[BUGS] Anyone for IPv6?

[Martin Barry]

$quoted_author = "Andrew Reilly" ;
> 
> Impending office moves and associated network migrations have me
> thinking about (more like wondering idly, really) IPv6 again.
> Is anyone here running an IPv6 internal network, rather than the
> usual NAT-gated IPv4 one?  Is that even possible, or do you have
> to maintain a working IPv4-NAT infrastructure so that your web
> browsers and mail clients and what-not can find IPv4 hosts on
> the wider internet?  (I.e., is there such a thing as an
> IPv6-to-IPv4 NAT gateway?)

As the others have indicated you should probably run dual stack. You could
get away with just IPv6 but you must either to explicitly proxy everything
at the firewall destined for IPv4 only servers or do some DNS rewriting and
use NAT46. Neither is pretty so dual stack is recommended. 


> Other idle questions: I believe that IPv6 does some form of
> LAN-based auto-config, based on MAC addresses, right?  So
> there's no place for DHCP in an IPv6 network?  So what is the
> IPv6 way for doing name resolution?  Do you use zero-conf/avahi
> to build the name database dynamically, or just manually enter
> the auto-generated local IPv6 addresses into your tinydns
> database, or ... (other options?)

The first thing you refer to is SLAAC
http://en.wikipedia.org/wiki/IPv6#Stateless_address_autoconfiguration_.28SLAAC.29

However the security implications of basing your IP on your MAC address led
to so called "privacy extensions" which results in a more random IP which is
then tested for collisions on the local network.

DHCPv6 exists for the very reasons you've thought about, the need to provide
clients with DNS and other settings.


> Anyone have any good pointers to war-stories and howtos on the
> web?  It's been a while since I looked, but didn't have any joy
> the last time I did.

Some of the best docs come from the tunnel brokers (he.net, sixxs.net).

cheers
Marty