Comment on Discord lowers free upload limit to 10MB: “Storage management is expensive”
Strykker@programming.dev 2 months agoExcept the NAT device will stonewall traffic on every port except the ones I open, for my entire network, and then I can just worry about securing the software listening on those few ports, instead of having to worry about the firewalls on every device I own.
KillingTimeItself@lemmy.dbzer0.com 2 months ago
that’s literally what a stateful firewall does.
It only allows corresponding return traffic to outgoing traffic that a device has internally sent outwards.
if you disabled that, it wouldn’t do that. But even a NAT without a stateful firewall might end up doing this depending on how it’s configured and your open ports due to how the forwarding is handled. This is how we get around NATing for P2P traffic, though the trick is to just send two NATed users to the others ip and port at the same time to establish a connection that can “isAlive” from there. If you had no firewall you would only need to know the IP and port to do this.
Strykker@programming.dev 2 months ago
Yes, thank you for repeating what I just said, and justifying my desire for a nat. I do infact actually know a few things about computer networks and tcp/ip since I spent 7 years writing software to interface with and monitor them.
KillingTimeItself@lemmy.dbzer0.com 2 months ago
the only realistic scenario in which you would use a NAT under IPv6 is if you felt like using IPv4 addresses internally. Outside of that it serves very little purpose.