WingNews logo WingNews
top | item 38736101

(no title)

radiojosh | 2 years ago

How exactly does it break the spirit of the Internet? The spirit of the Internet is that we run out of IPv4 addresses and everyone who uses the Internet has to learn IPv6 and be an expert on firewalls?

I can't tell if you're being elitist because your defacto position is that everyone who uses the Internet has to be a cyber security expert, or if you're just being obtuse because a couple of Google searches will usually set you straight on setting up port forwarding through your router.

discuss

order

granshaw|2 years ago

Port forwarding doesn’t help when your public facing ip could change at anytime

radiojosh|2 years ago

That isn't NATs fault. That's a dynamically assigned IP address. You can pay for a static, or you can use Dynamic DNS to work around it. If you didn't have NAT, you'd have a static IP by default, but again, you'd be paying for all those extra IP addresses you need.

jeroenhd|2 years ago

You don't need to be a firewall expert to use a firewall. Stateful firewalls have been around for longer than I can remember. The default for any consumer firewall is "disable by default", as they should be.

Now with NAT we need to be disable UPnP, and deal with "NAT types" on gaming consoles. Or Nintendo Switches breaking your LAN because Nintendo tells you to put your switch into the DMZ: https://en-americas-support.nintendo.com/app/answers/detail/...

Because of NAT, we now need to deal with firewalls _and_ port forwarding. Plus, because of https://www.armis.com/research/nat-slipstreaming-v2-0/, your IPv4 firewall is practically disabled _because_ of NAT workarounds embedded into your router. You can pick between having a firewall on IPv4 or allowing WebRTC on any of your devices.

radiojosh|2 years ago

I don't understand your first point about firewalls, but port forwarding on a consumer router is no more difficult than opening a port on a firewall. Either one can be overcomplicated by a badly designed interface. See Uniquiti Edgerouter for an example.

I know gaming consoles can be a pain with NAT, but is that NAT's fault? That link you pasted about the Nintendo Switch is literally just an article about setting up port forwarding.

And that NAT slipstreaming issue is just a vulnerability caused by complicated protocols. Saying that a fundamental network technology is bad because its implementation is flawed doesn't make sense. I guess we should throw away x86-64 because Intel Skylake processors had side channel vulnerabilities.