Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Enabling Eircom router for IPv6?
-
01-02-2011 8:55pm#1Well seeing as the apparent IP 'apocalypse' is upon us I was wondering whether there was a way to enable IPv6 on a default Eircom Router?0
Comments
-
To have IP6 session
1) Eircom needs to run IP6 on all their network
2) All you connect needs IP6
3) The destinations need IP6
4) The Modem needs IP6, ordinary DSL routers don't do it.
5) You need to know a lot about security, because by default there is no IP4 concept of Firewall or Router.
6) The number of unallocated IP4 is low. In the Many many Millions. But the number of allocated but effectively unused IP4 may be half a billion.
7) There are about 4 Billion possible public IP4 addresses. I doubt 1/2 are used publicly.
8) Pretty much you need to keep using an IP4 address for all the applications and sites you use that are IP4 (most of them).
The IP4 to IP6 change-over and design of IP6 one of the worst thought out things in Computing since 1950s.
There are serious security issues with IP6. It's so badly thought out that they have already three versions of the IP6 equivalent of DHCP.
There is not in reality any IP4 apocalypse. No-one can own an IP address. many thousands of Universities, Military, Governments and Companies have been allocated over 16M addresses each. A single site that's not an ISP or Hosting centre doesn't need more than 4 to 16.
Existing users and sites won't stop working. They will simply run out of "unused banks" to allocate and then "hoarders" and "misusers" (folk using public IP ranges on private LANs that are not publicly routed) will have to give them up for re-assignment.
Unless you have a specialist IP6 application to an IP6 only destination, you don't need IP6 as an Eircom customer. Even if you did have IP6 you would still have to use IP4.
No-one using the Internet with IP4 can give up their connecting IP4 address until the entire Internet is using IP6.
It's not like giving up the Tumble drier and only using a clothes line to save the planet. Using IP6 saves nothing.0 -
1) Eircom needs to run IP6 on all their network
Yes and no .. You can use a tunnelbroker like Sixxs.net2) All you connect needs IP6
Umm sorry? Are you trying to say that if you have ipv6 connectivity, you cant reach any v4 content?3) The destinations need IP6
Sure .. any ipv6 accessible content (google, gmail, youtube, facebook) will use v6 .. everything else will use v4.5) You need to know a lot about security, because by default there is no IP4 concept of Firewall or Router.
Your kidding right? Firewalls work exactly the same way. Routers work exactly the same way.
I believe your getting confused between NAT and firewalls/routers. NAT is not a firewall. NAT is a hack whose sole purpose was to delay the exhaustion of IPv4 addresses!6) The number of unallocated IP4 is low. In the Many many Millions. But the number of allocated but effectively unused IP4 may be half a billion.
Actually - the number of unallocated IPv4 addresses, depending on which tier you look at, is as low as zero. The IANA has allocated every single IPv4 address to the RIR's. The RIR's are expected to run out in September. After that point, if someone starts a new ISP - they cannot get any IPv4 addresses as there are none left.7) There are about 4 Billion possible public IP4 addresses. I doubt 1/2 are used publicly.
It doesn't matter if there used publically, they are allocated and cannot be forcibly returned to the available pool.8) Pretty much you need to keep using an IP4 address for all the applications and sites you use that are IP4 (most of them).
Yes - ideally you will have a IPv4 address to connect to IPv4 content. But its not necessary. e.g. NAT64 and DNS64 allow for IPv6 only computers to reach the IPv4 internet.The IP4 to IP6 change-over and design of IP6 one of the worst thought out things in Computing since 1950s.
Yea .. it was badly planned, badly implemented. But thats mostly due to people refusing to accept that IPv4 is running out. Fast.There are serious security issues with IP6.
Like?It's so badly thought out that they have already three versions of the IP6 equivalent of DHCP.
And more options for configuring your network is bad? how?There is not in reality any IP4 apocalypse. No-one can own an IP address. many thousands of Universities, Military, Governments and Companies have been allocated over 16M addresses each. A single site that's not an ISP or Hosting centre doesn't need more than 4 to 16.
They can't "own them" .. but they have a perpetual right to use them and cannot be forced to give them back. So this is a moot point.Existing users and sites won't stop working. They will simply run out of "unused banks" to allocate and then "hoarders" and "misusers" (folk using public IP ranges on private LANs that are not publicly routed) will have to give them up for re-assignment.
Yes, existing sites will not stop working. But the "hoarders" and "misusers" can't be forced to return their addresses.Unless you have a specialist IP6 application to an IP6 only destination, you don't need IP6 as an Eircom customer. Even if you did have IP6 you would still have to use IP4.
Agreed - but there is nothing wrong with wanting it and helping to push the transition forward, rather than holding it back!No-one using the Internet with IP4 can give up their connecting IP4 address until the entire Internet is using IP6.
NAT64 and DNS64 .. Among other methods ...It's not like giving up the Tumble drier and only using a clothes line to save the planet. Using IP6 saves nothing.
Who mentioned saving the planet?0 -
Yea, Sixxs.net is your best bet as an eircom customer. You will need to switch you DSL router in to bridged mode and connect to it over PPPoE using some kinda of V6 DDWRT flavoured router or similar.
I could never get the tunnelled option to work correctly.
Been using IPv6 natively at home and work for about 6 months and I have found the lack of NAT so much easier to handle. I have a /64 subnet assigned to my LAN at home, all PC's have their own public V6 addresses and I can access them from any V6 connection without fussing around with port forwarding and other such retro techniques.0 -
-
I got carried away, not 1,000s with 16m
But only about 14% of IP4 addresses are actually in use in Public Internet.
Kiall has refuted a lot of points with nonsense.
Without explicitly setting up inward routing NAT by default blocks all Public connections to your PCs (or anything else) services. That straight off blocks maybe 90% of vulnerabilites.
Anyone that thinks the current IP6 is a solution to current Zero IP4 left to allocate and hasn't major security implications is ignorant and naive. The major issue is re-allocation of unused IP4 addresses.
Until every host has IP6, every client needs IP4 somewhere, even if on an ISP router.
Until every client has access somehow to IP6, even if via magic at an ISP, then every Host needs IP4. Interworking still needs a pair of IP4 someplace.0 -
Advertisement
-
Kiall has refuted a lot of points with nonsense.
Without explicitly setting up inward routing NAT by default blocks all Public connections to your PCs (or anything else) services. That straight off blocks maybe 90% of vulnerabilites.
NAT is not a firewall. A firewall is a firewall. Every consumer CPE has a default rule of "block all, except related and established". Your theory of NAT providing any more security than a firewall is utter nonsense.
Lets set the record straight. I suggest you read RFC 1631. Let me quote the preface:The two most compelling problems facing the IP Internet are IP
address depletion and scaling in routing. Long-term and short-term
solutions to these problems are being developed. The short-term
solution is CIDR (Classless InterDomain Routing). The long-term
solutions consist of various proposals for new internet protocols
with larger addresses.
Does this mention security? Nope!
Does this mention address depletion? Yes!
Does this mention IPv6? Yes, Indirectly! ("new internet protocols with larger addresses")
Now - let me quote another section of this same RFC:Unfortunately, NAT reduces the number of options for providing
security. With NAT, nothing that carries an IP address or information
derived from an IP address (such as the TCP-header checksum) can be
encrypted.
Does this sound like it helps security? Nope!Anyone that thinks the current IP6 is a solution to current Zero IP4 left to allocate and hasn't major security implications is ignorant and naive.
I'll ask again. What security implications?The major issue is re-allocation of unused IP4 addresses.
I'll repeat myself, again, Those unused (at least publicly), but allocated address cannot be forcibly reclaimed.
Additionally. Even if every single address - all 4+ billion of them were returned. Its still not enough.
And finally! Even if all the unused (at least publicly), but allocated address were to be reclaimed, the returned subnets would likely not be consecutive. The routing tables simply cannot handle a barrage of /24's or /23's. Infact - many major ISP's and transit providers simply filter anything smaller than a /22. And the vast majority will filter all /24 and smaller subnets.Until every host has IP6, every client needs IP4 somewhere, even if on an ISP router.
Until every client has access somehow to IP6, even if via magic at an ISP, then every Host needs IP4. Interworking still needs a pair of IP4 someplace.
Of course .. I don't see anyone disagreeing with that! Nobody is claiming IPv4 is going anywhere - its going to be in use for decades to come. BUT I for one would like to see native ipv6 deployed as soon as possible to as much as possible.
Also - please don’t take this as a personal attack etc - I'm just sick and tired of seeing mis-information and FUD spread by those who quite obviously, do not work in the industry.0
Advertisement