Jump to content
RESET Forums (homeservershow.com)

Home Network IP Address Scheme Best Practice


schoondoggy
 Share

Recommended Posts

this seems like a blunt statement. aren't there still firewall protections provided by the 'router' component?

 

indeed - just because it's routable doesnt mean all traffic can pass. The router is still acting as a firewall to allow in only traffic relating to existing sessions, or traffic i specifically allow (like to specific ports on servers etc.)

Link to comment
Share on other sites

But you're still only getting one external IP address from the ISP, unless you are running a business class model.  I know of NO ONE running IPv6 on their internal networks and I work for one of those three letter agencies.

Link to comment
Share on other sites

But you're still only getting one external IP address from the ISP, unless you are running a business class model.

Which is why IPv6 gives you so much more flexibility. You avoid NAT which causes a lot of unnecessary complication and breakage. You don't need to setup static port forwarding rules. You don't need to deal with the security hole that is UPnP. You're able to have multiple servers using the standard defined ports.

 

I know of NO ONE running IPv6 on their internal networks and I work for one of those three letter agencies.

Comcast 100% completed their roll out of dual stack IPv4 + IPv6 last year. The large ISPs in the UK are rolling out IPv6 as well now. Smaller nice ISPs have already had IPv6 for years now.
Link to comment
Share on other sites

I know of NO ONE running IPv6 on their internal networks and I work for one of those three letter agencies.

 

Well thats just a challenge now isnt it lol...

 

IRS...?

Link to comment
Share on other sites

lol, tell us you work for a 3 letter agency but then not which one, I've figured it out, given you tell us you work for one clearly isn't what someone that worked for one would do, so, it UPS isn't it.....

 

 

Sent from my iPad using Tapatalk

Link to comment
Share on other sites

3 letter agencies aside, my ISP gives a ipv4 ip address, a 128 bit ipv6 address,  plus a 64-bit ipv6 delegated prefix (range) which is distributed among the lan members. maybe sophos is considered a "business class model" but this seems like a very conventional ipv6 scenario

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...