I have not been able to find the official documentation of my time capsule. I'd like to know how secure are the different 3 modes:
- DHCP and NAT: this is the mode I'm currently using however the airport utility recommends me to use bridge mode.
- DHCP only.
- Off (Bridge mode)
If I use the bridge more, will anybody connected to the ethernet wan be able to access my network? What about the contents of the time capsule?
Best Answer
It depends on what is between the airport & the outside world.
I'm assuming, as it's recommending bridge mode, that you have an ISP-supplied modem/router too, in which case that's what you should do; let the router handle NAT & DHCP & put the Airport in Bridge mode.
Having double NAT is 'not a good thing' & can cause loss in transmission.
Only one device on a network - the one nearest the outside world - should be doing NAT [Network Address Translation]. This is what enables you to have multiple devices in the building, all of which can communicate with the outside world seamlessly, whilst only having one IP address at the router. The router handles which machine each message should be talking to.
DHCP is what handles the offering of in-house IP addresses, to enable NAT to do its job, & also to ensure it knows which device has which IP address & that no two devices have the same address. It is dynamic, meaning you are never 100% certain to get the same address each time; but has a 'memory' of who was who & therefore tends towards giving the same device the same address each time.
Having more than one DHCP server on a network means devices may be randomly assigned an address by either server - confusion reigns.
To specifically answer your question, security is not an issue - nor is security actually handled by either of those services - but effective networking needs one of each service... & only one... done by the router nearest to the outside world.