NAT is not a firewall. NAT is a 'hack' that some firewalls use. My university only used routable IP addresses, but due to the wonders of firewalls, you could not connect to the HP printers in the library over the internet. Even though it had a routable IP.
The virtues of NAT lie more in their nature of being blanket blacklist firewalls by default.
This can indeed be replaced with firewalls on each IPv6 client, but you have to concede that just putting a router between your computer and modem adds a ton of security for very little effort or know-how.
But NAT in itself is a workaround for IPv4 limitations with significant problems, which has become permanent because there's nothing as permanent as temporary solutions.
Zen1th|2 years ago
unknown|2 years ago
[deleted]
briffle|2 years ago
throw0101b|2 years ago
Why? Firewalls have been around since before 1994, when Cheswick and Bellovin literally published the book on firewalls:
* https://en.wikipedia.org/wiki/Firewalls_and_Internet_Securit...
Dalewyn|2 years ago
This can indeed be replaced with firewalls on each IPv6 client, but you have to concede that just putting a router between your computer and modem adds a ton of security for very little effort or know-how.
But NAT in itself is a workaround for IPv4 limitations with significant problems, which has become permanent because there's nothing as permanent as temporary solutions.
Symbiote|2 years ago
This is so basic that any argument against it needs some strong evidence.
You can search "IPv6 pinhole" and find plenty of documentation from router manufacturers and ISPs on this.