Šodienas jautājumu un atbilžu sesija mums priecājas par SuperUser - Stack Exchange dalību, kas ir kopienas vadīta Q & A tīmekļa vietņu grupa.
Attēla pieklājīgi no Ministerio TIC Colombia (Flickr).
Jautājums
SuperUser lasītājs AJS14 vēlas uzzināt, kāpēc viņam ir IPv4 un IPv6 publiskās adreses, kas piešķirtas viņa mājas tīklam:
For my home network, my public IP address “displays” as IPv4 on some websites, yet as IPv6 on others. I have read this SuperUser thread and understand that it is possible for my Internet service provider to have assigned me one of each type.
- What is the purpose of assigning one of each type to me?
- Can disabling IPv6 from within Windows on a local host guarantee that only an IPv4 address is used from that computer? I ask as I have read about security concerns in relation to certain VPN protocols used in combination with IPv6.
Kāpēc IPv4 un IPv6 publiskās adreses tiktu piešķirtas vienam un tam pašam mājas tīklam?
Atbilde
SuperUser ieguldītājs Bobs mums ir atbilde:
What is the purpose of assigning one of each type to me?
Ideally, we should be moving towards greater IPv6 rollout due to IPv4 exhaustion. However, a lot of servers still do not support IPv6. There are many workarounds, none particularly great, but they generally involve tunneling through an intermediate server that can translate between the two. Your ISP provides you with an IPv4 address for compatibility reasons.
What many ISPs do now is implement CGN, where many people share a single “public” IPv4 address. There are many reasons why this is a bad thing (1), but it is necessary simply because there are not enough IPv4 addresses to go around. This is why we need IPv6, and probably why your ISP provides it.
Can disabling IPv6 from within Windows on a local host guarantee that only an IPv4 address is used from that computer?
Yes, however, this is generally not a good idea. Alternatively, you can disable IPv6 at the router level, which is a bit better, but again this is not a great idea. We cannot continue to use IPv4 forever.
I ask as I have read about security concerns in relation to certain VPN protocols used in combination with IPv6.
That is typically due to broken VPN clients and configurations. It is getting better now, though. If you do not use VPNs, it will not affect you. If you do use one, you should do some research first to see if it supports IPv6 correctly (modern VPNs should by now). One of the biggest issues was with VPN clients ignoring IPv6 entirely, so IPv6 connections bypassed the VPN, but hopefully that has gotten better now that there is more attention focused on the issue (see also: IPv6 security vulnerability pokes holes in VPN providers’ claims).
(1) For example, one of the consequences of CGN is that home users can no longer reliably host a server. Traditional NAT was bad enough (and again a consequence of the IPv4 shortage), but with CGN port-forwarding it is also no longer possible. There are techniques for working around it, such as NAT hole-punching, but they require external servers and will not always work depending on the service required. Having a unique IPv6 address works around this limitation.
Vai kaut ko pievienot paskaidrojumam? Skatieties komentāros. Vēlaties lasīt citas atbildes no citiem tehnoloģiju savvy Stack Exchange lietotājiem? Šeit skatiet pilnu diskusiju pavedienu.