Whether you’re really passionate about RPC, MQTT, Matrix or wayland, tell us more about the protocols or open standards you have strong opinions on!

    • Alk@lemmy.world
      link
      fedilink
      English
      arrow-up
      6
      ·
      8 months ago

      My isp decided to put me behind a CGNAT and broke my access to my network from outside my network. Wanted to charge me $5 a month to get around it. It’s not easy to get around for a layman, but possible. More than anything it just pissed me off that I’d have to pay for something that 1 day ago was free.

        • Alk@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          8 months ago

          Set up a reverse proxy on another machine (like one of those free oracle cloud things). I can’t go into detail because I don’t know exactly how. I think cloudflare also has options for that for free. Either way it’s annoying.

          • ChilledPeppers@lemmy.world
            link
            fedilink
            arrow-up
            2
            ·
            8 months ago

            Cloudflare tunnel, and its alternatives, such as localXpose, altho the privacy is probably questionable, and a many of them require a domain.

      • cmnybo@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        21
        arrow-down
        3
        ·
        8 months ago

        NAT is not for security, that’s what the firewall is for. Nobody can access your IPv6 network unless you allow access through the firewall.

            • ReversalHatchery@beehaw.org
              link
              fedilink
              English
              arrow-up
              1
              ·
              8 months ago

              If computers connect to others through the internet, the IPv6 address can reveal how many computers there are on the local network, and if certain traffic to different destinations are coming from the same computer, but also if one of the computers has gone offline but then resumes from sleep/hibernation.
              To me their comment means they want to avoid that, and I agree, I want to avoid that too. To fix these, I would need to configure NAT on my router for IPv6.

              Yes IPv6 address privacy extensions help somewhat, but

              • computers won’t use a different v6 address for every distinct destination, they will just start using a new one from time to time
              • computers won’t stop using the old v6 address immediately after wakeup

              With v4 addresses these did not really matter, because everything was being sent from the same public IP, and and outside observer could only see what a “network” is doing collectively. But with v6 an address identifies a computer, across websites/services. Even if it’s just for a "short’ time, even if the address is randomized.

              • frezik
                link
                fedilink
                arrow-up
                1
                ·
                8 months ago

                If you want privacy, you need some kind of VPN or onion routing. Even if everything you list were correct, the difference between IPv4 and 6 for privacy would be marginal.

                • ReversalHatchery@beehaw.org
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  8 months ago

                  I don’t think this is so black and white. I’m a regular tor user, but so often it’s not worth it to load webpages through a dial-up connection, and then there are the sites that block access for tor users for some reason.

                  Even if everything you list were correct

                  Which parts weren’t?

                  the difference between IPv4 and 6 for privacy would be marginal

                  I disagree

      • frezik
        link
        fedilink
        arrow-up
        2
        ·
        8 months ago

        No. Stop spreading that myth. NAT does fuck all for security. If you want a border gateway, you can just have a border gateway.