• Please review our updated Terms and Rules here

What does IPv6 mean for DOS?

S

Shadow Lord

Veteran Member
Joined
Jun 16, 2010
Messages
3,235
Location
California
No really what does it mean? I understand the issue of running out of IP addresses. But does DOS (or I guess really LAN Manager, Win 3.x, WfW, etc...) handle IPv6? If not does this mean DOS is going to be less and less able to get on the net? I am assuming that LANs will not be affected by this issue, so even if your new machines will use IPv6 they will continue to support IPv4.
 
Most older software running on DOS is not IPV6 capable. So eventually your ability to fire up your favorite TCP/IP application and connect to an arbitrary server on the greater Internet is going to go away.

However, there will be work arounds. You can still use IPV4 on your internal network, and you can probably "tunnel" through a gateway machine to other IPV4 machines on other networks. And there are probably applications/appliances that will proxy your IPV4 connections to make them look like IPV6. I wouldn't be too concerned about it.

Eventually I'll have to get around to making mTCP IPV6 compliant. I started reading up on IPV6 a few years ago, so it will be ready. :)
 
Do you think you'll live long enough to see IPv6 deployed universally? :)

The industry will milk the workarounds until the well runs dry, judging from past performance.
 
I agree there's not much to worry about -- any ISP deploying IPv6 will have to provide routers that handle IPv4 clients (for a lot of existing routers this is probably just a configuration change, or maybe some new firmware). Theoretically if you had a LAN of completely IPv6 machines they could all be directly "on the internet" without the NAT (network address translation) that home routers now do, but if that ever happens it will be a long ways in the future.

Even if the ISP didn't support it directly, you could always run a second router to handle the translation (I think the IPv6 spec includes support for the back-and-forth between the old and new protocols).

I have yet to actually see an enterprise using IPv6 internally.
 
mark66j said:
I have yet to actually see an enterprise using IPv6 internally.
Click to expand...

The state university I went to used IPv6 everywhere as a "security through obscurity" measure -- simply having an IPv6 address was often the prerequisite to skipping login authentication. Since Windows XP users were generally unable to use IPv6, I guess it wasn't a problem with the majority of students...but anyone with an IPv6 capable laptop could connect, unrestricted, to the IPv6 Internet.

As far as DOS though, there will definitely be translation platforms, just as there are platforms for tunneling IPv6 through IPv4 networks now. If nothing else, too much of the government and/or industry relies on IPv4 limited software to drop it.
 
Another thing to keep in mind - a lot of intelligent routers/gateways built by the 'big boys' are IPV6 capable right now. The catch is that performance goes to hell when they bump into IPV6 packets. The hardware is built to handle IPV4, and as soon as something weird comes across they punt and use software to handle it.

So until your ISP and their upstream providers start getting newer hardware that supports IPV6 at similar speeds as IPV4, they will resist the change.

The good news is that IPV6 is a lot more amenable to hardware routing than IPV4 is. Fragmentation and IP options were designed from a hardware point of view.
 
Chuck(G) said:
Do you think you'll live long enough to see IPv6 deployed universally? :)

The industry will milk the workarounds until the well runs dry, judging from past performance.
Click to expand...

Well according ot an article I read today by 9-30-12 all US based DNS servers are suppose to be using IPv6. Once the DNS servers go it really doesn't matter if you can still access resources w/ IPv4 for most people. Of course with modern SW/OS/HW it will all be transparent (as is IPv4) but w/ something like WfW? I think I may have to give up on IE 5! :D
 
mark66j said:
I have yet to actually see an enterprise using IPv6 internally.
Click to expand...

I am curiouse as why you would think they would want/need to? I can't imagine any single organizations needing that many IP addresses at any one site. Is there any other reasons outside of sheer numbers?
 
Shadow Lord said:
I am curiouse as why you would think they would want/need to? I can't imagine any single organizations needing that many IP addresses at any one site. Is there any other reasons outside of sheer numbers?
Click to expand...

IPv6 can avoid the need for address translation at the border of the network -- in other words (if firewalls allow it) you could directly ping an address inside the network from outside. This doesn't make much difference for HTTP or most protocols, but it makes life much simpler for voice over IP protocols like SIP, which are confused by the address translation from inside to outside.

In the short term, that's not a big selling point, I admit.
 
Shadow Lord said:
Well according ot an article I read today by 9-30-12 all US based DNS servers are suppose to be using IPv6. Once the DNS servers go it really doesn't matter if you can still access resources w/ IPv4 for most people. Of course with modern SW/OS/HW it will all be transparent (as is IPv4) but w/ something like WfW? I think I may have to give up on IE 5! :D
Click to expand...

I think this could also be handled by the gateway router (in my case, with FIOS, it is already the DNS server for the house). I think the router could map these addresses to local IPv4 addresses that the old software could talk to (since the router is usually the default gateway). This is a bit more complicated than what happens now at the gateway, but I'm sure it can and will be done.

There are way too many devices out there that either can't do IPv6 or would have to be reconfigured and/or given firmware upgrades. Much easier to hide all this from the end user.
 
Chuck(G) said:
Do you think you'll live long enough to see IPv6 deployed universally? :)

The industry will milk the workarounds until the well runs dry, judging from past performance.
Click to expand...

That's exactly what they've done with telephone numbers. I remember hearing talk nearly 20 years ago about the possible need to add another digit to phone numbers, because the demand for fax machines, pagers, and cell phones was causing existing allocations of exchanges and area codes to run out of numbers. Instead, they removed the restriction that area codes could only use 0 or 1 as the middle digit, and started using area code overlays. Combined with the decline in use of landlines, that has allowed the increasing demand for mobile phone numbers to be met without needing to change or replace traditional 10-digit dialing.
 
mark66j said:
IPv6 can avoid the need for address translation at the border of the network -- in other words (if firewalls allow it) you could directly ping an address inside the network from outside. This doesn't make much difference for HTTP or most protocols, but it makes life much simpler for voice over IP protocols like SIP, which are confused by the address translation from inside to outside.

In the short term, that's not a big selling point, I admit.
Click to expand...

I am not sure if I see this as a big advantage even in the long run. I mean this is just like configuring your PC w/ a IP now and just connecting your DSL modem directly to your NIC. I used to do this when I first got DSL back in 1999 (LAN, whats a LAN? :)) w/ no Firewall. Of course times were a bit safer then. I finally started running a FW (BalckICE) in 2K and saw just how many attacks were attempted. I hate to see what happens now!?! The NAT in your router is a huge security boost, I believe. And apparently so does Netgear as I just got an e-mail talking about the advantages of their new line of secure routers. NG states:

Though it remains an important first step in securing your business and customer data from attacks, desktop security software simply cannot keep pace with the volume, speed, and efficiency of Internet-based threats. It must be complemented with a robust gateway security solution, which scans both inbound and outbound traffic to detect and remove threats before they reach individual desktops.
Click to expand...

Take it for what you will! :D
 
Last edited:
Shadow Lord said:
...I mean this is just like configuring your PC w/ a IP now and just connecting your DSL modem directly to your NIC. I used to do this when I first got DSL back in 1999 (LAN, whats a LAN? :)) w/ no Firewall. Of course times were a bit safer then. I finally started running a FW (BalckICE) in 2K and saw just how many attacks were attempted. I hate to see what happens now!?! The NAT in your router is a huge security boost, I believe...
Click to expand...

$DAYJOB is at an ISP...

The DSL modems in use now are NAT'ed in normal operation, and yes, you would be horrified at the number of port probes happening out there. Bridging (where the modem passes all traffic to the device that will have the Public-side IP(s)) is less commonly done, and would be the only case where you would need IPv6 support on an older system that was not NAT'ed. FWIW, we are starting to deploy a DSL modem with IPv6 ability, but haven't converted any equipment yet.
 
IBMMuseum said:
$DAYJOB is at an ISP...

The DSL modems in use now are NAT'ed in normal operation, and yes, you would be horrified at the number of port probes happening out there. Bridging (where the modem passes all traffic to the device that will have the Public-side IP(s)) is less commonly done, and would be the only case where you would need IPv6 support on an older system that was not NAT'ed. FWIW, we are starting to deploy a DSL modem with IPv6 ability, but haven't converted any equipment yet.
Click to expand...

This is definitely true. But remember this was 1999. Back then PacBell (before being swallowed by SBC and then re-swallowed by AT&T) would send out a tech to draw a separate line for you for your DSL. My modem (can't recall the model now) was just that - a modem. No NAT, no routing, nothing like that. Even now, I have my modem configured in non-bridged mode and I let the NAT to occur at my router. This way I can change my modem or router at will.
 
glitch said:
The state university I went to used IPv6 everywhere as a "security through obscurity" measure -- simply having an IPv6 address was often the prerequisite to skipping login authentication. Since Windows XP users were generally unable to use IPv6, I guess it wasn't a problem with the majority of students...but anyone with an IPv6 capable laptop could connect, unrestricted, to the IPv6 Internet.

As far as DOS though, there will definitely be translation platforms, just as there are platforms for tunneling IPv6 through IPv4 networks now. If nothing else, too much of the government and/or industry relies on IPv4 limited software to drop it.
Click to expand...

You can install IPv6 on Windows XP. Go to Add/Remove under Windows Components. You can also download LLTP to work with Vista and Windows 7 networks.
 
vwestlife said:
That's exactly what they've done with telephone numbers. I remember hearing talk nearly 20 years ago about the possible need to add another digit to phone numbers, because the demand for fax machines, pagers, and cell phones was causing existing allocations of exchanges and area codes to run out of numbers. Instead, they removed the restriction that area codes could only use 0 or 1 as the middle digit, and started using area code overlays. Combined with the decline in use of landlines, that has allowed the increasing demand for mobile phone numbers to be met without needing to change or replace traditional 10-digit dialing.
Click to expand...

The biggest thing that helped was when they changed number allocations from whole exchanges. Used to be you could only allocate a whole NPA-NXX exchange, now they allocate by by exchange + 1 digit.

As for IPv4 only clients. NAT-PT could have be a possible solution and is similar to how IP over IPX gateways worked back in the day. Too bad it was killed off.

http://www.ietf.org/rfc/rfc2766.txt

Of course there is nothing stopping anyone from writing a DOS or Windows 3.x IPv6 stack.
 
I presume that packet drivers, being a thin bridge between hardware and software, don't care what protocol you actually send using them? If so, then perhaps some day we could see Arachne support IPv6 - it's OSS after all.
 
Raven said:
I presume that packet drivers, being a thin bridge between hardware and software, don't care what protocol you actually send using them? If so, then perhaps some day we could see Arachne support IPv6 - it's OSS after all.
Click to expand...

You are correct - the packet driver doesn't care.

But somebody is going to have to fix WATTCP. And yes it's open source, but that doesn't mean anything if the people with the skills don't have the time or interest to work on it. OSS only works when people chip in.

(Yep - start reading the IP V6 books now and get a head start! You too can be a superstar open source developer ...)
 
You must log in or register to reply here.
Back
Top