nanog mailing list archives

Re: IPv6 - real vs theoretical problems

From: Owen DeLong <owen () delong com>
Date: Wed, 12 Jan 2011 11:28:56 -0800


On Jan 12, 2011, at 9:34 AM, Ted Fischer wrote:

At 11:59 AM 1/12/2011, Jim postulated wrote:

On 01/11/2011 01:31 PM, Owen DeLong wrote:

It's not about the number of devices. That's IPv4-think. It's about the number
of segments. I see a world where each home-entertainment cluster would
be a separate segment (today, few things use IP, but, future HE solutions
will include Monitors, Amps, Blu-Ray players, and other Media gateways
that ALL have ethernet ports for control and software update).


Your future is now, Owen.  I have four network devices at my primary
television -- the TV itself, TiVo, PS3, and Wii (using the wired
adapter).  All told, I have seven networked home entertainment devices
in my house, with another (Blu-Ray player) likely coming soon.  I feel
confident in saying that my use case isn't unusual these days.

While a lot of the scalability concerns are blown off as "not applying
to typical consumers," we're quickly getting to the point where your
average joe IS somewhat likely to have different classes of devices that
might benefit from being on separate subnets.

    Jima


I helped a friend setup his "home network" recently.  He is using an old Linksys Router with no v6 support.  I like 
to be conservative and only allocate what might be needed ... part of my "Defense in Depth" strategy to provide some 
layer of "security" with NAT (yes, I know - my security by obscurity is to use something from 172.16) and a limited 
amount of addresses to allocate (not to mention WPA2 - he had default no security when I first got there).  Used to 
be a /29 would be sufficient for any home.  But, before I knew it, he had a wireless printer, laptop, and 4 iPhones 
all needing the new wireless passphrase to connect, plus he was anticipating 2 more laptops (one each for his 
children - to whom 2 of the iPhones belonged), and addresses set aside for guests and the occasional business visitor 
(he works from home).  I left him configured with a /28, and told him to call me if he anticipated more.

As a side security note - we lost the laptop on the "new" secured network before I tracked down that it had 
automatically logged in to his neighbor's (also unprotected) network on reboot.

Ted


I'm not sure how you see limiting available addresses as a security feature rather than just a nuisance, but, to each 
their own.


Owen

Current thread:

Re: IPv6 - real vs theoretical problems, (continued)
- - - Re: IPv6 - real vs theoretical problems William Herrin (Jan 07)
    - Re: IPv6 - real vs theoretical problems Owen DeLong (Jan 07)
    - Re: IPv6 - real vs theoretical problems Dobbins, Roland (Jan 07)
    - Re: IPv6 - real vs theoretical problems Michael Loftis (Jan 11)
    - RE: IPv6 - real vs theoretical problems George Bonser (Jan 11)
    - Re: IPv6 - real vs theoretical problems Jack Bates (Jan 11)
    - Re: IPv6 - real vs theoretical problems Joel Jaeggli (Jan 25)
    - Re: IPv6 - real vs theoretical problems Owen DeLong (Jan 11)
    - Re: IPv6 - real vs theoretical problems Jima (Jan 12)
    - Re: IPv6 - real vs theoretical problems Ted Fischer (Jan 12)
    - Re: IPv6 - real vs theoretical problems Owen DeLong (Jan 12)
    - Re: IPv6 - real vs theoretical problems Dobbins, Roland (Jan 07)
    - Re: IPv6 - real vs theoretical problems William Herrin (Jan 07)
    - Re: IPv6 - real vs theoretical problems Dobbins, Roland (Jan 07)
    - Re: IPv6 - real vs theoretical problems William Herrin (Jan 07)
    - Re: IPv6 - real vs theoretical problems Sam Stickland (Jan 08)
    - Re: IPv6 - real vs theoretical problems Dobbins, Roland (Jan 08)
  - RE: IPv6 - real vs theoretical problems Deepak Jain (Jan 07)
- Re: IPv6 - real vs theoretical problems Jeff Wheeler (Jan 06)
- Re: IPv6 - real vs theoretical problems Jimmy Hess (Jan 06)
  - Re: IPv6 - real vs theoretical problems Jeff Wheeler (Jan 06)

(Thread continues...)