Default security functions on an IPv6 CPE

S.P.Zeidler spz at
Sun Jun 5 12:13:39 CEST 2011

Hi Nick,

Thus wrote Nick Hilliard (nick at

> On 02/06/2011 18:23, S.P.Zeidler wrote:
> >FTP is just a rather well know example of the class of problem;
> >for ftp itself, PASV exists so it's rarely an issue any more.
> PASV just shifts the problem from one side of the link to the other.
> It doesn't actually solve anything.

I think you lost me there. It does make it so you have the server always
be the entity that listens and the client always be the entity that
originates connections, right? Thus coping with the standard NAPT problem
that only one side can create a NAT table entry and thus enable
communication across it.

What problem are you referring to?

spz at (S.P.Zeidler)

More information about the ipv6-ops mailing list