Talk:Why you want IPv6

From LinuxReviews
Jump to navigationJump to search

I beg to differ with the article's argument that switching to IPv6 prevents NAT-style filtering. One can just as easily mimic the "lazy man's firewall" effect of NAT with a proper IPv6 firewall.

It's simply a matter of setting default deny on the router for both directions (RST-based deny instead of DROP-based deny, if you want to mimic a "lazy man's firewall" that isn't backed by a proper firewall), using stateful packet filtering, and allowing all outbound TCP SYN, ICMP, and UDP. At that point, you have the same general behaviour as an IPv4 NAT setup with no ports forwarded.

From there, every "pass inbound traffic with this destination IP and port" rule is functionally equivalent to forwarding a port.

I want IPv6 so I can use cheaper VM rental servers.

IPv4 costs extra money. So how do set them up? Why do you answer problems which no one is faced with instead?

Because the article was originally written in 2006. There weren't any rental servers with IPv6 at that time. Yes, it should be updated. --Chaekyung (talk) 04:27, 26 September 2019 (UTC)