apparently ipv4 addresses are due to run out within the next year or two, which has recently accelerated the process of migrating to ipv6 (and it’s also driving up the prices of ipv4 addresses, and it’s the reason why some of you may have noticed that hosts are requiring a fucking thesis paper before they give you another ip these days). lots of major differences.
- more possible ip addresses for a single device than have been distributed in the entire ipv4 internet.
- a single device can use multiple addresses at once, with a de facto standard of 5 addresses (global unicast, local unicast, multicast, anycast, special)
- ipv6 is an end-to-end network model, which enables faster and more efficient transfer of data, especially data that requires large pipes like streaming media.
- new potential attack vectors, including e2e (see above), ndp (addressed in 2005 with send), automated tunneling, and a couple others.
- nmap, wireshark, and other discovery programs are rather useless, and for the same reason, ip bans are also useless
- snma can be based on a device’s mac address, but it can also be completely random, which yet again adds a potential layer of anonymity.
combine that with the fact that we’re going to be tunneling ipv6 through ipv4 networks (because not all networks are ready for ipv6), and we’re looking at some pretty gnarly configurations. once the infrastructure is all using ipv6, then ipv4 will be tunneled through ipv6 (more secure, but not ideal), and ultimately, everyone will be using ipv6 native, which will be insanely better than the shit we’re using now.
im glad im not on the network side of the house, but im not looking forward to learning this shit on the security side
Some hosting providers have been giving out IP addresses way too freely. I would imagine that there will be an audit of some type from the regional networks (ARIN, RIPE, etc) who will want to know from each provider what their space is being used for. It’s not infeasible that a lot could be clawed back… the only problem with this is that the space isn’t going to be contiguous, so won’t have much effect from a worldwide perspective.
There is also a ridiculous amount of un-used space from the days when universities and other organisations were just given a /8 because they could. I’d imagine these might get asked to donate some space back.
THIS!! We have 199.104.192.0/20. We use @75 and even that is out of control.
You bumped this thread for this retarded of a question?