Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

IPv6 on UPC

  • 13-10-2010 10:57pm
    #1
    Closed Accounts Posts: 688 ✭✭✭


    got UPC installed the other week, whilst checking everything was connecting ok i noticed that the router they supplied was issuing IPv6 addresses.

    Had no way to test until thisevening when was working with a friend setting up an irc network, one of the servers has IPv6 connectivity so decided to try and use IPv6 to connect and to my shock it worked.

    Looks like UPC are getting ready for the big IPv4 dry up, glad to see it


«1

Comments

  • Registered Users, Registered Users 2 Posts: 32,417 ✭✭✭✭watty


    Google IPv6 Security.

    If you don't want Pwnd, turn off all IP6 for now.


  • Moderators, Education Moderators, Home & Garden Moderators Posts: 8,260 Mod ✭✭✭✭Jonathan


    innovated wrote: »
    got UPC installed the other week, whilst checking everything was connecting ok i noticed that the router they supplied was issuing IPv6 addresses.

    Had no way to test until thisevening when was working with a friend setting up an irc network, one of the servers has IPv6 connectivity so decided to try and use IPv6 to connect and to my shock it worked.

    Looks like UPC are getting ready for the big IPv4 dry up, glad to see it
    Out of interest what pool have they been allocated?


  • Registered Users, Registered Users 2 Posts: 2,370 ✭✭✭Knasher


    I'd also be interested to know if its still the same Cisco EPC2425 (I'd be surprised if it isn't) and if so what firmware version it is running.

    Its nice to see companies finally start to roll it out, its going to really suck when ISPs have to use NAT because the software support for IPv6 isn't really there yet.


  • Registered Users, Registered Users 2 Posts: 32,417 ✭✭✭✭watty


    There are 10s of Millions of IP4 addresses held still by companies and universities and Military in states.

    IPv6 was designed quite long ago and creates lots of problems. The only one it actually solves is address space.

    In reality there may be enough IPs for 50 years without ISPs using NAT, if the USAians shared them equitably.


  • Closed Accounts Posts: 688 ✭✭✭Captain Commie


    seeing as IT Tallaght has over 2000 IPv4 addresses alone, shows where the real waste is

    not sure what range have been allocated for IPv6, didnt look into it too much, just saw that had an IPv6 address and decided to test it by connecting to another IPv6 host, based in Germany


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 646 ✭✭✭macrubicon


    innovated wrote: »
    seeing as IT Tallaght has over 2000 IPv4 addresses alone, shows where the real waste is

    You presume they are being wasted because ?? CIT and Carlow have Class B's - is that a waste ?

    It's good to see ISP's taking things in charge and moving over - will be interesting to see if they have an IPv6-v4 gateway anywhere for non IPv6 services if they wanted to go v6 only....


  • Closed Accounts Posts: 688 ✭✭✭Captain Commie


    macrubicon wrote: »
    You presume they are being wasted because ?? CIT and Carlow have Class B's - is that a waste ?

    It's good to see ISP's taking things in charge and moving over - will be interesting to see if they have an IPv6-v4 gateway anywhere for non IPv6 services if they wanted to go v6 only....

    do they REALLY need that many publicly available IP addresses, going on the number of IP's i would ASSUME that they are issueing public IP's to all hosts which IS a waste as they can nat the internal network


  • Registered Users, Registered Users 2 Posts: 32,417 ✭✭✭✭watty


    If US institutions had single class B that would be one thing. Many have Class A 16,777,216 or multiple 20 bit (1,048,576) addresses.

    Most Irish Colleges do NAT internal networks so as to block ports, throttle traffic and protect vulnerable PCs/Servers.

    Only specifically "hardened" and up to date patched PCs/Servers are safe to connect to Internet direct without a separate Firewall.

    List of SOME of the indecent hoarders of 16 Million IPs blocks or more each
    http://en.wikipedia.org/wiki/List_of_assigned_/8_IP_address_blocks

    Some of the above are valid users of 16M addresses. Many are not.

    There could be half a billion unused/Misused IPs just in North America.
    The British Dept. Of Defence certainly doesn't need 16Million.

    No organisation needs more than 65K unless they are a public ISP.

    You can't switch of IP4 on your PC/Server till last IP4 destination has IP6
    They still have not figured out security & privacy issues fully.

    Basically they need to scrap IPv6 and invent a new scheme that includes solutions to the major issues and compatibility, not the way IP6 works.


  • Registered Users, Registered Users 2 Posts: 2,013 ✭✭✭lynchie


    watty wrote: »
    No organisation needs more than 65K unless they are a public ISP.

    True.. Most of the colleges, DIT / TCD / UCD / HEANET / Maynooth, Galway, Cork all have their own class B. Thats 65K for each of em. Doubt they use 65K public IPs between them!


  • Registered Users, Registered Users 2 Posts: 646 ✭✭✭macrubicon


    innovated wrote: »
    do they REALLY need that many publicly available IP addresses, going on the number of IP's i would ASSUME that they are issueing public IP's to all hosts which IS a waste as they can nat the internal network

    As an admin in an IoT - yes. There are a lot of things you cannot do with NAT'd addresses and where possible NAT is used but sometimes and for some applications you need direct out which will involve a large number of addresses when you start talking about labs with dozens of PC's in each.

    We have had an IPv6 assignment since very early on in the days of IPv6 but to be frank there are simply not enough endponts to warrent moving to it quickly. We would end up with a monster IPv6-4 gateway that would quickly get unmanageable from a traffic point of view.

    Thats why things like UPC moving are good news days - there is a huge base of users ( I'm presuming it's a global UPC move ) who now can access our limited IPv6 services. There is a whole chicken and egg thing with IPv6 and this type of thing helps create momentum.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 443 ✭✭bricks


    And the previous company I worked for had 1 class A.
    They could defo hand one of them class A's back.
    I'm suprised there isn't some sort of market value put on a Class 'A' range where it would be sold to a large ISP.


  • Registered Users, Registered Users 2 Posts: 32,417 ✭✭✭✭watty


    There is a market value

    Class As are now even sold piecemeal.

    This is why don't believe we will run out of IP4.


  • Moderators, Education Moderators, Home & Garden Moderators Posts: 8,260 Mod ✭✭✭✭Jonathan


    IPv6 full cone NAT + IPtables solves some of the privacy issues.

    This would still allow internal hosts to be accessed from the internet but protect against people tracking a persons location when using autoconfigured IPv6 addresses (lower 60 bits of IP address = [upper MAC address]:FFFF:[lower MAC address])


  • Registered Users, Registered Users 2 Posts: 2,370 ✭✭✭Knasher


    Admittedly there is a lot of under utilization of IPv4 for certain ranges, fact of the matter is that reclaiming those ranges is unfeasible. Stanford relinquished their /8 back in 2000 and its estimated that that only pushed back the exhaustion by a month. Making full use of the IPv4 range may push back exhaustion but that would be at the expense of vastly completely routing tables as well as a huge amount of effort on the part of the relinquishers both in switching over their networks as well as tightening their firewalls.

    Anything short of IPv6 will be just postponing the inevitable, esp considering that the rate of IP usage has been increasing, and companies won't take IPv6 seriously until their customers are using it.

    I'm not saying that I'd be comfortable with switching over to IPv6 just yet, but I do think that people need to have the option.


  • Registered Users, Registered Users 2 Posts: 1,056 ✭✭✭maggy_thatcher


    watty wrote: »
    There is a market value

    Class As are now even sold piecemeal.

    This is why don't believe we will run out of IP4.

    To increase the number of available IPv4's that way would be to cause the routing tables to jump in size as they fragment the address space more and more. This means that those responsible for the internet backbone are left with two choices:
    1. Upgrade the routing hardware to support longer and longer routing tables in IPv4. In addition, get all the ISPs to introduce NAT to reduce the number of IP addresses they actively use.
    2. Upgrade the routing hardware to support IPv6

    Given the two choices, I would hope they'd focus primarily on the latter.


  • Registered Users, Registered Users 2 Posts: 32,417 ✭✭✭✭watty


    There needs to be a plan.

    I'm just not convinced by the current one.


  • Registered Users, Registered Users 2 Posts: 1,056 ✭✭✭maggy_thatcher


    If you don't mind my asking - watty, why don't you like IPv6?

    Security - it has IPSec built in as a mandatory part of it, unlike an optional extension with IPv4.
    Privacy - Do you mean something in particular? If you mean the idea of the MAC address being part of the address, that's optional (some routers can swap it for a different number on exit, and there's no actual requirement that it must be the MAC address -- it can be any random number, as long as it's unique within a particular subnet).
    Compatibility - IPv4 can run in parallel with IPv6 until IPv4 runs out of space. If we give everybody that has an IPv4 address an IPv6 address, then everyone currently on the internet can access the material on IPv6 space, and everyone can access the material on IPv4. As more and more content becomes IPv6 only, only those that haven't migrated will be affected. There are also IPv6-IPv4 converters, which, while cumbersome, can provide connectivity to IPv4 services to those without IPv4 addresses. Whatever option is taken, those who stick with the old network will not be able to access those on the newer ones, but even if we found some other new IP to replace IPv4, there's nothing that's going to replace that.

    IPv4 has a limit of 3,706,452,735 globally accessible addresses (once we exclude reserved addresses). Assuming there are more than 3 billion unique client/servers around, and assuming we don't want to introduce hacks such as NAT to try and "hide" parts of the network, a new protocol is necessary. If IPv6 isn't the right answer, why isn't it?

    As an example, in this house, I've 4 computers, 3 DLNA clients, 1 games console, 1 smartphone and 1 printer all sharing the same public IP address, but with different internal addresses). I then have a bunch of IP forwarding rules set up in the router to allow me to access (some of) them remotely. It's rather frustrating having to remember "machine X is running ssh on port Y not 22" rather than just letting them have their own AAA records and use the standard port the odd time I have to go and get something. The sooner we all get IPv6 addresses (properly firewalled, of course), the better.

    From an ISP point of view, I would imagine they'd probably like to introduce IPv6 too so that they could see that I have 10 devices attached to their "single IP" product and bill me accordingly, but hopefully that won't happen :p

    I'm not saying there isn't work to be done, in particular end-users who have hardware firewalls will need to make sure that they don't just blindly pass IPv6 traffic straight into their network, but it's work that should be done sooner, rather than later imho.


  • Posts: 0 [Deleted User]


    I've done a lot of work in schools around north Kerry and west Limerick and noticed that their Cisco and MSI UDgateway routers give out public IP addresses in the 87.34.xxx.xxx range. I'd assume it's done for security reasons (easier to isolate a PC which might be infected) but I find it quite wasteful.


  • Moderators, Education Moderators, Home & Garden Moderators Posts: 8,260 Mod ✭✭✭✭Jonathan


    Karsini wrote: »
    I've done a lot of work in schools around north Kerry and west Limerick and noticed that their Cisco and MSI UDgateway routers give out public IP addresses in the 87.34.xxx.xxx range. I'd assume it's done for security reasons (easier to isolate a PC which might be infected) but I find it quite wasteful.
    Might not be the full 87.34.0.0/16 (old Class B network) though. It could actually be 87.34.0.0/20 for example which only contains 4096 hosts.


  • Registered Users, Registered Users 2 Posts: 32,417 ✭✭✭✭watty


    Most UPC modems are indeed just modems. No NAT or Router. So you get a public IP.


  • Advertisement
  • Closed Accounts Posts: 688 ✭✭✭Captain Commie


    watty wrote: »
    Most UPC modems are indeed just modems. No NAT or Router. So you get a public IP.

    i am using the cisco ones that have router and nat built in (actually hat the cisco router, which is strange cause i love cisco stuff)


  • Registered Users, Registered Users 2 Posts: 32,417 ✭✭✭✭watty


    Cisco bought Scientific Atlanta (cable Modems) a few years ago, more recently they bought Linksys (Other Consumer Internet products). I suspect there is little in common between an Enterprise Edge Router and a Cable Modem/Router or Home Ethernet Router other than the Branding.


  • Closed Accounts Posts: 688 ✭✭✭Captain Commie


    watty wrote: »
    Cisco bought Scientific Atlanta a few years ago, more recently they bought Linksys. I suspect there is little in common between an Enterprise Edge Router and a Cable Modem/Router or Home Ethernet Router other than the Branding.

    yeah, wondering if there is a way i can get it changed out as really starting to annoy me.

    Seeing as we are speaking on the subject of ip4 drought etc etc, anyone know if UPC give out dedicated IPv4 addresses on their net connections? would be handy for server admin


  • Registered Users, Registered Users 2 Posts: 32,417 ✭✭✭✭watty


    They can.

    but a UPC IP changes so infrequently that dyndns will work. Some Routers have dyndns auto-update client, or you can run one on your LAN. But the IP changes so infrequent you can update manually.

    Anyway, there will be a Drought of IP4s but not as soon as people wanting to sell IP6 gear claim. Currently only Network/Computer Gurus only know how to make a box on IP6 secure. Conflicker will be nothing compared to mayhem if home users are on IP6


  • Registered Users, Registered Users 2 Posts: 32,417 ✭✭✭✭watty


    Some light reading. The IETF are not gods.

    http://www.theregister.co.uk/2010/10/15/sysadmin_dns_heretic/

    Graph *HUGELY* understates free IP4
    http://arstechnica.com/business/news/2010/09/there-is-no-plan-b-why-the-ipv4-to-ipv6-transition-will-be-ugly.ars

    They need a plan B now. I've talked to Cisco experts and they say IPV6 as it is today is a disaster for home users and smaller Businesses without security and network gurus.

    Splitting old Class As into 65K IP blocks happens already. No big deal for routers or root DNS.

    http://arstechnica.com/apple/news/2007/02/7063.ars

    We have been getting the "Sky is falling in" we need to move to IPv6 now warning for over 6 years. Yet only 2008 did IETF set up a IPV6 Firewall taskforce.

    Today a Tiny fraction of Internet Traffic is using IPV6, a fraction of the hosts (a tiny fraction) that could run IPV6.

    The fact is that for
    Security
    Privacy
    DNS
    DHCP
    IPv4 interworking
    Packet overhead, esp on Mobile
    the IPv6 is almost a failure. That's why uptake is so low.
    The amount of free IPv4 Addresses has been consistently understated which doesn't help the case for IPv6, which almost only helps address space.

    Real ISPs can't use full NAT. It's only appropriate for LANs. Though Mobile ISPs frequently do use it because basically Mobile isn't much use for other than casual browsing and email fetching. You'd be mad to host anything or run serious p2p (not just Torrents, but Skype, Konteki video players, SIP, some games etc) on Mobile. LTE won't cure Mobile http://www.techtir.ie/blog/watty/mobile-never-broadband. So Mobile can continue to mostly use NAT.

    It's Real Broadband that can't use ISP NAT

    Hosting of any kind or any kind of p2p (plenty of legitimate, it's not just for filesharing) won't work over ISP NAT. It works on your own LAN nat as there is a 1:1 correspondence between port usage on public IP and LAN, as long as there is only one of each kind of server that uses a fixed port.

    So LANs don't ever need public IPs. Though SIP was pretty problematic. (SIP proxies, ICE, TURN etc are solutions). NAT on a LAN inherently blocks most unwanted "attacks" and hides what you have. There is no easy IPv6 equivalent. You are supposed to make each machine secure. Even the Intranet Web & email servers that are never accessed from Public Internet.

    We are going to run out of IP4, eventually. We do have maybe 5 to 10 years, not the 2 years claimed by IPv6 vendors.

    IETF needs to rethink and come up with IPv7. IPv6 isn't a solution. There needs to be Plan B, because IPv6 isn't flying.


  • Registered Users, Registered Users 2 Posts: 1,056 ✭✭✭maggy_thatcher


    If I recall correctly, in the earlier days of IPv4, it was also a security nightmare for anybody other than network gurus. The difference between then and now of course is that network is substantially bigger (so most people didn't care). Remember the days when Windows9x and Windows3.11 were plugged directly into the internet?

    Security/Privacy/DNS issues are all solvable at the ISP level, leaving end-user safely protected (if desired). That post regarding Apple's routers providing IPv6 addresses is more that Apple really should have the IPv6 firewall set to the same settings as the IPv4 firewall by default. It's a configuration issue more than anything else.

    IPv6 is sometimes actually better than IPv4 in terms of packet overhead -- an optionless IPv4 header may be half the size of an (optionless) IPv6 header, but an IPv4 header is quicker/easier to parse for routing hardware (the way the options are handled). For mobile, it has the distinct advantage of there being explicit support for keeping services/connections alive while a mobile node moves around. While right now, mobile networks are unsuitable for running long-term services, give it a couple of years and that won't necessarily be the case. An IPv4 header is also more likely to have options, making the header bigger again.

    The only big issue remaining is IPv4 internetworking -- and that's what dual-stacks are for.


  • Registered Users, Registered Users 2 Posts: 32,417 ✭✭✭✭watty


    In Win3.x & Win9x days I installed Firewalls and Proxies. I've been configuring Network security since 1993. But I'm not confident about securing an IPv6 based system.

    You can't solve security at ISP level unless all you have is the sort of service offered by Mobile for casual browsing and email. Security is the user's issue, not the ISPs. The ISP is a pipe.

    There is no simple concept as an IPv6 firewall in sense that there is on IPv4.


  • Closed Accounts Posts: 688 ✭✭✭Captain Commie


    watty wrote: »
    They can.

    but a UPC IP changes so infrequently that dyndns will work. Some Routers have dyndns auto-update client, or you can run one on your LAN. But the IP changes so infrequent you can update manually.

    I use several servers and try to restrict my ssh access to specific IP's and to have to change that is a PITA, talking about 10 servers at present, hence why i would like a static ip


  • Registered Users, Registered Users 2 Posts: 1,056 ✭✭✭maggy_thatcher


    watty wrote: »
    In Win3.x & Win9x days I installed Firewalls and Proxies. I've been configuring Network security since 1993. But I'm not confident about securing an IPv6 based system.

    You can't solve security at ISP level unless all you have is the sort of service offered by Mobile for casual browsing and email. Security is the user's issue, not the ISPs. The ISP is a pipe.
    I know that - it could be an optional service - so that people who know what they're doing can turn it off and set up their own environments, whereas the "general" public can have basic protection if they need it.
    watty wrote: »
    There is no simple concept as an IPv6 firewall in sense that there is on IPv4.

    What's wrong with ip6tables? (and the equivalent for other OSes)? If the default settings on any environment was accept link-local addressing only, with explicit access enabled to particular port/addresses I don't see what the difference is?


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 18,991 ✭✭✭✭kippy


    macrubicon wrote: »
    As an admin in an IoT - yes. There are a lot of things you cannot do with NAT'd addresses and where possible NAT is used but sometimes and for some applications you need direct out which will involve a large number of addresses when you start talking about labs with dozens of PC's in each.

    We have had an IPv6 assignment since very early on in the days of IPv6 but to be frank there are simply not enough endponts to warrent moving to it quickly. We would end up with a monster IPv6-4 gateway that would quickly get unmanageable from a traffic point of view.

    Thats why things like UPC moving are good news days - there is a huge base of users ( I'm presuming it's a global UPC move ) who now can access our limited IPv6 services. There is a whole chicken and egg thing with IPv6 and this type of thing helps create momentum.

    Can you give me an idea of these applications?
    I can think of one or two but NONE that would be on labs of PC's.......
    IPv6 seems like a dead squib to be honest.
    This is an interesting topic though.


  • Registered Users, Registered Users 2 Posts: 646 ✭✭✭macrubicon


    kippy wrote: »
    Can you give me an idea of these applications?
    I can think of one or two but NONE that would be on labs of PC's.......

    Not on a public board - resourceful lot students :D

    In general we have issues with things session based. Also firewalls can get ansy when they see multiple service requests coming from the same IP and start shunning or blocking.

    SAP, WorldSpan and any of the prometric / online test apps can cause huge issues.


  • Registered Users, Registered Users 2 Posts: 18,991 ✭✭✭✭kippy


    macrubicon wrote: »
    Not on a public board - resourceful lot students :D

    In general we have issues with things session based. Also firewalls can get ansy when they see multiple service requests coming from the same IP and start shunning or blocking.

    SAP, WorldSpan and any of the prometric / online test apps can cause huge issues.
    I dont actually see HOW any college would require more public IP's than a business.
    I've supports all of the above (bar wordspan) in a NATTED environment without any issues.
    Perhaps you've had more specific tasks required of the apps but I really cant see why you would want/need this many public IP's.
    I do realise the need for some alright, but dont get the reasoning for as many as you have or as many PC's in labs having public IPs.


  • Registered Users, Registered Users 2 Posts: 646 ✭✭✭macrubicon


    There are fairly specific reason based, mainly, on how the services are utilised (and reused) for specific purposes.

    Not that I'm trying to dodge answering but given that most of our students have a presence here I'm having to be purposefully cagey.

    Could we move more to private IP's and NAT - yes.
    Could doing this reduce our Public IP footprint - yes but not by much - maybe 1 Class C. This is mainly due to the apps that need the 1:1 relationship client to server.

    We have an ever increasing Private IP base internally that is beind proxies and NAT'd firewalls, so in effect we are using reduction techniques and will continue to deploy them but we are always going to need a bit more than the norm due to the way things are used more so than the apps that are used.


  • Registered Users, Registered Users 2 Posts: 18,991 ✭✭✭✭kippy


    macrubicon wrote: »
    There are fairly specific reason based, mainly, on how the services are utilised (and reused) for specific purposes.

    Not that I'm trying to dodge answering but given that most of our students have a presence here I'm having to be purposefully cagey.

    Could we move more to private IP's and NAT - yes.
    Could doing this reduce our Public IP footprint - yes but not by much - maybe 1 Class C. This is mainly due to the apps that need the 1:1 relationship client to server.

    We have an ever increasing Private IP base internally that is beind proxies and NAT'd firewalls, so in effect we are using reduction techniques and will continue to deploy them but we are always going to need a bit more than the norm due to the way things are used more so than the apps that are used.
    Fair enough.
    Just trying to figure out in my head (i've worked in HP and fairly sizeable banks/institutions) what apps need that many public IP's.

    As I said, I understand why you arent going to disclose them.


  • Registered Users, Registered Users 2 Posts: 32,417 ✭✭✭✭watty


    Back in 1999 I think Limerick Institute of Tech was using less than 20. Everything else behind proxy.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 32,417 ✭✭✭✭watty


    macrubicon wrote: »
    There are fairly specific reason based, mainly, on how the services are utilised (and reused) for specific purposes.

    Not that I'm trying to dodge answering but given that most of our students have a presence here I'm having to be purposefully cagey.

    Security by obscurity isn't going to work...
    It's easy to find out what IPs you have and scan the ports.


  • Closed Accounts Posts: 688 ✭✭✭Captain Commie


    well that was a waste of 15 mins on hold, called to see if could get a static ip and was told straight away no, but then tried to get me to call premium support


  • Moderators, Education Moderators, Home & Garden Moderators Posts: 8,260 Mod ✭✭✭✭Jonathan


    Has anyone managed to get an IPv6 address from UPC? I tried and couldn't.

    @innovated Are you sure you had a proper IPv6 address or were you using a Teredo address?


  • Registered Users, Registered Users 2 Posts: 6,007 ✭✭✭Moriarty


    No sign in Dublin 1 anyway. Anyone have any news on if there's a trial going on atm or if this is hot air? :)


  • Registered Users, Registered Users 2 Posts: 590 ✭✭✭blaz


    Moriarty wrote: »
    No sign in Dublin 1 anyway. Anyone have any news on if there's a trial going on atm or if this is hot air? :)

    I have heard from a friend who lives in Dublin 4 that he got one assigned. Apparently you only get it via DHCP (if your DHCP client support IPv6), but not via neighbor discovery.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 590 ✭✭✭blaz


    Update: I have been in contact with UPC (their core network engineers, not the support team in Ireland). As of yet, there is no IPv6 on UPC in Ireland, except for business customers on request (contact your account manager). For residential customers, don't expect anything anytime soon.


  • Moderators, Education Moderators, Home & Garden Moderators Posts: 8,260 Mod ✭✭✭✭Jonathan


    UPC acknowledging IPv6 for the first time:

    http://support.upc.ie/app/answers/detail/a_id/340/


  • Registered Users, Registered Users 2 Posts: 20 Kiall


    About time an Irish ISP made a "public statement" on what their plans are :)

    All this talk of recovering IPv4 blocks from the large institutions is not gonna happen. ever. hell will freeze over before we get enough to last 5 years back, never mind 50. Now - lets move onto something that actually has a chance in hell of happening .. IPv6!

    I'm glad at least 1 Irish ISP isn't going to implement large scale NAT - hopefully none of them will! I can't even begin to imagine the PITA LSN would be :)


  • Registered Users, Registered Users 2 Posts: 71,190 ✭✭✭✭L1011


    watty wrote: »
    Back in 1999 I think Limerick Institute of Tech was using less than 20. Everything else behind proxy.

    That's being sensible; the other end of the scale is Apple where every network printer they have has a public (but unroutable from external, obviously) IP address!


  • Registered Users, Registered Users 2 Posts: 20 Kiall


    MYOB wrote: »
    That's being sensible; the other end of the scale is Apple where every network printer they have has a public (but unroutable from external, obviously) IP address!

    Thats only being sensible if you care about "everyone else" .. Don't get me wrong, I would never use public IPv4's for anything I didn't explicitly want over the internet access to. But this makes Apple's ops and security team jobs much easier.

    BUT - Everything in our office has a public IPv6 address. (Everything that supports IPv6 that is..) I can see why this ease of access appealed to the Apple ops team..

    To those who suggest this kind of crap:
    watty wrote: »
    If you don't want Pwnd, turn off all IP6 for now.

    We're yet to get "Pwnd" .. Maybe you know something we don't? Care to share?


  • Registered Users, Registered Users 2 Posts: 3,537 ✭✭✭SickBoy


    MYOB wrote: »
    That's being sensible; the other end of the scale is Apple where every network printer they have has a public (but unroutable from external, obviously) IP address!

    :eek:


  • Registered Users, Registered Users 2 Posts: 22,231 ✭✭✭✭Sparky


    Jonathan wrote: »
    UPC acknowledging IPv6 for the first time:

    http://support.upc.ie/app/answers/detail/a_id/340/

    Our connection has had an IPv6 address for the last 9 months but its only a 6to4. None the less ipv6 sites are working.

    http://[2620:0:1cfe:face:b00c::3]/ loads up facebook

    Regards security. We have iptables blocking it anyways unless we allow it


    b1011.jpg


  • Posts: 0 [Deleted User]


    My router supports IPv6 either via DHCPv6 or a 6to4 tunnel. I've tried it with tunnelling and it works, just a bit slower. Nothing via DHCPv6 as of yet.

    For some reason, when I have 6to4 enabled, the DNS seems to revert to the UPC default (with the search page for invalid domains) despite me having manually specified other static IPv4 DNS servers. I'd assume that the IPv6 DNS is taking over, but why would it be using UPC's search page?


  • Moderators, Education Moderators, Home & Garden Moderators Posts: 8,260 Mod ✭✭✭✭Jonathan


    Sparky wrote: »
    Our connection has had an IPv6 address for the last 9 months but its only a 6to4. None the less ipv6 sites are working.

    http://[2620:0:1cfe:face:b00c::3]/ loads up facebook

    Regards security. We have iptables blocking it anyways unless we allow it


    b1011.jpg

    But thats a 2002::/16 address, not a AS6830 address. That address will load on almost every Windows machine anyway because they enable Teredo by default.


  • Registered Users, Registered Users 2 Posts: 1,056 ✭✭✭maggy_thatcher


    UTV internet have turned on 6to4 as well in the last couple of days. I only noticed because something seems to be up with ie.archive.ubuntu.com (lots of 'Forbidden' errors), and it was connecting via an IPv6 link.
    0d011af7837c4ccefc0a8b9f0827748b.png

    The IPv6 addresses are working from all my devices (Mac, Linux & Android), and they're not running any local level 6to4 software, so it's definitely implemented at the ISP level.


  • Advertisement
Advertisement