Sometime in the last few months, my Surface 3 started having problems connecting to my home WiFi. In the course of troubleshooting, I discovered that private networks (e.g. Home Groups) now require that IPv6 be turned on. Once I did that, everything worked. My router (Netgear R6400) does not have separate LAN and WAN controls for IPv6. I don't want to use IPv6, due to privacy issues. Am I stuck with having it turned on?
OK. I did some testing. IPv6 was absolutely required to create the homegroup and join it. Once connected, I was able to turn IPv6 off inside of Windows and on the router. The connectivity even survived a cold boot.
IPv6 has been required for homegroup from it's beginning. One of the reasons I've never used homegroup. More info, for anyone that wants it: https://support.microsoft.com/en-us...must-have-ipv6-enabled-to-create-or-join-a-ho
There are security and privacy issues. With IPv4, there's typically a NAT router between your computers and the Internet. So, unless you forward ports on the router, remote devices can't establish connections. The downside is that you can't run web servers, or whatever. The upside is that it's harder for adversaries to attack your computers. With IPv6, there's no NAT. So you need firewall rules for protection. It's rather like the old days, before routers were common. Think worms Also, with IPv6, your computers have Internet-routable addresses. With IPv4, it's 192.168.1.100 or whatever. So even if you're using a VPN, HTML5 can leak the address.
That's exactly why firewalls should be used. Every usable OS has firewall: Windows, OS X (probably, I don't used that OS), Gnu/Linux, OpenBSD. I really don't understand what the problem. When it comes to regular people and routers... most routers run outdated and non-maintaned firmware which often have publicly known vulnerabilities. Do you really think that vulnerable router, which can by reconfigured by ISP or crackers at any time, can be a replacement for firewall?
Though I expect in most cases that issues with IPv6 are more privacy related than security related, there is the possibility that any backdoors put into IPv6 devices are easier to exploit than an IPv4 device behind a NAT router, just because they will be easier to locate and access.
Explainer of some of the privacy issues: http://www.circleid.com/posts/20150216_ipv6_security_myth_5_privacy_addresses_fix_everything/ Explainer of one of the known security issues: https://networkingnerd.net/2011/05/09/cut-me-some-slaac-or-why-you-need-ra-gdigit I find it surprising so many articles insist on describing ipv4 as a 32 bit address. It is not. The biggest 32 bit integer is a ten digit 2147483647. This has nothing in common with the twelve digit 255.255.255.255 address which is not even representable as a single 32 bit integer. The 255.255.255.255 address is 8 bit because it consists of four separate 8 bit integers.
Are you talking about signed 32-bit number? Yes, in most programming languages this is the max for signed integers. It is because it starts from −2147483648. −2,147,483,648 through 2,147,483,647. From negative to positive. Range is still 2^32 = 4294967296 and for unsigned integers range starts from 0 making 4294967295 the max number. 4 bytes * 8 bits = 32 bits 256*256*256*256 = (2^8 ) ^4 addresses = 2^32 addresses = 4294967296 addresses Simple estimation for both representation is 2^32 addresses. There are some reserved addresses, though.
Here's a couple of links I found yesterday. The first one has an interesting video about 6 minutes long. The second one states towards the bottom that "The P in IPv6 Doesn’t Stand for Privacy". https://greengarageblog.org/5-pros-and-cons-of-ipv6 https://ghostpath.com/blog/everything-wanted-know-ipv4-vs-ipv6/
That wouldn't be storing it in an integer, my point being the supposed limitation of ipv4 is bogus. It never required a new 64 bit ipv6 because the supposed limitation of ipv4 has not existed since the 1970's when it was invented and CPU's of the time only supported 8 bit arithmetic. Hence the limitation of each subnet is an octet which at the time would have used four 8 bit integers to store the four octets of an ip address. All they needed to do to increase the number of ip addresses exponentially would have taken a tiny change to use even just standard 16 bit arithmetic which obviously has been supported since the 1980's would give, 65356*65356*65356*65356 addresses. I think we should start a campaign to upgrade ipv4 from 8 to 16 bit so we don't ever need to use ipv6.
Does anyone really know how to disable IPv6 trough the registry? So many different answers (such as the 5-second boot delay, right think i trust what ms says?) Nobody knows.
It is how it is done in low-level programming. Reinterpreting memory region as another type is just common. Not to mention that IPv[4,6] is a protocol, not just one number. Feel free to educate yourself on designing protocols and write an RFC.
Exactly, and you don't need to create a "Home Group" in Windows to use WiFi, I never have from Win 98 all the way up to Win 10. PS: Thread title is a bit misleading imho
I've testing this as working in the past, unless you are suggesting there are hidden components that are not getting disabled: http://tweaks.com/windows/40099/how-to-properly-disable-ipv6/
I am familiar with C programming, type casting, etc and it is not neccessary to do that to store IP addresses. In the case of ipv4 it was designed in the 70's when 8 bit CPU was standard. At that time the computational limitation of 8 bit CPU's meant the biggest number that could be stored in a single integer was 255. That is why ipv4 addresses consist of those four 8 bit integers. 255.255.255.255 That limitation of 255 in each of the four integers ceased to exist in the 80's. With the advent of 16 bit CPU's those four integers could then have each held 65356. Allowing, by default, an address limitation of, 65535*65535*65535*65535. IPv4 was never upgraded to take advantage of that, probably because at the time in the 80's there was no apparent shortage of IP addresses but it could have been, and still could.
Network protocols are supposed to be CPU agnostic, so that don't matter whether CPU is 8-bit or 16-bit, you still have to change underlying protocol. I am not familiar enough with designing quite low-level (3 layer in OSI model) binary protocols to tell whether there is some easy and sane way to extend 32-bit addressess to 64-bit addresses, but from what I see nether you are competent enough. Even that you got wrong. 2^16=65536*65536*65536*65536
Thanks! I didn't know, that. I won't be setting up a homegroup, any time soon. I don't need or want it.
I probably should stay out of this, but, you must be starting with 00001 instead of 00000, so 65535 would be correct. Also, if you were doing any 3rd party programming and not writing the OS itself, you would normally be passing IP addresses as text strings anyway, so I don't know what all of the fuss is about.
In range <0; 65535> there are 65536 possible combinations. Take a look at the "<" and ">" symbols. They mean range is inclusive for numbers. "(" and ")" would mean exclusive.
I take it that people are aware of: http://www.enhancedip.org/ If IPV6 is thrust upon a person, I believe a NAT solution should still be possible with the router/firewall offering IPV6 addresses which are shared/used with IPV4 NAT hosts behind it, and the VPN connection initiated by the router. As long as your friendly VPN provider supported IP over V6 tunnels, the privacy issues would be as now. I do not believe that the IPV4 address crunch is severe as advertised even today, given that the overwhelming number of devices are consumers only, and already behind NAT - sometimes multiple layers thereof. Hardly satisfactory, but here we are. I'd want to re-write many more things than IP addressing. The whole stack reeks of an era when error rates were high, processors feeble and memory tiny.