[afripv6-discuss] What are the benefits of IPv6 over IPv4
Frank Habicht
geier at geier.ne.tz
Sun Jun 3 20:36:26 SAST 2012
Can I conclude like this:
- those who don't take care of security will get bitten by security issues.
- those that don't do IPv6 won't have to worry about IPv6 (security)
?
Are we talking about how bad things are or are we talking about which
way to go forward?
Are you advising to currently not adopt IPv6?
Frank
On 6/3/2012 8:44 PM, Kondwani C. Hara wrote:
> While direct communication seems a good idea, direct communication
> exposes devices to direct attack. Where NAT existed, it was easier to
> limit the attacks by opening up to the public only services that are
> accessible to the public.
>
> Linux or most Unix machines operating as servers, are hardened against
> remote attacks. Workstations are hardened against local access. Putting
> these on ipv6 will leave many workstations very vulnerable.
>
> The attacks on smartphones especially Android, seem to have been worse
> and difficult to manage due the little attention on security they might
> have received owing to the fact that its still work in progress.
>
> Exposing these to the chainability of ipv6 is really a Security disaster.
>
> That's a big bug ipv6 has.
>
> Kondwani.
>
> On 3 Jun 2012 19:34, "Frank Habicht" <geier at geier.ne.tz
> <mailto:geier at geier.ne.tz>> wrote:
>
> Hi,
>
> I understand Vint Cerf is accepting part of the blame [about
> limitations of v4].
> I believe that it's good (for innovation) to be able to have direct
> communication between end devices (end-to-end principle).
> That is gone for IPv4 (NAT), and workarounds [1] are there (none
> perfect).
>
> I think IPv6 will take care of it for longer that IPv4 did.
>
>
> I hope we have a common understanding about history and we can go
> forward. How do we deploy more v6 ?
>
> I like Gert Doering's .sig :
> "have you enabled IPv6 on something today...?"
>
>
> Frank
>
> PS: didn't get 2x eBGP up with Cisco 891 [2] today :
> clear bgp ipv6 unicast * did _not_ help
> reload _did_ help. strange....
> Cisco IOS Software, C890 Software (C890-UNIVERSALK9-M), Version
> 15.1(4)M1, RELEASE SOFTWARE (fc1)
>
>
> [1]
> - the one I think about are STUN etc
> - ipv6 over facebook, over google, don't count
> - 6to4 should be history, and not in discussions about the future -
> can we agree?
>
> [2]
> end-user customer, with 2 uplinks to same ISP, in AS 64512
> yes, i was talking about BGP over v6 and about v6
>
>
> On 6/3/2012 7:52 PM, Kondwani C. Hara wrote:
>
> I believe by design, ipv4 was never supposed to exhaust. But as a
> marketing extra, even ipv6 address space will prove too little. Not
> every individual requires a public ip. But if every device will
> require
> a public ip, then per individual it should be expected several
> devices.
> I wonder how many ipv6 ip address are implementable? If there is an
> upper bound, the seemingly huge number will exhaust.
>
> Unless we come back to the original design of ipv4 we will find
> that we
> would still encounter the same problem. We will also find that
> ipv4 was
> never supposed to exhaust in the first place.
>
> On 3 Jun 2012 14:09, "Mark Tinka" <mark.tinka at seacom.mu
> <mailto:mark.tinka at seacom.mu>
> <mailto:mark.tinka at seacom.mu <mailto:mark.tinka at seacom.mu>>> wrote:
>
> On Sunday, June 03, 2012 11:11:39 AM Mark Elkins wrote:
>
> > At the end of the day - every ISP type service charges
> > for the IP addresses that they 'rent' from their
> > Upstream or RIR. They are all businesses.
>
> Mark, do you mean as a hidden cost or explicitly?
>
> Not all ISP's charge their customers for space. But yes,
> some do.
>
> The operations I've run assign a minimum default for every
> new turn-up. If customers want additional space for their
> expansion, they only need to justify that to us (not as easy
> as I'm making it sound), and if they could, we'd assign more
> to them. Justification for additional space was always in
> line with the policies enforced by the RIR in the respective
> region I worked; which is fair.
>
> Charging for IPv4 address space isn't terribly useful, as
> that's a dying resource you can't base any sustainable model
> on.
>
> I know Product & Marketing folks like to charge for IPv4
> addresses as a deterrence to exhaustion, but I always tell
> them that if a customer is desperate, they'll pay anything
> to get it.
>
> Add to that, the Sales are happy making IPv4 addresses an
> item line because they make more on commissions.
>
> So the combination of S&M, in this case, is a recipe for
> disaster that needs checking.
>
> But as a basic means of revenue when offering a service,
> I'll submit it (selling IPv4 space) leaves a foul taste in
> my mouth. As for IPv6, that's just immoral, but that's my
> own opinion.
>
> Your network, your rules.
>
> Mark.
>
> _________________________________________________
> afripv6-discuss mailing list
> afripv6-discuss at afrinic.net <mailto:afripv6-discuss at afrinic.net>
> <mailto:afripv6-discuss at __afrinic.net
> <mailto:afripv6-discuss at afrinic.net>>
> https://lists.afrinic.net/__mailman/listinfo.cgi/afripv6-__discuss
> <https://lists.afrinic.net/mailman/listinfo.cgi/afripv6-discuss>
>
>
>
> _________________________________________________
> afripv6-discuss mailing list
> afripv6-discuss at afrinic.net <mailto:afripv6-discuss at afrinic.net>
> https://lists.afrinic.net/__mailman/listinfo.cgi/afripv6-__discuss
> <https://lists.afrinic.net/mailman/listinfo.cgi/afripv6-discuss>
>
>
> _________________________________________________
> afripv6-discuss mailing list
> afripv6-discuss at afrinic.net <mailto:afripv6-discuss at afrinic.net>
> https://lists.afrinic.net/__mailman/listinfo.cgi/afripv6-__discuss
> <https://lists.afrinic.net/mailman/listinfo.cgi/afripv6-discuss>
>
>
>
> _______________________________________________
> afripv6-discuss mailing list
> afripv6-discuss at afrinic.net
> https://lists.afrinic.net/mailman/listinfo.cgi/afripv6-discuss
More information about the afripv6-discuss
mailing list