|
|
|
|
|
|
by thinkski
696 days ago
|
|
|
I think there’s a common misunderstanding that with IPv6 anyone can connect to anyone else. That’s not true. My laptop has an IPv6 address, as does the router that routes its traffic. There’s no NAT, that’s true, but there’s still a firewall — only inbound packets from a destination host and port that have been sent to are allowed in. And in enterprise environments, from what I’ve seen, there’s a symmetric NAT on IPv6 anyway — packet comes from a different IPv6 address and randomized port than the one client sent it from, making peer connectivity impossible, as the source port varies by destination host and port. |
|
|