this post was submitted on 24 Sep 2024
105 points (94.9% liked)
Asklemmy
43891 readers
984 users here now
A loosely moderated place to ask open-ended questions
Search asklemmy ๐
If your post meets the following criteria, it's welcome here!
- Open-ended question
- Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
- Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
- Not ad nauseam inducing: please make sure it is a question that would be new to most members
- An actual topic of discussion
Looking for support?
Looking for a community?
- Lemmyverse: community search
- sub.rehab: maps old subreddits to fediverse options, marks official as such
- [email protected]: a community for finding communities
~Icon~ ~by~ ~@Double_[email protected]~
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
There are other benefits of NAT, besides address range. Putting devices behind a NAT is hugely beneficial for privacy and security.
NAT is not a security feature. Your firewall blocks incoming traffic, not NAT. It introduces new complexity that now needs to be solved.
In corpo environments you have to struggle with NAT traversal for VoIP communication.
In home networks "smart" devices attempt to solve it with shit like uPnP and suddenly you get bigger holes in your network security than before. You could find countless home network printers on shodan because of this. Even though (or maybe because) they were "behind" NAT.
IPv6 has temporary IPs for privacy reasons. NAT is NOT a firewall. Setting up a real firewall is more secure and gives you more control without things like UPNP and NAT-PMP.