Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Why You Shouldn't Worry About IPv6 Just Yet

CmdrTaco posted more than 4 years ago | from the more-worried-about-a-sandwich dept.

The Internet 425

nk497 writes "While it's definitely time to start thinking about IPv6, it's not time for most to move up to it, argues Steve Cassidy, saying most can turn it off in Windows 7 without causing any trouble. Many network experts argue we're nearing network armageddon, but they've been saying that for years.'This all started when Tony Blair was elected. The first time. Yep, that's how long IPv6 has been around, and it's quite a few weeks ago now.' He says smart engineering has avoided many of the problems. 'Is there an IPv6 "killer app" yet for smaller networks? No. Is there any reason based on security or ease of management — unless you're running a 100,000-seat network or a national-level ISP — for you to move up to it? No. Should you start to do a bit of reading about it? That's about the stage we're truly at, and the answer to that one is: yes,' he says."

Sorry! There are no comments related to the filter you selected.

Won't even notice it (1)

esocid (946821) | more than 4 years ago | (#33290712)

While I didn't experience it on my last 2 installs, I had to disable ipv6 in Fedora to get networking to work properly. I've since had it enabled no problem, but from my the perspective of most end users like me, we probably won't even notice when things start using ipv6.

Re:Won't even notice it (5, Insightful)

statusbar (314703) | more than 4 years ago | (#33290850)

Many people are already using ipv6 by default without even knowing it!

jdks-mbp:~ jeffk$ ssh jeffk@macpro.local.
Warning: Permanently added the RSA host key for IP address 'fe80::21f:5bff:fe38:39e5%en0' to the list of known hosts.
Last login: Tue Aug 17 14:32:43 2010

One important reason to use it is for small devices that you really don't want to have to have a user interface to enable Static IP / Router Info / DHCP configuration on.

Also, if you use use Apple MobileMe's Remote Desktop feature, you are using ipv6 only - MobileMe provides an IPv6 VPN to access all of your devices wherever they may be.

So in fact there are many many users of Ipv6 out there, just not much sending packets over the un-vpn'd internet.

--jeffk++

Re:Won't even notice it (3, Insightful)

MoldySpore (1280634) | more than 4 years ago | (#33291334)

Same here. There have been several instances where IPv6 has caused a lot of problems. I work for a local government and have 5000 new PC's being installed on my network and they are all getting IPv6 turned off on their images because it is annoying, to say the least.

As a network engineer I am not worried about IPv6. The most that will have to be done is our main firewall and/or router will maybe eventually have to be setup to accept incoming IPv6 addresses. But for our internal network, IPv4 won't go away anytime soon. I doubt if it ever will. There is just no reason to run IPv6 on an internal network unless you need some specific function of IPv6 on your internal network (which other than the mandatory IPsec integration and multicast additions I can't see anyone needing the larger address space or any other features on an internal network).

IPv6 seems to be more for ISPs and super-large networks than for the rest of us.

Ah, Yes, 'Let Someone Else Worry About It' (5, Insightful)

eldavojohn (898314) | more than 4 years ago | (#33290716)

Is there any reason based on security or ease of management – unless you're running a 100,000-seat network or a national-level ISP – for you to move up to it? No.

What if you're writing web applications that monitor IP addresses? Shouldn't you be making sure that your regexp fits for IPv6 as well? What if you're storing IP addresses and your sanitizing your data? What if you're doing anything at all with IP addresses? Like monitoring logs for abuse? Shouldn't be preparing for the inevitable move to IPv6? What if you collect metrics so you can report to management your country by userbase? I say this because we've started to account for IPv6 in our coding and auditing.

What if you write any sort of firmware or software for network devices?

And if you're a consumer and you're about to purchase something that's going to last you more than three years you should probably make sure it supports IPv6 in case the computer you buy down the line can only handle IPv6 addresses allocated to it.

Go ahead and tell your readers that it's cool, Microsoft's got it covered. I'm going to err on the side of safety whether the armageddonists are right or wrong about the ETA.

Re:Ah, Yes, 'Let Someone Else Worry About It' (0)

bsDaemon (87307) | more than 4 years ago | (#33290794)

If your server isn't exposing itself via ipv6, then are you really going to have to worry about it, though? I may be wrong, but wouldn't they be hitting you via a 6to4 tunnel or similar, where the ipv6 is encapsulated in ipv4 packets, so you end up seeing basically ipv4 'proxy' addresses server-side.

But yeah, if you're designing systems/software which have correct interaction with native ipv6 as a requirement then of course you need to be concerned with it. But for the majority of people, probably not so much.

Also... (1)

BrokenHalo (565198) | more than 4 years ago | (#33291162)

Also, from a user's point of view, hosts file ad-blocking would become somewhat problematic (or at least more unwieldy) with IPv6. But fortunately or otherwise, it seems IPv4 is more than sufficient for ad-servers to make everyone's lives a burden and an affliction.

Re:Also... (2, Insightful)

amorsen (7485) | more than 4 years ago | (#33291308)

The hosts file blocks whichever HOST NAMES you put in (and give an unreachable address). This works equally well with ipv6 and ipv4, and the number of host names doesn't magically increase with ipv6.

Re:Ah, Yes, 'Let Someone Else Worry About It' (1)

arkane1234 (457605) | more than 4 years ago | (#33290806)

The situations you noted have nothing to do with whether it's the standard or not, but whether the tool your making will actually work on IPv6.
This articles mostly about consumer-based network use... i.e. non-developers.

Re:Ah, Yes, 'Let Someone Else Worry About It' (1)

sakdoctor (1087155) | more than 4 years ago | (#33290832)

Going to be difficult for all those billions of LAM(ysql)P users until they gets a better way of storing them.

Apparently support for ipv6 is "Status: On-Hold - Priority: Low". So it looks like we're all going to have to migrate to LAP(ostgres)P.

Torrenting (5, Insightful)

Anonymous Coward | more than 4 years ago | (#33290720)

Torrenting is the killer app. Very unlikely all the spooks have updated to ipv6 snooping.

Re:Torrenting (1, Insightful)

Anonymous Coward | more than 4 years ago | (#33291558)

also very unlikely there are many seeding at ipv6.
and as soon as they do, the spooks will be the first to join the party.

I have read it... (1, Insightful)

jhoegl (638955) | more than 4 years ago | (#33290746)

Yeah, IPv6 solves some problems, but then causes others.
Anonymity is lost pretty quickly with IPv6, along with ISPs seeing how many systems you have running on their network, and it exposes systems to OS flaws. no more "hardware firewall" that I can see. The logic in fact seems to be nothing but a really big switched network.

In short, I dont like what IPv6 gives us over what we lose with IPv4.

Re:I have read it... (1)

GIL_Dude (850471) | more than 4 years ago | (#33290802)

Although the design of IPv6 discourages the use of NAT it does not actually prevent it. So if you want a NAT router to keep network wormable flaws away from the OS you can still do it. You might give up some amount of functionality doing that, but it can certainly still be done.

Note that you might need to wait for someone to ship a NAT router that does IPv6 though. I haven't researched whether they are available or not yet.

Re:I have read it... (1)

jhoegl (638955) | more than 4 years ago | (#33290888)

I have not seen any either, which leads me to believe the industry thinks we do not need them.
I dont know, perhaps the future of the internet will be hardware firewalls, VPNs, and viruses.

Re:I have read it... (4, Informative)

vlm (69642) | more than 4 years ago | (#33291054)

So if you want a NAT router to keep network wormable flaws away from the OS you can still do it.

you're confusing NAT address translation with stateful firewalling. Linux has been able to do that for ages on ipv4 or ipv6.

A side effect of ipv4 NAT is providing stateful firewalling, in that obviously the fw has no idea what to do with incoming traffic that doesn't belong to a flow you've already set up. All you need is one line to do this in v6.

You're looking for a line vaguely similar to this:

ip6tables -i eth0 -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

And try not to forget to drop by default anything coming in thru eth0 that doesn't match the line above, of course.

Re:I have read it... (2, Funny)

mattventura (1408229) | more than 4 years ago | (#33291562)

NAT address translation

Network Address Translation Address Translation? Is that like an ATM machine or a PIN number?

Re:I have read it... (2, Funny)

slater.jay (1839748) | more than 4 years ago | (#33291652)

More like an ATM Teller Machine or a PIN Identification Number.

Re:I have read it... (1)

CyprusBlue113 (1294000) | more than 4 years ago | (#33290818)

Umm what? IPv4 has no hardware firewall either, untill you physically place one between you and the internet. IPv6 is no different, its just generally not going to be playing hokey games with fake addressing

Re:I have read it... (0, Interesting)

Anonymous Coward | more than 4 years ago | (#33290880)

Part of the problem here is that some people don't realize that NAT != Firewall. Because NAT happens to prevent certain kinds of packets from getting to a system inside the NAT appliance, a lot of people think that is the only way to do a firewall. Just wait for the hue and cry when they try to phase out well-known ports ...

Re:I have read it... (3, Insightful)

GooberToo (74388) | more than 4 years ago | (#33290836)

There is nothing in IPv6 which precludes the use of proxies and/or NATing. Its just that adoption of IPv6 no longer mandates the use of NAT'ing. Nothing is lost. There is only gain to be had from an IPv6 upgrade.

Re:I have read it... (5, Insightful)

Denis Lemire (27713) | more than 4 years ago | (#33290894)

You and many others desperately need to read more about v6 before regurgitating the same old myths.

* Read up on RFC 4941 - Privacy Extensions for Stateless Address Autoconfiguration in IPv6
* Their is NOTHING in IPv6 that negates a hardware firewall. You get a prefix routed to your 'router' it can have whatever allow or deny rules you like.
* If you want to use NAT and non-routable IPs for whatever reason, however misguided, there is nothing in IPv6 preventing you from doing so, see also FC00::/7 link-local addresses
* Whether a network is routed or switched has as little to do with IPv4 as it does with IPv6, these topology decisions have nothing to do with the protocol.

Re:I have read it... (4, Interesting)

mlts (1038732) | more than 4 years ago | (#33291106)

The sooner we get to IPv6, the better. If not, if someone wants a static IP, much less a /29 subnet with five usable host IPs, they will be paying through the nose, for it just due to artificial scarcity.

I just fear that companies are going to spend big bucks for routers that can do NAT traversal (dev subnet gets NATted to another subnet which then gets translated to the outside IP), as opposed to going to IPv6 where one can keep firewalls up and the traffic isolated and secure, but keep NAT is an option, not a must-have. If a company is worried about the IPv6 stack having issues, just use IPv6 as an edge routing protocol and keep the internal network on v4 and use Toredo. Yes, this is still not optimal, but it is better than dealing with having to bid for v4 statics so one can have their own webserver online.

Needs Leadership... (1)

steveb3210 (962811) | more than 4 years ago | (#33291520)

We first need to get BGP on board - only a small percentage of ASNs are announcing both ipv4 and ipv6 space.

If i was supreme dictator of the internet I would tell ARIN that in 7 years, no multihomed ASN renewals would be accepted unless the ASN announces at least one prefix in IPv6.

By doing this you would force the core network infrastructure to begin migrating and userland would eventually follow...

Re:I have read it... (1)

Junta (36770) | more than 4 years ago | (#33291396)

His point on privacy is not the MAC as part of the address, but enumaration of hosts that NAT 'mitigated'. Some consider that a privacy risk, I personally think it is overblown. If people NATed for the privacy explicitly, then why would it be so bad if people got to make a choice rather than have to NAT?

Agreed about the router stuff. People are scared because suddenly endusers will be empowered to not NAT, and users were implicitly firewalled through having NAT forced on them. If they don't need it, they may not use firewalls. I find this asinine as well.

I also agree about non-routable addresses, though fc00::/7 addresses are ULA prefixed addresses, not 'link-local', which are fe80::/64. ULA is the correct technology to replace private addresses though, so that was just a nitpick.

Re:I have read it... (1)

Luyseyal (3154) | more than 4 years ago | (#33291636)

Agreed about the router stuff. People are scared because suddenly endusers will be empowered to not NAT, and users were implicitly firewalled through having NAT forced on them. If they don't need it, they may not use firewalls. I find this asinine as well.

Yep. And the truly problematic users will be the ones who never touch the defaults anyway. So long as Cisco, Buffalo, 2wire etc. make home routers with reasonable home-centric firewalling on by default, it will not be a serious issue.

-l

Re:I have read it... (1)

mark-t (151149) | more than 4 years ago | (#33290902)

FYI, there's nothing stopping you from having your beloved NAT in IPv6, and putting whatever devices you want to be invisible behind it. But you won't *HAVE* to, unlike how the current situation is fast becoming. So if you find you might have a need for a system with a globally visible IP address for whatever reason (such as, say, wanting to run a server for a game you and some friends want to play, or something similar), at least it can be a viable option.

Re:I have read it... (5, Informative)

vlm (69642) | more than 4 years ago | (#33290924)

Anonymity is lost pretty quickly with IPv6

RFC 3041 dated January freaking 2001, assuming you're talking about using MAC addresses in the ipv6 address. Frankly I feel this is paranoia combined with ignorance of current ISP logging technology, in other words you don't have anonymity with ipv4 either.

along with ISPs seeing how many systems you have running on their network

Rates somewhere between 1) who cares 2) See RFC 3041 3) News to me that proxy servers are impossible on ipv6

exposes systems to OS flaws.

I suppose there are / will be bugs in v6 that would not happen in v4.

The logic in fact seems to be nothing but a really big switched network.

Thank god. Die NAT die! Can't happen soon enough. Some people will still want stateful "one way" firewalls. No problemo.

In short, I don't like what IPv6 gives us over what we lose with IPv4.

Given your list of misconceptions and misinformation, I'm not surprised.

Re:I have read it... (1)

dragin33 (529413) | more than 4 years ago | (#33290992)

Your ideas are intriguing to me and I wish to subscribe to your newsletter.

Re:I have read it... (2, Interesting)

bersl2 (689221) | more than 4 years ago | (#33290998)

You can deny all incoming TCP SYN segments and all incoming UDP and ICMP traffic if you so desire, then punch holes at the router's firewall when needed. This will give you essentially the same effect as NAT under IPv4. Also, use the privacy extensions of IPv6, whose random addresses on my machines last for about a day until being replaced, and are valid for incoming traffic for 6 days thereafter.

NAT is still a cancer upon networking. It partially intertwines mechanism and policy, which is a backwards step.

Re:I have read it... (1, Informative)

Anonymous Coward | more than 4 years ago | (#33291044)

IPv6 + router firewall = waayyy better security than IPv4 + NAT. Too many people think NAT actually provides decent security. It's (slightly) better than nothing at all, but it's definitely not as good as running a firewall. If IPv6 forces people to actually run firewalls, so much the better. Maybe we'll finally get some shrinking botnets for once.

On the "ISPs seeing how many systems you have running on their network" front, that's a big iffy. Modern deep packet inspection hardware should be able to infer how many machines you have active right now anyway, just by traffic patterns. Some operating systems (Windows 7 does anyway, I'm fairly sure) runs IPv6 in privacy mode by default, which means it periodically picks a new IPv6 unicast address and the unicast address isn't related to your MAC address.

Re:I have read it... (2, Insightful)

characterZer0 (138196) | more than 4 years ago | (#33291134)

Too many people think Port Address Translation is NAT.

Re:I have read it... (0, Flamebait)

mikkelm (1000451) | more than 4 years ago | (#33291290)

This "NAT is no/slightly better than no security at all" bullshit is getting really tedious. NAT has the side-effect of eliminating the most simple and obvious attack vector on the Internet without any additional effort. NAT has without any shred of doubt done more for the security of the Internet than any other network service, firewalls included.

Re:I have read it... (0)

Anonymous Coward | more than 4 years ago | (#33291526)

NAT didn't provide the "inbound traffic gets dropped" behavior you like. The stateful firewall logic that tracked connections and drops inbound connection initiation is what did it. It works whether or not there was NAT.

Re:I have read it... (1)

mattventura (1408229) | more than 4 years ago | (#33291646)

NAT has the side-effect of eliminating the most simple and obvious attack vector on the Internet without any additional effort.

Any firewall that blocks all incoming connections except those allowed while allowing all outgoing connections except those forbidden has the same effect as NAT.

NAT has without any shred of doubt done more for the security of the Internet than any other network service, firewalls included.

Which is only because NAT is forced down people's throats. If consumer internet connections got their own public IP ranges instead of NAT, and used routers that blocked incoming connections by default, the effects would be just the same, but consumers don't get that option.

Re:I have read it... (1)

DragonWriter (970822) | more than 4 years ago | (#33291090)

Anonymity is lost pretty quickly with IPv6, along with ISPs seeing how many systems you have running on their network, and it exposes systems to OS flaws. no more "hardware firewall" that I can see.

Even if no one makes dedicated IPv6 NAT/Firewall systems, it seems to me it would be pretty straightforward to take an inexpensive box (even a "Wall Wart") with dedicated software to do that, stick it between the rest of your network and the outside world, and acheive exactly the same thing that commercial IPv4 NAT/Firewall devices do.

And its the kind of need I'd expect the community to fill pretty quickly via specialized open-source software stacks (probably built around Linux) if commercial vendors don't (and, quite likely, even if they do.)

Re:I have read it... (0)

Anonymous Coward | more than 4 years ago | (#33291200)

IPv4, IPv6, and NAT have absolutely no relation to firewall logic. IPv6 has nothing to do with switching. In fact, its use of prefixes make route aggregation on the Internet easier than ever. It fixes ugly hacks like NAT, PAT, and IPSec which were introduced to IPv4 to give it a few more years.

This is why the article is correct in that people need to actually start learning about what IPv6 is. Try IPv6 Essentials by Silvia Hagen for a good start.

Re:I have read it... (2, Informative)

evilviper (135110) | more than 4 years ago | (#33291538)

and it exposes systems to OS flaws. no more "hardware firewall" that I can see.

NAT is NOT a firewall, and a firewall most certainly doesn't require NAT at all. You absolutely don't lose any security at all with IPv6.

In short, I dont like what IPv6 gives us over what we lose with IPv4.

Yes, but since you don't know what you're talking about...

Excuse me? (2, Insightful)

willyd357 (1293166) | more than 4 years ago | (#33290756)

Why do I feel like a Yo-Yo? One minute the sky is falling, the next it's no big deal! How about this, lets just get IPv6 implemented ASAP, and not worry about whether we need it right now or not. We're going to need it eventually, and frankly it's better to have it and not need it than vice-versa.

Re:Excuse me? (4, Interesting)

Again (1351325) | more than 4 years ago | (#33290960)

And here is a nice looking countdown until the moment the sky finishes falling. http://inetcore.com/project/ipv4ec/en-us/index.html [inetcore.com] I don't know how accurate it is but it is fun to watch.

Beware (3, Interesting)

Un pobre guey (593801) | more than 4 years ago | (#33290772)

Word on the street is that some major cable/internet providers and content delivery networks (CDNs), and I do mean major, are quickly moving to get limited availability online to major customers within the next 12 months or so, and general availability by early- to mid-2012.

Procrastinate at your peril.

Re:Beware (1)

arkane1234 (457605) | more than 4 years ago | (#33290860)

You say that as if the net will be suddenly unusable unless we hurry and get an IPv6 address from future vendors who provide them.
If it's not provided, it's hard to get. If you have to go outside of the box to get an address, it's a little unconventional and odd.
If I pay my provider (cox, comcast, qwest, etc) for internet, they provide an IP address. If it's IPv6, I'm sure then it'll be used. If it's not, then we'll use it.
There will be that time in the future that we'll have a "thunking layer" of IPv4 to IPv6 for those that are holding on tight to an IPv4 space for legacy reasons, either way. Call it good or bad, it's just how things work in this world when moving from one way to another.

Re:Beware (1)

Un pobre guey (593801) | more than 4 years ago | (#33290940)

My understanding is that the "thunking layer" is already there (see the next post: "poorly informed").

There is no implication that the internet will be suddenly unusable. As one of the previous posts mentioned, hardware and software developers who have to deal with TCP/IP and the like better be getting up to speed now for products they expect to be selling a year from now. IPv6 is already being deployed for voluntary use on a relatively wide scale. It is a parallel network that coexists with IPv4. The explicit buy-in and leveraging by users and their software is what will take another year and a half or so.

Re:Beware (1)

netw3rx (1868036) | more than 4 years ago | (#33291582)

Comcast and T-Mobile both have active trials with IPv6. If you are in either of there service areas you can connect to IPv6 today. See www.comcast6.net and http://groups.google.com/group/tmoipv6beta [google.com]

poorly informed (1)

Lord Ender (156273) | more than 4 years ago | (#33290774)

First of all, you are already using IPv6. Your computer is auto-picking an FE80 address, and every other machine on your switch could be talking to it (or attacking it) via this address. Bonus: many host-based firewalls let this right through.

Secondly, it is easy to set up IPv6. Just get an ISP with the addresses and set up AAAA DNS records for your servers.

Third: you need to have IPv6 working in the next year. In 2011, all v4 addresses will be assigned. Some people will be getting v6 internet addresses but NO v4 internet addresses. So if you want to be able to connect to them, you need v6.

Re:poorly informed (1)

Scutter (18425) | more than 4 years ago | (#33290912)

Secondly, it is easy to set up IPv6. Just get an ISP with the addresses and set up AAAA DNS records for your servers.

Ah, now that's the tricky part, isn't it? No ISPs that service my area support IPv6. In fact, I think on my last attempt, the response was "IP what, now?" If I want IPv6, I have to do 6-to-4 tunneling, which is, at best, a hack. Unless you're in a major metropolitan area, I would bet that you'd have the same problem.

Re:poorly informed (1)

Un pobre guey (593801) | more than 4 years ago | (#33290950)

No ISPs that service my area support IPv6.

Have you inquired recently?

Re:poorly informed (1)

Lord Ender (156273) | more than 4 years ago | (#33290988)

My budget VPS host comes with 16 v6 addresses per server by default. But if you don't have that option, by all means use tunneling (gogo6 does it for free) to make sure everything works properly, then transition to addresses from your ISP when they are available.

Re:poorly informed (1)

jandrese (485) | more than 4 years ago | (#33291002)

Yeah, it's pretty much impossible to get a consumer ISP to route IPv6 still. That is by far the biggest roadblock to implementation at this point.

Re:poorly informed (1)

vlm (69642) | more than 4 years ago | (#33291152)

No ISPs that service my area support IPv6.

For years, ipv6 folks like myself have been using tunnel providers.

At this moment, in my highly biased opinion, your best bet if you have a static ipv4 addrs is he.net, and your best bet if you have a dynamic ipv4 addrs is sixxs.net. But your mileage may vary based, etc. I've used them both to great success.

I think comcast is doing limmted tryals (2, Informative)

Joe The Dragon (967727) | more than 4 years ago | (#33291046)

I think comcast is doing limited trials of ipv6.

But it will take time to replace all the modems, boxes ,and so on with stuff that can do IPv6.

Re:poorly informed (2, Insightful)

arkane1234 (457605) | more than 4 years ago | (#33291496)

First of all, you are already using IPv6.
Who is? The author only said he experienced it, he didn't say he migrated to it! He's using internal addressing, which by assumption IPv4 is meant. If you disable IPv6 on your system, you are not using IPv6. This goes for both Windows & Linux.

The whole meltdown thing and needing and IPv6 address is a little perplexing to me since you get your IP from your provider. If you receive an IPv6 address, I can almost guarantee you that there will be a layer of IPv4 tunneling because there isn't going to be some mass exodus where people just stop communicating with IPv4 addresses. (the ultimate utopia, we're free of those lowlife IPv4'ers! *rolls eyes*) The two will coexist, and there will be a migration period where providers have 6to4 routers to communicate with between address schema. Maybe not perfectly, but better than the concept of having two disparate schema that don't communicate.

In 2011, all v4 addresses will be assigned.

I'm sure the blocks assigned to the providers will continue to be used in the same way during the migration. There isn't some master DHCP server in Frankfurt, Germany that's providing addresses to everyone "logging onto the IntArweb". Address blocks were assigned years ago, and it's just a matter of them being assigned by the owning provider since they own the routing equipment with addresses that route that block.
What will happen is once all IP addresses have been assigned to the last ISP/Megacorp, there will be no more to assign in that way. Then, the only place to get an IPv4 address will be from the megacorps or the ISPs that have the addresses because they've horded them. Basically a shift of power.

IPv6, or whatever pops up as something logical, will indeed be the next addressing used. However, a worldwide shift instantly is asinine. We have enough problems with culture & accepted practices of just about everything, let alone addressing.

We're still a young and struggling world, 500 years since the dark age. I think IPv6 is a minor problem in comparison.

Roll it out in cell phones (5, Insightful)

xerent_sweden (1010825) | more than 4 years ago | (#33290870)

Roll it out in the cell phones and the problem is solved! Most of the growth in the adress space is in the mobile space, so if the telecom backbone is made IPv6-compatible and all our fancy iPhones and Android phones resolve IPv6-adresses instead, we won't run out of adresses.

Re:Roll it out in cell phones (1)

TooMuchToDo (882796) | more than 4 years ago | (#33291394)

T-Mobile is already doing this testing with Nokia phones. Unfortunately, Android phones don't have support in the baseband chipset yet.

Not yet (4, Funny)

A Big Gnu Thrush (12795) | more than 4 years ago | (#33290910)

I'm still writing my Y2K compliance docs. I want to make sure they're detailed and complete before I turn them in to management. Have to get the font and formatting just right. Too soon to worry about the latest fads.

Re:Not yet (1)

GrumpySteen (1250194) | more than 4 years ago | (#33291590)

Don't forget the difficulty in choosing the proper paper. It has to have just the right subtle off-white coloring, just the right tasteful thickness.... oh my god, it should have a watermark!

porn (0)

circletimessquare (444983) | more than 4 years ago | (#33290920)

get word out that some site is streaming hd 3d porn, only available over ipv6, and whether its true or not, ipv6 adoption will go through the roof

porn always leads the way in the adoption of new high tech, every nerd worth their salt knows that

Re:porn (1)

Guyver3 (231816) | more than 4 years ago | (#33291310)

Kevin Day/Your.org tried that with "The Great IPv6 Experiment" offering free porn vids over v6 and instructional cooking videos over v4. That folded up even before the first Google IPv6 Implementors Conference in 2009, and only now appears to have had that gear returned as an actual pay-porn site with IPv6 connectivity. Albeit the free porn wasn't at issue, but rather getting all their gear supporting v6 properly (as per the last few posts on their now defunct mailing list). Guess all that gear works now for them.

Why i want ipv6 to come asap (5, Funny)

toopok4k3 (809683) | more than 4 years ago | (#33290948)

Who the hell wouldn't like their toaster to have its own ip unique ip address?

Re:Why i want ipv6 to come asap (1)

dragin33 (529413) | more than 4 years ago | (#33291304)

Hackers could burn your toast.

Re:Why i want ipv6 to come asap (1)

dangitman (862676) | more than 4 years ago | (#33291438)

Who the hell wouldn't like their toaster to have its own ip unique ip address?

That sounds like a dangerous idea to me. Give it a unique IP address, and pretty soon it will develop its own Genuine People Personality. Next thing you know, bam! Talkie toaster. [youtube.com]

Home user perspective (1)

martok (7123) | more than 4 years ago | (#33290954)

I realize this article is coming from a corporate perspective but from a home user's perspective, I am really getting quite a lot from IPV6. I once had to poke holes in my firewall to get at internal machines on nonstandard ports when away from home. Now that they are IPV6 enabled,, I can address them directly. I can also access my Samba shares (ISP port blocking) and the SIP protocol works much better now that NAT is not involved.

The tunneling does add latency though so here's hoping the ISPs get native connectivity soon now.

Re:Home user perspective (1)

b0bby (201198) | more than 4 years ago | (#33291306)

I once had to poke holes in my firewall to get at internal machines on nonstandard ports when away from home. Now that they are IPV6 enabled,, I can address them directly.

Couldn't you have done this before by getting rid of the firewall? (OK, maybe you didn't get enough IPs for all your machines.) I don't want all the ports on all my home machines exposed, which is why I suspect there will be a lot of people clinging to their known NAT routers as long as possible. Once I get comfortable with IPv6 firewalls, I'll switch, but I don't want to have everything opened up until then.

Re:Home user perspective (1)

Rising Ape (1620461) | more than 4 years ago | (#33291434)

Oddly enough I typically get a 10% lower ping through my HE tunnel than with native v4. 6to4 and Teredo are much worse though, since they really need both the v4 and v6 ends to deploy gateways to avoid your packets take bizarre routes. Not many ISPs have their own 6to4 gateways, from what I've seen.

Re:Home user perspective (1)

LingNoi (1066278) | more than 4 years ago | (#33291564)

It's not a corporate perspective. This article is coming from someone who has built up years of experience with ipv4 hacks, is now slowly waking up to the fact that they're redundant and is trying to do anything they can to stop it.

The hand waving in the summary alone is ridiculous... "No killer app?", because getting rid of NAT isn't killer enough? "No clear benefits?", unlimited supply of IPv6 addresses, giving each customer their own IP simplifying logging, storage and troubleshooting customer problems, etc. That was off the top of my head with no thought put into the answers..

Oh sure, no benefits at all.. lol..

No NAT, no glory (1, Flamebait)

six (1673) | more than 4 years ago | (#33290962)

The lack of SNAT/DNAT targets in Linux ip6tables makes it quite impossible to use ipv6 for any serious enterprise networking. Ipv6 multihoming can't be done without BGP, other solutions like mobile ipv6 or shim6 are - at best - a big mess, also who wants to broadcast his internal network topology/numbering scheme to the whole internet ?

There seems to be some kind of religious taboo here, where the only - supposedly - evil use of NAT (N-to-1 mapping) being taken into consideration, but this is IMHO just plain wrong. Also the NAT haters main argument is that it doesn't preserve end to end reachability (which is not even true for N-to-N mappings), but without NAT everyone is gonna use a stateful firewall for ipv6, and guess what ... the effect on reachability is almost exactly the same.

The other problem I have is with anonymity, without NAT every PC in your local network may be identified individually, there are many cases where this may not be desirable.

IMO ipv6 brings some nice new stuff to the table, the most obvious being the xxl address space, but takes away too much for me to consider using it for myself or my customers at the moment.

IPv6 gives me a choice (1)

YesIAmAScript (886271) | more than 4 years ago | (#33291248)

With IPv6 I can use NAT if I want. I can use a stateful firewall that breaks end to end reachability. Or I can use a stateful firewall that preserves end to end reachability. I can configure some hosts to have end-to-end reachability and some not.

If people want anonymity within their local network, then there will be a market for devices that do IPv6 address cloaking and you can buy one and use it to hide your addresses.

Re:IPv6 gives me a choice (1)

six (1673) | more than 4 years ago | (#33291354)

With IPv6 I can use NAT if I want.

I'm all for freedom of choice, my problem actually is that you can't use ipv6 NAT even if you want. Not with Linux anyway.

If people want anonymity within their local network, then there will be a market for devices that do IPv6 address cloaking and you can buy one and use it to hide your addresses.

Exactly, you would have to pay for something you can achieve with one iptables command line on ipv4. See my point ?

Re:No NAT, no glory (0)

Anonymous Coward | more than 4 years ago | (#33291356)

Don't confuse NAT and PAT, use the correct terminology. NAT is one to one mapping, PAT is many to one mapping.

Re:No NAT, no glory (1)

sadboyzz (1190877) | more than 4 years ago | (#33291436)

Also the NAT haters main argument is that it doesn't preserve end to end reachability (which is not even true for N-to-N mappings)

OK, so it seems you agree (with the Founders of the Internet) that end-to-end is a good thing.

without NAT every PC in your local network may be identified individually, there are many cases where this may not be desirable.

.... and now you say it's a bad thing. So is it a good thing or a bad thing then?

without NAT everyone is gonna use a stateful firewall for ipv6, and guess what ... the effect on reachability is almost exactly the same.

Er, what??

Re:No NAT, no glory (1)

six (1673) | more than 4 years ago | (#33291556)

OK, so it seems you agree (with the Founders of the Internet) that end-to-end is a good thing. .... and now you say it's a bad thing. So is it a good thing or a bad thing then?

My personal opinion is that end-to-end is *generally* a good thing, but shouldn't be *enforced* because there always will be edge cases where it will conflict with privacy.

Er, what??

Do you mean to say that without NAT a firewall is not needed, or that a firewall doesn't impact reachability ?

Re:No NAT, no glory (1)

gclef (96311) | more than 4 years ago | (#33291632)

IPv4 multi-homing can't be done without BGP, either. The requirements for Provider Independent address space in IPv6 are identical to the requirements for PI address space in IPv4 (at least in the ARIN realm). That's been true for at least 2 years. (and yes, shim6 is a mess...that contributed to the IPv6 PI requirements changing, since there wasn't a good alternative.)

Internal vs external networks (1)

gmuslera (3436) | more than 4 years ago | (#33290972)

You are free to decide to put ipv6 or not in your internal network.IPv6 tries to simplify internal networks too, but if you have that already solved, no big deal. But you should be ready to deal with ipv6 when talking with other networks and, specially, internet. Having already ipv6 addresses in your servers that can be accessed from internet, having in your DNS the definitions for the ipv6 ips, and being able to connect to external ipv6 sites is something that still can be done
  with time, and just because of that, should not be delayed to other moment when you will not have it.

As all can move gradually to ipv6, maybe big companies and content providers should give special services/content that make migrating early extra attractive, making users, not network admins, the ones to push forward the support of it.

IPv6 (0)

Anonymous Coward | more than 4 years ago | (#33291004)

A tad short-sighted ...

I don't much care about the address space issue, or how it has been largely surmounted by little numbers like NAT or whatever. Hey, when it comes down to it the switch will be made for that reason when necessary.

And IPv6 does have some cool features for content providers ... like multicasting, network auto-sensing, QoS header data, a much bigger header space, some additional packet security and socket management and the like. Other than that the experience for the user is pretty much IPv4 with some added niceties (like being able to log on from any network location or pipe completely transparently for example).

The downsides of course are the lack of sophisticated network tools and utlities (they'll come with use), managing that new address space (an administrative issue), and the fact that it's a pretty raw platform on which to base critical infrastructure at the moment.

The armageddonists will be wrong as usual ... but they only have to get it right just once ... and all will proceed pretty much as normal.

Actually you SHOULD worry about it... (4, Informative)

nweaver (113078) | more than 4 years ago | (#33291028)

For three big reasons.

a: Its actually ubiquitous in the LAN these days. Both Apple and Microsoft use IPv6 link local operations very heavily, because it Just Works with nice stateless autoconfiguration and multicast.

b: You can have things screw it up if you don't have V6 deployed, and you have to worry about V6 even if you don't 'have' V6: EG, a Windows box with connection sharing and 6to4 enabled will happily try to "share" the 6to4 connection with everyone else on the LAN, so everyone else gets a V6 address that doesn't actually work. And with Apple prefering a 6to4 IPv6 address over a V4 address, the macs on the same network will now see horrible behavior going to any dual-stacked site, as it will try V6 first, take a timeout, then revert to V4.

c: Address space exhaustion is real, and IPv6 + DS-Lite (or even just IPv6 + IPv4 NAT) allows an ISP to get around address space exhaustion in a much cleaner way than the alternatives.

Network armageddon (3, Insightful)

Anonymous Coward | more than 4 years ago | (#33291038)

"Many network experts argue we're nearing network armageddon, but they've been saying that for years." Say what?
"Network armageddon" is already here and we've been living in it for years. The horrors of NAT, the crampedness of addresses making configuration a pain, public addresses expensive, and so on. It's just not been a sudden catastrophe, it's been more like boiling a live frog by putting it in cold water and then slowly heating it.

most hated part of ipv6 (4, Insightful)

jollyreaper (513215) | more than 4 years ago | (#33291072)

Sure, ipv4 addresses were a little cumbersome but at least they were numbers and dots. 192.168.0.1. I can type that out on the numeric keypad. 2001:0618:71A3:0801:1319:0211:FEC2:82DC is just awful. Yeah, I know you need to have more characters in there to represent the value and a larger address space means it's going to be a larger number. Keeping the old ipv4 decimal scheme would make addresses look like 128.91.45.157.220.40.0.0.0.0.252.87.212.200.31.255. But I don't really see the hex as an improvement!

Short-sighted coding (2, Insightful)

Arancaytar (966377) | more than 4 years ago | (#33291092)

That it is not yet necessary to migrate is irrelevant. One may argue with the time frame (next year or in five years or ten), but nobody denies that IPv6 will eventually become commonplace, and before most of us retire. That means it is now necessary for software to support IPv6. Writing a network-using program now that does not support IPv6 addresses is like storing the year in two digits in the nineties. It will come back to bite you.

This is flat out bad advice (2, Insightful)

Omnifarious (11933) | more than 4 years ago | (#33291112)

It won't be armageddon. Slowly parts of the Internet will be become unavailable and inaccessible to you as some sites become IPv6 only since they can't even get a valid IPv4 address. It won't be a disaster, it will be a slow loss of connectivity to the Internet as a whole.

Turning it off is horrible advice. You won't notice much of a difference right away, not until you start getting hits in search results that you can't actually fetch when you click on them. Talking to the entirety of the rest of the human race isn't a killer app exactly, but it is what the Interent is for, and by turning off IPv6 you are cutting yourself off from this benefit. Currently in a small way, but in an ever increasing way over time.

Re:This is flat out bad advice (3, Informative)

vlueboy (1799360) | more than 4 years ago | (#33291592)

Ignoring the technology incompatibilities between v6 and v4 for a second, and just taking connectivity at heart, let's examine the effect of "isolation": your community runs out of telephone numbers for its area code. Your state creates a new area code. NEW numbers are given out to new owners; all old phone line owners remain unaffected and able to reach old phone lines and continue with business as usual with their other giant companies also using the old phone lines

With IPv6, all new owners can talk to the old owners. The old ones already have websites that they can reach. Top sites like youtube, google, facebook and maybe even windows update with reserved IPv4 address isn't just going to magically lose it. They'll shuffle less important services to IPv6 the day they are forced to exceed their IPv4 allocation.

Nobody is forced to "switch" to IPv6 entirely. They create DNS subdomains like the little known ipv6.google.com (if it works for you, then you have ipv6, by the way.) In the US, the government forced digital / HDTV adoption last year, but old and new channels coexist in your digital-ready cable boxes through the simple use of different channel numbers. I have no idea how many years it will take for them to force the non-HDTV channel numbers off, but I suspect that this will take as many decades as it took to implement HDTV and force it on us.

The only people having reachability problems like you mentioned will be those in NEW address blocks from poorly developed countries. Large companies needing more IP's may have issues, but nothing their IT teams can't fix with more 10.x.x.x addresses (2^24 addresses for internal company addressing "oughta be enough for [er, OK, most companies]") Consider the address space sizes [yahoo.com] . Though IPv4 is only 16 bits smaller than the MAC address space, which is small compared to the IPv6 total of 128 bits, nobody I have every heard is saying that billions of computers out there are going to run out of MAC addresses to give out soon. Funny because wireless devices and network devices tend to have multiple macs a piece.

From end-user perspective (3, Interesting)

wvmarle (1070040) | more than 4 years ago | (#33291144)

Is there really anything to worry about?

Afaik all modern Linux distros are fully up to the task of IPv6. TFS mentions even Windows can do it.

At this moment I am connecting my computers to the Internet via a wifi router/firewall - not likely this is going to change. Router is old, may not do IPv6 yet. My ISP also doesn't. But I guess the time will come that ISPs start to switch.

Will it really make a difference for me as end-user? Is my browsing going faster? Will I get less spam in my mailbox? Will it be easier to find the information I am looking for on the net? Probably none of the above.

At the moment I know I'm on IPv4 but on a daily basis I don't care as it just works. I don't know my IP address, it's not important to me what it is really. My home and office networks are internally IPv4, wouldn't make a difference if it's IPv6 except that addresses get harder to enter in BIND but that's one-off only. I suppose my uplink there also uses IPv4, not v6. I always approach my web site and mail server by entering an URL, not entering an IP address. Again what would I care? Let DNS take care of that part.

Don't get me wrong I understand it's time to move on: we run out of address space, soon there are more devices/networks connected to the Internet infrastructure than that there are unique addresses to find them. But from an end user perspective... I say let the ISPs take care of that. It's their job. Get me the connection, make sure your hardware works, preferably understands both IPv6 and IPv4 (backwards compatibility; and mostly it's not broken in the first place), and use on your network whatever works best.

There is always the talk of IPv6 will give any ISP subscriber a complete range of addresses instead of just one, so you can connect every computer, printer, whatnot directly to the Internet. I don't understand why an end user would want to connect their printer directly to the Internet. Their second computer maybe if they have one (makes torrenting easier) but then you lose the benefit of a hardware firewall in between. Simply because of security for my home network I prefer a single point of entry, not a dozen. Much easier to keep an eye on. So one external IP address is simply enough for most of us.

So while IPv6 is important for developers and ISPs, for the end user it's not. I totally agree with this Steve Cassidi that it's simply not something to worry about. He says not yet, I'd argue not ever, unless you're developing network gear/software or work for an ISP or so.

Re:From end-user perspective (3, Insightful)

Bruha (412869) | more than 4 years ago | (#33291208)

You're wrong on several counts, within 2-3 years your ISP will most likely switch you to IPv6. Can you turn it off in Windows 7 without problems in a word, no. Windows 7 has features that depend on IPv6, OS X probably does as well.

Those who really need to worry about it, is those who do not like using ISP provided routers. Many routers do not support IPv6 unless you're running a custom build on them. Those people should be looking around for IPv6 enabled routers of switch to one that can use custom firmware to do the job.

The other set of people who should be concerned are those running Windows XP since support there is flaky at best.

IPv6 is here folks, my new home printer even supports it out of the box.

Re:From end-user perspective (2, Insightful)

vlm (69642) | more than 4 years ago | (#33291254)

Will I get less spam in my mailbox?

It's harder for a worm to propagate when 99.999% of address space is empty as opposed to being another windows box.

Simply because of security for my home network I prefer a single point of entry, not a dozen.

Most people will probably continue to have one ISP connected by a firewall. Instead of NAT which inherently does stateful firewalling, they'll just have a simpler stateful firewall and skip the address translation tables.

So one external IP address is simply enough for most of us.

How do I run a couple SIP phones, and a couple italk video conferences over a single ip address? Its a huge pain.

Re:From end-user perspective (1)

Rising Ape (1620461) | more than 4 years ago | (#33291502)

Most people will probably continue to have one ISP connected by a firewall. Instead of NAT which inherently does stateful firewalling, they'll just have a simpler stateful firewall and skip the address translation tables.

I'd rather have no separate firewall and have the security on the hosts. Since we can't expect home users to go round configuring their firewall box, either we let incoming connections through or limit the kind of applications people can use. I suppose you could adapt UPnP, but why bother? If you don't want the connections, simply don't open a listening port.

IPv6's last frontier is of course PHP (1)

ciantic (626550) | more than 4 years ago | (#33291164)

Everybody knows this world is run by its lowest common denominator, the PHP!

As long as the $_SERVER['REMOTE_ADDR'] spews out IPv4, I'm not a believer.

sigh ... there probably be a another PHP setting that makes it spew out IPv6. Have they outlined that yet? PHP Settings are so much fun.

Re:IPv6's last frontier is of course PHP (0)

Anonymous Coward | more than 4 years ago | (#33291212)

As long as the $_SERVER['REMOTE_ADDR'] spews out IPv4, I'm not a believer.

did you even try ? it works perfectly well with v6 addresses.

SSL and SNI (1)

segedunum (883035) | more than 4 years ago | (#33291192)

The biggest problem with IP address availability is web sites that use SSL annoyingly needing a single IP address per site. However, in the not too distant future it will become more feasible to use SNI (virtual hosting for SSL sites basically) as web browsers out there start having more support for it and people stop using IE6, certainly on XP, and the IPv4 address problem will ease.

Apart from that I see no reason to panic right now.

No IPV6? No Homegroup for you! (1, Interesting)

Anonymous Coward | more than 4 years ago | (#33291206)

If you disable IPV6 on Windows 7, you loose the Homegroup functionality. So "saying most can turn it off in Windows 7 without causing any trouble" is far by a mile!

We are already using it (3, Informative)

WillAffleckUW (858324) | more than 4 years ago | (#33291224)

I don't know what artificial reality you guys are living in, but IPv6 is running in many research universities worldwide, and on virtually every Linux box in the military and university community.

The fact that it's not being provided by your local residential networks is not our problem.

IPv6 is a marketer's wet dream (1)

alen (225700) | more than 4 years ago | (#33291230)

it makes it easier to better identify unique users and devices

Re:IPv6 is a marketer's wet dream (1)

lotaris (34307) | more than 4 years ago | (#33291348)

It's trivial in most OSs to change mac addresses on your interfaces. If you are concerned, change the mac and bounce the interface. Heck, put it in a boot or login script. You still have the same cookie/flash/IP range issues you have to solve if you want to hide from the marketers.

I'm just gonna use NAT on the border gateway (1)

bl8n8r (649187) | more than 4 years ago | (#33291318)

And NAT all ingress traffic to IPv4 and egress traffic to IPv6.

Issues with anonymity, etc. (1, Insightful)

Anonymous Coward | more than 4 years ago | (#33291364)

Ok, here's a stab.

The internet backbone becomes IPv6. However, your precious private network remains an insular IPv4 network behind a hardware IPv4 router, and an IPv6 gateway.

This way your whole IPv4 space looks like a single IPv6 address, and your network topology remains a secret. (Requires that you NOT directly connect the v4 network to the v6 network, because the v6 space has provisions for back-support of v4 space addresses. this is part of why there is a security issue.)

I somehow find it highly unlikely that IPv4 would be "Too constrained" for private use; it supports over 4 billion unique addresses. I somehow doubt that your private enterprise network would exceed that. A global internet? yes-- I can see that. A private corporate LAN? No.

Much like private networks have been using the private "reserved space" (192.168.x.x) for years now behind NAT hardware, we would just decommission the whole v4 space, and use it as the reserved pool. The v6 address space is an order of magnitude greater than the v4 space, so doing this is a drop in the bucket. That would solve the whole problem.

Re:Issues with anonymity, etc. (1)

mikael_j (106439) | more than 4 years ago | (#33291454)

Why would we bother with the ugly kludge that NAT is if we can just use global addressing and stateful firewalls? It's not like we've always had NAT on the internet (well, in one way or another, but it hasn't been the de-facto standard for connecting client machines until quite recently).

I still miss my university days when all the workstations in the computer labs were accessible from the internet (although firewalled pretty heavily for everything but SSH if you weren't on the university's network or the student-run campus network).

Of course.... (1)

wadeal (884828) | more than 4 years ago | (#33291462)

"most can turn it off in Windows 7 without causing any trouble" Anyone should definitly have IPv6 turned off inside your network on any machines, doesn't make any sense to be running v4 and v6 at the same time. "Should you start to do a bit of reading about it? That's about the stage we're truly at, and the answer to that one is: yes" No you shouldn't even have to think about it, the only place it's needed is from your modem to your ISP, which when they upgrade to v6 they will take care of it. Slow day???

What a Maroon (1)

Wowlapalooza (1339989) | more than 4 years ago | (#33291492)

Who is this Steve Cassidy guy anyway, and how did he get a gig writing about network technologies for a magazine?

Distilled, what this nimrod's article amounts to is:

  • The fears of IPv4 runout have been somewhat exaggerated since at least 1998.
  • Home users generally don't need to worry about runout because their little SOHO router NATs their addresses
  • The default IPv6 address for a device includes its MAC address, which Mr. Cassidy finds quaint and old-fashioned
  • The IPv6 transition/co-existence mechanism are scary and confusing to Mr. Cassidy
  • Some IPv6 documentation seems (to Mr. Cassidy, possibly no-one else) to favor using literal IP addresses over DNS names

While I agree with Mr. Cassidy about the runout exaggerations, I'm willing to give the exaggerators some benefit of the doubt with respect to intent, since they're just trying to motivate people to move to IPv6, which is clearly superior from a technical perspective. NAT is evil, breaks many applications, and is not the long-term solution to our runout problem. Perhaps if Mr. Cassidy would actually educate himself on the horrors of NAT -- what he refers to as "hiding" -- he would understand why IPv6 is not just an academic pipedream being foisted on the rest of us. I would invite him to try to integrate two large enterprise networks (not over his arbitrary theshold of 100,000 "seats", but still large nonetheless) which are both extensively using 10.*.*.* addresses, with tons of overlapping address space. This is something I personally struggle with every day, so I don't exactly appreciate some ignoramus telling folks to ignore IPv6. Many enterprises need it yesterday. What's ironic is that one of the co-authors of RFC 1918 actually worked here at the time of its publication -- classic case of "be careful what you wish for".

As for Mr. Cassidy's whining about the format of default addresses and about documentation slant/quality, I really don't see those as particularly relevant to the core argument that NAT is evil and must die

Won't corporate transition to IPV6 free up IPV4? (1)

jpolonsk (739332) | more than 4 years ago | (#33291662)

Won't corporate transition to IPV6 free up IPV4? For example once IBM, Apple, GE, Ford and HP transition to IPV6 for there internal networks will they not give back their class A networks. They can move to class b networks since I doubt they have 16777214 active connections to the internet at any one time.

Aim for the stars: Hit the moon (1)

spleen_blender (949762) | more than 4 years ago | (#33291664)

Exaggerating threats is a necessary component of making change. You exaggerate beyond your REAL target knowing people will disbelieve the threat even if presented honestly.

If you present it honestly then people will indeed wait until too late.

It is damn dangerous though because if this meta-consideration is made aware to those being given the threat analysis, they will distrust ANYTHING you have to say even if you move to an honest and realistic assessment after the exaggerations.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?