cbroccoli « Page 9 « b20c:c011:5:b109::/64

Author Archives: cbroccoli

Dual-Stacked at Home

Posted on February 26, 2013 by cbroccoli

So the strangest thing happened out of the blue last week… Swisscom sent me a new xDSL router for free without any warning. I called the service desk and they told me it was because I was being upgraded from ADSL to VDSL. Cool, I thought, and waited. About 3 days later, my Internet went down, so I figured it must be time for the upgrade ( for a telecom company, Swisscom is not too hot on communication ). Sure enough, after some messing around and a call to the service desk again (both filters which were included with the router were DOA), I finally got the connection back up and was able to log into the customer center to check out my WLAN SSID/key and my admin password, etc. for the router. Then I noticed it… at the bottom of the Router Setup Page was the option to enable IPv6 with the text:

Internet traffic would not be able to work without IP addresses which are assigned to any internet user. IPv6 is the newest version of a protocol which, among others, defines the format of IP addresses. IPv6 has the advantage of enabling longer IP-addresses. Hence, the amount of available addresses increases significantly. Swisscom makes every effort to provide cutting-edge services to our customers. Therefore, interested customers may already activate IPv6 directly here.

How cool is that? So I selected the option to turn IPv6 on and within a few seconds, my Windows7 PC showed a new public IPv6 address along side my old, dare I say, legacy RFC1918 IPv4 address. Interesingly, my Windows Vista PC also came up with both addresses and seems no worse for the ware…. Yay!

Latest Read: The Net Delusion

Posted on January 11, 2013 by cbroccoli

No Comments

[openbook booknumber=”ISBN:978-1586488741″ templatenumber=”1″]

Generally an OK book which gave me a lot to think about. The author did seem to ramble on for quite a while on most topics and at times I kind of lost the thread of the point he was trying to make. Luckily his writing style and the content were interesting and amusing enough to keep me engaged anyway. In general I found myself agreeing with most everything he writes. It is true that with most new technologies, the proponents of that technology see it as the solution to all of our problems. This has been a recurring theme for each revolutionary technology… the telegraph, electricity, radio, TV, etc. Also you do see a lot of “slacktivism” within social media which I really never noticed before but now it seems to pop out everywhere. Just liking a cause on Facebook will not further that cause, you really need to do something about it, e.g. donate money or time, contact your senator, etc.

As the author himself notes in the epilogue, many people feel that he comes off as antagonistic and not offering any real solutions. I think, however, that the final chapter about cyber-realism does offer some answers to how policy makers can better address issues of the day, namely by addressing understanding the underlying problem, developing policies to solve those problems and then seeing how the Internet can fit in to support that policy. Within IT many development projects have problems for exactly the same reason and this is why Enterprise Architecture is so important. It is important to understand the business processes and data model of an enterprise before you can design an application to solve inefficiencies within an organization. Just throwing technology at a problem, implementing SAP for example, will not solve underlying inefficiencies within an organization unless that technology is targeted at some real, underlying issue. From a IT security standpoint the same is true. You do not start a security program by implementing random technologies, rather you begin a security program by performing a risk assessment to determine which critical assets are most vulnerable and then target solutions to eliminate or reduce those vulnerabilities.

Some notable quotes out of the book:

“Refusing to acknowledge that the Web can actually strengthen rather than undermine authoritarian regimes is irresponsible and ultimately results in bad policy.” It is naive to assume that authoritarian regimes do not know how to use social media to spread propaganda, identify dissidents, etc. Just by making the web and web 2.0 tools available invites the regimes themselves to participate and use that media to further their own agendas.

“While all free societies are alike, each unfree society is unfree in its own way.” (acutally he was quoting Tolstoy)

Notes on IPv6 Protocols and Related RFCs

Posted on January 8, 2013 by cbroccoli

No Comments

This post is a work in progress and general reference guide to refresh my poor memory when needed …

SHIM6 (RFC5533)

The purpose of the SHIM6 protocol is to provide a failover mechanism for hosts where they are connected to the Internet with multiple provider provided IPv6 address ranges in a multihomed configuration. It does this by inserting a unique identifier between the IP address and the upper layer protocols. The upperlayer protocols therefore do not use the assigned IP address for communication, rather the unique identifier. The host is therefore able to switch IP addresses (in the event of a failover) and the upper layer protocols should be none the wiser. To accomplish failover, the REAP protocol (RFC5534) is used to identify if the link is down and what the available IP address of the remote peer is.

Mobile IPv6 (RFC6275)

Titled “Mobility Support in IPv6”, this RFC defines the mechanism through which a host can move from one network to another without losing the session with a remote peer. It does this through the concept of a home network where a home router will forward the packets from the peer to the newly assigned IP address of the host on the new network. Various mechanisms exist for optimizing the handover and traffic flows so that tromboning and other such issues do not occur.