Seriously, my knowledge ends with:

  • It offers a shitload of IP addresses
  • They look really complicated
  • Something about every device in your local network being visible from everywhere?
  • Some claim it obsoletes NAT?

I get that it’s probably too complicated a subject for an ELI5, so if there are good videos or resources explaining it in less than half an hour, feel free to share.

  • kevincox@lemmy.ml
    link
    fedilink
    English
    arrow-up
    1
    ·
    2 months ago

    NAT sort of accidentally includes what is called a “stateful firewall”. It blocks inbound connections because it doesn’t know where they should go. IPv6 eliminates the need for NAT but doesn’t prevent stateful firewalls. It is just as easy to implement stateful firewalls (actually a bit easier) for IPv6 without NAT. The difference is that the choice is yours, rather than being a technical limitation.

    For example if I had a smart microwave I would want to ensure that there is some sort of firewall (or more likely for me not connect it to the internet at all, but I digress). However I may want my gaming computer to be directly accessible so that my friends can connect to my game without going through some third-party relay, or maybe my voice chat can be direct between me and my friends for extra privacy and better latency.

    Also relying on network-level protection like this is a good idea in general. Eventually a friend is going to come over with an infected network and connect to your WiFi. With just NAT this will allow the malware on their computer to access your microwave as they are “inside the NAT”. If you were applying a proper stateful firewall you would likely apply it to all traffic, not just internet traffic.