Disabling ipv6

[Chris Adams]

Once upon a time, Fernando Lozano <fernando at lozano.eti.br> said:
> Would this be so bad? Most people at work have been working using
> NAT for years. NAT increases security. Most internet users don't
> need to run servers.

NAT does NOT increase security.  NAT is a combination of a stateful
firewall with a packet mangler; the security comes from the firewall,
not the mangler.  Leave out the packet mangling; use a firewall and
"real" IPs.

Lots of Internet users run servers and don't even know it; any peer to
peer system is a server on one end.  Look at all the hoops software has
to jump through to try to work through NAT (and especially multiple
layers of NAT), sometimes failing and frustrating users.

As IPv4 runs out, some ISPs are turning to "Carrier Grade NAT", which
adds layers of NAT that break things like P2P applications and IPSec.

In any case, IPv6 should be enabled by default because users may connect
to IPv6 networks and need it to "just work", just like IPv4.  They
aren't power users that know how to tweak hidden options, they just want
to use the network.

-- 
Chris Adams <linux at cmadams.net>