• IrateAnteater@sh.itjust.works
    link
    fedilink
    arrow-up
    5
    arrow-down
    10
    ·
    2 days ago

    We use NAT all the time in industrial settings. Makes it so you can have select devices communicate with the plant level network, while keeping everything else common so that downtime is reduced when equipment inevitably fails.

      • socsa@piefed.social
        link
        fedilink
        English
        arrow-up
        11
        ·
        2 days ago

        The one thing you can’t do with IPv6 is yell the address across the room to the technician plugged into the switch trying to ping the node.

        • Pup Biru@aussie.zone
          link
          fedilink
          English
          arrow-up
          3
          ·
          edit-2
          9 hours ago

          no instead you yell the IP address and they spend 30min trying to debug why they can’t ping it or even get ICMP packets through and then you realise you yelled the private IP address and they were on the wrong side of the NAT

      • IrateAnteater@sh.itjust.works
        link
        fedilink
        arrow-up
        5
        arrow-down
        2
        ·
        2 days ago

        This is equipment that uses all statically addressed devices. And ignoring the fact that IPv6 is simply unsupported on most of them, there are duplicate machines that share programs. Regardless of IP version you need NAT anyway if you want to be able to reach each of the duplicates from the plant network.

      • Hotzilla@sopuli.xyz
        link
        fedilink
        arrow-up
        2
        arrow-down
        1
        ·
        edit-2
        2 days ago

        Good luck trying to find industrial stuff that supports IPv6, hell most of it is still serial.

        I have legit heard that serial is security mechanism because it cannot communicate long distance like ethernet.

        Of course you can do IPv6 magic that hides IPv6 from the end device, but nobody understands how that magic works.

        • Pup Biru@aussie.zone
          link
          fedilink
          English
          arrow-up
          3
          ·
          9 hours ago

          Of course you can do IPv6 magic that hides IPv6 from the end device, but nobody understands how that magic works.

          it’s not magic… it’s a firewall, and it works pretty much exactly the same as a NAT: a whitelist of IP and port combinations