On Sun, 2010-12-05 at 14:13 +0100, RedShift wrote: > On 12/05/10 12:50, Rudi Ahlers wrote: > > Seeing as IPV4 is near it's end of life > > (http://www.internetnews.com/infra/article.php/3915471/IPv4+Nearing+Final+Days.htm), > > I'm curios as who know whether everyone is ready for the changeover to > > IPV6? > > Is anyone using it in production already, and what are your experiences with it? > Haven't switched yet, I have IPv6 at home using sixxs. > IMO the slow adoption is caused by the complexity IPv6 brings. They > should have just modified IP to use 128 bits addresses and leave the > rest as is. Disagree, IPv4 at this point is a whole heap of hacks. IPv6 throws out lots of crap and provides for much better performance [routing IPv6 requires much less horsepower than routing IPv4]. > For example, what is the use of a link scoped IPv6 address? Why would > you want to assign an IP address to yourself that's of no use at all? It is incredibly useful. There is a lot of traffic that is only relevant to the local-link. Now two computers on the same wire can communicate automatically - true zero-configuration. IPv6 uses link-local for neighbor discovery. Remember IPV6 does not use ARP. > I can't even figure out what address ranges are reserved for private > use, is there even such a concept in IPv6? None, and no. There is no exact equivalent - thank goodness. Everyone using 192.168.1.x and NAT is a real pain. > I know that IPv6 is supposed to allow every address to be publicly > route-able but having your computers in private ranges and use NAT has > big advantages towards security. NO NO NO NO NO NO NO and NO! (*@!^&*@$ &@*^*&$@ &*@^*&@ How many times does this have to be explained??? NAT *IS* *NOT* a @*(&^*(^@(*@ security tool. It isn't. Stop saying it is. You use *firewalls* for security. Just block ingress traffic and you are just as well off as you are on NAT - and odds are in your NAT configure you are doing that already. All you do is eliminate the hacks, performance penalty, and interoperability problems created by NAT. NAT is a *problem*, not a solution for anything other than a deficient network protocol. > And what about this arbitrarily chosen /64 subnet? So we're returning > back to classfull routing? Yes, thank goodness. No more ridiculously tedious netmasks. > Stateless auto-configuration is a useless feature, just like APIPA. I > much prefer DHCP and thankfully it still exists for v6. Correct, nothing is lost, things are gained. All to the good.