mapping public to private IPv6 networks when firewalling

Eugen Leitl eugen at
Wed Nov 23 22:23:20 CET 2011

The SOP for firewalling in IPv4 is to use
private (RFC 1918) networks and map external public
networks 1:1 to them. The idea is that defaults to
unreachable systems in case of firewall failure.

What's the address space to use in IPv6 for such
purposes? Is fc00::/7 (RFC 4193) unroutable on
the public Internet in the same way as RFC 1918

Eugen* Leitl <a href="">leitl</a>
ICBM: 48.07100, 11.36820
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

More information about the ipv6-ops mailing list