IPv6 adoption statistics – Google
-
This post did not contain any content.
-
This post did not contain any content.
I gotta suck it up and learn IPv6. My ISP now provides me with a /64. But I feel like I have a lot of knowledge gaps on their features so I'm worried about security. Especially with all the new features like SLAAC.
What's the best crash course these days? Go through Cisco materials or something?
-
I gotta suck it up and learn IPv6. My ISP now provides me with a /64. But I feel like I have a lot of knowledge gaps on their features so I'm worried about security. Especially with all the new features like SLAAC.
What's the best crash course these days? Go through Cisco materials or something?
You need to find out if your ISP supports prefix delegation. A /64 will only give you one subnet. An ISP should supply a /56 if your router requests it. There are some bad ISPs out there that won't though.
-
You need to find out if your ISP supports prefix delegation. A /64 will only give you one subnet. An ISP should supply a /56 if your router requests it. There are some bad ISPs out there that won't though.
Doesn't a /64 already give me more than I'll ever use?
-
Doesn't a /64 already give me more than I'll ever use?
An IPv6 subnet must be /64. Anything else breaks stuff. If you want a separate network for guests or IoT devices, a single /64 won't be enough because it can't be divided up any smaller.
-
An IPv6 subnet must be /64. Anything else breaks stuff. If you want a separate network for guests or IoT devices, a single /64 won't be enough because it can't be divided up any smaller.
You can't subnet below a /64 at all? Or it just makes things like SLAAC/auto-addressing using the MAC address unusable?
-
You can't subnet below a /64 at all? Or it just makes things like SLAAC/auto-addressing using the MAC address unusable?
The only legitimate v6 prefix smaller than /64 is /127, to be used for point to point links, similar to /31’s in v4, but these aren’t processed for routing outside of the boxes the link is configured on.
The concepts of addressing for v4 and v6 don’t map 1:1.
From the perspective of the internet, and any properly configured routing infrastructure, they should only ever be interested in the first 64 bits when routing, the second 64 should be exclusively the domain of the last segment. It’s like inserting an additional type of addressing between the routing portion and the protocol port.
You kind of have this with v4, but it’s variable, particularly since CIDR shot the v4 address classes in the head, so the equipment had to be able to process the entire address with every routing lookup and other functions.
-
The only legitimate v6 prefix smaller than /64 is /127, to be used for point to point links, similar to /31’s in v4, but these aren’t processed for routing outside of the boxes the link is configured on.
The concepts of addressing for v4 and v6 don’t map 1:1.
From the perspective of the internet, and any properly configured routing infrastructure, they should only ever be interested in the first 64 bits when routing, the second 64 should be exclusively the domain of the last segment. It’s like inserting an additional type of addressing between the routing portion and the protocol port.
You kind of have this with v4, but it’s variable, particularly since CIDR shot the v4 address classes in the head, so the equipment had to be able to process the entire address with every routing lookup and other functions.
From the perspective of the internet, and any properly configured routing infrastructure, they should only ever be interested in the first 64 bits when routing, the second 64 should be exclusively the domain of the last segment.
Interesting. But routers don't actually strip that, do they? So the endpoint I'm communicating with will still get the full /128 address? I'm concerned about the privacy implications of MAC addresses being sent to everybody and their mother.
-
From the perspective of the internet, and any properly configured routing infrastructure, they should only ever be interested in the first 64 bits when routing, the second 64 should be exclusively the domain of the last segment.
Interesting. But routers don't actually strip that, do they? So the endpoint I'm communicating with will still get the full /128 address? I'm concerned about the privacy implications of MAC addresses being sent to everybody and their mother.
I’m concerned about the privacy implications of MAC addresses being sent to everybody and their mother.
Unless something has drastically changed from my understanding MAC addresses only operate on Layer 2 (Data Link). Anything IP related is handled at Layer 3 (Network). MAC addresses aren't routable, so the chatter where MAC addresses would happen don't make it to the other side of a router on another network interface.
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login