RE: Nat

Scott_Weeks1 · December 21, 2015, 3:12pm

but I'm just having a hard time believing Joe Sixpack will be applying
business networking principals such as micro-segmenting to a home network
with 3 to 7 devices on it. If anything, these complexities we keep

Alan_Buxey · December 21, 2015, 4:55pm

I'm surprised that noone of the home wifi router folk haven't cornered the market on that one in terms of client separation. Most people don't need the devices to talk to each other so by default all ports on different VLANs .. 192.168.0-8.x etc

Internet of things security out of the box. Web interface to change port membership for those that DO need inter device access

Or maybe there are such defaults out there from some suppliers i'm not familiar with?

alan

John_L · December 21, 2015, 5:12pm

In article <4102D692-A315-4C38-A2CB-54F96999E251@lboro.ac.uk> you write:

I'm surprised that noone of the home wifi router folk haven't cornered the market on that
one in terms of client separation. Most people don't need the devices to talk to each
other so by default all ports on different VLANs .. 192.168.0-8.x etc

Some of the cheap Linksys routers I've seen appear to be able to put different
addresses and different VLANs on the different ethernet ports. I don't think
it could do multiple VLANs on the same port, and even if it could, you'd have
to be impressively obsessive to configure all the MAC addresses by hand.

Tony_Finch · December 21, 2015, 5:18pm

A lot of home networking uses mDNS - partitioning off devices will break
things like printing and chromecast and using your phone as a remote
control for your media players, etc. ad nauseam.

Tony.

Mark_Andrews2 · December 21, 2015, 7:12pm

We already have CPE vendors shipping with "guest" ssids. These
require a seperate /64 and are usually treated as external to the
home network. With IPv4 you grab a seperate chunck of rfc1918 space
and nat that as well as the main chuck of space. For IPv6 you need
multiple /64s from the ISP. A single /64 is not enough. This is
all done with a point and click interface.

If you are a ISP that supplies a single /64 then you really should
stop showing your lack of clue to all and sundry by supplying
multiple /64s.

If you are a ISP that doesn't supply IPv6 at all then you really
are not doing your job as a ISP.

Mark

In message <4102D692-A315-4C38-A2CB-54F96999E251@lboro.ac.uk>, Alan Buxey write
s:

Mark_Andrews2 · December 21, 2015, 7:42pm

> Most people don't need the devices to talk to each other

A lot of home networking uses mDNS - partitioning off devices will break
things like printing and chromecast and using your phone as a remote
control for your media players, etc. ad nauseam.

But with a little help from the router it still works.