Language:
switch to room list switch to menu My folders
Go to page: First ... 9 10 11 12 [13] 14 15 16 17 ... Last
[#] Fri Jan 29 2010 15:05:02 EST from Ford II @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

It is not the transport's job to enforce an access control policy.

True, but in the case of the home user, it's a very handy side effect.

[#] Sat Jan 30 2010 09:31:16 EST from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

It won't be hard for most people to get used to doing things the "right way."
Those of us who have been building IP networks since the old days when every small organization had a /24 and every large organization had a /16 (and they really were still called "Class C" and "Class B" networks back then) remember assigning a public IP address to every single node. It was still possible to deploy a firewall, but the firewall's only job was access control.

We did rules like "Allow 123.45.67.0/24 to access 0.0.0.0/0" which would, for example, give all of the computers in that network access to the Internet.
With IPv6, you'll see rules like "Allow 2607:f1d0:1:fe::0/64 access to ::/0" in order to give all of the computers on that IPv6 network access to the Internet.

You'll still have automatic address assignment. Autoconfiguration in IPv6 is even easier than IPv4. You don't need a DHCP server. A new node coming online just listens for the nearest router, figures out the network prefix, and assigns its own address with the lower 64 bits set to its own MAC address.

Most importantly, without NAT you don't need to have your firewall spoof FTP and other protocols which need to know the endpoint addresses in order to function properly.

[#] Sat Jan 30 2010 17:46:57 EST from Ford II @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

I'll give you that last one, but the thing about hte mac address, I dunno. So if you have a machine and then swap out the network interface the ip changes? That doesn't sound right.

[#] Sat Jan 30 2010 20:19:30 EST from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

That would happen with DHCP too, wouldn't it? If you want a static address, you type one in, no problem. But, I think that with IPv6 we'll see a lot more machines registering with name servers on their own, just like in the days of IPX/SPX.

[#] Sun Jan 31 2010 16:23:33 EST from Ford II @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

okay, I see what you're getting at.
this is for end users not server runners.

[#] Mon Feb 01 2010 14:32:16 EST from LoanShark @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

[#] Tue Feb 02 2010 07:32:22 EST from dothebart @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

HARHAR!



[#] Tue Feb 02 2010 10:59:59 EST from Spell Binder @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Re: Using MAC address in IPv6 address.

Though I haven't read the RFCs, my understanding is that for any IPv6 host, it's recommended that the host's MAC address (actually, the host's EUI-64 address, see below) be used as the host portion (the lower 64-bits) of the IPv6 global address (see below), but it's not a requirement. As IG mentioned, the host address can be locally administered. Either through static configuration or via a DHCPv6 server (or some other, as not yet invented, method).

As for MAC vs. EUI-64. The IEEE is pushing networking vendors to switch to using EUI-64 addresses instead of MAC-48. My understanding is that the unassigned MAC-48 address space is starting to dwindle, probably due to the way that MAC-48 addresses are structured with an organizationally unique identifier (OUI).

Obviously, though, there's a lot of equipment out there still using MAC-48s, and vendors aren't going to switch to EUI-64s until they have to, so the IEEE came up with a method to convert MAC-48s into EUI-64s on-the-fly. I'd recommend googling for the details, or, if there's interest, I can post it here.

As for IPv6 addresses. Also remember that, unlike IPv4, IPv6 addresses are scoped. IPv6 defines scopes to limit the validity of certain network addresses.
There's quite a few when it comes to multicast, but for "normal" unicast addresses, the most important are link-local and global. Where global addresses recommend the use of the host's EUI-64 as the interface portion of the address, I believe a link-local address may require it. Obviously, as the name implies, a link-local address is only valid in the scope of the link connected to the host.

Isn't IPv6 fun???
IPv6 Binder

[#] Tue Feb 02 2010 11:43:59 EST from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

The MAC-48 space isn't really "starting to dwindle." If you take a look at the current prefix assignments [http://standards.ieee.org/regauth/oui/oui.txt] you can see that the vast majority of it is still unclaimed.

Wikipedophilia says that the IEEE is expecting the MAC-48 space to be exhausted in 2100, but their citation for this claim says nothing of the sort.

What IEEE *does* say [http://grouper.ieee.org/groups/msc/MSCRacInfo/UseOfEUI.htm] is that NEW APPLICATIONS are strongly encouraged to make use of EUI-64 instead of MAC-48. "New applications" for the purpose of this discussion means "things other than Ethernet." Fibre Channel, for example, makes use of non-legacy EUI-64 space.

IPv6 does document the "correct" way to map either a MAC-48 or an EUI-64 to the host portion of an IPv6 address in a /64 subnet, though. We have yet to see what the common practice will become.
Autoconfiguration makes perfect sense for desktops. It may make sense for certain types of servers as well.

[#] Tue Feb 02 2010 12:52:41 EST from fleeb @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]


I hesitate to ask, but how does DNS over IPv6 work? Is it built into IPv6, or a separate thing?

[#] Tue Feb 02 2010 13:10:17 EST from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

DNS itself runs *over* IPv6 the same way it runs over IPv4: on port 53.

Transmitting IPv6 information over DNS can occur over IPv4 *or* IPv6. The protocol can handle it. We use a new record type: AAAA. Whereas you advertise an IPv4 address over an A record, you advertise an IPv6 address over an AAAA record.

(Get it? The address is four times as long, so there are four times as many A's.)

Any given host can have an A record, an AAAA record, or both. The idea is that if you have an IPv6-enabled client for some particular service, you look up the AAAA record first, and if you get one, you try to connect to that address.
If that fails, then you look up the A record. The idea is that someday the A records and associated IPv4 records will simply go away.

[#] Tue Feb 02 2010 13:33:42 EST from fleeb @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]


If I wanted to register an address for IPv6, to whom do I go?

[#] Tue Feb 02 2010 13:37:07 EST from skpacman @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Your ISP should be able to provide IPv6 addresses to your home internet. And any web/server hosting providor should be able to answer wether they have IPv6 support or not.

I know my home ISP does support IPv6, and all of my operating systems and routers do as well (mind you, my router is close to 5 years old). I just haven't thought about switching until it's absolutely necessary.



[#] Tue Feb 02 2010 13:51:03 EST from fleeb @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]


Hrm... what does a router with IPv6 support look like? I don't tend to see any options in the router for something like that.

[#] Tue Feb 02 2010 14:19:21 EST from skpacman @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Most routers automatically detect what IPv you're using. Most of the older ones (5+ years old) will only recognize IPv4 and will give you a weird error if it's trying to get to IPv6, or just will not connect at all.

Most of the routers around today will have 'IPv6 Support' listed in their features. Try looking for it on your current router.



[#] Tue Feb 02 2010 15:08:51 EST from fleeb @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]


I'll have to do that. I'm using the same router as we use at work, so if its good for me, it'll be good for where I work, too.

It's a modern router though, so I should think it has support.

[#] Tue Feb 02 2010 15:35:51 EST from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Get IPv6 from your ISP if you can. If you can't, there are several places (Hurricane Electric is the most commonly used) that offer free IPv6-over-IPv4 tunnels. They'll carve out a /64 for you and route it to the IPv4 tunnel endpoint address of your choice.

[#] Tue Feb 02 2010 15:42:35 EST from fleeb @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]


Hrm... I'd still be able to access all the IPv4 goodness, right? Because that would be pretty serious.

[#] Tue Feb 02 2010 22:57:27 EST from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Yes, when you run dual stack you have both. Kind of like the good old days of running IP and IPX on the same machine.

[#] Tue Feb 02 2010 23:08:23 EST from fireball @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Phh, thanks to dosbox I somtimes run IPX (or tunneled IPX) now :P.

Go to page: First ... 9 10 11 12 [13] 14 15 16 17 ... Last