I don't get IPv6. Really, I don't. I understand that we are running out of IPv4 address, but the argument I always see is that we can now connect every device to the internet, like fridges that can reorder products for us, etc.
That's great and everything, but why the hell would I want my fridge to have a world accessible IP address.? If for some silly reason I wanted my fridge internet enabled, I would NAT it behind a firewall.
Does anyone actually have a compelling reason to use IPv6 anywhere.? Certainly not at in my home network/lab.The only reason I can think of is mobile phones. Get rid of the IMEI numbers (which can be duplicated) and use an fixed IPv6 address instead.
Try to NAT a thousand items behind your firewall and get back to me.
You're at home.Some sites have way more machines in it.
My computer. g/f's computer. 2 laptops. PDA. Fridge. Microwave. Hifi. Telly. Sauna stove controller. ...
Um, do you have an internet-enabled microwave and fridge or are you just looking into the future? We're a 2-person household. The DNS configuration file of my home server has 31 devices listed. If I remove old (non-used) devices and double-counted ethernet/wifi, I still have 17 devices. And I'm not counting a block of addresses reserved for VPN: 1 desktop, 2 laptops, 2 tablets, 3 Android media players, audio system, cable decoder/DVR, 2 smartphones, e-reader, modem/router, wifi access point, home server, printer, Wii.
Within a couple of years, I can well imagine network access for IP cameras, home automation (temperature, window shutters, lighting). I still wonder why I would want to have a network-enabled fridge or microwave oven, though.
You have a networked microwave but you still use a PDA? *snort snort* What does it run, NetBIOS? *snort pushes glasses back up*
What, no toaster? :P
The moment we realized if we wanted to interconnect our off-site backup and our backend would require NAT was the moment IPv4 came up on the chopping block and I made a plan to migrate.
Companies like Google want IPv6 so every individual (and device) has its own unique IP address. With NAT gone, it will be much easier for them to identify and track your every move.
That would be right apart from the Privacy Extensions which nearly every OS is using.http://en.wikipedia.org/wiki/IPv6#Privacy [wikipedia.org]
You automatically get a new outgoing IPv6 address every x minutes while still being reachable by the main address. In fact, privacy extensions hange the outgoing address a lot more than the DHCP IPv4 address your provider doles out to you. I know my IPv4 address is stable as long as I don't disconnect my modem.
The problem is the engineers are talking about an ISO layer 2 addressing scheme, and the marketing droids are talking about their usual random BS at ISO layer one zillion that has nothing to do with it, other than maybe they can sell something useless by product tieing to something useful.
It would be like discussing CIDR addressing math for ipv4 at a meeting and then some droid busting in, and in Disney Goofy character voice saying "hay guise, lets sell this as enabling itunes yuck yuck". Unfortunately that is literally how working as an engineer/dev is, although they never tell you that in school, other than maybe you read Dilbert cartoons and laugh because you think its exaggeration (LOL).
ipv6 has nothing technological to do with fridges or whatever marketing pipe dreams.
Also you wouldn't NAT your ipv6 fridge behind a firewall, you'd just use a stateful FW acting as a "network diode". Playing games with the address buys you precisely nothing. You already have a stateful FW in your NAT box so its not exactly new tech either. I'm sure the marketing people will be of great assistance in trying to redefine existing terms to confuse people and increase sales, so we probably will see firewalls at best buy claiming ipv6 NAT but delivering a stateful firewall and not doing NAT at all.
"Does anyone actually have a compelling reason to use IPv6 anywhere.?"
Check the stats for unallocated ipv4 addressing space and be unhappy. Oh, you'll be using ipv6 soon enough because you're not going to be using ipv4, that's for sure.
Of course the PHB solution is instead of ipv4 addrs being 0-255.0-255.0-255.0-255 why not switch to 0-999.0-999.0-999.0-999 and those folks are an absolute joy to deal with I assure you.
There are some reasonable things you can do with IPv6, world-accessible kitchen appliances.
Imagine your fridge had a camera feed. You could see what you needed to get when picking up groceries. If it also had a vision algorithm (+/- a scale on each level), it could tell you the milk's almost done or that the fruits are going bad (based on color and type of fruit). Or, most important, it can tell you that the fridge door isn't quite closed.
Your toaster oven (or regular oven) could tell you that it's left on for an excessive period of time.
Your alarm system could notify you when the kids get home.
Your thermostat and alarm system could work in conjunction to turn down the AC/Heater when it knows no one is in the house. The temperature would go back to comfortable when your car or cell phone gets within 5 miles of the house.
Whether these things are important to you is another matter.
Imagine your fridge had a camera feed. You could see what you needed to get when picking up groceries.
Imagine your fridge had a camera feed. You could see what you needed to get when picking up groceries.
Hmm, let's see. I'm out of milk. I am however not out of Goatse, so don't buy any more of that. I might, however, want to get a new stack of updates for my fridge.
Oh look, the latest firmware for my fridge is two years old - same as the fridge - and rather than fix the bugs, they just want me to buy a new fridge.
I read your post and thought of this story [wikipedia.org] right away. Kind of makes your vision a little scary and prophetic.
The whole internet of things idea is just salespeople talking. Unfortunately, managers listen more to salespeople than to engineers, so it may still hold true.
IPv6 is no related to the internet of things. We need IPv6 to have ip addresses enough that everybody can have a PC. And a tablet. And a phone. And right now, there's only about enough for half the people on the planet to get ONE ip address, and that's if every subnet is filled perfectly.
However, because the people behind IPv6 wanted to be absolutely sure never to run out again (even after we colonize Mars), they made IPv6 large enough that even if the "internet of things" morons get what they want, IP addresses is not going to be our problem. Keeping all those "things" updated and secure is.
There is a difference between world-routable and world-accessible. IPv6 is world-routable. The network firewall would decide if a device is world-accessible.
This, this, a thousand times this. You haven't experienced the joys of networking when all you need is a firewall and NOT NAT. We could even run IPsec over IPv6 and it would work for most people without hours of pain.
This, this, a billion times this.
We're past a thousand users on the Internet now. :)
Yes, but turning every layman into a network administrator is pure comedy gold waiting to happen.
Why would that be an issue. The Ap/router will just come with a default configuration that does the right thing for nearly everyone and home users won't understand it, just like with IPv4 and NAT, only it won't overload the tiny embedded processor as easily.
If for some silly reason I wanted my fridge internet enabled, I would NAT it behind a firewall.
If you have a properly configured firewall, what benefit is NAT getting you? Most people who are saying this are saying, "I don't need a firewall because I have NAT". Security is a side-effect of NAT, not its purpose.
Does anyone actually have a compelling reason to use IPv6 anywhere.?
Have you ever had to statically map a port on a firewall? Enabled uPNP on a router? Why just this weekend I was trying to VoIP chat with a friend on Retroshare and we spent nearly an hour getting this straightened out. That all goes away with IPv6 (not that my local ISP's even offer it...).
NATs are not security features. Even if your fridge had a global IP it could, and should, be behind a firewall.
Finally, it's not really about fridges and washing machines, it's about... well, whatever we come up with next that would be handy to have it's own IP address. It's future proof, and that's the point.
Does anyone actually have a compelling reason to use IPv6 anywhere.?Certainly not at in my home network/lab. The only reason I can thinkof is mobile phones. Get rid of the IMEI numbers (which can beduplicated) and use an fixed IPv6 address instead.
The simple answer:
End-to-End connections, i.e., the real Internet (get-off-my-lawn).
The more ranty answer: End to end is basically it. Yes, there arelots of ways to hack around not being on the Internet: NAT, dynamicIPs, paying an obscene amount to your ISPs for an actual IP address(really?, Really!?), etc. But frankly, that's crap. A defaultInternet connection should be just that.
By themselves, there are more cellphones on the planet than IPv4addresses. The internet needs a bigger number space for addresses andfor good or bad, IPv6 is it.
The whole fridge thing is just a red herring.
I find it handy that in the IPv6 world, my ISP must give me a subnet rather than just a single IP address. I can access anything at home I need to over IPv6 from anywhere. Meanwhile, NAT is resource intensive for a firewall. It's much better to avoid packet re-writing and just filter.
But much of the benefit is for larger organizations and for the future. We really are running out of v4 addresses even while some of them are being clawed back. NAT presents it's own problems, including the already mentioned resource drain on a firewall. The same hardware filtering v6 rather than NATing v4 can handle many more machines. If you as the admin of such a place (for example, a large office) get an abuse report, instead of just your external IP address and a time that may or may not be accurate, you get an IPv6 address that uniquely identifies the probably infected PC.
When I stand up a VM at work that doesn't need to be accessible by the public, I can just skip IPv4 and use it's autoconfig v6 address. No need to be concerned with depleting the much smaller pool of available public v4 addresses.