IPv6 and Firewall traversal (let's try this again)
Edward Ned Harvey
blu-Z8efaSeK1ezqlBn2x/YWAg at public.gmane.org
Wed Mar 30 18:08:46 EDT 2011
Ok, that other thread got kind of out of control. So let's try this
question again, in a different way:
Given: When using IPv6, some people will use NAT, others won't. Each
person can make their own decision. If you want to dispute that, please
start a new thread instead of this one. I've had that discussion here
before, and I'm done with it.
Whether you NAT or NOT, most will agree it's a bad idea to expose your
toaster, watch, TV, laptop and everything to the unsolicited inbound traffic
from the wild wild web.
Therefore, a stateful firewall packet filter at the perimeter is necessary
to block inbound unsolicited traffic.
Therefore, p2p in general is broken. Unless....
Unless there is a protocol or solution of some sort, that allows internal
devices to reconfigure the perimeter firewall to allow the inbound traffic.
Such tasks are currently done via NAT-PMP and IGD, but those unfortunately
seem to be IPv4 only. So... What's the solution for IPv6?
More information about the Discuss
mailing list