1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

The official TPU IPv6 thread

Discussion in 'Networking & Security' started by qubit, Feb 18, 2011.

  1. Mussels

    Mussels Moderprator Staff Member

    Joined:
    Oct 6, 2004
    Messages:
    41,976 (11.73/day)
    Thanks Received:
    9,389
    i think we got lucky with that here, they're starting to roll out a large australia wide fiber network - perfect time to upgrade along the way to IPv6. that way as people migrate across, they also migrate to IPv6
  2. qubit

    qubit Overclocked quantum bit

    Joined:
    Dec 6, 2007
    Messages:
    9,821 (4.05/day)
    Thanks Received:
    3,480
    I don't think that getting rid of NAT and having every device individually visible on the internet is good for the home user and here's why:

    - No natural hacker protection from NAT. Even one computer benefits from this
    - Much greater attack surface for hackers. Where they previously had one IP address to attack, they now have many, all belonging to you
    - Easier for the RIAA/MPAA/Big Content to attack you with lawsuits over bogus losses from file sharing. The usual and reasonable defence argument is that an IP address doesn't identify an individual user and can be spoofed, which does help in court. However, with so many IP addresses all pointing to your account, it makes this defence much weaker

    For these reasons, when IPv6 becomes standard, I aim to be running NAT and an IPv4 network at home, with translation between the two protocols in my gateway (the router). Hopefully, it won't significantly impact performance.
  3. Mussels

    Mussels Moderprator Staff Member

    Joined:
    Oct 6, 2004
    Messages:
    41,976 (11.73/day)
    Thanks Received:
    9,389
    it might delay DNS lookups and such, but i really doubt there will be any significant delay.
  4. Hybrid_theory

    Hybrid_theory New Member

    Joined:
    Mar 31, 2007
    Messages:
    1,895 (0.71/day)
    Thanks Received:
    163
    Location:
    ontario canada
    NAT truly provides minimal security at best. With many to one it just sort of hides what local IP your using. But any good hacker can get around that. The real key is just to keep as many ports closed as you can and be careful about what websites you browse at.

    While you may have many IP addresses youre still likely going through a router of some sort, which has a firewall, which means one protected entrance for the hacker to try and get through.

    Last point, well do what you wish with the internet. If you pirate with just one of your machines, no difference. If you pirate with all of them, yea that defense wont work. I cant say I read into the cases of where people get charged and goto court. But I would assume they would have to find the files somewhere to actually prove that person "stole" their data.

    But yeah NAT does sound like a good way to stay for home users just because ISPs could very well gouge if you want your own network of addresses. Could just be an issue in the future if new applications no longer support it.
  5. Mussels

    Mussels Moderprator Staff Member

    Joined:
    Oct 6, 2004
    Messages:
    41,976 (11.73/day)
    Thanks Received:
    9,389
    NAT blocks the ports, its a great hardware firewall. that is its key. If you dont have port forwards or a port opened up by Upnp, then worms/random hack attempts cant get in to you.
  6. Hybrid_theory

    Hybrid_theory New Member

    Joined:
    Mar 31, 2007
    Messages:
    1,895 (0.71/day)
    Thanks Received:
    163
    Location:
    ontario canada
    Its not NAT that blocks the ports. It's the firewall. It looks at the traffic and permits or denies it based on a set of rules defined on the device. In the case of home routers it is typically deny all incoming, allow all outgoing. When you forward a port over NAT, it is saying to NAT that any incoming traffic on that port to forward to that specific machine on your network. This also creates an allow rule for that traffic.
  7. Easy Rhino

    Easy Rhino Linux Advocate

    Joined:
    Nov 13, 2006
    Messages:
    13,390 (4.77/day)
    Thanks Received:
    3,223
    Mussels says thanks.
  8. qubit

    qubit Overclocked quantum bit

    Joined:
    Dec 6, 2007
    Messages:
    9,821 (4.05/day)
    Thanks Received:
    3,480
  9. Easy Rhino

    Easy Rhino Linux Advocate

    Joined:
    Nov 13, 2006
    Messages:
    13,390 (4.77/day)
    Thanks Received:
    3,223
    since ipv6 is 128bit it supports 2^128 amount of ip addresses. thats 3.4x10^38 or

    340,282,366,920,938,000, 000,000,000,000,000, 000,000 ip addresses.

    think of it this way...the earth's surface in square centimeters is 5.0970966 x 10^18

    so you can fit seveal dozen ip addresses inside every square centimere of the earth's surface. i think that will hold us over for awhile!
    Last edited: Jun 6, 2011
  10. Hybrid_theory

    Hybrid_theory New Member

    Joined:
    Mar 31, 2007
    Messages:
    1,895 (0.71/day)
    Thanks Received:
    163
    Location:
    ontario canada
    several? hot damn. i remember a teacher telling me one per square inch. of course those are usually random estimates ;)
  11. qubit

    qubit Overclocked quantum bit

    Joined:
    Dec 6, 2007
    Messages:
    9,821 (4.05/day)
    Thanks Received:
    3,480
    It would actually be a damn site more than that.

    Using your figures, we can work out the basic order of magnitude. Dividing the square centimeters into the IP addresses, you subtract the powers, so 38-18 = 20.

    So, that's on the order of 1x10^20 IP address per square centimeter! Astronomically huge. :D
    remixedcat says thanks.
  12. blu3flannel

    blu3flannel

    Joined:
    May 14, 2010
    Messages:
    898 (0.59/day)
    Thanks Received:
    120
    Location:
    NYU
    Would one have to convert their network to IPv6 by upgrading the router firmware or purchasing a new, IPv6-compatible one? I have a WRT54G and was just wondering what the procedure would be.
  13. qubit

    qubit Overclocked quantum bit

    Joined:
    Dec 6, 2007
    Messages:
    9,821 (4.05/day)
    Thanks Received:
    3,480
    Depends on the support the manufacturer provides. If they don't supply a firmware update, then you'll have to buy a new router.
  14. Hybrid_theory

    Hybrid_theory New Member

    Joined:
    Mar 31, 2007
    Messages:
    1,895 (0.71/day)
    Thanks Received:
    163
    Location:
    ontario canada
    pretty sure custom firmwares support it. ddwrt and such
  15. Mussels

    Mussels Moderprator Staff Member

    Joined:
    Oct 6, 2004
    Messages:
    41,976 (11.73/day)
    Thanks Received:
    9,389
    not that home users need to upgrade, not like you're running out of IP addies in your LAN.
  16. remixedcat

    remixedcat

    Joined:
    May 13, 2010
    Messages:
    2,618 (1.71/day)
    Thanks Received:
    542
    damn Imma haveta get a new router mine don't support DDWRT :(
  17. Mussels

    Mussels Moderprator Staff Member

    Joined:
    Oct 6, 2004
    Messages:
    41,976 (11.73/day)
    Thanks Received:
    9,389
    why? IPv6 wont matter to you.
  18. qubit

    qubit Overclocked quantum bit

    Joined:
    Dec 6, 2007
    Messages:
    9,821 (4.05/day)
    Thanks Received:
    3,480
    You sound like an enthusiast :rockout: so you may be interested in these two roll-your-own firewalls that install on a PC and take it over completely. Both are based on Linux and are completely free:

    www.ipcop.org

    www.astaro.com

    Astaro is a commercial paid for product, that comes on dedicated hardware and is very expensive. However, there's a couple of free versions that run on a PC. Get the home use one, which has the least features cut out.
    remixedcat says thanks.
  19. Easy Rhino

    Easy Rhino Linux Advocate

    Joined:
    Nov 13, 2006
    Messages:
    13,390 (4.77/day)
    Thanks Received:
    3,223
    no. does your isp provide you with a router? if so it may be ipv6 compliant. if not, when they switch (which wont be for a long time) then they will send you a router than can handle ipv6. for lan stuff you dont need ipv6.
  20. remixedcat

    remixedcat

    Joined:
    May 13, 2010
    Messages:
    2,618 (1.71/day)
    Thanks Received:
    542
    no the isp didn't give it to me it's an old netgear. :(
  21. Easy Rhino

    Easy Rhino Linux Advocate

    Joined:
    Nov 13, 2006
    Messages:
    13,390 (4.77/day)
    Thanks Received:
    3,223
    meh, you wont have to buy a new one for a while anyway. your isp may not even change over for years.
  22. remixedcat

    remixedcat

    Joined:
    May 13, 2010
    Messages:
    2,618 (1.71/day)
    Thanks Received:
    542
    awww ok well I kinda new that but thanks a lot!!!!
  23. Mussels

    Mussels Moderprator Staff Member

    Joined:
    Oct 6, 2004
    Messages:
    41,976 (11.73/day)
    Thanks Received:
    9,389
    dont bother upgrading unless your router cant keep up with your net connections speed, you want newer wifi security (EG, your old one can only do WEP) or you need newer wifi standards (EG, wifi N 300)


    the changeover to IPv6 is going to be very, very slow - and you could always just use an ipv6 capable modem before your current router in the event your ISP switches over completely anyway (which is very unlikely and they'd give tons of warning)
  24. qubit

    qubit Overclocked quantum bit

    Joined:
    Dec 6, 2007
    Messages:
    9,821 (4.05/day)
    Thanks Received:
    3,480
    It's finally here: It's world IPv6 day today!

    www.worldipv6day.org

    Access sites like Google, Facebook, Yahoo!, Akamai and Limelight Networks using IPv6.
    Mussels says thanks.
  25. Easy Rhino

    Easy Rhino Linux Advocate

    Joined:
    Nov 13, 2006
    Messages:
    13,390 (4.77/day)
    Thanks Received:
    3,223
    most ISPs havnt bothered with IPv6 yet. i have verizon, one of the USA's largest providers and i get

    from this test http://test-ipv6.com/

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)

Share This Page