Internet IPv4 Addresses Depleted by Early 2011

[jblack]

[citation][nom]LuckyDucky7[/nom]This is the problem- it's not the software, it's the hardware that powers it. Almost any operating system and program can be patched to use IPv6- and indeed most OSes do this, but the problem is the unpatchable- the old hardware that most of us have no doubt accumulated over the years, and still use. If you think you've spent a lot of cash on routers and switches, you haven't seen the enterprise- the thousands of 16 and 24-port switches and routers and fiber-optic switches and infrared links and all that, that don't support this protocol- even those made this year. Have any of you actually seen a (unmanaged) router or switch that is IPv6 compatible? I didn't think so.[/citation]

You shouldn't open your mouth if you don't know what you are talking about. The problem with IPv6 is very much a software problem. Most, and probably near any device can run IPv6 with a software update. The problem is manufacturers cannot afford to pay to reprogram devices that are 10 years old that some company is still using. The company doesn't want to pay for a device that is IPv6 compatible.


The IPv6 problem is more complicated than that as well. For IPv6 to be fully supported, the host, the server, and every router between them must support and have correctly configured IPv6. Why spend money/time configuring something when we have something else that is already working?

Furthermore some devices DON'T need a software update (Like unmanaged switches), because they run on layer 2 (They don't speak IP addresses, but MAC Addresses). Should we update our Ethernet Cables so they are IPv6 compatible too?

 

[palladin9479]

The privacy / tracking issue is a very very real one. The NICs EUI-64 MAC address is used as the least significant 64 bits of a IPv6 address, also known as the link local address. The ISP's 64-bit network preface is used as the first 64 bits. There is no subnetting, not anything resembling IPv4 anyway. ISP preface + machines MAC = global IPv6 address, its that simple. Problem is the same MAC won't be used twice, so not only is your systems address uniquely identifiable to the entire damn world. The uniquely identifiable part stays with you no matter where you move. You move your machine / laptop / system / whatever from California to somewhere in Russia. Global authorities will be able to track that you moved that exact system and be able to locate it instantly the moment you turn it on. Manufactures can link EUI-64's to SN's for any on-board network device (pretty much the entire home market). So now you have your machines globally recognized address that can be linked to a specific SN, and its not too much of a jump to link that SN with a purchase order, which leads directly back to a name, address and purchasing account. And since every packet going ~anywhere~ will have your unique address, that can be linked all the way back to your name / account, tracking of your every online movement becomes child's play.

This isn't some doom and gloom scenario, Dell already links system SNs to purchase accounts and EUI-64 MACs. Most manufacturer's do this, it makes their support work easier. The moment you can no longer masq your own local network is the moment when your local network becomes public and you lose what little privacy you had left. The IPv6 proponents like to side step this issue because its a very uncomfortable subject when identity theft and invasion of privacy are such big problems now adays. Another problem that quickly surfaces is using any form of VPN. Address's are globally unique and it is against the IPv6 standard to rewrite the IP in any way. So even if you create a tunnel to somewhere, the source IP address can be traced all the way back to a specific user / system. TOR / Onion routing for privacy and anonymous browsing instantly vanishes. Geo-location IP registration / look-up services become king for locking people out of information. Enforcing the great firewall of China becomes kids play, and catching those trying to bypass it becomes easy due to their unique global address that can be tracked back to manufacturer.

See there are all sorts of real issues that come out the moment you stick with the "end to end communication" mantra. It only works in an ideal society where there are no bad guys, no government skying, no identity theft, and no repressed citizens seeking non-government sanctioned information. The success of the internet wasn't "end to end communication" because that has always been a myth. The internet's success was the open anonymous communication it provided to millions of people. The moment you take that anonymous part away you enable governmental control which defeats the open part and restricts the communications part.

 

[dominatorix]

thank you palladin9479.

 

[techguy378]

NAT wasn't created for privacy. It was created to prevent the limited amount of IPv4 IP addresses from being used up prematurely.

 

[palladin9479]

@techguy

That is what many people will tell you, but please post the reference to the document creating NAT? There are plenty of documents telling you how to use NAT, how to traverse NAT, but absolutely none that establish it.

This is because NAT was developed over time as a series of tricks and techniques on how to proxy network packets at layer's 2 and 3. It was first developed in the days of dialup as a method to allow second and sometimes third PC's access to the "internet" without having to install a new phone line and buy a new ISP subscription. It was the next logical evolution of the web proxy.

It had absolutely ~nothing~ to do with the global depletion of IP address space. That was just a side effect, and later become a big positive for the SOHO router business. Hell I remember building my first "NAT" router using debian linux and ipchains. Prior to that the system was running windows 98 using wingate with a modem on one end and a 50 foot serial cable to the PC in my bedroom. Worked 50/50 but it worked. Once I installed a bunch of NIC's + hub I was able to rebuild the first system as a modem + NIC linux router using debian. The NAT community had been around for years before I attempted my project and was almost entirely home semi-professional users.

So please, lecture me on how "evil NAT" was supposedly made my SOHO router manufactures to alleviate the IPv4 IP issue. It only makes people look ignorant when they don't know the history of the feature their trying to bury.