IPv6 Transition

IPv6 Transition / Recently Commented

IPv6 Security Myth #9: There Aren’t Any IPv6 Security Resources

We are approaching the end of this 10 part series on the most common IPv6 security myths. Now it's time to turn our eyes away from security risks to focus a bit more on security resources. Today's myth is actually one of the most harmful to those who hold it. If you believe that there is no good information out there, it's nearly impossible to find that information. So let's get down to it and dispel our 9th myth. more

IPv6 Security Myth #8: It Supports IPv6

Most of our IPv6 Security Myths are general notions, often passed on unwittingly between colleagues, friends, conference attendees, and others. Today's myth is one that most often comes specifically from your vendors or suppliers. Whether it's a hardware manufacturer, software developer, or Internet Service Provider (ISP), this myth is all about trust, but verify. more

IPv6 Security Myth #7: 96 More Bits, No Magic

This week's myth is interesting because if we weren't talking security it wouldn't be a myth. Say what? The phrase "96 more bits, no magic" is basically a way of saying that IPv6 is just like IPv4, with longer addresses. From a pure routing and switching perspective, this is quite accurate. OSPF, IS-IS, and BGP all work pretty much the same, regardless of address family. Nothing about finding best paths and forwarding packets changes all that much from IPv4 to IPv6. more

IPv6 Security Myth #6: IPv6 is Too New to be Attacked

Here we are, half-way through this list of the top 10 IPv6 security myths! Welcome to myth #6. Since IPv6 is just now being deployed at any real scale on true production networks, some may think that the attackers have yet to catch up. As we learned in Myth #2, IPv6 was actually designed starting 15-20 years ago. While it didn't see widespread commercial adoption until the last several years, there has been plenty of time to develop at least a couple suites of test/attack tools. more

IPv6 Security Myth #4: IPv6 Networks are Too Big to Scan

Here we are, all the way up to Myth #4! That makes this the 4th installment of our 10 part series on the top IPv6 Security Myths. This myth is one of my favorite myths to bust when speaking with folks around the world. The reason for that is how many otherwise well-informed and highly experienced engineers, and others, hold this myth as truth. It's understandable, really. more

Addressing 2014 - And Then There Were 2!

Time for another annual roundup from the world of IP addresses. What happened in 2014 and what is likely to happen in 2015? This is an update to the reports prepared at the same time in previous years. So lets see what has changed in the past 12 months in addressing the Internet and look at how IP address allocation information can inform us of the changing nature of the network itself. more

IPv6 Security Myth #1: I’m Not Running IPv6 so I Don’t Have to Worry

Now that IPv6 is being actively deployed around the world, security is more and more a growing concern. Unfortunately, there are still a large number of myths that plague the IPv6 security world. These are things that people state as fact but simply aren't true. While traveling the world, talking to the people who've already deployed IPv6, I've identified what I believe are the ten most common IPv6 security myths. more

The Christmas Goat and IPv6 (Year 5)

This year I didn't even get a good picture of our famous Christmas goat here in the city of Gavle Sweden. The Christmas goat this year survived Christmas but were suddenly on the 28th of December dismounted. The reason for the poor goat's early leave from its own little park downtown Gavle is that it is now the year of the goat in China, and the city of Gavle has a sister-town in China -- Zhuhai. more

CircleID’s Top 10 Posts of 2014

Here we are with CircleID's annual roundup of top ten most popular posts featured during 2014 (based on overall readership). Congratulations to all the participants whose posts reached top readership and best wishes for 2015. more

What’s With the 32-Bit Numbers That the Internet Keeps Defying?

By now you might have read the news "How 'Gangnam Style' Broke YouTube?" What happened is that a YouTube video named 'Gangnam Style' by a South Korean singer Park Jae-sang, known by his stage name PSY, has been viewed so many times that it broke YouTube's view counter. YouTube's view counter is built on a 32-bit integer, which provides a view-tracking capability of nearly 2.15 billion views. more

An Open Letter to the Prime Minister of India, from Within India, Through an Internet Blog

Hon' Prime Minister, Why would India table Proposal 98 for the work of the ITU Plenipotentiary Conference? Contribution 98 wants the ITU to develop an IP address plan; wants it to be a contiguous IP address platform so as to enable the Governments to map and locate every Internet user; suggests that the ITU may coordinate the distribution of IP addresses accordingly; instructs the ITU Secretary General to develop policies for... naming, numbering and addressing which are [already] systematic, equitable... more

Some Observations from NANOG 62

NANOG 62 was held at Baltimore from the 6th to the 9th October. These are my observations on some of the presentations that occurred at this meeting. .. One of the more memorable sides in this presentation was a reference to "map" drawn by Charles Minard in 1869 describing the statistics relating to the Napoleonic military campaign in Russia, and the subsequent retreat. more

Watch ION Belfast / UKNOF Live Tuesday, Sept 9, for IPv6, DNSSEC, BGP Security and More

On Tuesday, September 9, 2014, you have a great opportunity to watch live a very packed agenda full of great sessions about IPv6, DNSSEC, routing/BGP security and other components of Internet infrastructure streaming out of the UKNOF / ION Belfast event in Belfast, UK. All of the sessions can be seen live. more

How to Translate a Gov’t IPv6 Mandate Into an Action Plan: Guidance for National IPv6 Task Forces

Last year, I gave a short talk at the Commonwealth Telecommunications Organisation (CTO) Forum in (Abuja, Nigeria) on this topic and I thought I'd offer more details here. Let's say an African government has realised that IPv4 address exhaustion imposes limits its country's ICT development. Initial investigations indicate that deploying IPv6 is the only sustainable solution. Governments are however not very skilled in the bottom-up approach that is popular in the Internet world. more

Where is Metadata Anyway?

I can't help but think that the situation in this rather old joke applies very precisely to the current Australian efforts to compel network operators, through some contemplated regulatory instrument, to record and retain network-collected data about their customers' online activities. What I'd like to examine here the emerging picture that while networks, and network operators, make convenient targets for such surveillance efforts, the reality of today's IP network's are far more complex, and Internet networks are increasingly ignorant about what their customers do. more