Rate of growth on IPv6 not fast enough?
Jim Burwell
jimb at jsbc.cc
Fri Apr 23 05:21:09 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 4/22/2010 22:00, Owen DeLong wrote:
>
> On Apr 22, 2010, at 5:55 AM, Jim Burwell wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>>
>> On 4/22/2010 05:34, Simon Perreault wrote:
>>> On 2010-04-22 07:18, William Herrin wrote:
>>>> On the other hand, I could swear I've seen a draft where the
>>>> PC picks up random unused addresses in the lower 64 for each
>>>> new outbound connection for anonymity purposes.
>>>
>>> That's probably RFC 4941. It's available in pretty much all
>>> operating systems. I don't think there's any IPR issue to be
>>> afraid of.
>>>
>>> Simon
>> I think this is different. They're talking about using a new
>> IPv6 for each connection. RFC4941 just changes it over time
>> IIRC. IMHO that's still pretty good privacy, at least on par
>> with a NATed IPv4 from the outside perspective, especially if you
>> rotated through temporary IPv6s fairly frequently.
>
> 4941 specified changing over time as one possibility. It does
> allow for per flow or any other host based determination of when it
> needs a new address.
>
> Owen
K. Can't say I've read the RFC all the way through (skimmed it).
Current implementations do the time thing. XP, Vista, and 7 seem to
have it turned on by default. *nix has support via the
"net.ipv6.conf.all.use_tempaddr=2" variable, typically not on by default.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkvRLkUACgkQ2fXFxl4S7sQ2YgCg3uSkp1GNxcgjCDVc1jxnDv7s
DtoAniXH8nND7+r6xEFJXGHrRJ77CBkZ
=eSHI
-----END PGP SIGNATURE-----
More information about the NANOG
mailing list