[Info-vax] implementing IPv6 on the internet

[Jan-Erik Soderholm]

Den 2016-09-21 kl. 14:28, skrev Dirk Munk:
> Chris wrote:
>> On 09/21/16 12:00, Richard Levitte wrote:
>>
>>>
>>> No.  NAT was never designed for network security, but
>> can be used as a cheap'n'dirty piece of shit firewall.
>>>
>>> With IPv6, you'll have to do firewalling for real.
>>>
>>> Cheers,
>>> Richard
>>
>> Just another opinion and whatever it was originally designed for,
>> it's turned out to be quite a sound and cost effective solution
>> to the problem.
>>
>> With IPV6, just what is meant by "firewalling for real" ?...
>>
>> Regards,
>>
>> Chris
>>
>>
>
> I've explained that already. By default IPv6 access from the internet is
> blocked on a CE router.
>
> If you want to allow access to an IPv6 device on your LAN, you have to
> configure on your router access to that IPv6 address *and* to the
> appropriate ports.

Do you have any reference to such an router? I'd just like
to read up some on what it looks like in the router GUI
then doing the config work.

And what about some non-technical customer that just would
like to have access to some IPv6 home security device?
Is it easy enough for non-technical people to use?

Today, that is solved by having the device announcing itself
to some publicaly available server where the user from the
"outside" can get the IP and port to access the device.
Like TeamViewer does today.

I guess there will be similar solutions using IPv6 also,
since that is much easier to use for non-tech people.
You never see or have to know any IP addresses at all.



>
> With IPv4 you have to route a port number on the WAN port of your router to
> an IPv4 address and port on the LAN. (port forwarding)
>
> No real difference.