Author Topic: Mozilla=Fast  (Read 4054 times)

iancom

  • Member
  • **
  • Posts: 103
  • Kudos: 0
Mozilla=Fast
« Reply #45 on: 27 April 2002, 14:59 »
IPv6 is 128-bit, so 2^^128 addresses, which is

(deep breath)

340,282,366,920,938,463,463,374,607,431,768,211,456
addresses.

Should keep us going for a while.

voidmain

  • VIP
  • Member
  • ***
  • Posts: 5,605
  • Kudos: 184
    • http://voidmain.is-a-geek.net/
Mozilla=Fast
« Reply #46 on: 27 April 2002, 20:11 »
quote:
Originally posted by X11:
so there is a maximum of 5 billion IP addresses on the internet, so when 5/6 of the world population get online, we've got problems!!!


It could become a problem, but there are ways around it. That's where off-net subnetting comes in handy. There can only be 4 billion "public" addresses. Most large companies use off net addresses and require only 1 or a few IP public addresses on their firewall. Every company can use the same IP range using off-net addresses.  But cable/dsl providers are issuing public addresses to customers so there definately would be a problem if everyone in the world had a cable/dsl connection unless providers start using off-net addresses for their customers.

[ April 27, 2002: Message edited by: VoidMain ]

Someone please remove this account. Thanks...

iancom

  • Member
  • **
  • Posts: 103
  • Kudos: 0
Mozilla=Fast
« Reply #47 on: 30 April 2002, 01:53 »
It's a workaround, but not really a very good one. Companies can make do with such an arrangement because they'll have a DMZ ("Demilitarized Zone") with their Internet-accessible machines in, and everyone within the company will use various proxies for external connectivity. That doesn't really pose too many problems, and in fact significantly improves security.

However, when you get to the home market, you've got problems...

1) Some people (like most of us, probably) will want to run some kind of server on their cable connection, whether it's SSH, HTTP, whatever. That's impossible when the ISP's using NAT or IP masquerading.

2) Everyone on your local subnet will be using the same real IP address. This means that if *anyone* on that IP address upsets the moderators of a forum, ftp site, whatever, that IP address may get blocked and no-one on it can access the site.

3) As additional security on my work connection, I only allow connections to SSH from my real, static IP address. If I was sharing an IP address with 254 other people, I'd have to give all of them access too (of course they wouldn't have the password but we saw recently that SSH isn't necessarily immune to cracking!).

I look forward to the day when IPv6 is standard and every home can have 254 IP addresses to do with what they please.

Though I doubt I'll be able to remember my IP address like I do now!

iancom

  • Member
  • **
  • Posts: 103
  • Kudos: 0
Mozilla=Fast
« Reply #48 on: 30 April 2002, 01:57 »
Oh yeah, and another problem I've just thought of...

Many companies tend to use the same private IP spaces... we recently had a situation where we needed to allow another company to dial directly into our network, but they used the same private IP space as us.

Basically, we were fscked... couldn't happen, unless they used a standalone PC detached from their network to do it. This would never happen if everyone had a proper IP address!

voidmain

  • VIP
  • Member
  • ***
  • Posts: 5,605
  • Kudos: 184
    • http://voidmain.is-a-geek.net/
Mozilla=Fast
« Reply #49 on: 30 April 2002, 04:49 »
Actually off-net addresses are great for companies.  Security being a big reason. As far as hooking up to companies with clashing off-net networks. All you have to do is IP translation at the router, and some DNS trickery on both sides. I have done this on a few occasions. But it certainly isn't pretty and if the connection were to be permanent it would be best to reassign new networks to one side or the other.

Most providers now are putting it in their rules that you are not "allowed" to have a server, or more than one PC on your cable/dsl connection (yeah right!). But you are correct, we all like to have inbound capabilies at home. And of course Microsoft needs a way to get into their back doors...

[ April 29, 2002: Message edited by: VoidMain ]

Someone please remove this account. Thanks...