IPv6 is the future, right?

[Kurt Buff]

https://xkcd.com/865/

I love xkcd...

Kurt

[Erik Goldoff]

I remember taking IPv6 courses and lectures at NetSec '94 in SF.  Over 30 years ago, it was just around the corner from being the standard then... 😉

--
You received this message because you are subscribed to the Google Groups "ntsysadmin" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ntsysadmin+...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/CADy1Ce4mx_ooYSWHXQqMyh2q8DJBRkcSyZO6TZPCkrzrD1rHKg%40mail.gmail.com.

[Michael B. Smith]

There is actually quite a bit of it deployed now…

To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/CAGMVfXSGiitsgX31%2BAC_v8sD%3D3XD8RLgJfcmgssrCnkqF2uXAQ%40mail.gmail.com.

[Mike Leone]

All our phones use  IPv6, from what I've seen in our DHCP.

Mike. Leone, <mailto:tur...@mike-leone.com>

PGP Fingerprint: 0AA8 DC47 CB63 AE3F C739 6BF9 9AB4 1EF6 5AA5 BCDF
Photo Gallery: <http://www.flickr.com/photos/mikeleonephotos>

To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/83df7f3199fb4a60b3b67f903440f144%40smithcons.com.

[Erik Goldoff]

no doubt, yet I still find very few people properly versed on it's features and nuances compared to legacy IPv4

On Fri, Oct 17, 2025 at 10:57 AM Michael B. Smith <mic...@smithcons.com> wrote:

To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/83df7f3199fb4a60b3b67f903440f144%40smithcons.com.

[Michael B. Smith]

Quite true.

 

Then again, I also find that most of the “younger generation" doesn’t understand IPv4 either. 😊

To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/CAGMVfXSLg16CmtGT7WD79pcXr9-dYuxtUkMe3hzryMYHyWU5Nw%40mail.gmail.com.

[Charles F Sullivan]

I haven't even been thinking about ipv6 recently. In fact the CSO got angry with me almost a year ago because I changed our Windows servers from ipv6 being completely disabled to "prefer ipv4". He made me set it back to disabled.

I've decided this week that I'm going to retire in a matter of months. This is the first thing I've seen that's made me think "Hey, I'm never going to have to deal with this after all!" I'm sure there are others on this thread who have similar thoughts.

To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/a5346462a9044e8fb415ba9a5d84a0d3%40smithcons.com.

--

Charlie Sullivan

Principal Windows Systems Administrator

[Kurt Buff]

We're interviewing for a sysadmin position.

They all come with resumes that say they have AD, networking, GPO, "cybersecurity", etc. experience.

Most don't know what a FSMO role is, let alone be able to name them or tell me anything about them, and can't tell me what STP is or what it does or the difference between a hub and a switch, what loopback processing is, why VLANs are useful, what the CIA triad is, and on, and on.

I'm willing to give people a pass if they miss one or two things, though if it's on the resume they should be able to speak to it - but seriously, most of them are barely fit for the helpdesk.

Yesterday we interviewed one candidate who has a cybersecurity degree, and he couldn't tell me what a christmas tree packet was, why it might be used, or how to generate one.

Ye gods I'm getting old and cranky.

Kurt

To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/a5346462a9044e8fb415ba9a5d84a0d3%40smithcons.com.

[Erik Goldoff]

not a new phenomena, unfortunately... 20 years ago when this list called me 'Ham-Boy' I interviewed a candidate for a Sr LAN/Network Admin position, college degree and a dozen certs including MSCE and CCNA/CCNP.  One of my standard questions was "How many nodes with a 27-bit subnet mask?"

Candidate looks up at ceiling, and presumably counted the dots for over a minute.  To break the silence, I said, okay, let's go easier, how many nodes in a standard Class C subnet?

Candidate pauses for 10 seconds, and then answers "Between 200 and 300"

... technical a correct answer but hopelessly vague for someone that passed the networking part of the MS MCSE exam, as well as both Cisco CCNA and CCNP exams.  I took the CCNA and can vouch for questions on subnetting.  Sigh...

The struggle is real

Erik

To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/CADy1Ce7EKPw1mSLJnNt%3DLov%2BkRdacgqfTtTyfC1kJaYE2%2BH6og%40mail.gmail.com.

[Henry Awad]

Resume padding and skill stretching are the norm but it's pretty easy to get to the truth during the interview process. The majority of candidates I have interviewed over the course of my 25-year career don't know the basics. The majority of people are good at cramming for certification exams to pass them without really knowing the material. We always ask about standard TCP port numbers to see if they know what protocols use them and we rarely get correct answers. We get a lot of blank stares when we ask "how does traceroute/tracert work" or what does ICMP stand for. But my favorite answers about AD experience are: 

I usually reset user passwords and I add users to groups

Asking questions about GPO administration and how to troubleshoot if the GPO is being applied are foreign concepts. And forget about asking anything related to Kerberos, KRBTGT account, ADSI, etc...

I have a few more years before retiring so I'm hoping I will have the patience to deal with this general lack of knowledge. 

The struggle is very real indeed.

Henry

To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/CAGMVfXQNsiciv3LScyB36%3DfqVOBh873RcMSSVEEbJ5gNUk0RVA%40mail.gmail.com.

[Michael B. Smith]

I could do it tomorrow, but my target is “no later than” 2026-12-31.

 

I’m rebuilding hobbies that I used to love, to ensure I’ve got things to do (ham radio, archery, etc.).

 

Speaking of xkcd: https://xkcd.com/1179/

To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/CAEuHzzkN72SiyocfW-GKSJc%2BAUjUrkuVM95XjEM7aSxeN_8e%3DQ%40mail.gmail.com.

[Michael B. Smith]

Sorry, I forgot to add: Congratulations!

To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/8da2063b0c944d23856366e61e55212c%40smithcons.com.

[Kurt Buff]

YES! I have that posted on my cubicle wall...

Kurt

To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/8da2063b0c944d23856366e61e55212c%40smithcons.com.

[Mike Leone]

On Fri, Oct 17, 2025 at 12:41 PM Henry Awad <aw...@cua.edu> wrote:

Resume padding and skill stretching are the norm but it's pretty easy to get to the truth during the interview process. The majority of candidates I have interviewed over the course of my 25-year career don't know the basics. The majority of people are good at cramming for certification exams to pass them without really knowing the material. We always ask about standard TCP port numbers to see if they know what protocols use them and we rarely get correct answers. We get a lot of blank stares when we ask "how does traceroute/tracert work" or what does ICMP stand for. But my favorite answers about AD experience are: 

I usually reset user passwords and I add users to groups

Asking questions about GPO administration and how to troubleshoot if the GPO is being applied are foreign concepts. And forget about asking anything related to Kerberos, KRBTGT account, ADSI, etc...

I'd have trouble with the Kerberos section. LOL GPos, I do that a lot so no worries there.

I forget what ICMP stands for, but effectively it's a ping, or way to a way to verify at least some level of connectivity ...

 

We once hired a guy. He didn't seem to know how to find out how to find an IP address, so I said "Just do an nslookup". He starts typing "ns lookup ...". LOL

[Erik Goldoff]

"what is RSOP?"

.

"RSOP ???"

sigh

On Fri, Oct 17, 2025 at 12:41 PM Henry Awad <aw...@cua.edu> wrote:

To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/CAGaCHK7w0432JqDRKuk64JsqJfXa%2B3vP9B5HX4T%3D%2BOjy1OiVkw%40mail.gmail.com.

[Philip Elder]

Microsoft killed the whole IPv4 exhaustion thing with the introduction of Server Name Indication (SNI) in IIS in Windows Server 2012 RTM.

 

We went from needing a dedicated IP address for every web site that had a SSL certificate to having one IP hosting tens of thousands of sites with SSL certificates.

 

Reverse proxies took care of that.

 

We use Application Request Routing and the URLReWrite module for this very purpose which is how Microsoft gets packets around their public cloud(s).

 

I think we can now put “Peak IPv4” into the same category as “Peak Oil”. 😉

 

Philip Elder MCTS

Senior Technical Architect

Microsoft High Availability MVP

MPECS Inc.

E-mail: Phili...@mpecsinc.ca

Phone: +1 (780) 458-2028

Web: www.mpecsinc.com

Blog: blog.mpecsinc.com

Twitter: Twitter.com/MPECSInc

Teams: Phili...@MPECSInc.Cloud

 

Please note: Although we may sometimes respond to email, text and phone calls instantly at all hours of the day, our regular business hours are 8:00 AM - 5:00 PM, Monday thru Friday.

--

[Charles F Sullivan]

Thanks, same to you. That date is exactly 7 months past my hard stop! It will pass in a flash.

To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/8d40edc432804b4fb7927526d186df5f%40smithcons.com.

[Kurt Buff]

1) The workarounds addressing (?!?) IPv4 exhaustion enforce large-scale takeover of of address space, consolidating control of the Internet into fewer hands, and is contrary to the original intent of the effort. 

2) IPv6 is incredibly poorly designed. It would have been far easier and smarter to just extend the number of bits of address from 32 to 128. It's a flawed implementation of a necessary fix.

IMHO, IANAL, HAND, Get off my lawn

Kurt

To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/664f351845c141bd9c593ca5f13af7e0%40MPECSInc.Ca.

[Philip Elder]

1: The subnet blocks were bought-up when? Probably long before you or I even knew there was such a thing or perhaps touched it?

 

2: I remember watching demos by folks I trust who were able to route themselves into all sorts of places via IPv6 because … yeah.

 

IPv6 should be left alone on servers based on my long MVP connections with the teams back in the day. Lots of havoc wreaked by folks indiscriminately disabling it back then.

 

But, IMNSHO, it should not be allowed inbound past the WAN port unless folks fully understand what they are doing. And yeah, not really. Me? No way. I know my pay grade and limits.

To view this discussion visit https://groups.google.com/d/msgid/ntsysadmin/CADy1Ce5Aize%2BA08AJV0LTkmKZvecNu5YfYNJS29YOxGNC1%2BKhA%40mail.gmail.com.