Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IPv6 and Firewall traversal (let's try this again)



On Mar 30, 2011, at 6:08 PM, Edward Ned Harvey wrote:
> 
> Ok, that other thread got kind of out of control.  So let's try this
> question again, in a different way:

Let me make a suggestion: drop IPv6 and IPv4 from your question.  You are asking about NAT and port forwarding, neither of which are "features" or functions defined by IPv4 and IPv6.

I've already gone on at length about NAT so now I'll address port forwarding.  IP, both v4 and v6, is Layer 3, the Network Layer, in the OSI model.  TCP, UDP and ICMP are Layer 4, the Transport Layer.  Port forwarding happens at Layer 4, not Layer 3.  Depending on the firewall in question, it may use information taken from Layer 3 as part of its filtering rules, but it is still a Layer 4 operation.

NAT and port forwarding have precisely zero business being defined in the IP specifications.

So, to answer the real question about how port forwarding will be handled with IPv6, the answer is: largely the same as it is with IPv4, with updates to the firewalls and associated rule sets.  But as noted, this is outside the purview of IPv6 specifications.  Someone clever will likely define an updated version of UPnP to work with IPv6 networks.

--Rich P.







BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org