Let's talk about yum and p2p in Fedora

[Tim]

On Sun, 2010-12-26 at 17:11 -0500, Genes MailLists wrote:
>   Why would anyone want all internal machines public anyway ?

Not so much *made* public, but directly connected in a way that doesn't
block access.  Various internet activities require two-way
communication, and NAT gets in the way.  Either in a way that's simply
annoying to have to work around, or next to impossible to do so.

>   Historically, we used nat for 2 purposes:
> 
>     (1) to shield inside machines
>     (2) free up ipv4 (was an accidental consequence of (1)

Not from many users' point of view.  Historically, we've used NAT
because we wanted a multi-PC LAN when our ISP only allows us one public
IP.  With your (1) being an accidental consequence, or advantage,
depending on your point of view.

And from an ISP's point of view, NAT's were used because they didn't
have enough real IPs for their clients, as a main reason.  Likewise for
using them internally, to not waste their precious public IPs.  They
didn't do it to give users a pseudo-firewall, either.

>  I need to read about ipv6 - but can I keep (1) with ipv6 ? i.e.
> machines inside access to internet similar to what they have now via
> firewall/nat ... but no way for those ipv6 addresses to be seen SYN'd
> from outside.

You can use IPv4 and IPv6 concurrently.  Indeed, for some time, you'll
have to have both.  And you have the fun and games of maintaining
firewall rules for both, independently.

-- 
[tim at localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.