Switches and IPv6

David A. Bandel david.bandel at gmail.com
Tue Sep 30 05:59:37 PDT 2008 

Folks,

Just bought and installed a new D-Link POE switch and guess what -- as
far as I'm concerned it's obsolete.  Bloody POS won't pass IPv6 (i.e.,
won't pass IP).  I'm amazed.  And D-Link confirms their brand new
switch won't pass IP, and they don't plan to fix it.

I have garbage consumer-grade dumb switches that all pass IPv6.
Anyone have a recommendation for a managed POE switch that will pass
IPv6?  The only ones I've found that mention IPv6 start at $3k.  I
need 24-48 ports.

As an aside:

I just happen to know someone on the ICAAN board (a customer of mine).
 And we were discussing some issues and I brought up IPv6.  And while
he's on the Internationalization board, he's privy to other board
discussions (when he cares to be).  This is what he had to say about
IPv6:

The ICAAN is not happy that IPv6 is not being adopted.  The board in
charge has had discussions to the effect that when the IPv4 address
space is exhausted in 2009 (about a year from now), they will ram this
down everyone's throats the hard way -- no grace period, no nothing,
just turn off IPv4 AS routing at the root.  No IPv6, no Internet.

I expect that will get someone's attention.

As a note, I follow the Bogon List, and they just published the first
IPv6 Bogon List.  Got to get busy adding that to my Linux routers now.

Personally, having been using IPv6 for years now (thanx to Linux'
native IPv6 implementation -- see my SxS from 2006 on the subject), I
like having more addresses available in my house than the entire IPv4
has on the Internet.  And since I have a /48, I can assign every
customer several /64's.  I have less than 1% of my assigned address
space routed.  And w/ OpenVPN IPv6 tunnel broker, those old crap
routers that can't handle IPv6 (principally consumer-grade garbage), I
just jump over those silly obsolete systems and tunnel an IPv6 block
inside.

I will also note that all my systems currently answer SSH to IPv6
only.  And guess what -- I am registering ZERO ssh attacks (surprise,
surprise).  From over 10,000 attacks a day to 0.  And as large as the
IPv6 address space is, I only expect my servers to ever see attacks --
so they'll eventually be blocked to only accept logins from my
assigned blocks.

As IPv6 is simpler than IPv4, I just don't understand why folks aren't
adopting it, but I'm not waiting for the blackout.

Ciao,

David A. Bandel
-- 
Focus on the dream, not the competition.
            - Nemesis Air Racing Team motto

More information about the Linux-users mailing list