Hi, Fred, On 06/25/2014 04:03 PM, Fred Baker (fred) wrote: [....] > has had trouble. I installed a surveillance system for her. One of > the really nice things is that the computer in her home can use > Dynamic DNS to enable and application on her phone or laptop to > access the current camera or stored footage from somewhere else. > There are several systems that allow that. > https://www.google.com/search?q=surveillance+dynamic+dns. It works > through a NAT by configuring the NAT appropriately. In her case, > however, she has the NAT in her router and a NAT somewhere > upstream (in her modem, probably, or perhaps CGN if the provider is > using that), so that the service doesn’t actually WORK. IPv6 would > solve that issue cold, although it would perhaps highlight security > issues (so who is looking at her surveillance footage?). In this particular case, what's preventing the app from working properly is not the "address translation" part of the device, but the fat that such address translation implicitly results in a diode firewall (a firewall that only allows outgoing connections). IPv6 with a diode-firewall on the perimiter would essentially face the same challenge/problem. I seem to recall folks noting that that's hw they deploy v6 to the home... Cheers, -- Fernando Gont SI6 Networks e-mail: fgont@xxxxxxxxxxxxxxx PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 -- Fernando Gont e-mail: fernando@xxxxxxxxxxx || fgont@xxxxxxxxxxxxxxx PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1