IPv6 and Firewall traversal (let's try this again)
Richard Pieri
Richard.Pieri-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Thu Mar 31 10:22:22 EDT 2011
On Mar 30, 2011, at 6:08 PM, Edward Ned Harvey wrote:
>
> Ok, that other thread got kind of out of control. So let's try this
> question again, in a different way:
Let me make a suggestion: drop IPv6 and IPv4 from your question. You are asking about NAT and port forwarding, neither of which are "features" or functions defined by IPv4 and IPv6.
I've already gone on at length about NAT so now I'll address port forwarding. IP, both v4 and v6, is Layer 3, the Network Layer, in the OSI model. TCP, UDP and ICMP are Layer 4, the Transport Layer. Port forwarding happens at Layer 4, not Layer 3. Depending on the firewall in question, it may use information taken from Layer 3 as part of its filtering rules, but it is still a Layer 4 operation.
NAT and port forwarding have precisely zero business being defined in the IP specifications.
So, to answer the real question about how port forwarding will be handled with IPv6, the answer is: largely the same as it is with IPv4, with updates to the firewalls and associated rule sets. But as noted, this is outside the purview of IPv6 specifications. Someone clever will likely define an updated version of UPnP to work with IPv6 networks.
--Rich P.
More information about the Discuss
mailing list