Re: #fabric-questions Fabric Networking #fabric-questions
Nye Liu <nye@...>
If you plan on running a p2p node on the public internet, ideally it should be secured such that a firewall (other than possibly a simple port whitelist at the router) isn't needed. If you believe a firewall is needed, put them all in a shared
VPN or put each in a DMZ each with a public address and only
allow the protocol ports (or ssh if you don't have a jump box in
the DMZ). If you run a patchwork of NAT/forwarding hacks, you
are inevitably going to run into DNS/TLS issues unless you are
very careful. In my experience, people generally overly rely on firewalls instead of addressing node security directly. On 1/23/2020 10:24 AM, Cavell wrote:
Apologies for the confusion in my wording,
|
|