Slashdot Mirror

← Back to Stories (view on slashdot.org)

Why You Shouldn't Worry About IPv6 Just Yet

Posted by CmdrTaco on from the more-worried-about-a-sandwich dept.

nk497 writes "While it's definitely time to start thinking about IPv6, it's not time for most to move up to it, argues Steve Cassidy, saying most can turn it off in Windows 7 without causing any trouble. Many network experts argue we're nearing network armageddon, but they've been saying that for years.'This all started when Tony Blair was elected. The first time. Yep, that's how long IPv6 has been around, and it's quite a few weeks ago now.' He says smart engineering has avoided many of the problems. 'Is there an IPv6 "killer app" yet for smaller networks? No. Is there any reason based on security or ease of management — unless you're running a 100,000-seat network or a national-level ISP — for you to move up to it? No. Should you start to do a bit of reading about it? That's about the stage we're truly at, and the answer to that one is: yes,' he says."

3 of 425 comments (clear)

  1. No NAT, no glory by six · · Score: 1, Flamebait

    The lack of SNAT/DNAT targets in Linux ip6tables makes it quite impossible to use ipv6 for any serious enterprise networking. Ipv6 multihoming can't be done without BGP, other solutions like mobile ipv6 or shim6 are - at best - a big mess, also who wants to broadcast his internal network topology/numbering scheme to the whole internet ?

    There seems to be some kind of religious taboo here, where the only - supposedly - evil use of NAT (N-to-1 mapping) being taken into consideration, but this is IMHO just plain wrong. Also the NAT haters main argument is that it doesn't preserve end to end reachability (which is not even true for N-to-N mappings), but without NAT everyone is gonna use a stateful firewall for ipv6, and guess what ... the effect on reachability is almost exactly the same.

    The other problem I have is with anonymity, without NAT every PC in your local network may be identified individually, there are many cases where this may not be desirable.

    IMO ipv6 brings some nice new stuff to the table, the most obvious being the xxl address space, but takes away too much for me to consider using it for myself or my customers at the moment.

  2. Re:I have read it... by mikkelm · · Score: 0, Flamebait

    This "NAT is no/slightly better than no security at all" bullshit is getting really tedious. NAT has the side-effect of eliminating the most simple and obvious attack vector on the Internet without any additional effort. NAT has without any shred of doubt done more for the security of the Internet than any other network service, firewalls included.

  3. Re:most hated part of ipv6 by pudding7 · · Score: 0, Flamebait

    Right. Because none of us ever deal with the actual IPs. Ever.