Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IPv6 and Firewall traversal



On Wed, Mar 30, 2011 at 5:25 PM, Edward Ned Harvey <blu-Z8efaSeK1ezqlBn2x/YWAg at public.gmane.org> wrote:
>> From: discuss-bounces-mNDKBlG2WHs at public.gmane.org [mailto:discuss-bounces-mNDKBlG2WHs at public.gmane.org] On Behalf
>> Of Edward Ned Harvey
>>
>> So moving forward, it seems only natural that (for people who agree
>> with this policy) a lot of IPv6 firewalls will need to be configured to
>> block all inbound IPv6 traffic and permit all outbound. ?Unfortunately,
> this
>> defeats the main value-add of IPv6, which is peer-to-peer.
>>
>> So logically, it seems natural, a lot of IPv6 firewalls will need to
> support
>> things like NAT-PMP, or IGD, so the internal devices can automatically
>
> First of all, I could name some legitimate uses for NAT even in IPv6, so
> what's with the religious anti-nat sentiment. ?Relax everyone.
>
> Second of all, the question I asked has no relation to NAT. ?Does anyone
> want to re-read the OP and reply about the firewall rules and allowing of
> inbound traffic on IPv6?

Please clarify.  Do you mean statically allowing inbound packets?  Or
'punching holes'
as I suggested in an earlier note at the request of internal systems?

Bill Bogstad






BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org