Reply to post: Re: Never!

Sitting pretty in IPv4 land? Look, you're gonna have to talk to IPv6 at some stage


Re: Never!

How does one actually connect to an RFC1918 address behind a NAT without the inside connecting first?

Hey, I didn't say anything about RFC1918. We're talking about NAT here (the thing you get from doing `iptables -t nat -A POSTROUTING -o wan0 -j MASQUERADE` with netfilter, yes?). You can use RFC1918 without NAT and you can use NAT without RFC1918; they're two separate things.

It's true that running a network on RFC1918 will drastically limit the set of people that can connect to it, but a) some people (e.g. your ISP, your government) can still connect, so it's not secure, and b) RFC1918 isn't NAT, so even if you think using RFC1918 makes you secure, it's still not NAT that's doing it.

If anybody doesn't believe me, feel free to set up a few VMs and test it for yourself.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019