Idk man, NAT makes a lot of sense once you get used to it. And it’s pretty cozy with its firewall features. And somewhat human readable ipv4 addresses are nice.
They charge extra for a feature called “static IP”. But the IP address not being static is not the issue, for me at least. You could host stuff with a dynamic IP back in 2000s/2010s. But no, now you get to share the same IPv4 address with a bunch of other households, unless you pay extra.
Ha, yeah that sucks and I’d absolutely hate it if I were behind a CGNAT. But I believe most ISPs don’t do that. None of mine ever have. Just like how most ISPs provide you with an ipv6 address range, but not all. Fact is that crappy ISPs can screw up your network no matter what ip spec you’re using.
And I’ve never heard of a business network being behind an ISP controlled CGNAT. A NAT you control can be nice.
The “firewall” features are called connection tracking and, a firewall. With IPv6 I have my firewall setup very similar to NAT. Established and outgoing new connections are allowed (this is done using connection tracking). Incoming new connections are not allowed unless I open up a specific port.
Home firewalls SHOULD be setup the same for IPv6, a lot are not and IMO is the main problem right now.
Idk man, NAT makes a lot of sense once you get used to it. And it’s pretty cozy with its firewall features. And somewhat human readable ipv4 addresses are nice.
NAT provides no firewall features and we can have a discussion about how wrong that statement is
ISPs putting you behind NAT is not cozy.
They charge extra for a feature called “static IP”. But the IP address not being static is not the issue, for me at least. You could host stuff with a dynamic IP back in 2000s/2010s. But no, now you get to share the same IPv4 address with a bunch of other households, unless you pay extra.
Ha, yeah that sucks and I’d absolutely hate it if I were behind a CGNAT. But I believe most ISPs don’t do that. None of mine ever have. Just like how most ISPs provide you with an ipv6 address range, but not all. Fact is that crappy ISPs can screw up your network no matter what ip spec you’re using.
And I’ve never heard of a business network being behind an ISP controlled CGNAT. A NAT you control can be nice.
You don’t need a NAT with IPv6, that’s what link-local addressing is for
Unless your ISP won’t support DHCPv6-PD until you pay them extra… want to guess how I know this?
The “firewall” features are called connection tracking and, a firewall. With IPv6 I have my firewall setup very similar to NAT. Established and outgoing new connections are allowed (this is done using connection tracking). Incoming new connections are not allowed unless I open up a specific port.
Home firewalls SHOULD be setup the same for IPv6, a lot are not and IMO is the main problem right now.