Re: OMB: IPv6 by June 2008
On Fri, 1 Jul 2005, Mohacsi Janos wrote:
you are ignoring the reality... people WILL want v6 and nat :( it might be ugly and distasteful, but the fact remains that people will want and will require nat.
I am speaking of that yes. with the 2 applications I named above (bitchx and ssh) you can indeed appear to be 2 different ip address to 2 different services/destinations...
Can I have more than 1 address with DHCP in the same time?
I believe you could do multiple dhcp addresses for multiple interfaces on one box. atleast with a modernish unix that seems quite feasible.
perhaps... but tcpdump/snort/<pc-sniffer-of-choice> will make that problem easy for them as well.
the arguement is that NAT is required because people want it, regardless of your engineering arguement about how ugly nat and v6 is/will-be :(
On Fri, 1 Jul 2005, Christopher L. Morrow wrote:
Good luck finding an implementation. The v6 designers have recommended against it due to the sheer *stupidity* of the concept, and as a result, I know of no extant implementations of NAT on v6 out there. The whole point of 128 bits of space is to allow, essentially, embedding of routing metadata into the address with *still* enough address bits left over for any possible size of subnetwork. -- -- Todd Vierling <tv@duh.org> <tv@pobox.com> <todd@vierling.name>
On Jul 2, 2005, at 6:47 PM, Todd Vierling wrote:
This is no market. Stunningly enough, IPv4 didn't have NAT back in the early 80's either. I'm guessing that as soon as someone trying to get real work done discovers that they have to renumber their network and all the places where IPv6 addresses have become embedded when they change providers that a market for NATv6 will magically appear.
The whole point of 128 bits was that it wasn't NSAPs. Rgds, -drc
David Conrad wrote:
The good thing with IPv6 is autoconfiguration. There is no need to renumber. With the radvd daemon running your box builds its own ip as soon as you plug it in. Configure your radvd to assign only local addresses is like having DHCP assign only 192.168.xxx.xxx Your box will not pass a router to the outside. Nobody will see your box from the outside. If your box is allowed then give it a global address from the radvd. Your box does not care about the changed address. It will happyly use it.
I have given up writing a new peace of software every now and then to fix a new protocol broken on my NAT-router. Things broken because of NAT-routers do run happyly via tunnels to IPv6 tunnel brokers. You can run 64K servers behind that single ip your NAT-router has in use. Of course it does not make sense. But try to run two DNS-servers behind a single NAT using IPv4 addresses. You may as well try two ftp-servers or two whatever you like. Today we have software that is able to cross NAT-routers. That software is a security risk because it is breaking the NAT-router just as are viruses that break firewalls. Not having to care about NAT we would have lighter software that was able to take care of itself. Have a nice weekend Peter and Karin -- Peter and Karin Dambier Public-Root Graeffstrasse 14 D-64646 Heppenheim +49-6252-671788 (Telekom) +49-179-108-3978 (O2 Genion) +49-6252-750308 (VoIP: sipgate.de) +1-360-448-1275 (VoIP: freeworldialup.com) +1-360-226-6583-9563 (INAIC) mail: peter@peter-dambier.de http://iason.site.voila.fr http://www.kokoom.com/iason
Peter Dambier wrote:
Unfortunately the autoconfiguration did not fix the combined identifier and network address issue both ipv4 and ipv6 have. If it would have done that, multihoming would not be an issue with ipv6 today. (and probably neither with ipv4) Pete
On Jul 3, 2005, at 10:16 AM, Peter Dambier wrote:
The good thing with IPv6 is autoconfiguration. There is no need to renumber.
I wasn't aware IPv6 auto-configuration: - updated AAAAs and PTRs for all possible entries DNS associated with the old address, including the glue records maintained by other folks. - updated filters, firewalls, and security credentials bound to the old address. - updated router configurations, network management, and monitoring systems. - updated node locked software licenses (should they exist). - updated configuration files that include IP addresses. - provided a mechanism to transfer long running TCP sessions to the new address. etc. Of course, if you talk to many large enterprise IT folks about IPv6 stateless auto-configuration, they look at you in horror and ask "why in the world would I want to let simply anyone attach to my network and get a valid address?!?". Auto-configuration (stateless or statefull) helps in renumbering. It doesn't remove the requirement however. And since there will be the requirement, someone will address it in the obvious (if arguably stupid) way: NATv6.
I have given up writing a new peace of software every now and then to fix a new protocol broken on my NAT-router.
I'm well aware of the many problems NAT creates, particularly when folks come up with protocols that (perhaps even purposefully) don't recognize the simple fact that NAT exists. However, pretending that IPv6 is a panacea is silly. IPv6 dealt with the address space limitations found in IPv4 (although there are those who believe the way IPv6 is being allocated results in the IPv6 truck trying to drive into the IPv4 swamp yelling "me too! me too!" (paraphrasing and with apologies to Dave Clark)). IPv6 didn't deal with routing scalability or insuring packets are coming from and/or going to where they should. However, I'm sure something will be hacked together if IPv6 takes off. Necessity is a mother and all that... Rgds, -drc
Christopher L. Morrow wrote:
Is broken by NAT
That is why there is no NAT in IPv6 and God help there will never be NAT in v6.
People will want IPv9 with total gouvernement control. Especially in China and the US. P2P is broken with NAT. They are 90% of internet users. With NAT there is no VoIP, no FTP, no DNS, no ... Just try and put two servers behind NAT - that is, if your server and your NAT-box support eachother.
There never was a need for flat tyres or NAT. The only reason for NAT is a lot of peaple running out of IPv4 address space. Whatever security nonesense was told of NAT was just hype to justify NAT breaking almost every existing or newly invented protocol.
NAT is only good to prevent people from communicating with eachother. The perfect NAT is IPv9 as deployed in china. You dont need IPv6. Stay with IPv4 and we will map all addresses that are good for you into your personal IPv4 address space. You dont need to send emails directly to everybody. We will do that for you. You dont need to be afraid of SPAM. We will take care of that for you. What do you need of PC for? Free tv for erybody is good enuf for you! Have a nice weekend, Peter and Karin Dambier -- Peter and Karin Dambier Public-Root Graeffstrasse 14 D-64646 Heppenheim +49-6252-671788 (Telekom) +49-179-108-3978 (O2 Genion) +49-6252-750308 (VoIP: sipgate.de) +1-360-448-1275 (VoIP: freeworldialup.com) +1-360-226-6583-9563 (INAIC) mail: peter@peter-dambier.de http://iason.site.voila.fr http://www.kokoom.com/iason
On Sun, 03 Jul 2005 10:15:10 +0200, Peter Dambier said:
People will want IPv9 with total gouvernement control. Especially in China and the US.
The fact that something is neither available nor technically feasible has never stopped people from wanting it...
On Sun, 03 Jul 2005 17:16:57 +0200, codewarrior@cuseeme.de said:
No, it means that we need to progress in directions that are available and technically feasible. I recently went to a car dealer *wanting* to spend $400 on a 2005 car that got 4,000 miles to the gallon and guaranteed perfect safety in any conceivable crash. Of course, said car is neither available nor technically feasible. That didn't stop the salesman and myself from coming to acceptable terms on a slightly older Toyota Camry for slightly more money, said Camry being both available and technically feasible...
participants (7)
-
Christopher L. Morrow -
codewarrior@cuseeme.de -
David Conrad -
Peter Dambier -
Petri Helenius -
Todd Vierling -
Valdis.Kletnieks@vt.edu