= Сообщение: 7267 из 7402 ============================================= IPV6 = От : Victor Sudakov 2:5005/49 11 Apr 23 09:47:00 Кому : Michiel van der Vlist 11 Apr 23 09:47:00 Тема : Connection Tests FGHI : area://IPV6?msgid=2:5005/49+6434ca25 На : area://IPV6?msgid=2:280/5555+6434155d = Кодировка сообщения определена как: CP866 ================================== Ответ: area://IPV6?msgid=2:280/5555+643a5332 ============================================================================== Dear Michiel,
10 Apr 23 15:46, you wrote to me:
MV>>> Please eleborate...
VS>> The Transmission torrent client, and the syncthing file VS>> synchronization utility can use the UPnP protocol to request a VS>> firewall to pass *IPv4* incoming traffic (and create a port VS>> porwarding for IPv4 NAT). They cannot however (at least to my VS>> knowledge) use UPnP or any other protocol to request a router to VS>> open a hole for incoming traffic in an *IPv6* firewall.
MV> I see. Or so I think. You ask for
It is not even that I *ask for* it. I've read here, some messages ago, that some home router declared "IPv6 punch-holing support." Infortunately I could not find more information either about the model of the router or its features.
MV> for some kind of "IPv6 equivalent" for MV> UPnP. But why would you want that? UpNP is a questionable idea anyway. MV> For IPv4 it creates an entry in de NAT table and as a side effect MV> creates a hole in the firewall.
MV> But why would you need that for IPv6?
MV> For IPv6 there (normally) is no NAT, so no need to create an entry in MV> a NAT table.
The "IPv6 equivalent" for UPnP is not for creating entries in a NAT table (which is absent in IPv6). It is for creating rules in an IPv6 firewall allowing incoming traffic to an application running on an IPv6-enabled host. A firewall (IPv4 or IPv6) is usually configured to block incoming traffic which is not part of an established outgoing connection.
MV> In IPv6 avery device has a Unique Global Address, so one MV> can simply create pinholes in advance as needed for the address in MV> question.
Only when you know the IPv6 address and port beforehand. Usually an IPv6 address on the home LAN is dynamic (SLAAC), and the port in peer-to-peer applications, VoIP applications etc is often dynamic too.
The situation is different of course when you are hosting an IPv6 web-server or something like that. It would have a fixed IPv6 address and port anyway, so there is no need for punch-holing the firewall.
