On 01/15/2011 03:01 PM, Joel Jaeggli wrote:
On 1/15/11 1:24 PM, Leen Besselink wrote:
I'm a full supported for getting rid of NAT when deploying IPv6, but have to say the alternative is not all that great either.
Because what do people want, they want privacy, so they use the IPv6 privacy extensions. Which are enabled by default on Windows when IPv6 is used on XP, Vista and 7. There aren't enough hosts on most subnets that privacy extensions actually buy you that much. sort of like have a bunch of hosts behind a single ip, a bunch of hosts behind a single /64 aren't really insured much in the way of privacy, facebook is going to know that it's you.
Now this gets a bit a offtopic, but: If you already have a Facebook account, any site you visit which has "Facebook Connect" on it usually points directly at facebook.com for downloading the 'Facebook connect' image so the Facebook-cookies have already been sent to Facebook. Why would Facebook care about your IP-address ?
And now you have no idea who had that IPv6-address at some point in time. The solution to that problem is ? I guess the only solution is to have the IPv6 equivalant of arpwatch to log the MAC-addresses/IPv6- address combinations ?
Or is their an other solution I'm missing.