IPv6 - real vs theoretical problems
ted at fred.net
Wed Jan 12 11:34:45 CST 2011
At 11:59 AM 1/12/2011, Jim postulated wrote:
>On 01/11/2011 01:31 PM, Owen DeLong wrote:
> > It's not about the number of devices. That's IPv4-think. It's
> about the number
> > of segments. I see a world where each home-entertainment cluster would
> > be a separate segment (today, few things use IP, but, future HE solutions
> > will include Monitors, Amps, Blu-Ray players, and other Media gateways
> > that ALL have ethernet ports for control and software update).
> Your future is now, Owen. I have four network devices at my primary
>television -- the TV itself, TiVo, PS3, and Wii (using the wired
>adapter). All told, I have seven networked home entertainment devices
>in my house, with another (Blu-Ray player) likely coming soon. I feel
>confident in saying that my use case isn't unusual these days.
> While a lot of the scalability concerns are blown off as "not applying
>to typical consumers," we're quickly getting to the point where your
>average joe IS somewhat likely to have different classes of devices that
>might benefit from being on separate subnets.
I helped a friend setup his "home network" recently. He is using an
old Linksys Router with no v6 support. I like to be conservative and
only allocate what might be needed ... part of my "Defense in Depth"
strategy to provide some layer of "security" with NAT (yes, I know -
my security by obscurity is to use something from 172.16) and a
limited amount of addresses to allocate (not to mention WPA2 - he had
default no security when I first got there). Used to be a /29 would
be sufficient for any home. But, before I knew it, he had a wireless
printer, laptop, and 4 iPhones all needing the new wireless
passphrase to connect, plus he was anticipating 2 more laptops (one
each for his children - to whom 2 of the iPhones belonged), and
addresses set aside for guests and the occasional business visitor
(he works from home). I left him configured with a /28, and told him
to call me if he anticipated more.
As a side security note - we lost the laptop on the "new" secured
network before I tracked down that it had automatically logged in to
his neighbor's (also unprotected) network on reboot.
More information about the NANOG