joachim charzinski hochschule der medien – …...zdn, vienna, 2012 1 © joachim charzinski why...
TRANSCRIPT
ZdN, Vienna, 2012
1 © Joachim Charzinski
Why IPv6 hasn’t made it yetJoachim Charzinski
Hochschule der Medien – Stuttgart Media University
Stuttgart, Germany
ZdN, Vienna, 2012
2 © Joachim Charzinski
The economic issue
• access providers are running out of address space (ROADS)
• pool exhaustion dates:
– IANA: 3. Feb. 2011
– APNIC: 19. Apr. 2011
– RIPE: 14. Sep. 2012
• who has the problem?
– network access providers
• who has to invest without benefit?
– server side, client side
• where is the initial benefit?
– nowhere, as access providers need NATs or dual addresses
– benefit starts when most traffic is served on native v6 (reducing NAT load)
image source: http://www.potaroo.net/tools/ipv4/
did you hear the BANG??did you hear the BANG??
idealistic motivation requiredidealistic motivation required
ZdN, Vienna, 2012
3 © Joachim Charzinski
Why replace IPv4 by v6?IPv6 promises
• larger address space
– one public address per device
– one /64 prefix per home
– nor more NATs
– direct reachability for peer-to-peer applications
• less core routing table fragmentation
– network initiated renumbering
• address autoconfiguration instead of dhcp
• QoS support via flow labels
• more efficient header format
– fewer unused bits
– better alignment
• built-in IPsec will remove security problems
• built-in Mobile IP will deal with mobility
ZdN, Vienna, 2012
10 © Joachim Charzinski
Why replace IPv4 by v6?IPv6 promises … and problems
• larger address space
– one public address per device
– one /64 prefix per home
– nor more NATs
– direct reachability for peer-to-peer applications
• less core routing table fragmentation
– network initiated renumbering
• address autoconfiguration instead of dhcp
• QoS support via flow labels
• more efficient header format
– fewer unused bits
– better alignment
• built-in IPsec will remove security problems
• built-in Mobile IP will deal with mobility
privacy issuesprivacy issues
need firewall insteadneed firewall instead
how to renumber a corporate
firewall?
who can initiate renumbering
?
no solution for dual-homing
how to renumber a corporate
firewall?
who can initiate renumbering
?
no solution for dual-homing
does not workdoes not work
for 32 bit machines! LOLfor 32 bit machines! LOL
network layer security
unsuitable for most issues,
IPsec available in IPv4
network layer security
unsuitable for most issues,
IPsec available in IPv4
but not on large scalebut not on large scale
who wants that? privacy issu
e!who wants tha
t? privacy issue!
ZdN, Vienna, 2012
11 © Joachim Charzinski
Imagine you need a new phone
Would you replace this
Image sources: FeTAp 615: http://de.wikipedia.org/w/index.php?title=Datei:Telefon04_2.jpg&filetimestamp=20070329192031Siemens S4: own picture
by this?
today??
(IPv4, 1970s ff) (IPv6, 1996 ff)
ZdN, Vienna, 2012
12 © Joachim Charzinski
This app is IPv4 only.
IPv6 is even behind security on our priority list.
This app is IPv4 only.
IPv6 is even behind security on our priority list.
SorrySorry
16:2016:20A1A1
Designed with