O Canada! > Canadian > Shaw > Residential ipv6?

Residential ipv6?

What are the advantages / cool things we could expect from IPv6 aside from an Internet facing address on our fridges?

Getting rid of NAT and giving real global IP addresses to all your devices is what ipv6 means to me.

I have a dedicated VOIP phone which works most of the time, but it is nowhere near as reliable as a standard landline. Add a second SIP device on my network? Forget it! NAT is just a mess for such things. These things would be more reliable if they could just have their own global addresses.

My VOIP provider currently does not do ipv6, so there's certainly a lot of additional bits that need to fall into place.

One immediate use that I have for ipv6 is to simplify some VPNs that I take care of. Since all addresses are global, much of the VPN machinery goes away and I am left with encrypted routes between locations. My Hurricane Electric ipv6 access will be good enough for now, but native ipv6 through Shaw would be better.

reply to goertzenator
Shaw was one of the first ISP's in the world to get a block of IPv6 addresses,

When I was talking a couple years ago with Peter Bissonnette about this (providing IPv6 to customers), I suggested, keeping the limit of 2 free IPv4 addresses as defaults to accounts, if customers want more IPs, for free, give IPv6 addresses. He said he liked that idea, but because they had/have more then enough IPv4 addresses, there was not going to be a lot done until they started running out.

It would be nice, my VoIP servers are starting to use IPv6 now too, I am still wonding how many of the older products will get firmware updates to use IPv6 though.

Teksavvy is starting beta trials with their customers for IPv6 addresses.
--
Yes, I am not employed and looking for IT work. Have passport, will travel.

reply to goertzenator
A lot of older home nat routers do not support IPv6. I've had a tunnel set up with Hurricane Electric for some time off my apple airport, and what I've learned is that a lot of sites don't work well with IPv6. Filezilla, for example, wouldn't update while I had the tunnel up, even though youtube worked OK.

Neither do a lot of newer ones either. That was why I am wondering how many older devices will get a firmware update.

Shouldn't the service do a DNS query, if it returns an IPv6 address, use the IPv6 service, if only an IPv4 address, use your existing IPv4 connection?
--
Yes, I am not employed and looking for IT work. Have passport, will travel.

Filezilla has a IPv6 connection for updating. In my experience it does not work (at least thru hurricane electric's tunnel broker)

reply to kevinds
I doubt routers will be upgradable, especially if the makers have an excuse to sell you a new one.

That said, the home network configuration for ipv6 will be different. Each customer is supposed to get at least a full /64 subnet. (Videotron is providing a /60, 16 subnets of 2^64 IP addressess). It might be tricky for the vendors to cram a NAT ipv4 and routed ipv6 firmware into existing boxes that have already used all available flash memory for fluff.

I'm thinking the pressure on Shaw will not come from their own ipv4 exhaustion, but rather from services elsewhere that are v6 only or better in some way via v6. I wonder what Videotron's reasons for ipv6 deployment are.

OK, I understand that hardware device like a SIP phone (Or Skype phone) would benefit greatly from having direct access.

However, wouldn't it still make more sense to have my Wndows machines behind a strong firewall with no direct Internet-facing address?

I could probably trust a -nix or OSXnix system to be accessible, but I've always had a policy that I should not keep anything important, or detrimental to my work-flow/recreation open to the Internet if it's running Windows OS.

From a little understanding about IPv6 I see that it's got native support for IPsec, but wouldn't that only work for securing connection between two "trusted" systems, and connecting to public services would not be utilizing IPsec...

Over the past couple years, most 'attacks' have not been direct to your computer that a firewall would prevent (unless you have strict outbound ports setup).

Most that I have seen lately have been the trojan types, your computer connecting outwards for instructions on what to do.

This has been my experience for the last number of years.

You can choose to do IPv6 NAT or give your devices external addresses. NAT became huge when the IPv4 space started running out, that and the original way IP addresses were assigned, didn't help reduce IP usage.

If you needed 300 IP addresses (More then a Class C), you were assigned 65500 (a Class B network) if you needed 70000 you were then assigned a Class A with over 16 million (less than 1% of your assigned space used)

NAT really came about to reduce the number of IPv4 addresses used, in combonation with CIDR helped IPv4 last a few years longer.

You can still run a firewall and/or a 1:1 NAT on your internet connection if you desire, same as you do now. Except each network device will have its own external address. Especially needed for any network printers.
--
Yes, I am not employed and looking for IT work. Have passport, will travel.

Speaking from experience,

I quickly moved up to network admin (was a smaller company),

After I pointed out that the network printer should not have it's own public address with no firewall blocking external connections.

Took a couple months until someone online found it and it only stopped printing because it ran out of paper in the morning.

Left it as public address, but heavily restricted the IPs that could connect to it.

Spam faxes are a lot easier to trace back then a network printer on the internet, printer's don't often keep logs of who connects and prints to them. The circuit-switched telephone network is much easier to see where a call actually came from.
--
Yes, I am not employed and looking for IT work. Have passport, will travel.

reply to ilianame

While effective, NAT does cause problems for the internet as a whole that people have learned to rely on and work around. One place where this really improves life is with gaming servers. No longer will I have to find which ports I have to open up to the internet, and then leave open because I forget about it, and no longer will I have to worry about only having one computer able to use that port.
There are systems that can handle NATing more than one port to one computer, but the horsepower you need for those is no less than you'd need for a stateful firewall that you should *also* be using regardless.

And the internet *is* broken, technically. NAT has broken it. It was designed for end to end communication for *every* node. IPv6 with it's larger address space is the fix. It just wasn't ready in time to step in before NAT could, so NAT won. We've been living with a workaround and coming to view that as normal.

Today's higher end routers ($100 - $200 range) should have no problems supplying a real firewall for people, not just a NAT "firewall". It should be no harder to configure (defaults should act EXACTLY the same as a NAT).

That being said, there is NOTHING requiring any user to go to IPv6 today. You should be able to use IPv4 only for everything for a good 5 to 10 years. However somewhere around then there will likely be services coming online that will either not want to use, or can't obtain IPv4 addresses and will be IPv6 only, or the performance on IPv4 will be lessened due to Carrier Grade NATs and other IPv4 life support technologies.

So in general:
1) agreed. Unless you're shopping for new hardware already and expecting to buy something more than a value router, don't get hung up on IPv6 for your router (you'll likely find you'll have to replace it anyway by the time you actually do start using IPv6).

2) Yup! It's native or nothing for the masses. transition technologies are and should only be for the ones who want to get their feet wet.

3) People used to say the same thing about IPv4. It's why DNS was invented. However it is even more true with IPv6.

4) see above rant on "broken"

5) Yup. And look how long it took us to get rid of DOS, Win95, Win98, IE6 (and on and on) or at least claim that they're unsupported. We'll have IPv4 with us for at least 10 and more likely 20 years in some form or another.

reply to ravenchilde
Just because it is not used here, doesn't mean it is not used in other countries,

Many counties accross the water give out IPv6 addresses.

-Trying to find the ISPs that use NAT for IPv4 to IPv6 for giving IPv4 access to their customers - I had it last year
--
Yes, I am not employed and looking for IT work. Have passport, will travel.

World IPv6 Launch: June 12, 2012

»www.worldipv6launch.org/

"Major Internet service providers (ISPs), home networking equipment manufacturers, and web companies around the world are coming together to permanently enable IPv6 for their products and services by 6 June 2012."

Lets go Shaw!! Get with it... time is ticking!!

Test your current IPV6 Connectivity here:
»test-ipv6.com/

reply to ilianame