> "The main problem is to secure an IPv6 network which is much more complicated than using a typical IPv4 network consisting of a router and several devices behind it."<p>Does anyone know why this is the case? I'm not a network security expert but to me I don't see how IPv4/v6 makes a different in terms of security. I'd assume that each computer on the network could most likely be assigned a public IPv6 address rather than using NAT in which case how is configuring your perimeter firewall to drop incoming connections by default any different from not having any port forwarding setup by default? Even your average domestic router has some sort of basic firewall built in.
This seems to take the long way around. I wonder why they didn't consider just using the firewall to control network traffic; unless you really need your applications to be completely unaware of IPv6, but so far, I've not experienced that problem.<p>Also, requiring root privileges for launch is a bit of a burden in some use-case scenarios.
Security aside, this is even useful for new deployments of IPv6. It seems a lot of people have IPv6 networks that are less favorable for some traffic than their IPv4 networks. Some are running their IPv6 through tunnels. As soon as you enable IPv6 on your desktop, suddenly Firefox or Chromium will prefer IPv6 for any website with a AAAA record, which adds a ton of latency and reduces bandwidth.<p>But theoretically, I could enable IPv6 for sshd (where I stand the most benefit) and leave it off for wget and browsers with this.
On this subject, sort of, if I want to dump the commercial routers and replace with eithe a Linux install on a commercial router or a x86 box that is not too chunky / loud
Where do I go for readme and instructions and community?<p>I can find some old Linux on linksys sites but not a lot recently
This was interesting but got me thinking about a problem I encountered at work. Is it possible to create two bridges out of one namespace so that two separate programs can receive the same network traffic?