Jump to content
C4 Forums | Control4

IPv6


Recommended Posts


You would not want or need to use IPv6 on your private (inside) network. You will still want to use IPv4 (192.168.x.x). As far as gear goes, C4 or any other automation gear, it's connected to directly your router or indirectly via a switch connected to your router. Your router, if it supports IPv6 and your ISP has actually assigned you a IPv6 address, will handle all the traffic and translation.

As far as your router supporting IPv6. This is ONLY necessary if your ISP has informed you that they will be changing you over to a IPv6 scheme. Your router should handle IPv4 & IPv6 concurrently. IPv4 for your private network and IPv6 for the public.

Link to comment
Share on other sites

Basically if you have IP4 addresses and devices work on it, nothing changes.

IP6 is for more public facing IPs and routing between them, not for consumer level devices.

In theory, you will see IPv6 devices in private networks, nothing stopping this, but they will play nice with IPv4.

Nothing to worry about, as stated above, your router or ISP should be the one handling any of the issues.

Link to comment
Share on other sites

I generrally agree with above, but are we being to dismissive of ip6 on private networks?

We have a number of technologies, standards and protocols to deal with the fact users cannot get access to a blocks of public addresses easily accessible from anywhere.

These technologies where orginally workarounds.( yes everyone thinks it was for security- I know bla a bla)

Why not public ip everything? ( yes I know security - boring, I think there are simplier more usable and more secure mechanisms than NAT and private addressing.)

I'm sure oneone smarter than me has given this more than 5 seconds thought, just thought I'd play devils advocate and see where it goes....

Link to comment
Share on other sites

I have been running IPv6 in my home and work environments, they play nice... I never said you won't see IPv6 devices in the home, but fundamentally you are missing the point...

IPv4 contains several reserved IP address blocks for private networking, as does IPv6.

The whole purpose of private IP ranges is to mask the single public IP, regardless of IPv4 or IPv6

There is NO reason for every private device on your home network to have a public IPv4 or IPv6 address.

The router / firewall will and should handle the NAT (network address translation) and routing between IPv4 and IPv6 and "in theory" allow devices to cross talk between IP ranges as a bridge. RFC 4193 covers this for those that like read boring details.

All that really will be needed will be upgrades to DHCP servers to assign IPv6 and/or IPv4 private IP addresses to internal devices and let DNS / Host name resolution do the heavy lifting.

Its one thing to know that a device is at 192.168.1.50 but to know that an IPv6 device is at fd6a:8297:57f8:1fd8:xxxx:xxxx:xxxx:xxxx (where xxxx is the unique id for the device)

Can't wait to see the evening news try to report on this... But frankly, its nothing to worry about.

Link to comment
Share on other sites

Your of course technically correct to implement networks, but your thinking is inside the box.

Im not missing your point., in fact your answer is predicable if you started networking post the mid 90s.

How quickly people forget the real reasons for the way things are done...

Your not telling me anything I don't know, except you are ignoring the reason we only get a single IP address, and the bit around NO reason to have public addressing everywhere is just wrong.

There are plenty a reasons for public addressable devices everywhere. In the consumer world users are dumb, why add complexity that half the IT Professionals don't understand with NAT and challenges it creates around end to end user connectivity.

In the corporate world where shareholders are excited by having to pay network engineers $1500 a day, it doesn't matter I guess, or does it. I'm merging two large companies together at the moment. As a result of global overlapping private addresses I have a multi-million dollar project, that could have been avoided, if the inventors of the Internet and IPv4 had not made an underestimation error.

Don't get caught up in NAT = security. It's not the original reason for NAT, it's just something you've come to know and build into your solutions as a constraint. Security and access in a perfect world is dealt with by design, not constraint.

I still might be wrong, but not based on your arguments.

Link to comment
Share on other sites

Wow, you clearly don't understand routing...

IPv6 has and will enforce private subnetting / non routable IP addressing.

Do you really think your ISP will assign you 250 IPv6 addresses that are publicly routable? No way, at least not paying a ton for.

IPv6 creates major routing table issues if all the addresses at the home run are publicly routable.

Besides, why in the world, with all of the security concerns, would you want your freaking lightbulbs publicly addressable on the whole internet? So some script kiddy in china can turn them off and on?

I never said NAT = security, but non routable IPs exist for a reason and are carried over into IPv6 and will be enforced by ISPs, layer 2 and 3 providers as well.

You are kidding me, design can overcome security? Really, are you running a mac? Want to put it on the public side of the firewall? It's one of the best designed pieces of hardware, but so insecure its crazy.

No network engineer, ISP or reasonably thinking person would ever put all their devices on the public internet. Might as well just put your furniture on the lawn with a sign that says free. (though you might want to tell them to not take the sign)

The inventors of the internet (whom I had the pleasure meeting and talking with at Purdue University, and no it wasn't Al Gore) never, ever thought the IPv4 would ever run out of IPs.

The beauty of IPv6 is that you get so many more private IPs to handle the future expansion. But simple technologies already exist to make port mapping a reality to a limited number of public IPs.

Read the RFCs, and tell me any solid good reason for every device on your network to have a publicly routable IPv6 address? What good reason would there be? Cause I can name dozens of bad reasons for this. I've been through it during the early days of the internet when every device I had was publicly routable in both a major university and a major Fortune 500 company. Trust me, those boxes got smoked as soon as others started figuring out they were public. We immediately moved to firewalls and custom routing tables to make sure only the traffic we wanted going to those boxes, got to and from those boxes.

Barrier level security layers exist for a reason (no NAT isn't one) and stateful packet inspection need core routers to handle the security. But it still isn't perfect. If you look at the future ISP model, they'll continue to limit what ports are inbound, what servers / traffic you can have incoming and how many public IPs (IPv4 or IPv6) you can be assigned.

Today, just to get allocated public IPs, you need to provide what services are unique and require duplicate ports. This will not change with IPv6. Bottom line is, unless you start your own ISP, there is NO provisioning for Home users to have anything more than a few publicly routable IPs. But go ahead and argue with the people who are smart enough to create the second internet, cause according to you, the ones that designed IPv4 were horrible at anticipating future needs.

Link to comment
Share on other sites

"In the mid-1990s NAT became a popular tool for alleviating the consequences of IPv4 address exhaustion.[1] It has become a common, indispensable feature in routers for home and small-office Internet connections. Most systems using NAT do so in order to enable multiple hosts on a private network to access the Internet using a single public IP address.

Network address translation has serious drawbacks on the quality of Internet connectivity and requires careful attention to the details of its implementation. In particular, all types of NAT break the originally envisioned model of IP end-to-end connectivity across the Internet and NAPT makes it difficult for systems behind a NAT to accept incoming communications. As a result, NAT traversal methods have been devised to alleviate the issues encountered." Wikipedia NAT

Im not saying NAT does not have a place in network design, but it has significant drawbacks and maybe

you dont need NAT for a secure network, think FW and authentication. I'm not suggesting you not secure devices. Don't think me that silly....You seem to not realise you can have public addresses inside a FW.

I am saying that the guys that designed ipv4 got it wrong. Isn't that a matter of the bloody obvious. That's why v6 has been created and why APNIC has sents me emails every two months for the last 4 years giving me an IP address runout count down. It's like bill gates saying we will never need more than 640k of RAM. Doesn't mean I don't respect the guys, for their achievement, they thought they where just developing a network for APRA, but ulimately they got the numbers wrong. Now there is a generation of network engineers that think that's the way it should be... Now there is plenty of IPs, maybe we just need to change our thinking- that's all I'm saying

As for your comments about ISPs not providing users public v6 IPs you could be right. I personally deal with the Internet Registry in our region (APNIC) and we have little issue, got a class C about 6 months ago,, but I haven't had personal IPs for 15 years, and have not gone down the v6 path yet. Given there is enough v6 IPs for every atom on earth, and another 100 planets like ours, not sure why they wouldn't give me a few though. :)

Link to comment
Share on other sites

So, then you agree personal / home use for IPv6 isn't needed at this time?

You still never talked about the importance of routing and routing tables and the infinity more complex it becomes with IPv6.

Also, the designers of IPv4 were brilliant and didn't get it wrong, the assignment and ultilization of IPs is where it broke down. Only 14% of IPv4 public routable IPs are being used today. We wouldn't need to implement IPv6 so soon if ISPs and corporations would have done a better job in understanding the brilliance of IPv4 and routing layers.

Bottom line is, ISPs will eventually start handing out IPv6, but your border device / cable modem / firewall will handle all the IPv4 to IPv6 traffic.

There is no need for consumer devices to support IPv6 at this point. Go ask apple if iPhones and iPads support IPv6, there are some interesting responses there. :)

Link to comment
Share on other sites

". It's like bill gates saying we will never need more than 640k of RAM.

In 1989 Bill Gates delivered a recorded speech to the Computer Science Club at the University of Waterloo about microcomputers. He presented his recollections concerning the size of memory [uWBG]:

I have to say that in 1981, making those decisions, I felt like I was providing enough freedom for 10 years. That is, a move from 64k to 640k felt like something that would last a great deal of time. Well, it didn’t – it took about only 6 years before people started to see that as a real problem.

Link to comment
Share on other sites

You still never talked about the importance of routing and routing tables and the infinity more complex it becomes with IPv6.

Last I delved into this, ii had come tomthe conclusion it was actually easier with ipv6. The combination of TLAs as well as NLAs make it so that the routing becomes easier. I don't have the problem wherein a standard class c address spaces has been so chopped up, that 1/2 it's address space is in Toronto, and the other 1/2 is in Afganistan. Try doing geo location reverse lookups on class Cs that have been split with a /30 mask. Very, very, very innefficient. With v6, I can look at just the first few bytes and throw the packet to "roughly" where it needs to go, and then have the network figure it out to the next degree of accuracy. ( yes, I know that I can only route to my closest peer, and not throw a packet to the other side of the world - but think about it - I have two egress points - weighting of the routes can now be done by simply looking at the tla header - more efficient )

Go ask apple if iPhones and iPads support IPv6, there are some interesting responses there. :)

Works fine. It has since iOS 4.2. ( been supported for over 2 years )

Thanks

D.

Link to comment
Share on other sites

I agree the location of IPs is easier, but the routing complexities increase but thankfully so does the technology to handle ICMP and peer discovery. Things that IPv4 were never built for.

Also, the other reason why I would never want public IPs for each device... The MAC is encapsulated in the IP. Which means I can trace any packet back to the actual device and eliminating any anonymity. Some might think this is good, but the reality is with the MAC for the device known, I can tie a lot of demographic info, including who made the device, link it up with registration databases and even determine owner.

And as for IPv6 on iOS, yes, technically the OS supports it, but I was talking about the app developers fundamental lack of understanding on how things work, been some lively discussion around the topic there. I never said they didn't support it :) But anyone with 99 bucks is now a dev, but it doesn't make them an expert (although they think they are).

Link to comment
Share on other sites

Also, the other reason why I would never want public IPs for each device... The MAC is encapsulated in the IP. Which means I can trace any packet back to the actual device and eliminating any anonymity. Some might think this is good, but the reality is with the MAC for the device known, I can tie a lot of demographic info, including who made the device, link it up with registration databases and even determine owner.

MAC doesn't have to be. It's convention to encode, but just like natting the entire address space, hosts can choose to nat their true MAC address in the v6 space. No one outside the SPA needs to know anything about the MAC ( same as it is now ~= subnet ) Apple supports this with Lion and above. You can specify whether you want your PHY encoded, or just make one up. Right from the OS, and transparent to users.

And as for IPv6 on iOS, yes, technically the OS supports it, but I was talking about the app developers fundamental lack of understanding on how things work, been some lively discussion around the topic there. I never said they didn't support it :) But anyone with 99 bucks is now a dev, but it doesn't make them an expert (although they think they are).

Sorry, you lost me completely on this one. You said "Go ask apple if iPhones and iPads support IPv6". I answered yes. What does that have to do with devs and paying 99 to be part of the Dev program. The physical and iOS platform support v6. They have for years. Devs using apple's discovery tools ( such as bonjour and service discovery ), and not caring about the network will use v6 seamlessly. Dev don't even know its happening. It's there, it's supported, and it works like a charm.

Thanks

D.

Link to comment
Share on other sites

As far as I can tell, not now. But the underlying OS can. Not sure if LUA supports IPv6 or not (the language of the drivers).

It won't be a simple patch, but I really question the need short term, long term it will ultimately be at the router level...

You can test readiness here:

http://test-ipv6.comcast.net/

But judging from the fact that control4.com is not IPv6 ready, no AAAA entry or server responding... Guess there is the start of an answer.

You can test any website here:

http://ipv6-test.com/validate.php

Link to comment
Share on other sites

Lua drivers don't need to know anything about addressing separate from any other drivers.

The driver architecture abstracts that away from the driver itself.

That said, I don't know that anything has been done to make Control4 systems natively IPv6 aware.

RyanE

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...