[Gllug] IPv6 and firewalls

Chris Bell chrisbell at 3966.ukfsn.org
Thu Aug 13 09:52:11 UTC 2009


On Thu 13 Aug, Robert McKay wrote:

> You can get by with a proxy server - either HTTP or SOCKS5 to allow IPv6 or
> IPV4 only hosts to talk to the IPv4 or IPv6 network. I'm not sure if
> anything better will come along but this isn't really that bad.
> 
> The main reason NAT like solutions dont really exist is you would need to
> hack up DNS lookups/replies so that they returned some sort of dummy IP the
> NAT could recognize. I'm not sure that this kind of hack would ever really
> be satisfactory. Proxies already work perfectly and support is built into
> most clients that you normally use.

   That might do the job, I was thinking along the lines of a NAT-like proxy
bridging box able to allocate local dummy IPv4 addresses with a reasonable
TTL from a 10.x.x.x range to match real IPv6 addresses, something like a
reverse DHCP server, but able to cope with DNS relay.

-- 
Chris Bell www.chrisbell.org.uk (was www.overview.demon.co.uk)
Microsoft sells you Windows ... Linux gives you the whole house.

-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list