[Wiltshire] IPV6

[Robert Longbottom]

On 08/03/2011 15:02, John Larkworthy wrote:
> Hi,
>
> <snip>
> Each  interface will have multiple addresses - local address, internet  address
> and respond to targeted multicast addresses. You may need more  but this is the
> minimum starting point for an internet connected host.
>
>
> The local address must be unique within the network. With IP4 this is done by a
> random number in  the subnet 168.254.0.0/16 but with IP6 the use of the MAC
> address is recommended but either way a  broadcast or multicast request is used
> to establish that it is unique  within the LAN.
>
>
> Internet addresses are currently assigned to the WAN/LAN router in  an IP4
> network and use NAT to convert between LAN and WAN but in IP6 the  addresses
> will be directly assigned by the gateway. The gateway will  broadcast a routing
> prefix. The remainding bits must be unique within  the subnet. There are various
> policies for remaining part of the address  i.e. MAC address (or part of), user
> set, random number, etc. The MAC  address would be useful for machines expecting
> to plug and go,. User set  may be more help for servers at specific addresses.
> Finding a specific  service on the network is expected to be done using the
> service  discovery protocols like Avahi, uPnP, SLP, or Bonjour.
>
> The simplest policy in IP6 is to use the MAC address for all  addresses and
> simply change the prefix for local and internet address.  The multicast
> addresses will then be derived from these. There are  security issues with
> allowing all hosts to have internet addresses but  there is no reason a host
> should have an internet address. The home  gateway may very well provide an
> opportunity for a fire wall.
>

So, from a home user point of view, does this mean that NAT and port 
forwarding at the broadband router is gone with IPV6?  And people out on 
the internet can effectively connect directly to any port on any PC on 
my home network that has been assigned an internet address?

How will this work for someone (like me) who has a single dynamic IP 
provided by my ISP (Talk Talk) that is essentially the external 
(internet facing) IP of my ADSL router?  At the minute I forward various 
ports to different internal servers in order to access things.  The 
point I guess I'm trying to get at here is that I currently have two 
computers (could be more) on my home network that I can access from the 
internet via a single IP address because the services they provide are 
on different ports and the router takes care of which port goes to which 
server for me.

As a "noddy" home user paying £x/per month for a broadband service would 
I expect to automatically get multiple IPV6 addresses from my ISP to 
allow me to do this - one for each computer for example?  Or is there 
still the concept of only the broadband router having an internet facing 
address.  Are there really that many addresses in IPV6 that they can 
give a unique one to every device in the world?

Does this also mean that we are going to need firewalls on all our 
computers from now on? - it's quite nice to know that I'm sat behind a 
"hardware" firewall (the ADSL router) and I don't need to worry too much 
about firewall config on individual PC's

> If the idea of allowing the hosts to magic up their own addresses  does not
> apeal then DHCP v6 can be used in a manner similar to IP4.
>
> Hope all my ramblings helps.
I'm not sure I understand it yet, but it's certainly helping :-)

Cheers,
Robert.