[CentOS] IPV4 is nearly depleted, are you ready for IPV6?

Ross Walker rswwalker at gmail.com
Wed Dec 8 02:36:32 UTC 2010


On Dec 7, 2010, at 9:20 PM, Adam Tauno Williams <awilliam at whitemice.org> wrote:

> On Tue, 2010-12-07 at 20:37 -0500, Ross Walker wrote: 
>> On Dec 7, 2010, at 7:41 PM, Nico Kadel-Garcia <nkadel at gmail.com> wrote:
>> 
>>> On Tue, Dec 7, 2010 at 10:04 AM, Adam Tauno Williams
>>> <awilliam at whitemice.org> wrote:
>>> 
>>>> Bogus.  The reason is that they haven't been pressured into adoption by
>>>> higher powers; so we will get into a nice scramble to migrate in a
>>>> pinch.
>>>> 
>>>> "most people" have no idea what NAT is, don't care, and shouldn't have
>>>> to care.
>>>> 
>>>> Some people's belief that NAT is some magic sauce that makes them more
>>>> secure [it does not] or provides them more flexibility [it does not]
>>>> than real addresses ... causes the people who understand networking to
>>>> have to spend time explaining that their love of NAT is misguided and
>>>> their beliefs about NAT are bogus.
>>> 
>>> *I'm* a fairly expert network person. (10base2, baby, I remember
>>> crimping those cables!) Forcing people to specifically select the
>>> services they wish to expose, rather than selecting what to cut off in
>>> configuring a typical firewall, is basic policy automatically enforced
>>> by NAT. It's especially helpful to ISP's, who *do not want* to try to
>>> remember all those furshlugginer individual policies and find it far
>>> simpler in routing and firewall terms to force all traffic to the NAT.
>> Does this mean I have to type in URLs like:
>> http://3ffe:1900:4545:3:200:f8ff:fe21:67cf/
> 
> Correct syntax for that is
> 
> http://[3ffe:1900:4545:3:200:f8ff:fe21:67cf]/
> 
> if you want to specify the port it goes outside the brackets 
> 
> http://[3ffe:1900:4545:3:200:f8ff:fe21:67cf]:8080/ 

Thanks, I googled it afterwards and caught the proper syntax.


>> I can only image phonetically calling these off on a support call, I'd
>> get half way through it and the other end would tell me to "forget it
>> I'll wait until DNS is working again".
> 
> You aren't crippled currently when DNS doesn't work?  Because e-mail,
> Active Directory / Kerberos, and numerous other services just-don't-work
> without functioning DNS anyway.  I'd say the network-minus-DNS is pretty
> much irrelevant in the real world.

Well, there is DNS down and there is DNS issues causing some sites problems. These may or may not be due to our DNS servers, you get the idea.

When your on your router or switch, want to traceroute or find out what port an address is on... Is there even ARP with v6?

-Ross






More information about the CentOS mailing list