Slashdot Mirror

← Back to Stories (view on slashdot.org)

Comcast Begins Native IPv6 Deployment To End Users

Posted by Unknown on from the 18-quintillion-addresses dept.

First time accepted submitter Daaelarius writes "Comcast has begun deployment of Native IPv6 access to end users. The deployment is starting out small with a single market, but is expected to expand rapidly. They have provided ... more in depth technical details." Finally; native dual-stack IPv6 for home customers. Perhaps we can avoid a post-exhaustion future of NAT-upon-NAT and use restrictions.

12 of 326 comments (clear)

  1. Re:Available in my area? by chill · · Score: 4, Funny

    Right after they test with the current demographic -- people with one computer that is directly connected to the cable modem.

    This should go quickly, since every one of those people is already a zombie spam-bot.

    --
    Learning HOW to think is more important than learning WHAT to think.
  2. Re:Yeah right by BlueParrot · · Score: 5, Informative

    People underestimate the address space in IPv6 when they make remarks like this.

    In principle IPv6 could hold more than 10^38 addresses. Now due to structuring and various reservations and so on there is considerably fewer. So for the sake of argument, let's say it is "only" 10^20. That's still enough that for every present IPv4 address you could add an entire internet and still have addresses left over.

    What this means is that even if ISPs were incredibly wasteful and basically trashed 99.9% of the address space due to bad practices, you'd still have millions of addresses for every person in the world.

  3. Re:So, as an end user... by tuffy · · Score: 3, Informative

    The idea is that the end user is still going to keep all his devices behind a firewall so everybody on the internet can't probe them. But since your toaster has its own actual address, it can connect directly to the Online Toasting Database server without having to kludge all that traffic through a NAT.

    --

    Ita erat quando hic adveni.

  4. Re:Yeah right by vlm · · Score: 5, Insightful

    not being directly connectable (ie., behind NAT)

    WRONG.

    on ipv4 NAT is generally implemented as a stateful firewall that also rewrites addresses.

    There is absolutely nothing preventing a firewall on ipv6 that is stateful, that leaves addresses alone.

    The security gain comes from the stateful firewall, not the rewriting addresses.

    --
    "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
  5. Re:Yeah right by Klync · · Score: 3, Funny

    If you can't cook toast, then you probably shouldn't be bringing your phone in the shower with you, either.

    --

    ----
    Not to be confused with Col.
  6. Re:Yeah right by Bill,+Shooter+of+Bul · · Score: 3, Insightful

    If my toaster is smart enough to realize that the toast is burning, and communicate that fact to another device, it should be capable of not burning the toast in the first place.

    --
    Well.. maybe. Or Maybe not. But Definitely not sort of.
  7. Re:Yeah right by digitalsushi · · Score: 3, Informative

    http://www6.ietf.org/rfc/rfc3315.txt

    Autoconf currently doesn't assign a prefix delegation.

    --
    slashdot: where everyone yells sarcastic metaphors to themselves to understand the issue
  8. Re:Yeah right by tchuladdiass · · Score: 3, Insightful

    And what makes you think that the IPv6 off-the-shelf routers won't default to a stateful firewall? In fact, I can't see any vendor not enabling that by default, and advertizing it in big bold letters (not the techno-jargon, but "Buy this box and keep the hackers out"). And the ISPs are likely to include such functionality in their cable/DSL modem, since they could benefit from fewer zombies on the network.

  9. Re:Yeah right by dch24 · · Score: 3, Interesting

    Mod parent up.

    Additionally, many other carriers are already seeing IPv4 exhaustion (due to their own wastefulness in the RFC1918 address space). They are co-opting DoD /8's within their network to try to overcome the problem. [source]

    I'll skip the obvious stupidity of "stealing" IPv4's from the DoD. But instead of deploying Carrier-Grade NAT, they're divvying up the internet. In one place, 28.0.0.0/8 takes you to one machine, in another place it takes you somewhere else.

    It sounds like the IPv4 internet is going to fall apart simply due to negligence. How's that for an IPv6 killer app?

  10. We already have the problem with IPv4 by zerofoo · · Score: 3, Informative

    I've seen plenty of people plug their cable modems right into the back of their computer with no firewall of any kind. Thankfully, most operating systems ship with a software firewall - it's better than nothing. Most of these types of customers bought a nat box, not due to security concerns, but to get wireless connectivity.

    IPv6 direct connectivity will be a problem ONLY if end users plug all of their devices into a switch and those devices lack a software firewall. I don't know of any "non-technical" home users that have such a switch. Everyone seems to have a "nat box" simply for wireless connectivity. I suspect people will not go buy a dumb switch and access point, simply because they do not know what they are.

    I suspect most people will go buy an "IPv6 capable" firewall/switch with built in access-point. End users will have no idea that they no longer use nat - hell most probably don't even know they have it now.

    -ted

  11. Re:Yeah right by GPLHost-Thomas · · Score: 5, Insightful

    That's reverse thinking. If you need a firewall, setup a firewall, don't setup NAT instead.

  12. Re:Yeah right by Tuan121 · · Score: 4, Funny

    So what you are saying is that we'll have to do a NAT behind the Sun once ipv6 is allocated to every solar system in the universe?

    Fuck.