Comments on: Why dynamic IPv6 subnet allocations for home users are evil

By: K Alm

K Alm — Fri, 25 Jun 2010 01:17:18 +0000

Yes, but you, and only you, will be on that subnet. Whereas with IPv4, you could be any address on that subnet. So if skiddy Joe over there decides to DDoS you for a day or two, there’s nothing you can do about it.

By: Jeremy

Jeremy — Thu, 17 Jun 2010 07:22:43 +0000

That’s why Windows Vista by default makes the host portion (the last 64 out of 128 bits) of your IPv6 address completely random. You can also do the same on Linux by running sysctl -w net.ipv6.conf.all.use_tempaddr=1.

That random address is different on each host, and is regenerated on reboot. Not only that, but it is 64 bits long, whereas only about 8 bits (or at most 16 bits) of your IPv4 address are actually random.

A random bot on the Internet will have a much easier time attacking you on IPv4 than on IPv6, where it is orders of magnitude more hit-and-miss.

By: AC

AC — Thu, 17 Jun 2010 07:13:27 +0000

I like my dynamic IPv4. I don’t want my IP address to be a second phone number, that once in the wild could be used to attack me by anyone.

By: Brad Landis

Brad Landis — Tue, 20 Apr 2010 03:34:34 +0000

Wow, that’s just dumb. I don’t see how any house is going to use 16 quintillion addresses. Even if there were $0.99 addressable devices, Bill Gates couldn’t even buy enough devices to fill up the network. I wonder what they were thinking.

By: Jeremy

Jeremy — Tue, 20 Apr 2010 03:24:07 +0000

Go on. Use a /68 then. Nothing will break, oh, except SLAAC. Not like that’s important or anything.

Yep, that’s right. If you use anything smaller than a /64, Router Advertisement ceases to work. That’s because the EUI-64 scheme for auto generating your address needs all 64 bits. (I kinda wish they’d let you use a /96 and then autogenerate your address with EUI-48, but I can’t talk, ‘cause I didn’t write the RFC.)