IPv6: Part 1 – I could see you all ignore the fact we’d fill up IPv4

After several friends asked about it, and because of the recent featured article on the BBC technology news site, I thought I would do a series on IPv6. I consider myself somewhat of an authority, because my honours project, dissertation and paper were on IPv6 – the actual title being IPv6, its implementation and migrating from IPv4 – I had what I thought were better ideas for a project but I figured IPv6 knowledge would increase my employability in the coming years.

The series starts with theory and need, then a few posts on local implementation, a couple of scenarios for wider implementation, then a final article on the reticence of the IT world to IPv6 and what I think is causing it.

So starting with theory and the need for IPv6, I know they’re not glamorous, I know to some they may be mind numbing and they’d rather just get on and do it, the whole don’t talk or discuss just do mentality. I can sympathise with this opinion. That being said, sorry no dice, you need a good mix of practical and theory otherwise you get into the area of call cargo cult system administration – I’ll probably discuss that phrase more in a future post – where you follow something like a ritual with no actual understanding. … 

 

I am the gatekeeper…

Are you the keymaster. Or how to stop some joker messing up your beautiful network by screwing with client side DNS.

Scenario: You’re a system administrator/network administrator/IT guy (whatever you want to call it) with an excellent setup, and while you sit staring at the blinking lights in the comms room pondering the quintessential meaning of things, or more realistically chatting on IRC (whatever floats your boat) you’re interrupted for the fifteenth time that week by that luser, um user you were forced to give local admin access to. Turns out now they can’t access the intranet or send e-mail.

Upon investigating you find that once again this user has changed the DNS settings on their computer, breaking Active Directory/OpenLDAP/e-mail whatever, despite repeated warnings. They’re operating under the mistaken belief that using the DNS servers provided by OpenDNS, Google DNS or any number of resolvers found here. Will make their Interweb downloads of funny cat pictures faster, you’ve tried chatting and explaining it to the guy, you tried approaching their line manager with no success. Short of beating the user with a hammer you need to find a way to resolve this situation, what do you do? You could block external DNS but that’s only half an answer. If they do it again it will break more connectivity. …