Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
Beide Seiten der vorigen Revision Vorhergehende Überarbeitung Nächste Überarbeitung | Vorhergehende Überarbeitung | ||
content:serverbasics:network-dyndns [2024/04/20 14:39] – [DynDNS and IPv6] Daniel | content:serverbasics:network-dyndns [2024/04/20 18:35] (aktuell) – [Security/privacy Extensions] Daniel | ||
---|---|---|---|
Zeile 2: | Zeile 2: | ||
I found out, that IPv6 is really nice - even if you are behind some firewall or router - as long as you can make them pass the packets to your host. By default most home office routers would block the packages, as otherwise every host in your local network would be completely open to the internet. This - in fact - makes it really nice to manage, as you wont need tricks to reach your host directly from out of the internet as IPv4 needs them. | I found out, that IPv6 is really nice - even if you are behind some firewall or router - as long as you can make them pass the packets to your host. By default most home office routers would block the packages, as otherwise every host in your local network would be completely open to the internet. This - in fact - makes it really nice to manage, as you wont need tricks to reach your host directly from out of the internet as IPv4 needs them. | ||
- | |||
===== Difference between IPv4 and IPv6 ===== | ===== Difference between IPv4 and IPv6 ===== | ||
Zeile 36: | Zeile 35: | ||
</ | </ | ||
- | |||
===== Modem Setup ===== | ===== Modem Setup ===== | ||
Zeile 49: | Zeile 47: | ||
There is one thing to do in your router: open the Device and the Port to be accessable from the internet. This is nearby the same as it is done at IPv4. After that, genereally the host shpuld be reachable. | There is one thing to do in your router: open the Device and the Port to be accessable from the internet. This is nearby the same as it is done at IPv4. After that, genereally the host shpuld be reachable. | ||
+ | |||
+ | ===== Security/ | ||
+ | |||
+ | By default, your IPv6 Adress will contain the MAC of your network card, which is an unique hardware- identifier of the chip. This has the advantage, that this part of your adress is fixed in the internet an will not change, so you can always reach your device anywhere knowing this adress part - even on mobile devices that may change the adress according to the connected network. | ||
+ | |||
+ | The opposite is, that your device can always be identified by that adress for all times - making all network traffic attached to the device directly belonging to it. So someone analysing the traffic of that adress would know exactly when and what has been done with that device. This is very poor as for privacy. | ||
+ | |||
+ | To avoid this, your device can generate an id that will change from time to time, making it impossible to identify the device with that adress. | ||
+ | |||
+ | To turn this on, you can add a line to ''/ | ||
+ | < | ||
+ | sudo sysctl net.ipv6.conf.wlan0.use_tempaddr=2 | ||
+ | |||
+ | </ | ||
+ | |||
+ | Replace wlan0 with the name of your Device. | ||
+ | |||
+ | After that, check if your device has an temporary adress with '' | ||
+ | |||
+ | *** Not finished - i have not found any docs at ddclient, how to get the interface temporary adress working, made up https:// | ||
+ | |||
+ | For the time beeing, i will be fine using the non- private adress. | ||
+ | |||
===== DynDNS Provider ===== | ===== DynDNS Provider ===== |