You are not logged in.
Well, it's finally happened: IANA just allocated the last of the IPv4 /8s... No more IPv4 addresses left (once the RIRs burn through their final allocations)...
Maybe now, finally, ISPs will start actually giving out IPv6 blocks to customers! They should've been doing so for years now, alongside IPv4 in dual-stack setups... Only now are a few ISPs even starting to TEST dual-stack setups; now, when IPv4s have already run out! Idiots... Things could've gone so damn smoothly, but no, now it's going to be pain and suffering for years, I imagine... Get ready for a rough ride, people!
Well, my ISP is using IPv6 internally, and customers can get IPv6 addresses if they ask for it,
but I'm not sure if the stupid DSL modem has IPv6 support. I think that's pretty much the
general case in Europe, so switching to IPv6 should be relatively easy here. That said, I don't
believe the switch will be graceful. Actually it wouldn't surprise me if some countries stuck to
IPv4 to have more control over what content people receive (think one big country-wide NAT).
Very ciritical times ahead for the internet.
Yeah, apparently you Europeans and Asians have things a lot better than we do here in the US in regards to IPv6... Here, pretty much the only way to get IPv6 connectivity (unless you're a big business or something) is via tunnel of some sort... Which is fucking lame... Comcast (a big nationwide cable provider, which happens to be my home ISP) just barely started limited trials of native dual-stack setups for a small handful of customers in one small city somewhere... I mean, it's good they're finally really doing something, which is more than most other ISPs are doing, but Jesus, they should've been doing this shit years ago... It's just insane to me that they've all been playing a game of chicken, waiting until the very last IPv4 address is gone before finally doing a damn thing about IPv6... And, then, you get assholes bitching that IPv6 wasn't designed with IPv4 compatibility in mind... Well, if it had been deployed alongside IPv4 in dual-stack setups for the last few years, compatibility wouldn't have been a fucking issue! Everyone would have at least one public IPv4 address, and a whole massive shitload of IPv6 addresses under their control, and be able to reach any part of the IPv4/IPv6 Internet... But, now, we're down to the last IPv4s, so giving everyone even one is going to get problematic soon... (And, if I hear one more person talk about "solving" the problem with a series of ever increasing numbers of NATs behind NATs behind NATs, I swear I'm going to beat them senseless with the nearest router I can lay my hands on...)
Yeah but Rob, having no IPv4 addresses isn't really a problem because you can always just throw NAT behind NAT behind NAT, etc.
/me runs for cover and hides
Even though its going to be a tough transition I'm glad to see it'll finally happen!
/me runs for cover and hides
Heh. The sad thing is, some people really are suggesting that seriously... As if wasting time on more and more brain-dead kluges like that is somehow easier/better than just going the correct IPv6 route... It's like some people are so scared of change they'd rather stay in the sinking ship than get on board the new one there to save them... (Another beating-worthy complaint I don't want to ever hear again: "IPv6 IPs are SO confusing and hard to type/remember! I want to stay with the simple dotted-quad IPv4 format!"... As if anyone actually types in or has to remember any IPs at all these days, in the first place... The only ones who do are network geeks who damn well better be able to handle it! Personally, I do think they made a mistake in choosing ":" as the word separator, simply because that's so damn commonly used to separate port#s from IPs... But, whatever... It can be lived with... And, I love the hex words instead of decimal bytes, and the collapsing of repeated zero words... "::1" is an infinitely cooler IP than 127.0.0.1... ;-))
Besides NATs, I'm also starting to hate firewalls more and more. Just because total insecurity has
been the default for a long time, it doesn't mean that everything should be closed off by default!
That's like having no network access and break end-to-end connectivity as much as NATs do.
Firewalls are a damn nuisance and generally don't add much security IMHO. They're okay for
real security, limiting what hosts can be reached, and perhaps on a per application/user level,
but how they're used now is plain stupid.
Oh, definitely... We are constantly running into problems at client sites where some network admin has installed draconian firewall rules that end up breaking something... It's just easier for them to block everything than it is to spend the time to actually look at what services are really available on their network, and evaluate which ones, if any, really need to be blocked...
But, at least firewalls can be easily opened up, when necessary... With NATs, the best you can do is port-forward, and that's limited to a single host per port, which is often not nearly good enough... And, it's sort of another kluge on top of the initial NAT kluge, too... Firewalls can be a pain, but they're at least straightforward and not total brain-dead kluges...