[zrm]

The main benefit of IPv6 is that it allows all endpoints to have a real IPv6 address, including the ones that don't have a real IPv4 address.

It serves its purpose if it allows end user devices to directly communicate with each other even if cloud servers with real IPv4 addresses continue to use IPv4 until the end of time.

[MichaelGG]

Wouldn't it be expected to have a firewall with "NAT" type rules anyways? Inbound blocked until an outbound flow is made?

And UPnP seems to get around this right now anyways. At least, every NAT'd connection I'm on, when I run a Bittorrent client, I have no trouble getting inbound connections.

[zrm]

> Wouldn't it be expected to have a firewall with "NAT" type rules anyways? Inbound blocked until an outbound flow is made?

There are known solutions for this.

For host firewalls, the application can open a port for itself during installation.

For network firewalls, the firewall can implement Port Control Protocol (RFC6887), which supports opening even IPv6 ports.

> And UPnP seems to get around this right now anyways. At least, every NAT'd connection I'm on, when I run a Bittorrent client, I have no trouble getting inbound connections.

UPnP is a rubbish fire. The protocol itself is badly designed and unnecessarily complicated and many of the implementations are broken. Section 9 of RFC6886 is informative.

One of the common failure modes is that a client will create a port mapping with a random UPnP device that isn't the real gateway. Many applications will then falsely indicate that incoming connections are working but none ever come through.

And it's still sharing an IP address. Only one device can have the ssh port, or the SMTP port, or any other port.

IPv6 + Port Control Protocol fixes all of that.