WingNews logo WingNews
top | item 38568700

(no title)

jpdb | 2 years ago

> You don’t need to use NAT. Which means you have to set up a firewall on the router correctly. Default-deny, while still allowing ALL ICMP traffic through, as ICMP is kinda vital for IPv6 because it’s used to communicate error conditions.

I do think using NAT in the form of NPTv6 is awesome for home use because it allows you to have a consistent address regardless of your ISP prefix assignment.

Think of NPTv6 as a kind of "stateless NAT" where the prefix is mapped 1:1 to your internal prefix. This means if your ISP changes your address, you only need to your external DNS versus all of your devices.

discuss

order

sgjohnson|2 years ago

> This means if your ISP changes your address

Yes. If your prefix is dynamic, stateless NAT66 can reduce some headaches. But that’s just about the only use case.