[ubuntu-za] IPV6 vs IPV4

Quintin Beukes quintin at last.za.net
Sun Aug 30 19:40:54 BST 2009 

Yes. 2 machines both need IPv6 to communicate to each other. Then further
you need a route of IPv6 supported machines/routers in between to
communicate to each other.

You do have IPv6 in IPv4 tunnels that you can configure so you have an IPv6
address you can use. Then all IPv6 traffic is wrapped in IPv4 packets, sent
to that server and from there you can do IPv6 comms. The nice things about
this is that you can get thousands of static IPs you can use to do whatever
you like, as long as the other party also has IPv6.

I use this to avoid having to setup DynDNS to locate my hosts, and also
provides a bit of invisibility and a lot of security on the net. When I want
to access my home PC I do so on it's IPv6 IP address. And I have a firewall
on my home PC which disallows ANY external access except from my known IPv6
subnets. So I have static IPv6 addresses for my office machines, laptop,
home machines, etc. and can thus do IP based filtering for accessing them.
It's a bit slower, but not so much that it's unusable. The security benefits
is major, and outweighs the tiny bit of lag I have.

For the standard scanning bots and snooping people it looks like my host
isn't even UP, because I reject all ICMP requests and all incoming SYN
packets with "--reject-with=icmp-host-unreachable". The smart guy will
notice this is a bit different than the other packets from my ISP, and doing
some more research there is a way to see/prove that there is in fact a host
behind that IP. But still piss him off since he can't access me at all. I
guess for the most security it's better to just drop all traffic you don't
like, and thus appear like any other unused IP from the same ISP.

Q

On Sun, Aug 30, 2009 at 8:20 PM, David Robert Lewis
<ethnopunk at telkomsa.net>wrote:

>
>
> Lee Sharp wrote:
> > David Robert Lewis wrote:
> >
> >> Was wondering if anybody on the list has experience with IPV6? Most
> >> online tutorials recommend turning off IPV6 in order to speed up
> >> broadband. Is this still necessary? Not sure if I'm introducing more
> >> conflicts or decreasing the apparent conflict?
> >>
> >> Also, which Ubuntu distros are affected, or is this only a problem with
> >> older distros?
> >>
> >
> > This is not a distro thing, but and IP and timing thing.  With IPV6
> > turned off, you do not have to wait for it to fail and time out before
> > trying IPV4.  So, unless you are using IPV6, turning it off with make a
> > difference in most operating systems, and in Firefox on any OS.
> >
> >                       Lee
> >
> >
> Thanks Lee,
>
> I take it then IPV6 depends upon ones service provider? Or am I getting
> the wrong end of the stick, and my packets could come in any shape and
> size?
>
> --DRL
>
> --
>
> 888          8 8
>  8  8d8b. .d88 8 .d8b. Yb  dP 8   8
>  8  8P Y8 8  8 8 8' .8  YbdP  8b d8
> 888 8   8 `Y88 8 `Y8P'   YP   `Y8P8
> http://indlovu.bundublog.com
>
>
>
> --
> ubuntu-za mailing list
> ubuntu-za at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-za
>



-- 
Quintin Beukes
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.ubuntu.com/archives/ubuntu-za/attachments/20090830/ddc8bd28/attachment-0002.htm

More information about the ubuntu-za mailing list