• @MeanEYE@lemmy.world
    link
    fedilink
    English
    11 year ago

    I still consider it important part of the whole package. It’s not a be all end all solution but hiding your private network from outside world is a good first step. In situation you are describing DHCP would have to sit with ISP then, effectively giving them control over what you get to install at your home or limiting bandwidth of certain devices which is a huge issue. Of course you can do traffic shaping with NAT as well, but then whole connection has to be limited and not individual device. While NAT does complicate things a lot, and I mean a lot, it does provide a level of segregation and control which you can’t have otherwise.

    So the choice boils down to either run Proxy/Gateway or NAT and latter is far easier for common user since routers come pre-configured. Or worst case scenario provide public IP to everything and mess around with gateway’s firewall to protect each individual device from outside.

    • @frezik@midwest.social
      link
      fedilink
      English
      1
      edit-2
      1 year ago

      IPv6 has DHCP, but it doesn’t work like that. You generally get a prefix and other details about the network, like the gateway address and DNS, and autoconfiguration based on the MAC address does the rest. It was first hoped that DHCP wouldn’t be needed at all for IPv6, but it turned out to be still useful. There’s some more complications here, but suffice it to say that you shouldn’t try to take your knowledge of IPv4 and try to map it on top of IPv6. They’re separate beasts.

      A gateway can block incoming traffic to the whole internal network if you want. It doesn’t need NAT to do that.

      • @MeanEYE@lemmy.world
        link
        fedilink
        English
        11 year ago

        I’ll have to look more into it then. However I still consider hiding your private network to be a good thing, if for no other reason then privacy, even though traffic might be blocked. And I am aware that security through obscurity is not a good form of security, however when added on top of other properly secure methods, it’s an addition, no matter how trivial. As for NAT I do wish it went away as I’ve had nothing but troubles with it. But it did play an important role with IPv4.