Back to Blog
Tech

IPv6 and NAT

Published on:

October 30, 2013

IPv6 was designed to eliminate the need for network address translation (NAT) that became necessary with IPv4 due to the limited number of IP addresses. While IPv6 provides an abundance of addresses, NAT is still being considered by some firewall manufacturers as a necessary feature. For SIP clients, NAT behind IPv6 should work fine, as connection-oriented SIP packets like TCP or TLS handle responses naturally. The main issue with NAT and IPv6 arises when servers inside a network need to be accessed. The solution is simple: configure firewalls to forward packets to the PBX server, maintaining the security of internal devices while enabling remote connectivity.

Christian Stredicke

One of the core goals of IPv6 was to get rid of the unfortunate network address translation (NAT) introduced with IPv4 and the foreseeable lack of IPv4 addresses for every connected device. Especially for SIP, NAT was a disaster that caused so much trouble SIP almost didn't make it into the real world.

While there are plenty of IPv6 addresses, it doesn't mean NAT will be completely a matter of the past. I was a little shocked when I saw discussions about NAT for IPV6. What I thought would be completely useless seems to have been picked up by firewall manufacturers as a must-have feature for their next generation firewall products. But on a second thought, at the end of the day what should be achieved here is devices in the private network should be accessible from the outside only for connections they have actually initiated. For SIP clients, this is perfectly okay. Actually, I even believe running a SIP IPv6 client behind a NAT for IPv6 with snom ONE would work perfectly fine. I couldn't try it out but, looking at the mechanisms, it should be working fine: SIP packets using TCP or TLS are connection-oriented anyway; SIP UDP packets are usually tagged with received parameters, so the responses find their way back without any issues. RTP packets are also automatically sent back where they come from, and I don’t see a reason why this shouldn't work with IPv6.

The only problem I see with NAT and IPv6 are servers that run in the LAN - we know this problem well from IPv4. The good news, however, is it will be relatively simple to get this working perfectly: all that's needed is that the firewall makes an exception for the device in the LAN so packets are forwarded to the PBX server. This will even work well with remote workers.

A well-designed firewall will be great for IPv6 and SIP. Companies won't lose any feature they had with IPv4; instead, they will finally have the opportunity to expose exactly those servers and services they want to (which includes SIP) while keeping clients protected from the public Internet.

Latest Articles

View All
Tech

Jitsi Video Conferencing in V70: A Controlled Approach to Privacy

Video conferencing is widely used, but rarely examined in terms of where it runs and who controls the infrastructure behind it. In many cases, video traffic is handled by external systems, introducing dependencies that are often overlooked. This piece explores how integrating Jitsi directly into the PBX brings video into the same environment as voice and communication management, giving organizations clearer boundaries, reduced reliance on third-party platforms, and greater control over how communication is handled.

April 21, 2026
Tech

Skills-Based Routing in V70: Match Calls to the Right Agent

Skills-based routing in V70 helps ensure incoming calls are matched with the most qualified available agents based on defined skills, language, and expertise. By combining IVR input with intelligent call distribution, organizations can reduce unnecessary transfers, improve first-contact resolution, and shorten handling time. With V70, skills can be defined directly within the PBX, allowing teams to set thresholds, prioritize expertise, and control how calls are routed across departments, queues, and different operational environments.

April 7, 2026
Tech

Snapshots in V70: Capture and Restore Your PBX with Confidence

PBX snapshots in V70 provide a reliable way to capture system state before changes are applied, enabling fast recovery, controlled rollback, and more predictable system management when updating configurations, testing call flows, or operating across multiple tenants. By preserving a point-in-time version of the system, administrators can reduce the risk of disruption, restore services quickly when issues arise, and maintain stability while making ongoing changes in complex communication environments.

March 31, 2026