 1, 2015 Share Posted October 1, 2015 I know of NO ONE running IPv6 on their internal networks and I work for one of those three letter agencies. Well thats just a challenge now isnt it lol... IRS...? Link to post Share on other sites
jmwills 284 Posted October 1, 2015 Share Posted October 1, 2015 Sorry. Cannot divulge that. Link to post Share on other sites
Trig0r 210 Posted October 1, 2015 Share Posted October 1, 2015 lol, tell us you work for a 3 letter agency but then not which one, I've figured it out, given you tell us you work for one clearly isn't what someone that worked for one would do, so, it UPS isn't it..... Sent from my iPad using Tapatalk Link to post Share on other sites
mnbf9rca 2 Posted October 1, 2015 Share Posted October 1, 2015 is it the HUD?https://www.usa.gov/federal-agencies/department-of-housing-and-urban-development Link to post Share on other sites
nrf 135 Posted October 1, 2015 Share Posted October 1, 2015 3 letter agencies aside, my ISP gives a ipv4 ip address, a 128 bit ipv6 address, plus a 64-bit ipv6 delegated prefix (range) which is distributed among the lan members. maybe sophos is considered a "business class model" but this seems like a very conventional ipv6 scenario Link to post Share on other sites
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now