IPv6 myths are alive and well

One would hope that the IPv6 myths are slowly fading away as more people get exposed to IPv6 ... but if you like them, don’t worry; they are constantly being recycled. The IPv6: Why Bother? article published by InformIT is a perfect example:

With IPv6, there are enough addresses now that every country or major network can be assigned a large range. It can then assign subranges within that to networks that it connects to, and so on. This hierarchical assignment (in theory, at least) simplifies routing decisions.

Unfortunately, that opportunity was lost at the moment when IPv6 architects missed the multihoming implications and limited IPv6 scope to layers below TCP (not to mention the broken socket API). The article continues with another myth:

With IPv6, you can guarantee that any endpoint will support IPsec, which means that you can always establish an encrypted connection.

Although IPSec is part of the IPv6 protocol stack and it’s mandatory to understand IPSec, encryption is not mandatory ... and there’s always the small problem of mutual authentication and key distribution between unrelated set of hosts. We’ll continue using SSL for a long time.

However, I liked the discussion of the IPv6-related programming issues, as it contains a nice and relevant TCP session establishment code example ... or maybe it was the sentence “Unfortunately, creating sockets is where things start to go wrong” that got my full attention ;)

1 comments:

  1. Oh, but you missed my absolute favorite myth about IPv6. The one that says the Internet will collapse the day IANA runs out of unassigned /8s [AKA "the day when we 'run out' of IP addresses].

    Personally, I think the whole IPv6 business is just a complete waste of time. When s..t hits the fan, we'll use something more compatible with IPv4 [IPv5? - read as "ip 55"]. That's just me, though.

    --
    Marko Milivojevic - CCIE #18427
    Senior Technical Instructor - IPexpert
Add comment
Sidebar