Back to Blog
Tech

IPv6 and NAT

Published on:

October 30, 2013

IPv6 was designed to eliminate the need for network address translation (NAT) that became necessary with IPv4 due to the limited number of IP addresses. While IPv6 provides an abundance of addresses, NAT is still being considered by some firewall manufacturers as a necessary feature. For SIP clients, NAT behind IPv6 should work fine, as connection-oriented SIP packets like TCP or TLS handle responses naturally. The main issue with NAT and IPv6 arises when servers inside a network need to be accessed. The solution is simple: configure firewalls to forward packets to the PBX server, maintaining the security of internal devices while enabling remote connectivity.

Christian Stredicke

One of the core goals of IPv6 was to get rid of the unfortunate network address translation (NAT) introduced with IPv4 and the foreseeable lack of IPv4 addresses for every connected device. Especially for SIP, NAT was a disaster that caused so much trouble SIP almost didn't make it into the real world.

While there are plenty of IPv6 addresses, it doesn't mean NAT will be completely a matter of the past. I was a little shocked when I saw discussions about NAT for IPV6. What I thought would be completely useless seems to have been picked up by firewall manufacturers as a must-have feature for their next generation firewall products. But on a second thought, at the end of the day what should be achieved here is devices in the private network should be accessible from the outside only for connections they have actually initiated. For SIP clients, this is perfectly okay. Actually, I even believe running a SIP IPv6 client behind a NAT for IPv6 with snom ONE would work perfectly fine. I couldn't try it out but, looking at the mechanisms, it should be working fine: SIP packets using TCP or TLS are connection-oriented anyway; SIP UDP packets are usually tagged with received parameters, so the responses find their way back without any issues. RTP packets are also automatically sent back where they come from, and I don’t see a reason why this shouldn't work with IPv6.

The only problem I see with NAT and IPv6 are servers that run in the LAN - we know this problem well from IPv4. The good news, however, is it will be relatively simple to get this working perfectly: all that's needed is that the firewall makes an exception for the device in the LAN so packets are forwarded to the PBX server. This will even work well with remote workers.

A well-designed firewall will be great for IPv6 and SIP. Companies won't lose any feature they had with IPv4; instead, they will finally have the opportunity to expose exactly those servers and services they want to (which includes SIP) while keeping clients protected from the public Internet.

Latest Articles

View All
Announcement

Real Telecom and CallSmart Announce the Integration of the Vodia PBX with the CallSmart

Real Telecom and CallSmart have announced the integration of the Vodia PBX with the CallSmart AI communication platform, delivering a feature-rich, cost-effective voice solution tailored for modern dental and healthcare practices. The integration empowers clinics with advanced call center functionality, HIPAA-compliant data security, and seamless communication tools that reduce missed appointments and enhance patient engagement. CallSmart’s AI captures missed calls and automatically engages patients via SMS, while Vodia PBX ensures easy installation and reliable performance.

May 13, 2025
Announcement

Fast and Easy: Vodia Prepaid Cloud for Microsoft Azure

Vodia’s prepaid cloud PBX solution for Microsoft Azure enables businesses to quickly deploy a fully licensed, enterprise-grade phone system without the complexity of traditional installations. Designed for speed, scalability, and ease of use, the offering supports packages for up to 80 users and includes a Teams-certified Session Border Controller (SBC) that allows seamless integration of Vodia PBX features—such as auto-attendants, call queues, and intelligent routing—directly within Microsoft Teams. Whether you’re an SMB or a growing enterprise, Vodia’s prepaid PBX is a powerful and flexible solution that’s easy to scale as your business evolves.

May 12, 2025
Announcement

Unlocking Swift Communication: The Vodia Prepaid DigitalOcean Cloud Advantage!

Vodia’s prepaid offering on DigitalOcean provides businesses with a fast, flexible way to deploy a fully licensed PBX system. Our tailored plans include options for SBC functionality, certified for MS Teams, enabling seamless integration of advanced PBX features like intelligent call routing, automated attendants, and voicemail, all while ensuring secure, high-fidelity voice communication. With extension-based licensing, organizations can easily scale their system from 10 to 80 extensions, making deployment simple and quick. Whether you’re new to PBX systems or an experienced developer, our step-by-step installation video and documentation guide you through the setup process.

May 5, 2025