[olug] DNS lookups lagging?
Luke -Jr
luke at dashjr.org
Tue Aug 26 23:28:35 UTC 2008
On Tuesday 26 August 2008 14:14:20 DYNATRON tech wrote:
> i like NAT.
> one public IP address per location seems very reasonable for residential
> use.
> i don't want things like my toaster to be globally routable.
Perhaps I should have used the term "globally addressable".
> next thing you know, somebody in nigeria is stealing my toast.
That's what your firewall is for.
NAPT is not supposed to "protect" you in any way. It's just a hack to
workaround the limitations of the small IPv4 address space. It would be
perfectly valid for a NAPT router to attempt to automate port forwarding by
passing on an unknown port to *all* systems and giving it to the first to ACK
it-- which means Nigerians could still get to your toaster without a proper
firewall in place.
More information about the OLUG
mailing list