[190419] in North American Network Operators' Group
Re: IPv6 deployment excuses
daemon@ATHENA.MIT.EDU (Filip Hruska)
Mon Jul 4 06:21:59 2016
X-Original-To: nanog@nanog.org
To: nanog@nanog.org
From: Filip Hruska <fhr@fhrnet.eu>
Date: Mon, 4 Jul 2016 12:21:53 +0200
In-Reply-To: <2ae7bdc3-eeaa-9a3b-b8bd-013086b8bb95@necom830.hpcl.titech.ac.jp>
Errors-To: nanog-bounces@nanog.org
Without firewalls, internet is not very secure, regardless of protocol used.
On 07/04/2016 11:41 AM, Masataka Ohta wrote:
> Jared Mauch wrote:
>
>> Actually they are not that great. Look at the DDoS mess that UPnP has
>> created and problems for IoT (I call it Internet of trash, as most
>> devices are poorly implemented without safety in mind) folks on all
>> sides.
>
> Are you saying, without NAT or something like that to restrict
> reachable ports, the Internet, regardless of whether it is with
> IPv4 or IPv6, is not very secure?
>
> With end to end NAT, you can still configure your UPnP capable NAT
> boxes to restrict port forwarding.
>
>> The fact that I go to a hotel and that AT&T mobility have limited
>> internet reach is a technology problem that we all must work to fix.
>
> Want to run a server at the hotel?
>
> IP mobility helps you, if you have a home agent at your home and
> you can use IP over UDP/TCP over IP as mobility tunnel.
>
> Masataka Ohta
>>
>>
>> Jared Mauch
>>
>>> On Jul 1, 2016, at 11:49 PM, Masataka Ohta
>>> <mohta@necom830.hpcl.titech.ac.jp> wrote:
>>>
>>> And, to applications running over TCP/UDP, UPnP capable legacy NATs
>>> are transparent, if host TCP/UDP are modified to perform reverse
>>> NAT, information to do so is provided by UPnP.
>>
>>
>>
>
