[colug-432] more IPv6 fun

[Richard Troth]

I am at the office today.  (I usually work from home.)  So I am away
from the comfort of my LAN.  This gives me an opportunity to expand on
the IPv6 experimentation.

I decided to try using a different tunnel broker.  (Wanted to compare
several brokers anyway.)  My home tunnel is provided by SixXS and is
really smooth and stable and seems to be fast.  I have been hearing
noise from Hurricane Electric for a while.  (They would have been my
first choice before Russ turned me on to SixXS.)  HE sign-up was
*much* faster.  Five tunnels and no kredits.  I immediately got the
laptop on V6.  Within minutes, I was connecting to home systems.  But
it ain't perfect as I tried tunnelling one of the work machines, and
it did not fly.  (Could be the NAT/FW in front of that LAN.)  HE did
not require a special tunnel client, but it did require manual
configuration on the client system.

        score for SixXS: robustness and security (but use their app)

        score for HE: fast sign-up and no addl software (but manual config)

I haven't actually tried getting a subnet from HE.  For the moment,
there is simply no need.  (Am I being overly cautious?)

So here I am up and running and connected and hittin my home boxen.
VPN?  What VPN?  Some people use IPv6 in place of (or in lieu of) a
virtual private network.  If what you really need to do is to tunnel
back home, it makes perfect sense.  So that is what I did today:  got
another tunnel and used IPv6 to hit some of the home systems.  Works.

What about security?  IPv6 mandates IPsec, but I don't honestly know
what that means in practice.  (eg: it is not likely to protect against
port scanning attacks)  For the moment, I only have IPv6 routing to a
limited number of machines at home.  I expect hardening to be a basic
requirement.

Use of IPv6 is so far much better than the tunnelling I have done
previously.  Ahhh...

-- Rick;   <><