Slashdot Mirror
Windows 7 May Finally Get IPv6 Deployed
Esther Schindler writes "According to this article at IT Expert Voice, Windows 7 and IPv6: Useful at Last?, we've had so many predictions that this will be 'the year of IPv6' that most of us have stopped listening. But the network protocol may have new life breathed into it because IPv6 is a requirement for DirectAccess. DirectAccess, a feature in Windows 7, makes remote access a lot easier — and it doesn't require a VPN. (Lisa Vaas interviews security experts and network admins to find out what they think of that idea.) The two articles examine the advantages and disadvantages of DirectAccess, with particular attention to the possibility that Microsoft's sponsorship may give IPv6 the deployment push it has lacked."
Uhh... 3 letters for you. D.N.S.
Do you seriously believe "the addresses are really long" is going to be the main thing blocking IPv6 adoption? Or even something the average person will care about in the slightest?
I have to say that this is what struck my eye :
In addition, DirectAccess can be integrated with Network Access Protection (NAP). NAP, which was introduced in its current version in Windows Server 2008, automatically checks that a remote PC has up-to-date software and the proper policy-set security settings.
OK, it checks for software status, which I guess is cool, but what makes me suspect that there is a "Refuse to operate unless the licenses appear OK" aspect to this ?
By the way, this sets up an IPSEC VPN, so I am not sure why the OP says it doesn't require a VPN.
Mod parent up. If you can map between the "inside" and the "outside" of your organization you can drop packets coming from the outside just as readily.
The World Wide Web is dying. Soon, we shall have only the Internet.
Dynamic DNS, then. I use that for remoting into my computer and router from other places.
Hail Eris, full of mischief...
E pluribus sanguinem
Who the hell needs 13 Gazillion addresses on their LAN? On the internet sure, ok....who the fuck going to connect a Windows box to the internet without NAT/Firewall?
Network address translation came into use because you had limited supply of IP addresses, pigeonhole problem basically. With IPv6 that's not needed, because surely 3.4×10^38 addresses should be enough for anyone. You'll just need a firewall to reject requests from outside your own assigned block.
Except that it doesn't work with the networking you have.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
Wait, are you claiming you don't use IPv4 for anything? Or are you claiming you use IPv6 for some things? Because if the latter, you're right in line with Bernstein's claim. Note he doesn't say IPv6 doesn't work, he says there is no smooth transition path for IPv6 adoption from IPv4.
Websites with external consumers cannot stop using IPv4 until all potential consumers use IPv6. So until everyone uses IPv6, every host must continue to run IPv4 or both.
Does this mean you cannot run IPv6 at home? No, it just means you must also run IPv4 to get to websites that haven't bothered to support both.
Which relegates IPv6 to hobbyists, same as in 2002.
Changa hates change.
The funny thing is, however, that NAT isn't entirely obsoleted by ipv6... because it is almost inevitable that ipv6 space will be almost as poorly managed as ipv4 space was in the beginning, we will probably still run out of ipv6 space sooner than we otherwise would. Of course, due to the sheer size of ipv6 space, I suspect that's not likely to happen in most of our lifetimes.
In most of our lifetimes? Per Wikipedia:
The very large IPv6 address space supports a total of 2^128 (about 3.4×10^38) addresses—or approximately 5×10^28 (roughly 2^95) addresses for each of the roughly 6.5 billion (6.5×10^9) people alive in 2006. In a different perspective, this is 2^52 (about 4.5×10^15) addresses for every observable star in the known universe.
It will take way more than poor management to use up all those numbers in any timescale with meaning to a human life.
Do what thou wilt shall be the whole of the Law
1/2. would you prefer 192.168.127.123.67.88.76.44.246.254.65.183?
3. I have no solution for that.
4. For suitably small values of "works". NAT breaks a lot of stuff, adds needless complexity (annoying hacks such as UDP hole punching and the like) and merely trades one addressing limit (2^32 IP addresses) for another (2^16 ports).
We already have a simple solution, IP4 with NAT. It works great.
I take it you've never had to program any application that needs peer to peer communications then?
In most of our lifetimes? Per Wikipedia:
The very large IPv6 address space supports a total of 2^128 (about 3.4×10^38) addresses--or approximately 5×10^28 (roughly 2^95) addresses for each of the roughly 6.5 billion (6.5×10^9) people alive in 2006. In a different perspective, this is 2^52 (about 4.5×10^15) addresses for every observable star in the known universe.
It will take way more than poor management to use up all those numbers in any timescale with meaning to a human life.
That quote from Wikipedia you pulled, is immediately followed by this:
"While these numbers are impressive, it was not the intent of the designers of the IPv6 address space to assure geographical saturation with usable addresses. Rather, the longer addresses allow a better, systematic, hierarchical allocation of addresses and efficient route aggregation."
If we could arbitrarily ignore the network structure and special ranges assigned in IPv4, we have 4.2 billion possible IP numbers (2^32). Do we have 4 billion computers on the Internet? No. Do we have IPv4 shortage? Yes. In fact we had IPv4 shortage even back in the early 90-s when Internet was far from being mainstream yet (which prompted the jump from classful network to CIDR).
You haven't met my managers.
DRM 'manages access' in the same way that a prison 'manages freedom'