Networking noob here. I want to prevent all incoming requests except through a specific port, and that traffic is forwarded to a specific device on the network. NAT seems to do that just fine, it’s almost like a kind of firewall by itself. What kind of threats are there that requires more than just NAT for security?

  • MangoPenguin@lemmy.blahaj.zoneEnglish
    31·
    9 months ago

    For incoming traffic on IPv4 only, NAT technically is fine. But it won’t block any outgoing traffic, and IPv6 doesn’t use NAT at all.

    • drkt@lemmy.dbzer0.comEnglish
      4·
      9 months ago

      IPv6 can use NAT; there are some unfortunate souls out there whom are only getting a /128 (one address, basically) by their ISP, instead of a /64 or /48

    • Snot Flickerman@lemmy.blahaj.zoneEnglish
      3·
      9 months ago

      and IPv6 doesn’t use NAT at all.

      Not entirely true! It uses a type of NAT to translate IPv4 addresses into comparable IPv6 addresses.