BlogIPv6 is simple

LightUpon.Cloud client now supports IPv6.

1. How to read IPv6 address. Example:


2001:0db8:0001 — Site Prefix used for routing. Length of this field is defined by prefix ( the value after "/" at the end ). In this case it is /48.

0005 — subnet

0000:0000:1234:5678 — interface identifier

Ther'a different types and scopes introduced in IPv6. But in most cases a unicast one is used. Addresses starting with "2001:0db8" are used for documentation only and not routed in the Internet.

2. Network Address Translation ( NAT ) is almost never used in IPv6-enabled networks, since borders of LAN are blurred( ther's no specification for NAT, but linux implements NAT64 ).Also you can use multiple local-link and global IPv6 addresses on one physical interface.

3. Most of operating systems prefer to resolve hostnames to IPv6 addresses. If you don't have IPv6 address already, some security enthusiast from your local network can start sending initial router solicitation messages to link-local multicast address. In this case your OS ( radvd daemon in Linux ) will try to obtain IPv6 prefixes from a fake router along with DNS and router configuration.
Since OS prefers to resolve domains to IPv6, most probably that web traffic will go through fake router, giving attacker possibility to capture your passwords.

The described mechanism called "SLAAC" and stands for "Stateless Address Autoconfiguration", which is mandatory according to standard ( RFC 2462 ).

19 May, 2015