Tanstaafl <tansta...@libertytrek.org> wrote: > On 2012-01-19 5:32 PM, Mick <michaelkintz...@gmail.com> wrote: > > On Thursday 19 Jan 2012 15:48:32 Michael Mol wrote: > >> On Thu, Jan 19, 2012 at 10:37 AM, Tanstaafl<tansta...@libertytrek.org> > >> wrote: > >>> I have a reasonable grasp of how to use IP addresses etc with IPv4, but > >>> every time I start rading about IPv6 I get a headache... > >>> > >>> Does anyone know of a decent tutorial written specifically to those who > >>> have an ok (but not hugely in-depth) understanding of IPv4, and doesn't > >>> get bogged down in too many technical details, but simply explains what > >>> you need to know to be able to transition to it and use it effectively > >>> *and securely* - and/or how *not* to have to expose your entire private > >>> network to the world (what IPv4 NAT protects you from)? > > >> I've been doing IPv6 presentations at LUGs and tech cons, and I'm > >> getting scheduled for a few IPv6 topics at Penguicon...but I'm pretty > >> sure I'm also not the most knowledgeable on this list wrt IPv6, > >> either. Still, what would you like to know? (I can use your questions > >> as fodder and experience for future presentations. ^^) > > > Now that IPv6 is enabled by default on Linux, is one meant to duplicate all > > the IPv4 iptable rules also for IPv6? I'm using arno ip tables and from > > what > > I saw in the config file it is either 4 or 6 that one can activate. Perhaps > > this has improved with later versions. > > That was the very first question (and headache) I got from looking at this. > > > The OP would probably have more questions, but if you ever pull together a > > pack of slides I would much appreciate a link to look at them. > > I really wouldn't know where to start... that is why I was looking for > a decent tutorial that covered the topic in total, so I could > hopefully get to the point that I *could* ask some intelligent > questions about it... > > One very general question I have is, how can you - or even *can* you - > hide all of your internal devices from the outside world, similar to > how the use of 'private' IP's behind a NAT'd firewall are hidden from > the outside world (nor directly accessible). I definitely do *not* > want all of my internal devices directly accessible from the internet.
I saw something on the shorewall.org site which was an introduction to ipv6 -- look in the documentation area. -- Your life is like a penny. You're going to lose it. The question is: How do you spend it? John Covici cov...@ccs.covici.com