Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | Next revisionBoth sides next revision | ||
linux_router:nftables [2024-06-16 Sun wk24 11:58] – baumkp | linux_router:nftables [2024-06-16 Sun wk24 12:03] – [Router Configuration] baumkp | ||
---|---|---|---|
Line 6: | Line 6: | ||
- Restrict network traffic | - Restrict network traffic | ||
- Forward Network traffic | - Forward Network traffic | ||
- | - Track network traffic, allows traffic incoming only if response to out going (one way traffic) This is primary firewall action! This is often confused with NAT, NAT is addtional | + | - Track network traffic, allows traffic incoming only if response to out going (one way traffic) This is primary firewall |
- NAT (Network Address Translation) is basically mandatory for IPv4 due to limited address space and optional for IPv6 | - NAT (Network Address Translation) is basically mandatory for IPv4 due to limited address space and optional for IPv6 | ||
- | - NAT obfuscates Local IP addresses behind public addressable WAN IP address(es). | + | - NAT obfuscates Local IP addresses behind public addressable WAN IP address(es). |
+ | - NAT obfuscation wrecks simple end to end IP addressing that is required for some services, e.g. VoIP. This requires additional services to compensate, e.g. STUN/TURN services. | ||
Key networks services, such as DNS and DHCP are separate functions that a router may perform, although correct router setup is required to allow these services to function. | Key networks services, such as DNS and DHCP are separate functions that a router may perform, although correct router setup is required to allow these services to function. | ||