ipv6 question

Bill Davidsen davidsen at tmr.com
Mon Jun 1 21:30:31 UTC 2009 

Michael Fleming wrote:
> On Sun, 31 May 2009 23:38:52 +0200
> Michael Casey <michaelcasey73 at gmail.com> wrote:
> 
>> Hi
>>
>> I just want to ask one big question :)
>>
>> If I would have an IPv6 address [home pc, behind a router -
>> supporting ipv6 e.g.: openwrt, ISP gives ipv6], then I can see an
>> IPv6 address with ifconfig, on the PC e.g.: "Z"
>> So that's my "very unique address". - "Z"
>>
>> Can that be "seen on the internet", the "Z" address? so anyone can
>> ping me from outside, or do an nmap?
> 
> Yes, if the IPv6 address has a "global" prefix (2001:: 2002:: etc) -
> fe80:: etc are "link local" addresses and are site specific - they
> won't be available to the wider Internet.
> 
I have a related question. If I set up a tunnel to forward IPv6 thru IPv4, the 
existing setups seem to use part of my IPv4 address as part of the IPv6 address. 
Fair enough, but is there some way to get a permanent IPv6 allocation, such that 
if my primary ISP goes out for any reason, I can use my secondary instead? I'd 
like to set up some servers on VMs in my DMZ[1] for testing.

>> Or are there private addresses what the router gives to my pc.: eg.:
>> with ipv4 a router could give 192.168.1.10... and that IP couldn't be
>> pinged/nmapped from outside (More Secure???)
>> Because I heard that there will be no NAT with IPv6?
> 
> There's no NAT in IPv6, at least in the "traditional" IPv4 way.
> 
>  If you're only getting fe80:: et. al addresses (the link-local
>  addresses as above) you should be fine however.
> 
>> What will happen to e.g.: a windows xp pc using IPv6? The "C$, D$....
>> shares" will be visible to anyone if they know the password?
>> sorry for the trivial question... :S :) and thank you for any answer
> 
> If the host isn't firewalled and has globally routed IPv6 allocations
> then yes they would be available (they'd need to know Administrator
> passwords for the admin shares above though)
> 
[1] DMZ is setup like this:

Internet--(firewall)--[DMZ network, public servers]--(firewall)--pvt_net

-- 
Bill Davidsen <davidsen at tmr.com>
   "We have more to fear from the bungling of the incompetent than from
the machinations of the wicked."  - from Slashdot

More information about the fedora-list mailing list