On Sun, 2010-12-26 at 17:11 -0500, Genes MailLists wrote: > Why would anyone want all internal machines public anyway ? Not so much *made* public, but directly connected in a way that doesn't block access. Various internet activities require two-way communication, and NAT gets in the way. Either in a way that's simply annoying to have to work around, or next to impossible to do so. > Historically, we used nat for 2 purposes: > > (1) to shield inside machines > (2) free up ipv4 (was an accidental consequence of (1) Not from many users' point of view. Historically, we've used NAT because we wanted a multi-PC LAN when our ISP only allows us one public IP. With your (1) being an accidental consequence, or advantage, depending on your point of view. And from an ISP's point of view, NAT's were used because they didn't have enough real IPs for their clients, as a main reason. Likewise for using them internally, to not waste their precious public IPs. They didn't do it to give users a pseudo-firewall, either. > I need to read about ipv6 - but can I keep (1) with ipv6 ? i.e. > machines inside access to internet similar to what they have now via > firewall/nat ... but no way for those ipv6 addresses to be seen SYN'd > from outside. You can use IPv4 and IPv6 concurrently. Indeed, for some time, you'll have to have both. And you have the fun and games of maintaining firewall rules for both, independently. -- [tim@localhost ~]$ uname -r 2.6.27.25-78.2.56.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
