Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] IPv6 good for anonymity

David Conrad drc at virtualized.org
Mon Jun 18 13:23:10 PDT 2012


Bernard,

On Jun 18, 2012, at 1:05 PM, ei8fdb at ei8fdb.org wrote:
> I'm not an IPv6 expert, but any technical courses I have done on IPv6 have promoted the complete trackability and full audit-trail possible with IPv6 - each unique IPv6 host makes a direct connection to the other host, which simplifies security, and routing.

This assumes statically assigned, non-varying, and non-NAT'd addresses.  None of these are a requirement with IPv6 (and, in fact, significant  effort has been expended to not require the first two).

> There is no need to carry out NAT (Network Address Translation), or IP Masquerading, which is great news for ISPs or mobile operators.

While it is true there is no need to perform NAT, it remains to be seen whether this model is acceptable to Internet users.  The problem is that, as with IPv4, if you don't do NAT, you must either take your addresses with you if you change providers (aka, 'address portability') or renumber your network from your old provider's address space to your new provider's address space.  Address portability has risks to the routing system (specifically, it requires the 'core' routers to know/understand each of the portable blocks of addresses and this will be a problem if too many sites try to do this) and also requires organizations to get address space from the regional registries which requires a yearly fee to be paid.  Renumbering also has its obvious costs. NAT for IPv6 removes both of these concerns, but does impact the end-to-end architecture of the Internet the exact same way IPv4 does.

It isn't clear to me how this is 'great news' to ISPs or Mobile operators.

> Due to this "great" advantage of full audit-trail, it will now be simple to "manage" traffic based on actual addresses, as opposed to blocks of addresses which can be "messy", due to casting such a wide net.

You might want to read http://en.wikipedia.org/wiki/IPv6#Privacy

Regards,
-drc




More information about the liberationtech mailing list