blogx -

divisionimpossibleΔίκτυα και Επικοινωνίες

24 Οκτ 2013 (πριν από 3 χρόνια και 5 μήνες)

88 εμφανίσεις

So, I was asked to write a ‘high
tech’ blog on a topic of my choice, I have never written a blog before, so
someone can comment with


suggestions for if I write another

Couple weeks ago, I was having NAT issues. A particular game is played by
multiple people in this house
on different computers. In order for this to work, I have to go in and change the port
forwarding in my
router, to the person who is currently playing. The problem becomes when multiple people want to
play at the same time

one cannot forward the same port to multiple internal IP addresses.

I can use multiple IP addresses from Shaw to work around this, but it makes more of a headache,
keeping the computers on my internal network, but giving them different external NAT’d add
resses, and
keeping them straight with which IP goes where.

My solution was to implement IPv6 on my network.

I have been waiting for Shaw to release some
addresses to the customers but the only response I have ever gotten is it

is being worked on and wil
happen sometime in the future.

I am forced to use a tunnel, there are a couple that have been given really high reviews, SixXS

and Hurricane Electric


I chose because
it is run by
a single company, the reviews and in
depth research is that
SixXS is a not
profit and is less reliable for uptime compared to Hurricane Electric.

Signing up is very simple, single

page, the standard form, Name, E
Mail address, Address, phone
number. Then you are emailed your account password which you can then change.

Once signed in, Create Regular Tunnel is available, when creating, it asks what your IPv4 endpoint is, and
server you want to use

a script runs and suggests the server with the lowest ping to your
browser. In order to create the tunnel, your IPv4 address must respond to pings.

When your tunnel is created, it defaults to a /64 block of IPs

being assigned to
you (
which is 2^64
individual addresses, also can be approximated as 1.84 x 10^19). From my research, a /64
supposed to be the smallest
subnet *should* be.

I read most of RFC3177 and all of RFC6177, RFC6177
recommends that home sites be given

more than a /64, but not necessarily a /48 and that a /56 is
recommended at this time. RFC3177 recommended that a /48 be given to home sites.

Personally, I see it becoming common
place to assign /48 to business customers and /56 to home users
in the com
ing years.

For the subnet ‘challenged’, there are 65536 /64 subnets in a /48 network block. There are
256 /64
subnets in a /48 block. Shaw, and most ISPs have been given /32 for their network, and to give to their
customers. Some have been given a /29,

and most of the ISPs have a /29 reserved for them as an
extension of their /32.

There are 65536 /48 networks in a /32 allocation.

So, I added many lines of configuration to my router, the nice bonus I found at this
time setting it up on

my router (I tried years ago when it was still a new idea on the internet), that has many example configurations for different routers and operating systems.

After all of this, I have now have a /64 and a /48 assigned to me, my /64 is se
rving my internal network,
servers, workstations, printers
. I plan on doing a lot of subnetting with my /48. My next project will be
offering public WiFi internet access using IPv6 only.

If anyone is thinking about this, I will say this, security with o
bscurity, is not security. As an example, my
laser printer is my first hardware device that is using IPv6, so it has a public IP address, if
anybody finds my printer’s IP, there is nothing to stop them from remote printing, I had to create a few

firewall rules to stop printing from outside my allocated blocks.
2001:0DB8:0000:0003:0000:01FF:0000:002E is an example of an IPv6 address.

Just because my printer

hard to find, doesn’t mean

it is

for random people to print to

will see the

biggest short
term gain from IPv6 as it fixes the dreaded NAT issues,
Xbox users
getting the Strict NAT error for example.