|
[IPv6] Benefits of IPv6I have been following some of the threads about IPv6 and don't really understand the benefits other than what I have read that with IPv4 you can have a max of 4.2 billion IP address as with IPv6 you can have 340 trillion trillion trillion address. After reading some of the comments, there must be more to it than just more addresses. Both my modem and router are IPv6 capable, but will there be any benefit as far as speed and reliability on the internet once IPv6 is rolled out to everyone? Thanks Wayne |
|
Devious Premium Member join:2002-08-22 Seattle, WA |
Devious
Premium Member
2012-Jan-26 10:28 pm
Plain answer is the world is running out of IPv4 addresses.
I don't know if there will be any benefits but I do know that, even though it was not meant to be a security feature, we will lose NAT with IPv6.
Will that make people more vulnerable?
Maybe but maybe not as there are so many more addresses. |
|
|
NetFixerFrom My Cold Dead Hands Premium Member join:2004-06-24 The Boro Netgear CM500 Pace 5268AC TRENDnet TEW-829DRU
1 recommendation |
NetFixer
Premium Member
2012-Jan-26 10:54 pm
said by Devious:Plain answer is the world is running out of IPv4 addresses.
I don't know if there will be any benefits but I do know that, even though it was not meant to be a security feature, we will lose NAT with IPv6.
Will that make people more vulnerable?
Maybe but maybe not as there are so many more addresses. Losing NAT does not mean that you can not use an IPv6 compatible SPI firewall. That firewall can either be a software firewall on the PC (or other device), or it can be in a network wide firewall appliance. For example, it can be built-in to an IPv6 compatible router, just as is commonly done in higher end IPv4 routers. I suspect that including an SPI firewall will in the near future be just as common in even sub $20 no-name routers as NAT is now. Actually some el-cheapo routers do this already. It doesn't really cost anything to implement, except a bit more RAM, and the primary reason that it is not already a standard feature on every residential/soho router is because with NAT already being present (and necessary for most residential/SMB ISP accounts), it really was not needed by most users. |
|
Devious Premium Member join:2002-08-22 Seattle, WA |
Devious
Premium Member
2012-Jan-27 12:07 am
I already know all of this. |
|
whfsdude Premium Member join:2003-04-05 Washington, DC
1 recommendation |
to Wayne99021
Almost everything has been implemented in some for in IPv6.
The big advantage is the large number of addresses. If IPv6 doesn't take off, ISPs will have to start implementing NAT444 (carrier grade NAT).
Say goodbye to having an open port. You will have issues with abuse because you will sharing an address with hundreds of other users. Port exhaustion will also be a huge problem.
And of course, you introduce a single point of failure into the network which will sure as hell get DDoSed once and awhile. |
|
1 recommendation |
to Devious
said by Devious:I already know all of this. Oh, well in that case we should probably just shut all of this down. Since you already know this, and it couldn't possibly be helpful to anyone else, I don't really see any point in leaving it up. |
|
MikroTik RB750G Cisco DPC3941
1 recommendation |
to Devious
said by Devious:I don't know if there will be any benefits but I do know that, even though it was not meant to be a security feature, we will lose NAT with IPv6. With IPv6 you get IPv6 Privacy Extensions. When enabled (on by default in Windows) the host changes it's IPv6 address at a regular interval. This helps to alievate hacking and user tracking. As was already mentioned, there are Stateful IPv6 Firewalls. Be careful though, some "home router" manufacturers advertise that they have IPv6 firewalls, when in reality it's just a packet filter. Comcast has some good writings about the pitfalls of Carrier NAT. Great to see they are doing it the right way from the very start! |
|
|
anony mous to Devious
Anon
2012-Jan-27 9:01 am
to Devious
Losing NAT? I'm still confused about the whole thing. I get the basically unlimited addresses with ipv6, but how will it effect home networks? I have 3 desktops and 2 laptops in my household. Will they all get their own personal ipv6 address? (and will it be public?) Not 1 public, and 5 private as with ipv4? Will you have to pay for each address? If not, would you just get 1 ipv6? Not sure how it all will play out...Will my home ipv6 capable router provide the necessary addresses for my home LAN? Very confused... |
|
NetFixerFrom My Cold Dead Hands Premium Member join:2004-06-24 The Boro Netgear CM500 Pace 5268AC TRENDnet TEW-829DRU
1 recommendation |
NetFixer
Premium Member
2012-Jan-27 9:17 am
said by anony mous :Losing NAT? I'm still confused about the whole thing. I get the basically unlimited addresses with ipv6, but how will it effect home networks? I have 3 desktops and 2 laptops in my household. Will they all get their own personal ipv6 address? (and will it be public?) Not 1 public, and 5 private as with ipv4? Will you have to pay for each address? If not, would you just get 1 ipv6? Not sure how it all will play out...Will my home ipv6 capable router provide the necessary addresses for my home LAN? Very confused... Comcast's initial IPv6 deployment is only for users with a single PC connected to a standard (IPv6 compatible) cable modem. Those connections get a "/l28" IPv6 address (one device only). I don't think that Comcast has yet decided what to do about the cable gateway routers that they supply, much less how to handle customer owned routers. I suspect that initially, only Comcast supplied cable gateway routers will get a "/64" or "/48" multi IPv6 address assignment. Here is a link that might help to explain the IPv4 vs IPv6 addressing » www.ripe.net/internet-co ··· dressingAs for price increases for "/64" or "/48" assignments, only Comcast management knows the answer to that. |
|
whfsdude Premium Member join:2003-04-05 Washington, DC
1 recommendation |
whfsdude
Premium Member
2012-Jan-27 9:27 am
said by NetFixer:Comcast's initial IPv6 deployment is only for users with a single PC connected to a standard (IPv6 compatible) cable modem. Those connections get a "/l28" IPv6 address (one device only). I don't think that Comcast has yet decided what to do about the cable gateway routers that they supply, much less how to handle customer owned routers. Actually it's my understanding that they will be using DHCPv6-PD. So the /128 rollout is really just the first step. Each customer will get a /127 point-to-point link and then DHCPv6-PD will pass the router a routed block. Hence why they're supporting just one PC first is because they haven't started doing DHCPv6-PD |
|
NetFixerFrom My Cold Dead Hands Premium Member join:2004-06-24 The Boro Netgear CM500 Pace 5268AC TRENDnet TEW-829DRU
1 recommendation |
NetFixer
Premium Member
2012-Jan-27 9:55 am
said by whfsdude:said by NetFixer:Comcast's initial IPv6 deployment is only for users with a single PC connected to a standard (IPv6 compatible) cable modem. Those connections get a "/l28" IPv6 address (one device only). I don't think that Comcast has yet decided what to do about the cable gateway routers that they supply, much less how to handle customer owned routers. Actually it's my understanding that they will be using DHCPv6-PD. So the /128 rollout is really just the first step... I thought that was what I said : Comcast's initial IPv6 deployment... said by The American Heritage® Dictionary : initial
initial (î-nîsh´el) adjective 1. Of, relating to, or occurring at the beginning; first: took the initial step toward reconciliation.
|
|
whfsdude Premium Member join:2003-04-05 Washington, DC |
to Wayne99021
I was more clarifying that the single address will still be in place for when routers are added. You'll just likely get a /64 routed to that address.
Rather than having to use proxy-ND. |
|
camperjust visiting this planet Premium Member join:2010-03-21 Bethel, CT |
to NetFixer
said by NetFixer:...As for price increases for "/64" or "/48" assignments, only Comcast management knows the answer to that. I'd be willing to predict that there will be a price increase. Comcast has never seen an excuse for a price increase that it didn't like. |
|
1 recommendation |
It will depend on if the routing feature for cable modems requires new cable modem hardware - if it does, that price will almost certainly get passed along to customers.
However, cable modems (except for really old ones) aren't the biggest problem with IPv6; the two biggest issues are older routers (some are actually IPv6-hostile; UNfortunately, Comcast actually has a few of these, like the NETGEAR WNR3500 in 1VCNAS trim) and gaming consoles with IPv6-hostile firmware. While I don't own a console, I do, unfortunately, have a WNR3500-1VCNAS that I will certainly have to replace.
There are three routers (all from NETGEAR) that are good candidates (amazingly, all are, in fact, overkill - they have features that I can't - and won't - ever use).
1. WNDR3700 (closeout) - Dual-band, gigabit, and the lowest-priced of the three - it's also Netgear's second-least-expensive IPv6-ready router (only the WNR3500L/3500V2, where available, is cheaper).
2. WNDR4000 - The successor to the WNDR3700. In addition to N300+300, it also supports N450+N300; otherwise, it's the same feature set (down to the USB port for storage or printing) as the WNDR3700.
3. WNDR4500 - The new flagship of the NETGEAR "prosumer" line. It adds N450+N450 and a second USB port to the WNDR4000 (along with $40 to the price at BB).
The WNDR3700 also offers the option of third-party firmware (both v1 and v2 are supported by DD-WRT/OpenWRT/X-WRT) in addition to the OOTB support with current factory firmware. |
|
owlyn MVM join:2004-06-05 Newtown, PA
1 recommendation |
owlyn
MVM
2012-Feb-4 2:08 pm
The Netgear WNDR3400 is now IPV6 compatible (recent firmware update). It is basically the same router as the WNDR3700, but without gigabit support. |
|
1 recommendation |
to voiptalk
said by voiptalk:said by Devious:I don't know if there will be any benefits but I do know that, even though it was not meant to be a security feature, we will lose NAT with IPv6. As was already mentioned, there are Stateful IPv6 Firewalls. Be careful though, some "home router" manufacturers advertise that they have IPv6 firewalls, when in reality it's just a packet filter. How do we know what brands and models have the IPv6 firewall and what brands and models have the packet filter instead? |
|
MikroTik RB750G Cisco DPC3941
4 edits
1 recommendation |
It appears that stateful IPv6 firewalls for residential gateways are appearing under the term "IPv6 Simple Security". This has appeared in the most recent D-Link products, not sure about others. IPv6 Simple Security: » tools.ietf.org/html/rfc6092Other that that, be looking for specific terminology that it is a stateful firewall. --- FWIW, I really like the Mikrotik routers. It's not an "Average Joe" platform, but has everything you need at a very low price point. I have the RB750GL and RB250GS. » routerboard.com/Mikrotik manual and capabilities: » wiki.mikrotik.com/wiki/M ··· nual:TOCManagement Interface Overview: » wiki.mikrotik.com/wiki/M ··· l:Winbox |
|
1 recommendation |
to camper
It costs Comcast no more to issue a /64 than a /48 - if anything, the headaches *increase* when fine-graining it down to a /48. (That isn't theory - Hurricane Electric has retained their /64 blocks for free via their tunnelbroker.net portal; SixxS has done the same.) Never mind that even a /48 couldn't be exhausted if every appliance in Bill and Melinda's mansion had their own IP. |
|
camperjust visiting this planet Premium Member join:2010-03-21 Bethel, CT |
camper
Premium Member
2012-Feb-8 11:06 am
It is less a matter of "costing more" and more a matter of "what the market will allow Comcast to charge".
If Comcast thinks they can get away with higher charges, then Comcast will raise the price. It is as simple as that. |
|
whfsdude Premium Member join:2003-04-05 Washington, DC
1 recommendation |
whfsdude
Premium Member
2012-Feb-8 12:21 pm
said by camper:It is less a matter of "costing more" and more a matter of "what the market will allow Comcast to charge". With the lack of NAT, the market won't tolerate being charged extra for a /64. |
|
ARRIS SB8200 Asus RT-AC68
1 recommendation |
to camper
Here's what they've (Comcast) stated for now... » Re: [IPv6] Deployment of IPv6 Beginssaid by jlivingood:said by magamiako:#1. What's the plan as far as prefixes go, ultimately? Will residential customers be able to pick up larger than a /64 for their own purposes? A /60? /56? /48? Per » blog.comcast.com/2011/11 ··· ogy.html we will support shorter prefixes eventually in 2012. But initially it will be just a /64. Exact timing in 2012 is TBD. We'll announce more details on this when we begin deployments supporting home gateway devices. said by magamiako:#2. Are there any plans on charging per individual devices found with globally routable IPv6 addresses on a customer's network?
#2 sounds far-fetched to me but it was a question I've already been asked by a few people and would love an official answer to. Not at this time. IMO this would discourage demand for IPv6 and this in turn means less content on IPv6 (that's the opposite of what we want - which is pervasive IPv6). With that answer, It would not surprise me to find that a /64 would be part of your base tier, but if you wanted a shorter prefix there would be a nominal charge, following the pattern of faster speeds for an additional premium. Only time will tell. |
|
DarkLogixTexan and Proud Premium Member join:2008-10-23 Baytown, TX
2 recommendations |
to whfsdude
I expect the following /64's for all /48's for business class (to cover the ones that currently pay for statics)
my current setup is a Hurricane Electric tunnel then with my /48 split into multiple /64's (one per vlan)
it works quite well as I can use the block inbetween 48 and 64 to ID the vlans
and if I were a major company I could use that 16bits to ID the vlan and the location, you could use 2 hex digits for the vlan and 2 for the location and then reserve the 0000 and the ffff ranges for forming special subnets (ie 1 to 1 links or managment networks) |
|
whfsdude Premium Member join:2003-04-05 Washington, DC
1 recommendation |
whfsdude
Premium Member
2012-Feb-9 1:29 am
said by DarkLogix:I expect the following /64's for all /48's for business class (to cover the ones that currently pay for statics) So I think we might see /56 on res in the long term. Often times your average consumer plugs in a wireless router or a secondary router behind their primary router. If you handed a /56 out, their primary router could also run DHCPv6-PD and give the secondary router a routable network. ISPs might just deem this cheaper to than to provide phone support to that user. |
|
|
to camper
It's both - not one or the other.
Why is it that folks continually want more features for less money from for-profit companies? |
|
|
When the for profit company makes as much money as they do, they could afford to throw the consumer a bone. |
|
camperjust visiting this planet Premium Member join:2010-03-21 Bethel, CT
1 recommendation |
to PGHammer
said by PGHammer:It's both - not one or the other.
Why is it that folks continually want more features for less money from for-profit companies?   I am not against companies making a profit. However, I do have issues with artificial, marketing-inflated price points that have little correlation to the cost of providing the different levels of service. |
|
DarkLogixTexan and Proud Premium Member join:2008-10-23 Baytown, TX
1 recommendation |
to whfsdude
said by whfsdude:said by DarkLogix:I expect the following /64's for all /48's for business class (to cover the ones that currently pay for statics) So I think we might see /56 on res in the long term. Often times your average consumer plugs in a wireless router or a secondary router behind their primary router. If you handed a /56 out, their primary router could also run DHCPv6-PD and give the secondary router a routable network. ISPs might just deem this cheaper to than to provide phone support to that user. I doubt it as they that would be similer to a Double nat as far as its usefullness to the adverage person why have a 2nd router? most on comcast have a cable modem with a wireless router plugged in, theres no reason for the average joe user to have 2 routers so I don't see that happening, even getting multiple dynamics is tricky as CSR don't know that it was once offered. |
|
AVonGauss Premium Member join:2007-11-01 Boynton Beach, FL
1 recommendation |
said by DarkLogix:I doubt it as they that would be similer to a Double nat as far as its usefullness to the adverage person Not really, in an IPv6 deployment if everything is configured properly its just another router in the path. I do however agree most (my guess: 99.99999%) residential customers would have no real use for anything but a /64. Even most business customers (cable modem based) would not have a true need of globally routable network (i.e. anything but a /64). The obvious contradiction being a customer with multiple locations where the ISP is providing some level of privatization. |
|
DarkLogixTexan and Proud Premium Member join:2008-10-23 Baytown, TX |
I know it would be really just another hop in the rout but consider dual stack, then the IPv4 would be double nated
its just not a setup that would have a use in the vast majority of consumers
and a bussiness however would more likely want a /48 so they could easily layout and do route summarization |
|
AVonGauss Premium Member join:2007-11-01 Boynton Beach, FL |
The distinction I was trying to make is that a business customer that needs a /48 to do true routing, would most likely not be using a cable modem based connection. |
|