From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-qc0-x234.google.com (mail-qc0-x234.google.com [IPv6:2607:f8b0:400d:c01::234]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by huchra.bufferbloat.net (Postfix) with ESMTPS id 21F8B21F194 for ; Mon, 2 Mar 2015 12:32:27 -0800 (PST) Received: by qcvp6 with SMTP id p6so26880115qcv.9 for ; Mon, 02 Mar 2015 12:32:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=J0Jq6OXk8G0kuAcDZvqvW5WPJYuZgIaTUAQBRjLlpUE=; b=QNjal9vyvUjLlH/+xTC5/dYPFubvTfubC8V2b5CuSdR/4sD76ioQRRRRpesR8zpnpc 4ixBf/eIcJ38IvSeV65DBXJci5TUXX7wjdgAcN+B3uHGsc1PsNX3YI148obumgYyDlJr e72NpjBii3wUFY7PJsmTffr/hMeLOIkYGtC8irxsDOEreo4DwwHQO7kOQtFCd28J/ByP hGvwS73rluzIhCHfBmKnZOBmgyJG5OKx2MmnvvzjTzVOazLh8CLw1vKecAVYCtzAGn7M DK69OHsYgsbvCRUBV6ZJolHsLdJ6txY7II0QvbvG0TQE3/D1K7LMNciDfWO7ZfE3nVNc jveg== MIME-Version: 1.0 X-Received: by 10.140.16.99 with SMTP id 90mr20913154qga.105.1425328346749; Mon, 02 Mar 2015 12:32:26 -0800 (PST) Received: by 10.96.197.100 with HTTP; Mon, 2 Mar 2015 12:32:26 -0800 (PST) In-Reply-To: <874mq3w3gq.fsf@toke.dk> References: <54EE258E.8060302@gmail.com> <201502272200.t1RM0Aru020484@maildrop31.somerville.occnc.com> <7ia8zvjkdq.wl-jch@pps.univ-paris-diderot.fr> <874mq3w3gq.fsf@toke.dk> Date: Mon, 2 Mar 2015 12:32:26 -0800 Message-ID: From: Aaron Wood To: =?UTF-8?B?VG9rZSBIw7hpbGFuZC1Kw7hyZ2Vuc2Vu?= Content-Type: multipart/alternative; boundary=001a11c067a0cbe01e0510541df4 Cc: "cerowrt-devel@lists.bufferbloat.net" Subject: Re: [Cerowrt-devel] Fwd: [homenet] Routing protocol comparison document X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.13 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Mar 2015 20:32:56 -0000 --001a11c067a0cbe01e0510541df4 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable I would definitely be interested in being involved with how to secure and firewall, but still provide access to, internal IPv6 hosts. Ie, the internet the way it's supposed to work (peer to peer), but with the security that we've inadvertently picked up along the way by using NAT everywhere for the last ~10-20 years worth of home routers. Basically, the question is: How do I access my home remotely, without exposing it to the world. The IPSec portions of IPv6 seem like most, but not all, of the building blocks. -Aaron On Mon, Mar 2, 2015 at 12:26 PM, Toke H=C3=B8iland-J=C3=B8rgensen wrote: > Dave Taht writes: > > > Any objections here? > > Yes! I certainly wouldn't want to run that. > > > Suggestions for how to make one of the ipv6 translation techniques > > work right? > > Turn them off? ;) > > -Toke > _______________________________________________ > Cerowrt-devel mailing list > Cerowrt-devel@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/cerowrt-devel > --001a11c067a0cbe01e0510541df4 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
I would definitely be interested in being involved with ho= w to secure and firewall, but still provide access to, internal IPv6 hosts.= =C2=A0 Ie, the internet the way it's supposed to work (peer to peer), b= ut with the security that we've inadvertently picked up along the way b= y using NAT everywhere for the last ~10-20 years worth of home routers.
Basically, the question is: =C2=A0How do I access my home r= emotely, without exposing it to the world.

The IPS= ec portions of IPv6 seem like most, but not all, of the building blocks.

-Aaron

On Mon, Mar 2, 2015 at 12:26 PM, Toke H=C3=B8iland-J=C3= =B8rgensen <toke@toke.dk> wrote:
dave.taht@gmail.com<= /a>> writes:

> Any objections here?

Yes! I certainly wouldn't want to run that.

> Suggestions for how to make one of the ipv6 translation techniques
> work right?

Turn them off? ;)

-Toke
_____________________= __________________________
Cerowrt-devel mailing list
Cerowrt-devel@lists.= bufferbloat.net
https://lists.bufferbloat.net/listinfo/cerowrt-devel

--001a11c067a0cbe01e0510541df4--