|
|
|
|
|
|
by daenney
1281 days ago
|
|
|
> If they're IPv6 then they're globally addressable, which is bad bad bad. How is that going to be mitigated? I think you need to read up on IPv6 a bit. There are whole IPv6 ranges set aside that are not globally routable / part of the global unicast range[1]. Thread has link-local and mesh-local addresses. The global is only gained through SLAAC/DHCP or manual configuration by an administrator so by default no, your devices aren't accessible to the outside world. And if you do have routable IPv6 in your network, you should already have a firewall on your network edge for this because all your existing devices would already be exposed. The addressing primer[2] for Thread also applies to Matter for further details. [1]: https://www.iana.org/assignments/ipv6-address-space/ipv6-add... [2]: https://openthread.io/guides/thread-primer/ipv6-addressing |
|
|