Withdrawl of IPv6 Technical Trial

Anonymous · ‎08-10-2013

Nope !

VileReynard · ‎01-09-2007

I still want NATs.

"In The Beginning Was The Word, And The Word Was Aardvark."

Anonymous · ‎08-10-2013

IPv6 NAT - Plain talk about the Advantages and Disadvantages of NAT

I don't want NAT, just SPI

Krazeh · ‎06-02-2013

Why on earth would you want NAT? It's a kludge that was necessary because of the limited address space available in IPv4. It doesn't bring any benefits to a network beyond allowing multiple devices to connect using a single public IP while introducing a number of drawbacks. Far better to give all devices that need an internet connection a public IP address.

VileReynard · ‎01-09-2007

Will every device incorporate its own individual firewall?

"In The Beginning Was The Word, And The Word Was Aardvark."

MrC · ‎17-07-2008

Does every IPv4 device incorporate it's own NAT functionality?

Krazeh · ‎06-02-2013

Quote from: vilefoxdemonofdoom
Will every device incorporate its own individual firewall?

No, why would they need to? The firewall will be in the router, just as it is now.

Anonymous · ‎08-10-2013

Unless you have an Asus N66U with standard firmware, which passes all IPv6 traffic from the WAN onto the LAN side

It would be interesting to know how many legacy IPv4 only routers, have firewalls that are otherwise transparent to IPv6 traffic.
This was another reason I wanted my network to be IPv6 ready, because at least I know that my internet connection has stateful filtering on both IPv4 and IPv6 packets.

Krazeh · ‎06-02-2013

The firewall is still in the router, it's just not configured properly

VileReynard · ‎01-09-2007

I predict that someone will invent a passthru box that converts inbound IPV6 traffic to IPV4 (and conversely for outbound traffic).

"In The Beginning Was The Word, And The Word Was Aardvark."

MJN · ‎26-08-2010

Such a capability already exists in the form of NAT-PT (RFC 2766) however it has been moved to historic status (i.e. not removed for all scenarios but strongly discouraged) by RFC 4966 as it is not as beneficial as you might first think.

VileReynard · ‎01-09-2007

Why are IPV6 addresses 128 bits long?
That's sufficient to address 3.402823669×10³⁸ computers.

"In The Beginning Was The Word, And The Word Was Aardvark."

Krazeh · ‎06-02-2013

You've answered your own question there. It allows simplifies allocation of addresses and better route aggregation.

MJN · ‎26-08-2010

The 128 bit address length - or specifically its large size - is not merely beneficial to increase the number of addressable nodes. This was a key design decision of course given that's the main limitation with IPv4 however of equal if not greater benefit is the fact that such a long address structure allows hierarchical address allocations to be made with plenty of room for summarisation. This simplifies routing which is a major issue for what is currently a very fragmented IPv4 Internet.
Another benefit of the long address length is that it facilitates auto-configuration using a variety of unique identity sources. IPv6 has been deployed with a de facto standard of always using the last 64 bits as the host identifier and so in reality the address space isn't quite as large as first appears given this effective fixed delimiter of network:host on the 64th bit. Thus, even if you've only got a few devices on a LAN you would typically still allocate it a /64 subnet. That's a whole load of 'wastage' but is exactly how IPv6 is intended to be deployed and provides many benefits in doing so.
To summarise; the vast IPv6 address space exists not only to facilitate the unique addressing of a vast amount of devices but most importantly to be able to do so in a ordered manner that can still be efficiently routed.

paulmh5 · ‎11-04-2011

Just going back to firewalls, I've had some issues with Cisco IOS firewalls not inspecting IPv6 correctly despite it being supported. I wasn't allowing more through but instead randomly blocking https return packets.
I suspect this is fixed in newer IOS versions however.

Plusnet Staff - Lead Network Design/Delivery Engineer