Server NAT vs Public IP
Why NAT, is it considered more secure?
The simplified answer is that it could be depending on circumstances.
We maintain by default a non-blocking policy which means that all incoming ports are allowed to pass through when using a Public IP; therefore it is up to the user to block unwanted incoming ports, with, for example, a local firewall.
Due to the design of NAT, this is not necessary as incoming connections are blocked by design, so theoretically it is just as safe as using a Public IP with a local firewall configured on the user end.
How about Privacy?
Some people think that NAT would be safer since you are sharing the same outgoing IP address with many other customers.
What many people do forget however is that you still need to trust your provider to not store session logs with NAT.
We never store logs of neither Public IP’s nor NAT in our servers and all of our OpenVPN servers are running on diskless hardware (no hard disks) as a extra precaution.
How about IPv6?
We will still provide IPv6 on all our servers just as before.
Public IP's are still available for free
Public IP's has been with us since day 1 and we have no plans of changing that.
We simply gave you the option to choose between Public IP or NAT, both in our client and in our Configuration Generator.
Before the changes we had 128 IP’s allocated per servers.
We are now able to provide 200 IP’s per servers without affecting performance, therefore reducing the amount of OpenVPN servers.
The hardware left over will be used to deploy new WireGuard locations.
Publié le 2017-09-19 par William