RobertCL at iname.com
Wed Mar 9 18:16:37 UTC 2011
On 08/03/2011 15:02, John Larkworthy wrote:
> Each interface will have multiple addresses - local address, internet address
> and respond to targeted multicast addresses. You may need more but this is the
> minimum starting point for an internet connected host.
> The local address must be unique within the network. With IP4 this is done by a
> random number in the subnet 18.104.22.168/16 but with IP6 the use of the MAC
> address is recommended but either way a broadcast or multicast request is used
> to establish that it is unique within the LAN.
> Internet addresses are currently assigned to the WAN/LAN router in an IP4
> network and use NAT to convert between LAN and WAN but in IP6 the addresses
> will be directly assigned by the gateway. The gateway will broadcast a routing
> prefix. The remainding bits must be unique within the subnet. There are various
> policies for remaining part of the address i.e. MAC address (or part of), user
> set, random number, etc. The MAC address would be useful for machines expecting
> to plug and go,. User set may be more help for servers at specific addresses.
> Finding a specific service on the network is expected to be done using the
> service discovery protocols like Avahi, uPnP, SLP, or Bonjour.
> The simplest policy in IP6 is to use the MAC address for all addresses and
> simply change the prefix for local and internet address. The multicast
> addresses will then be derived from these. There are security issues with
> allowing all hosts to have internet addresses but there is no reason a host
> should have an internet address. The home gateway may very well provide an
> opportunity for a fire wall.
So, from a home user point of view, does this mean that NAT and port
forwarding at the broadband router is gone with IPV6? And people out on
the internet can effectively connect directly to any port on any PC on
my home network that has been assigned an internet address?
How will this work for someone (like me) who has a single dynamic IP
provided by my ISP (Talk Talk) that is essentially the external
(internet facing) IP of my ADSL router? At the minute I forward various
ports to different internal servers in order to access things. The
point I guess I'm trying to get at here is that I currently have two
computers (could be more) on my home network that I can access from the
internet via a single IP address because the services they provide are
on different ports and the router takes care of which port goes to which
server for me.
As a "noddy" home user paying £x/per month for a broadband service would
I expect to automatically get multiple IPV6 addresses from my ISP to
allow me to do this - one for each computer for example? Or is there
still the concept of only the broadband router having an internet facing
address. Are there really that many addresses in IPV6 that they can
give a unique one to every device in the world?
Does this also mean that we are going to need firewalls on all our
computers from now on? - it's quite nice to know that I'm sat behind a
"hardware" firewall (the ADSL router) and I don't need to worry too much
about firewall config on individual PC's
> If the idea of allowing the hosts to magic up their own addresses does not
> apeal then DHCP v6 can be used in a manner similar to IP4.
> Hope all my ramblings helps.
I'm not sure I understand it yet, but it's certainly helping :-)
More information about the Wiltshire