[Wiltshire] IPV6

Simon Iremonger (wiltslug) wiltslug at iremonger.me.uk
Wed Mar 9 19:11:46 UTC 2011


> So, from a home user point of view, does this mean that NAT and port
> forwarding at the broadband router is gone with IPV6?
Correct.
NAT is generally considered a kludge to keep IPv4 going......

> How will this work for someone (like me) who has a single dynamic IP
> provided by my ISP (Talk Talk) that is essentially the external
> (internet facing) IP of my ADSL router?
For time-being that will stay.
You will also get a /64 (or more) of IPv6 address usually.

Increasingly people won't actually get "real" IPv4 addresses on the WAN.
These will become an 'extra' of sorts, I think.

> the router takes care of which port goes to which server for me.
With IPv6, you can still setup that kind of 'forwarding' with load
  balancer equipment etc.  but you really don't need any of that.

If you want to give your hosts a fixed-IPv6-address you can just
  give them ips like  prefix::2 and prefix::3 where prefix: is
  the prefix for your /64 subnet e.g. if your ISP provide you
  2001:8b0:ffe:0::/64 then you can setup 2001:8b0:ffe::2 as a server.

If, you are concerned about 'renumbering' your servers as move a
  service (you think portforward), that isn't a problem either.
All you do.. is give your hosts a 'host' IPv6 address, and also,
  additionally, an IPv6 address for a 'service' they host.
Then, you con 'move' the service IPv6 address to another host
  without changing host numbering.

> As a "noddy" home user paying £x/per month for a broadband service would
> I expect to automatically get multiple IPV6 addresses from my ISP to
> allow me to do this - one for each computer for example?
Minimum is a /64 -- with 64bits left for host-ID, this is required
  for the 'autoconfig' IP addresses.
This allows for about  18446744073709551616  devices.

Often an ISP will supply /60 /56 /52 or /48 to allow you to setup
  more than one subnet etc.
An ISP would be hard-pressed to supply you with "less" than 2^64 IPs.


> only the broadband router having an internet facing address.
No, those days are gone with IPv6.
BUT the days of having a "real IPv4" address on all customer
  WANs *are* to go!  There aren't enough....

> Are there really that many addresses in IPV6 that they can
> give a unique one to every device in the world?
More like every atom on the surface of the earth, apparently.

> Does this also mean that we are going to need firewalls on all
> our computers from now on?
If the hosts aren't safe anyway, that is a bad thing!
Stateful IPv6 firewall in computer, may be sensible for many.
Stateful IPv6 firewall in router, also available option!!!


Apparently, this is amusing / worth watching:-
http://www.youtube.com/watch?v=v26BAlfWBm8

--Simon



More information about the Wiltshire mailing list