IPv6 Adoption Will Grow With Smart Grid Adoption, Hopes Cisco 169
darthcamaro writes "A lot of people in the US have not seen a use case for the use of IPv6 yet, since we've got plenty of IPv4 addresses. But what happens when the entire electrical grid gets smart? The so-called Smart Grid will need a networking transport mechanism that will connect potentially hundreds of millions of people and devices. Networking giant Cisco sees IP (internet protocol) as the right transport and IPv6 as the logical choice for addressing. 'Pv6 is an interesting discussion and one that occupies a lot of bandwidth at Cisco,' Marie Hattar, Cisco's vice president of network systems and security solutions marketing said. 'Some people say that for smaller deployments, we could get away with IPv4, but the smart grid has a number of parts. The point is that if you're looking to build this [smart grid] out, why not build it out on the scalable protocol from the get-go?'"
I know my utility meters can be read remotely. (Score:3, Interesting)
But I'm not sure what protocol they use to check my electricity and water meters remotely.
I doubt its IPv6, but it would be a logical thing to do simply because of network addressing.
I mean even with private IPv6 addresses, it would still provide an easier way to identify the devices.
Get a Clue! (Score:5, Interesting)
The internet and especially all the Linux nodes on the internet are designed from the ground up to have a static IP addresses and IP names and be their own DNS and own Mail smarthost and web server and ....
Between the control freaks, the clueless, and the bean counters in Microsoft and the ISP's we have an internet with...
IPv6 will _never_ be allowed into the current mix.
Re:Translation (Score:3, Interesting)
Re:Get a Clue! (Score:2, Interesting)
Protip: We were networking long before IP. If you were talking about MAC addresses, you'd have a point.
Yes, ISPs suck.
No, believe it or not, IPv6's ridiculously slow uptake is MS's fault.
Yes, IPv6 will be here one day.
Re:Wishful thinking (Score:2, Interesting)
Don't lets limit the rest of the world because you're too stupid to realise that NAT and IPv4 causes huge problems on a day to day basis for a lot of people.
Re:If it's so interesting... (Score:3, Interesting)
Especially ironic since just this afternoon I was looking at a Cisco Press book that gave a lookup for www.cisco.com as an example of IPv6 DNS.
Re:Translation (Score:5, Interesting)
throw out routers? haven't ciscos been ipv6-capable for at least a decade now?
Pretty much (although you might have to buy a firmware upgrade... but then if you aren't running a recent firmware you're probably infested with security holes anyway).
those that aren't probably don't NEED to be, anyway.
That's rather untrue though. If you're going to deploy IPv6-only systems then *all* the routers on the network need to do IPv6. Yes, this even includes the home DSL routers, most of which currently on the market *still* have absolutely no IPv6 support, even though we only have about 2 years until IANA runs out of IPv4 addresses. Anything else is going to involve kludging things to work through IPv4 to IPv6 gateways, or tunnelling IPv6 over IPv4 to bypass the non-compliant devices.
The whole IPv4 address exhaustion problem is a really good example of people sticking their heads in the sane and hoping the problem goes away - most ISPs seem to not be interested in preparing their networks for IPv6 at all (PlusNet told me that they had no plans to roll out *any* IPv6 support over the next few years and EntaNet seem to have halted their IPv6 trials). Some time towards the end of 2011 there will be a "sky falling" moment similar to what we saw at Y2K when ISPs realise they are basically screwed and are going to have to do an expensive rush-job of deploying IPv6 over their networks in just a few short months.
not everything needs a world-wide public address. NAT 'security' is actually a Good Thing(tm).
Argh! Please will people stop spreading this crap. There is practically *no* security provided by a NAT. You get security from stateful packet inspection. NAT requires stateful packet inspection to work, but there is no significant security advantage (and many really serious operational disadvantages) provided by running NAT instead of just a stateful firewall. Also, most home NAT routers provide no stateful firewalling, only the limited stateful tracking required to make NAT work, and can therefore easily be bypassed by anyone on the upstream segment (which may be a few hundred random members of the public in the case of some cable setups).
Security is better served by doing proper stateful firewalling, and this is probably best achieved by removing NAT from the equation so that people don't have a false sense of security. Removing NAT also solves a lot of operational problems, as there are an increasing number of protocols that can't be made to work well through NAT (and whilst many people regard this as a flawed protocol design, there are sound reasons for designing these protocols in this way).
Re:Wishful thinking (Score:4, Interesting)
NAT/IP Masquerade has worked well for scaling IPv4 in every conceivable application to date...
Except it hasn't, NAT is a kludge that happens to work with simplistic client/server protocols in common use (such as HTTP). It doesn't even work well with some old standard protocols, such as FTP, without protocol-specific packet mangling.
NAT breaks pretty much all peer-to-peer protocols, which are rapidly becoming more common. Want to do VoIP, or start a direct file transfer between 2 IM clients? If you have NATs in the way then that gets unreliable. STUN makes things work a lot of the time, but even the STUN RFC admits that it is not, and cannot be, reliable. Systems like Skype try to hide these problems by abusing unfirewalled clients to route traffic between NATted clients (often without the unfirewalled user's knowledge), but the problems still exist and such "solutions" start to fall to pieces as the proportion of unfirewalled hosts dwindles.
what makes them think it won't work for the "smart grid"?
I'm guessing that the electricity supplier is going to want to be able to talk directly to your electricity meter, etc. Having a NAT in the way makes this less reliable since they won't be able to talk to it unless the meter has already initiated the connection through the NAT.
Or to put it differently, do you really want every appliance in your house directly addressable from anywhere in the world?
Do not confuse global addressability with global reachability. Assigning every device a globally unique address is valuable, even if it is on an isolated network. It makes it easier to connect 2 isolated networks together when you realise that you actually need them to not be so isolated from each other.
That said, I can think of a number of appliances that I wouldn't mind being globally reachable: My MythTV system is already globally reachable - if someone mentions a TV programme that sounds interesting, I can use the web browser on my phone to tell it to record that programme. I wouldn't mind my oven to be internet addressable, so I could remotely ask it to turn on and cook my dinner in time for me getting home. Being able to turn my heating on when I'm at the airport after coming back from holiday would be useful. Taking things a bit further, if I could ask my fridge what I'm running out of when I'm in the supermarket, I could save some hassle.
After all, what could possibly go wrong?
There are obviously security concerns to be addressed. But at the same time, designing a network so it *can't* be extended in the future seems somewhat short sighted.
Re:Wishful thinking (Score:4, Interesting)
I have a home LAN, with a router. In order to get bittorrent working correctly, I had to set up this machine with a static IP on the LAN, and tell my router to forward all rquests on the appropriate ports to that IP. I have my own domain, and I've used dynamic DNS to let me use SSH to connect to my home machine when I'm away from home. Again, I had to tell the router where to send incoming requests on Port 22. Now, you may prefer to call that a "residential gateway" as Wikipedia does, but most people would look at you funny if you called it anything other than a router.
Re:Translation (Score:3, Interesting)
That's rather untrue though. If you're going to deploy IPv6-only systems then *all* the routers on the network need to do IPv6. Yes, this even includes the home DSL routers, most of which currently on the market *still* have absolutely no IPv6 support
Yeah, when ISPs actually do go IPv6 it will be a beautiful day for DD-WRT and OpenWRT. There will be whole businesses around reflashing those routers and reselling them, while most manufacturers will not release an update including IPv6.
There is practically *no* security provided by a NAT.
Unless your ISP is compromised, the combination of using non-routed addresses and dropping source routed frames (as everyone and their mom does by default) means that a NAT does provide some significant security. Attacks generally rely on packets reaching their destination.
Security is better served by doing proper stateful firewalling,
This part is true.
Removing NAT also solves a lot of operational problems, as there are an increasing number of protocols that can't be made to work well through NAT (and whilst many people regard this as a flawed protocol design, there are sound reasons for designing these protocols in this way).
In some cases yes, in some cases no. FTP is just stupid no matter how you slice it, sorry. Most newer protocols have some facility for NAT traversal, or at least work with a SOCKS proxy.
Re:oh the headache ... (Score:3, Interesting)
Re:oh the headache ... (Score:3, Interesting)
What are the odds that some popular software/code turns out to be not so good at picking completely random numbers.