Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
hairy1
2989 posts

Uber Geek

Trusted
Lifetime subscriber

  #814778 9-May-2013 20:24
Send private message

I thought that each individual device got an IPV6 address so no more NATing?




My views (except when I am looking out their windows) are not those of my employer.


myfullflavour

804 posts

Ultimate Geek

Trusted
Full Flavour

  #815087 10-May-2013 11:00
Send private message

hairy1: I thought that each individual device got an IPV6 address so no more NATing?


This. You'll still need NAT for IPv4 services though.

 
 
 
 


DonGould
3892 posts

Uber Geek


  #815110 10-May-2013 11:17
Send private message

hamish225: oh i see, why would a residential customer need more than one ipv6 address though?


Hamish we're moving into an era (and some might argue 'error') of a 'dual stacked' world.

Every device will have an IPv4 address as well as any number of IPv6 addresses.

In the IPv6 world, your devices will all have a globally reasonable[1] IPv6 address.

[1] Having said that, it's not quite correct either.  Consumer routers will still have firewalls which will only allow established and related connections.  This means that if your computer "pings" my computer then I'll be able to "ping" your computer.  But if you haven't 'opened a connection' then I don't be able to see your computer...

...but even that's not quite right either, because routers need to not block ICMP6 packets (which is what ping uses) or other things about your network will break.

...and this is my current understanding of it all.

I suggest to you that part of the reason for slow v6 uptake is issues like this.  People like me are very unsure about v6 so we're not running at it fast.  We're just waiting to see how it unfolds and pushing it in places where we are more confident we won't break stuff.

We need training, and lots of it.

This is an issue that I have talked to APNIC about. 

They currently are planning training in Auckland in May (it might have already started and finished, I can't remember when it was).

I've asked about training for Christchurch.  APNIC are busy until September (or they were when I talked to them in March).






Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


hamish225
1323 posts

Uber Geek


  #815112 10-May-2013 11:18
Send private message

myfullflavour:
hairy1: I thought that each individual device got an IPV6 address so no more NATing?


This. You'll still need NAT for IPv4 services though.


what's wrong with NAT?





DonGould
3892 posts

Uber Geek


  #815119 10-May-2013 11:22
Send private message

hamish225: what's wrong with NAT?


http://ipv6friday.org/blog/2011/12/ipv6-nat/

This will help :)




Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


ajobbins
Awesome
4891 posts

Uber Geek

Trusted
Subscriber

  #815133 10-May-2013 11:31
Send private message

Klipspringer: I make use of dyndns.org. If you router supports it its pretty easy to setup.

Its solved my problem of ever requiring a static IP address. But then Im not running a business


Yeah I use No-IP and my DD-WRT based router auto updates it quite happily. (I use No-IP as I have it set up with a custom domain name).

That said, if your ISP decides they want to put you behind some CGNAT, then this won't work any more. And some ISPs are already doing this.




Twitter: ajobbins


hairy1
2989 posts

Uber Geek

Trusted
Lifetime subscriber

  #815147 10-May-2013 11:37
Send private message

Nothing is wrong with NAT'ing. I was referring to your post about why a customer would end up with more than one IPV6 address.




My views (except when I am looking out their windows) are not those of my employer.


 
 
 
 


DonGould
3892 posts

Uber Geek


  #815149 10-May-2013 11:39
Send private message

hairy1: Nothing is wrong with NAT'ing. I was referring to your post about why a customer would end up with more than one IPV6 address.


The really interesting bit (to many anyway) is that devices end up with more than one IPv6 address.

It's a whole new way of thinking.

It does all have cross over, but it's going to take some learning.





Promote New Zealand - Get yourself a .kiwi.nz domain name!!!

Check out mine - i.am.a.can.do.kiwi.nz - don@i.am.a.can.do.kiwi.nz


Zeon
3644 posts

Uber Geek

Trusted

  #821412 17-May-2013 23:07
Send private message

hamish225:
myfullflavour:
hairy1: I thought that each individual device got an IPV6 address so no more NATing?


This. You'll still need NAT for IPv4 services though.


what's wrong with NAT?



NAT is horrible and breaks many things as well as making it harder for developers of thing like voice/video real time communications. I have public IPv4 on all my server salso as it makes DNS sooo much simpler




Speedtest 2019-10-14


Lias
4250 posts

Uber Geek

Trusted
Lifetime subscriber

  #821655 18-May-2013 16:54
Send private message

Out of curiosity, anyone know how much a /27 or /28 would cost these days?

I've long toyed with the idea of getting one for home, but I suspect it would be expensive these days.







insane
2416 posts

Uber Geek

Trusted
Subscriber

  #821664 18-May-2013 17:58
Send private message

Zeon:
hamish225:
myfullflavour:
hairy1: I thought that each individual device got an IPV6 address so no more NATing?


This. You'll still need NAT for IPv4 services though.


what's wrong with NAT?



NAT is horrible and breaks many things as well as making it harder for developers of thing like voice/video real time communications. I have public IPv4 on all my server salso as it makes DNS sooo much simpler


That's fine for frontend servers, however security is all about layers of defense, having a 'target' on a publicly routable address allows someone one step closer to your soft gooey center which you want to protect.

Too many times I have seen someone botch up an ACL or firewall policy allowing WAY more access to servers than should be allowed. 

Totally agree that NAT makes some things difficult though


 

hamish225
1323 posts

Uber Geek


  #821667 18-May-2013 18:00
Send private message

insane:
Zeon:
hamish225:
myfullflavour:
hairy1: I thought that each individual device got an IPV6 address so no more NATing?


This. You'll still need NAT for IPv4 services though.


what's wrong with NAT?



NAT is horrible and breaks many things as well as making it harder for developers of thing like voice/video real time communications. I have public IPv4 on all my server salso as it makes DNS sooo much simpler


That's fine for frontend servers, however security is all about layers of defense, having a 'target' on a publicly routable address allows someone one step closer to your soft gooey center which you want to protect.

Too many times I have seen someone botch up an ACL or firewall policy allowing WAY more access to servers than should be allowed. 

Totally agree that NAT makes some things difficult though


 


yeah but for people who just want to go on twitter, read the news, check their emails and play online games, why do we all need public ip's on our devices?





myfullflavour

804 posts

Ultimate Geek

Trusted
Full Flavour

  #821704 18-May-2013 19:20
Send private message

Lias: Out of curiosity, anyone know how much a /27 or /28 would cost these days?

I've long toyed with the idea of getting one for home, but I suspect it would be expensive these days.





We sell these for $32-$64 / month (/28-/27)

1 | 2 
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic





News »

Huawei launches IdeaHub Pro in New Zealand
Posted 27-Oct-2020 16:41


Southland-based IT specialist providing virtual services worldwide
Posted 27-Oct-2020 15:55


NASA discovers water on sunlit surface of Moon
Posted 27-Oct-2020 08:30


Huawei introduces new features to Petal Search, Maps and Docs
Posted 26-Oct-2020 18:05


Nokia selected by NASA to build first ever cellular network on the Moon
Posted 21-Oct-2020 08:34


Nanoleaf enhances lighting line with launch of Triangles and Mini Triangles
Posted 17-Oct-2020 20:18


Synology unveils DS16211+
Posted 17-Oct-2020 20:12


Ingram Micro introduces FootfallCam to New Zealand channel
Posted 17-Oct-2020 20:06


Dropbox adopts Virtual First working policy
Posted 17-Oct-2020 19:47


OPPO announces Reno4 Series 5G line-up in NZ
Posted 16-Oct-2020 08:52


Microsoft Highway to a Hundred expands to Asia Pacific
Posted 14-Oct-2020 09:34


Spark turns on 5G in Auckland
Posted 14-Oct-2020 09:29


AMD Launches AMD Ryzen 5000 Series Desktop Processors
Posted 9-Oct-2020 10:13


Teletrac Navman launches integrated multi-camera solution for transport and logistics industry
Posted 8-Oct-2020 10:57


Farmside hits 10,000 RBI customers
Posted 7-Oct-2020 15:32









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.