What About IPv6? How Long Until Widespread Deployment? 407
Christopher Blood asks: "Over at the register, they talk about the EU adopting IPv6. So what about the USA? When do we get it?
IPv6 would solve some and DOS problems and we will need the extra address space. What's the holdup?" While IPv6 may be the cure for all of our IPv4 ills, upgrading the whole internet to the new technology isn't going to happen over night. What has been done to prepare for the jump, and what still needs to happen before it can become a reality?
Well, it's here already (Score:4, Informative)
FWIW... (Score:2)
Re:FWIW... (Score:2)
and geez is the 20 seconds rule annoying!
Scott
Re:Well, it's here already (Score:3, Informative)
NAT causes a lot of problems. It's an ugly hack,
not a solution to the world's ills.
Re:Well, it's here already (Score:3, Funny)
Re:Well, it's here already (Score:2)
The lifetime of a PC is around 10 years usually. Manye peopel will get a new one before that time is up and many people will use older machines, but I'm making a huge generalisation here. If all new PCs came with IPv6 capabilities (insert preferred "put linux on them" phrase here) then there would be no additional cost or bother caused and everyone would be on IPv6 within the 1st 10 years of the 21st century
Not that it makes a huge difference to anyone, but I feel left out not being able to address an increasingly large portion of the internet because my ISP is'nt providing IPv6 to consumers yet. I would be quite surprised if they don't use IPv6 technology elsewhere though, even if it's just for future safety - why use an addressing system that's rapidly running out of space when you could JUST AS EASILY use one that will last for ages before it runs out of space.
I know that "hey my toaster's got an IP address" is a bit ridiculous (assuming you're not counting Color Classics and the like as toasters
Re:Well, it's here already (Score:2, Funny)
Re:Well, it's here already (Score:2)
In their corporate manifesto, the "HP Way", they claim "citizenship" and contribution to the communities they operate in to be one of their seven most important corporate objectives.
They operate in the Internet community, yet claim 16 million addresses for themselves, even though practically all of their internal machines are hidden behind a solid firewall system for which NAT would not be a big problem (and possibly a security asset.)
I know it'd be a big job to fix, but it still doesn't seem to be good citizenship to me.
Re:Well, it's here already (Score:2, Insightful)
My employer has a similar setup -- many class B networks, all allocated to systems that are firewalled off from the Internet, set up this way because it required less thinking than NAT.
When IPv6 is widely used, I imagine we'll see much more of this foolishness.
Re:Well, it's here already (Score:4, Insightful)
Of course, a few hardcore techies complained. So, I said that if they had a problem with it, they could come tell me why. If they had a good reason for public IP and they convinced me they were trustable as far as security was concerned, I'd happily give them as many of the deallocated public addresses as they needed, and noted them down carefully. After a few months, those allocations would be reassessed.
As far as HP is concerned, something like:
find . -exec perl -pi -e 's/15\.(\d+\.\d+\.\d+)/10.$1/go'
should do the trick! =)
Re:Well, it's here already (slightly OT) (Score:3, Insightful)
It made internal routing *far* easier.
Not always. A big problem with private adress space appear when two business (or dept, or whatever) bridge their LAN with a VPN and they are using the same private range. Most LAN use etheir 192.168.[0|1].0/24 or 10.0.0.0/8, so this happen often (it happen to me all the time). Hopefully one or the other use DHCP so they can be migrated to an other adress range (almost) painlessly.
Re:Well, it's here already (Score:2)
Do you expect them to NAT all those?
How will they route their traffic?
All over one NAT-box?
Over several NAT-boxes?
Or do you expect them to assign them a dynamic IP for every connection?
When is the IP free to use for another device?
After 10s of no use? 20s?
How do you achieve a handover between Gateway GPRS Support Nodes?
Or between different telcos?
Or between different telcos in different countries?
Re:Well, it's here already (Score:2)
If IPv6 is globally implemented, and corporations can get the backbone providers to adhere to the priority fields, their traffic will get priority over yours and mine.
The same could be done using DiffServ or TOS now, but they aren't universally processed by all the routers on the backbone.
There are benefits - but most of them are corporate.
IPv6 doesn't; change priority / QoS that much (Score:2)
There are ISPs starting to deploy this stuff, primarily driven by the Voice-Over-IP market. For the most part, what matters isn't prioritization on their 10Gbps backbone, where there's plenty of room for everybody - it's prioritization on the T1 line to your building, or in the oversubscribed DSL network to your house. One of the real issues becomes policy at the interfaces between ISPs - Little Local ISPs care about this a lot, but most of the Tier 1 players have the view that "Why should I provide special support for the connection between me and my competitors - I'd rather sell you the prioritized connections on your whole network where I can manage it all (and get all the money, and provide realistic guarantees of service quality, and get all the money)."
Re:Well, it's here already (Score:3, Insightful)
Don't you realize how idiotic it is to avoid the update to IPv6 by instead requiring an update to NAT and an update of every protocol that doesn't work well with NAT. That's more time and money wasted, not less!!
Backbone (Score:3, Interesting)
In two words: unsold inventory (Score:4, Interesting)
The problem is that shrinking sales has caused a huge amount of hardware to be stockpiled at Cisco warehouses. IIRC, last year they had over 5 Giga$ worth of accumulated unsold hardware. They need technology to stand still for a while, so they can sell part of that obsolete inventory.
Newbie question.. (Score:2, Informative)
Re:Newbie question.. (Score:2, Insightful)
As in IPv4 addresses are just a subset of IPv6, so any IPv4-based stuff will still work in an IPv6 network no problem.
Not true the other way round, but then that doesn't matter
So yes, they could upgrade the entire Internet backbones etc to IPv6 (and *should* do so asap) and all old IPv4 traffic will carry on as normal.
Re:Newbie question.. (Score:2)
Re:Newbie question.. (Score:2)
It's the (non-socket-related) code to handle e.g. address parsing which has to change.
Re:Newbie question.. (Score:4, Funny)
> thing different is the address format. Once you
> have the connected socket, the rest of the network
> code should remain unchanged.
So, essentially what you're saying is: After you get past all the things that are different then the rest is the same?
Ok, I'll buy that.
Re:Newbie question.. (Score:2)
When? (Score:3, Insightful)
Re:When? (Score:4, Insightful)
Remember --- M.I.T. has more assigned IP addresses than ALL OF CHINA.
It's not north america thats going to drive IPv6, it's Europe and Asia where they're already starting to feel the address squeeze.
Re:When? (Score:2)
Re:When? (Score:4, Informative)
No, it was Stanford that gave up their class A. What were they thinking? MIT still has ungodly amounts of address space. We have net 18 (18.0.0.0/8), plus random assorted /16s (128.52, for example, is the AI lab). There are a couple others.
The thing is, though, there's a whole lot of "reserved" address space out there. The IPv4 address space shortage is partially artificial. In some ways this is to preven the world from grinding to a screeching halt where there really are no more IPv4 addresses. Another is that maybe it will put pressure on people to be conservative with address allocation, which might make the shortage less pressing. Maybe it will also help to speed the deployment of IPv6.
Most OS vendors are already supportind IPv6 out of the box. WinXP, for example, can be set up as an autoconfiguring IPv6 host very easily (ipv6/install at a command prompt, IIRC). The BSDs support it very well, as do many Linux vendors. I think that it won't be long until IPv6 communication on the internet is very widespread. I don't, however, think the whole internet will be IPv6 any time soon.
noah
Re:When? (Score:2, Interesting)
Good! There are already enough spam relays in China (and very few that I am aware of at MIT).
We should make a deal that China doesn't get anymore IPs until they deal with all the spam coming from there. That and finish their dinner...
Re:When? (Score:4, Funny)
Re:no, everyone. (Score:3, Interesting)
What about the major backbone routers? (Score:4, Interesting)
Re:What about the major backbone routers? (Score:4, Informative)
The reason I name the RIR's is that I base this on the amount of IPv6 space assigned. See:
http://www.ripe.net/ripe/meetings/archive/r
http://www.ripe.net/ripe/meetings/archive/ripe-4
and here for the up to date list of all assignments:
http://www.ripe.net/ripencc/mem-ser
Furthermore you might find it interesting that in the RIPE-area, the RIPE community has decided that all Local Internet Registries can apply for a
You can find that policy here:
http://www.ripe.net/ripe/mail-archives/ipv
roadrunner (Score:2, Interesting)
Re:roadrunner (Score:2)
When do we get it? (Score:4, Insightful)
When corporate America determines they can make a profit from it.
Re:When do we get it? (Score:2, Insightful)
Joe Public will never "own" ip addresses again. That was made evident after the "great subnet rush" of the ninties.
Having IPv6 addresses mean that anyone can have as many as they want if given away for free-
until there is a way to consistently and legally charge for "per seat" usage for internet bandwidth, with crimial reprocussions (can you say DMCA) corporations will not adopt a standard which basically says, "a static and public IP address is worthless as a marketable commodity".
When Cisco decides to... (Score:4, Insightful)
sPh
Re:When Cisco decides to... (Score:2, Informative)
The same in html [google.com] from Google.
They say that by/in 2002 (hey thats now) they will have completed implementation of all IPv6 functions in the routers.
Cisco is the Microsoft of routers (Score:2)
They already have. (Score:2, Informative)
You can check out Cisco's IPv6 page [cisco.com] for more information.
Juniper also has IPv6 available, here how to configure IPv6 on JUNOS 5.1 [juniper.net].
Re:When Cisco decides to... (Score:3, Interesting)
Re:When Cisco decides to... (Score:5, Informative)
IPv6 is a bad job, period. Most Slashdotters probably don't know its provenance. It has been around for about a decade. IETF created it as a compromise. IETF insider Steve Deering had created a poor-quality hack called SIP (Steve's IP) while insider Paul Francis (aka Tsuchiya) created one called PIP (Paul's IP). How bad? SIP, for instance, assigned all addresses by countries, based on population, and thus gave a shorter prefix to North Korea than to South Korea because it was a bit more populous in his almanac. IPv6 is PIP and SIP glommed together.
Just before the time it was adopted, IETF had adopted a different replacement for IP, TUBA (which I think was also called IPv8). TUBA used a profile of the OSI Connectionless Network Protocol (CLNP). Cisco had already implemented it, along with CLNP's routing protocol, IS-IS. CLNP was elegant and flexible -- some of the OSI work stank, but CLNP and TP4 were gems. The only reason TUBA was dropped was because Vint Cerf, the Chauncey Gardner of the Internet (not really so smart, but he's famous for Being There), changed his vote and dropped TUBA support.
Had Vint not been so perfidious, IPv8 would have been phased in before the public Internet boom of the mid-1990s. The code has been in Cisco and other vendor equipment for a decade.
IPv6, on the other hand, has a wasteful 16-octet address field (only 8 octets are useful at a time) and does little else to solve IP's problems. It does NOT provide QoS (that's an urban legend) or security any better than IPv4 with its existing options. And given the inefficient assignment of IPv4 adresses in the past, the 32-bit field has a lot of life left.
Think about VoIP: With IPv4, the header has 8 address octets, while the payload has to be short in order to minimize delay. And it's bloody inefficient. With IPv6, the header has 32 address octets while the payload is the same. It's a bleedin' joke! IPv6 is just plain wasteful.
IPv6 (Score:2)
Woot, most common excuse for downtime.... "upgrading."
YAEUU: Yet Another Expensive Useless Upgrade
the bothersome part (Score:4, Funny)
"Oh, I'm on three-f-f-e-four,four-zero-zero,three-four,f-d-ze
Re:the bothersome part (Score:2, Insightful)
Something like DNS?
Moving a super-tanker (Score:4, Interesting)
IPV6 is better. Autoconfiguration, neighbor discovery, big address space, compatability with IPV4, etc. However, the more hacks we put in to make IPV4 work the harder it is to change. For the most part we're educating people to do "Stupid IPV4 Tricks" rather than moving to IPV6. The more of that we do the harder it is to change. Also, the more ominous the prospect of change, the more people will dread it.
Frankly, I'm thinking we might see another round, like IPV7 (or IPV8 if they make a habit of skipping odd numbers), or it might come very late. Maybe we'll see it on phones and wireless devices before we see wide-spread adoption of IPV6 or general purpose networking.
Re:Moving a super-tanker (Score:2)
Odd numbers are development numbers. Same thing with the minor version of the kernel. (2.1, 2.3,2.5 are dev versions).
Re:Moving a super-tanker (Score:2)
IRC, IPv4 was the first publicly aviable and IP (as defined in RFC760).
http://www.iana.org
IPv5 was taken by the ST-II protocol, which was supposed to be the next Internet Protocol (at least in the eyes of its inventors). But it was based on connection-oriented routing. This lead to a great resitance in the internet community, which is generally opposed to the idea of connections and channels.
It became experimental due to lack of support not by intend.
Have a look at the Version-numbers [iana.org] as assigned by the IANA.
For those to lazy to look it up.
IPv7 is the "TP/IX: The Next Internet"
IPv8 is "The P Internet Protocol"
IPv9 is "TUBA"
But some people [wide.ad.jp] are already joking that one will adopt an odd/even numbering scheme.
128 bit (Score:2)
Re:Moron - Actually YOU don't know what... (Score:2)
ISP incentive (Score:3, Redundant)
IPv6 will become the standard... (Score:3, Funny)
Re:IPv6 will become the standard... (Score:2)
I thought you're already making progress, inch by inch. Then again, it's not much better here in the Europe. I'll go now and have 0.586L of beer.
It'll happen when "everyone" knows how it works (Score:2)
When there's available information about where to get addresses, configuring routes, netmasks, gateways, setting up name services etc. All the admin stuff that's done on a daily basis with IP IV.
At the moment nobody knows what they have to do in order to setup and use IP VI.
The installed base is hard to change... (Score:4, Informative)
I've thought about running v6 at home and connecting up to the 6bone. However, the list of instructions was long and complex, and it was unclear to me that my existing ipchains based firewall code would continue to protect me. It was also unclear that I could enhance the ipchains rules to protect myself.
I quite like the idea of being able to expose multiple devices on different IP addresses, but it is (still) a non-trivial exercise.
On a side note, I'd like to see more deployment of multicast -- this could help Internet Radio stations significantly in the future. Yes, there aren't good multicast clients at the moment, but that is because there is little multicast to listen to, and no way of getting multicast to the end user. Lobby your ISP for multicast!
p.s. In case you think that I'm an idiot for not being able to configure IPv6 on Linux -- I'll tell you that I was kernel contributer in the pre-1.0 kernels.
It's a simple fix (Score:2)
IPv6 and IPv4 can live together (Score:3, Informative)
As far as I recall (been a long time since I studied this), IPv6 and IPv4 can actually live and work together on the same network.. without being independent.
That is, IPv6 can be used on the backbones and to connect the larger networks, but IPv4 can still be used at a more local level. Gateways can be established that will translate addresses and the benefits of having far more addresses available can be realized.
However, one problem with running both protocols and using a gateway is that the only benefit you get is having more addresses.. but since we're running out of IP addresses with v4, this is kinda important. A local v4 and backbone v6 solution wouldn't help solve local DOS problems, or allow us to use any of v6's advanced features.
But is an Internet wide upgrade to IPv6 really a viable thing to do? It'd be like converting the US to drive on the left side of the road overnight. Even if you did it state by state, you're gunna have major troubles at the state borders.. converting the Net over to IPv6 will be the same.
That said, there is a network called the 6Bone [6bone.net] which you can join up to and actually play with IPv6 stuff from your existing IPv4 network. Go, and get your own IPv6 address today!
(Disclaimer: As I said, I studied IP way too long ago, so any updates, corrections or just plain disagreements with my post are welcomed, and indeed encouraged.)
Don't hold your breath (Score:4, Funny)
Come on people, it's 2002!
IP6 might be the death of linux. (Score:2, Interesting)
My experiences with IP6 and Debian woody:
- inetd is fucked up accepts only connections to
::1, no other addresses supported which makes the box practically unreachable from outside
- netstat/route etc don't support ip6, only ifconfig
- if ip6 is supported then no or only crippled documentation existd
These are only a few issus. Unless these thing get fixed fast then FreeBSD will replace Linux at most professional environments.America Doesn't Change Standards Easily (Score:4, Funny)
Yup, a ball and chain slowing down progress....
Re:America Doesn't Change Standards Easily (Score:4, Funny)
The metric system is still taught in schools, still used in industry, and still available on every milk carton from New York to San Fransisco. But we prefer the English system. We're individualists and that's our choice. Just because it isn't your choice is completely irrelevant.
Oh, by the way, we've been using metric currency since day one, far sooner than most other countries did.
Re:America Doesn't Change Standards Easily (Score:3, Insightful)
Nah, you just go and tell other ones to change their system because they are smaller than you.
Re:Why "first" world? (Score:2, Interesting)
In 1990, there were only three nations that had not converted to metric: Burma, Liberia, and the United States. (source: here [vnet.net])
It is however in US best interest to convert, as many of the other countries require all products to be manufactured to the metric system. If you would go to your local grocery store, you'd notice that some products are already done that way, especially if they have global nature. A good example of that would be the 2 Liter bottle of soda that is sold at the store. As that item is sold both in US and abroad, the manufacturing costs are lower if same measurement system is used. That's why the Liter is used. (to conform to requirements of other countries)
An interesting question (Score:5, Interesting)
When IPV6 is deployed, how do I prevent the machines on the inside of my firewall from being routable?
Right now, my personal computer is on the inside of a NAT firewall. There is no way you can route a packet to it - go ahead, try to telnet to 10.200.120.4, I dare you.
Now, I know there are those who say NAT CONSIDERED HARMFUL, and I agree in the general case it does break the essential peer to peer nature of TCP/IP.
But what if I want to break it?
How well tested are the Linux kernel modules for firewalling IPv6? Can I still protect my internal machines from the slings and arrows of outragous 5|<197 |<!66!3Z?
Re:An interesting question (Score:2, Informative)
The answer is to use a "Site-Local" address for any device that you don't want seen outside your site. From RFC 2373:
Re:An interesting question (Score:2)
The same way you do that now: Using unroutable (i.e. private) addresses in your internal network instead of public ones.
I might not remember this correctly, but I think IPV6 had a large set of private addresses for use in internal networks.
Anyway, a firewall is always useful, because somebody at your USP could route to your internal network if you had forwarding enabled (which you have probably if you do NAT), and anyone at the internet can route you through source routing (although source routing can be disabled in Linux, and probably in any serious OS.)
NAT provides convenience, not security (Score:5, Informative)
Does this machine on 10.200.120.4 have the ability to make direct outbound connections? Assuming yes, does you realize that the only difference between an inbound connection and an outbound connection is who sent the first packet?
Many people tend to believe that the *only* security risk they have to worry about is inbound SYN packets, so they base their entire security policy on stopping bad inbound packets. The last two sites I broke into, I did so by tricking a machine to come to me. Just for humor, here are the two scenarios:
The first one was quite a while ago, and I did it at contract. A co-worker found a potential hole in a CGI, but nobody took it seriously. By sending the right data through the CGI, I found that I could make it execute arbitrary commands. First, I did some basic stuff (id; ls -lR
The next time I saw something like this, it was out in the wild. There was a web server that was running a CGI that *seemed* like it was probably just handing the input over to a command, so I gave it a shot. This time, the web server didn't have a usable home directory, so the ssh thing was out, but it did have X installed, so I fired up a VNC server, opened it to the world and opened an xterm up in it. Before too long, I had an entire X desktop running on some guy's web server. I sent the local admin an E-mail (through pine) letting him know what was wrong and recommending he fix it before someone meaner than I am comes along.
Anyway, point of the story. Having an unroutable IP address is good internet security as long as you keep it unrouted. Once you give the thing direct internet access, the unroutability of it becomes much less relevant.
Re:NAT provides convenience, not security (Score:4, Insightful)
However, both the examples you gave in your message required you to be able to connect to the target machine via HTTP and issue an HTTP GET request - therefor you had inbound connectivity to the target, just not inbound connectivity to J. Random Port.
There is NO inbound port available to you. Not 80, not 22, not 25, nothing. The only inbound ports would be when I am FTPing down a file, if I am not running passive mode. However, since the firewall only allows traffic from the FTP server, you would either have to spoof that (and then all you would do is corrupt the file I am downloading) or hack the FTP server (same problem).
And as to the other people who pointed out that I could use a site-local address: Of course, what do you think 10.200.120.4 is? However, NAT for IPv4 is very well tested, so my "unroutable" 10.x.x.x address is still able to get to
The great thing about my workstation being unroutable is that, should I be stupid enough to get a Trojan that announces itself to the 'net and says "I am at $address $port, come abuse me", if $address is not routable, this does very little good for the script kiddie - even if the system reports a traceroute so that he can follow it back, he STILL cannot route a packet to it.
(now, this does not stop the Trojan from connecting to an [icq|http|SOAP|...] server and pulling its commands down, but as I stated at the first of this post, no one aspect of securing a system is sufficient - security is a journey, not a destination).
Re:NAT provides convenience, not security (Score:4, Insightful)
For example: you browse to www.ima.hacker.net. The page has code to exploit a browser vulerability, and the exploit code initiates a connection back to www.ima.hacker.net.
Another problem is connection hijacking -- a hacker can send extra packets to a firewall that actually get through because they are marked as being from the same port and address as those of a real connection. This is especially easy if the hacker is able to sniff packets en route.
Yes, being behind a NAT does reduce the risk of attacks: you probably only have to secure your client apps, not your server apps. But clients are vulnerable, too.
Overall, IPv6 will be far more resistant to hacking. The designers had the wisdom of many years of IPv4 problems and security flaws to influence the design. Now it is much harder to spoof a packet. Now you can't sniff packet ID numbers. Any advantage that you are currently attributing to NAT can be gotten with a firewall, and much more reliably.
Can't wait can't wait can't wait.
Re:NAT provides convenience, not security (Score:3, Insightful)
Just because *you* know a way around it, doesn't mean it can't/shouldn't be used.
Re:An interesting question (Score:3, Informative)
Tell your firewall to not route it. The only reason 10.0.0.0 and 192.168.0.0 (I don't remember the class C one) are non-routable is because every single hop has wired into it the knowledge that those aren't routable.
Plus, I have to imagine there are nonroutable IP6 blocks as well...
There will be NATv6 (Score:2)
There will be NATv6 whether you like it or not, and regardless of what the RFCs say about it. There are legitimate uses for it. I may want to have the same hostname for a variety of different services, but put those services on different machines behind the firewall. There's a form of NAT for that. I may want to load balance 1000 servers to one name (which DNS will limit to just a few IPs at most ... and don't forget that AAAA records take more space out of the response packet than A records do). I may want to hide my internal infrastructure and make everything appear to be right at the border. And perhaps I just don't want to upgrade some server to IPv6, preferring to leave it at IPv4, and let the NAT present IPv6 to the world while my intranet sees it as IPv4.
Since we already have mastered the logic needed in a variety of forms of network address translation, IPv6 is just a matter of some code changes to accomodate the larger IP address.
Re:An interesting question (Score:2)
There are plenty of useful functions for NATv6. See my post [slashdot.org] above.
IPv6 (Score:2)
This long annoying sentence here to get around an annoying slashcode bug, because it can't count.
ISP's are biggest holdbacks... (Score:3, Interesting)
Also a few Cisco points: 1) While some routers do support IPv6, the cheaper ones don't, and a decent percentage of older high end routers have routing algs implimented in semi-custom silicon - not software upgradable! 2) The enterprise network management software is lagging behind in IPv6 support last I heard (I used to work there), not much demand.
How to transition? (Score:4, Interesting)
I bet there's some FAQ somewhere that someone will find using Googole. AIA
Re:How to transition? (Score:2)
I would suggest running both v4 and v6 on the inside machines and making the gateway into a 6to4 border router.
Breathing life into IPv4? (Score:2)
Why aren't these organizations told that they have, say, 2 years to move to a private 10.x.x.x network, thus freeing many millions of IPv4 addresses, instead of forcing small organizations to come up with huge justifications for a very small number of addresses?
I've tried IPv6 with Windows 2000... (Score:5, Informative)
Let's see. To be widely deployed on WAN networks, IPv6 should first be widely deployed on local LANs.
It works very well on Unix systems. My little personal network has a bunch of OpenBSD and Linux boxes, 100% IPv6, and everything works like a charm.
But what about Windows?
I tried it with Windows 2000. Because the OS doesn't support IPv6 natively, I had to download a patch (and it's not very easy to find, I can't remember the exact URL, the link was posted on a ML a while ago)
Before the patch applied I had a big fat warning "Disclaimer: this is very alpha software, your OS can become extremely unstable. Don't call the Microsoft technical support any more after that, we won't answer" (the words were different, but it was the meaning)
And indeed. The system went very unstable, even for IPv4 requests. IE worked. *some* command-line tools worked. But third party packages like Mirc, CuteFTP and Opera crashed with no further warning.
It looks like there's no effort in the Windows world to provide IPv6-enabled software. This is a major showstopper.
What About IPv6? (Score:4, Funny)
About 15 years.
After the introduction of the SSSCA in 2003, Microsoft dominated the US OS market. While other countries switched to IPv6, America was forced to use the proprietary protocal built into windows (thanks to auto-updates) which included advanced DRM, IP tracking and P2P restrictions - as a standard client, your computer could only connect to a 'server' i.e a Windows machine running Windows Server Edition with a valid federal license. The internet was effectively split in 2 - USA, and the rest of the world (troll: this didn't matter as most US citizens didn't know about the 'rest of the world' lol
It wasn't until the great Microsoft witch hunt of 2017, when 4000 Microsoft employees where burnt at the stake after the SSSCA was lifted (well, not lifted per say, actually, someone just blew-up congress)
You can use IPv6 today! (Score:3, Informative)
Never? (Score:5, Insightful)
From the point of view of any individual organization, there are no reasons to switch to IPv6 right now. First movers receive no benefits at all: in fact, it only makes communicating with the rest of the (currently IPv4) internet more difficult. Moreover, I imagine that many businesses large enough to have an impact already have a large IPv4 address block, and have a vested interest in discouraging others from making the switch:
The various hacks available for IPv4 do the job. I can easily imagine a scenario where Cisco doesn't push IPv6 routers hard enough in the future, and people invest more and more in NATs and so forth, making a global switch harder and harder as time goes on.
The fundamental problem is that IPv6 doesn't provide any short-term killer benefits, and that's what's necessary for an evolution to take place. My prediction (though predicting acceptance of technologies is always risky, so I may well turn out to be wrong) is that we will still be using an IPv4 internet in a decade.
Try freenet6.net (Score:4, Informative)
They're supporting devices running *BSD, Linux, Win*, Solaris, HP-UX and Cisco IOS.
I'll start using IPv6... (Score:2, Insightful)
Re:I'll start using IPv6... (Score:2)
Or we can put together our own IPv6 network with some tunnels to get started, just like 6bone [6bone.org] but without the hassle [6bone.org].
I can't wait... (Score:3, Insightful)
What will that do to my LinkSys router/firewall? (Score:2)
While my Linux box is configurable and my OS X box is probably configurable, I've got two OS9 boxes that I'll have to wait on Apple to convert.
But I agree, IPv6 is the way to go.
Is the number of IP addresses in use increasing? (Score:2)
The cycle keeping IPv4 right where it is (Score:3, Interesting)
1.) ISPs want to charge more for sharing a connection and a smaller address space gives ISPs justification to charge more for corporate users than home users. They already heavily frown upon the use of NAT (unless you pay more for them to set up your LAN for you). So why don't the ISP's just separate the concepts of bandwitdth and addressing?
2.) The backbone is overtaxed as it is. Currently the home user's connection speed is limited more by intermediate links than by their connection, even if the user is just using a 33.6 modem. A small address space provides an easy method of limiting bandwidth use. So why don't they just upgrade the backbone?
3.) IP address space is the primary driving factor in connection costs, more so than bandwidth. Most tier 1's more or less own their address blocks and stand to make money hand over fist as the price of using a single address skyrockets. If a tier 1 wants to make more money, it makes better economic sense to buy more address space than to put in faster connections. So why not jump to IPv6 to increase the address space by an order of magnitude squared so the big guys can focus on the bandwidth trouble? Tier 1 folks will make money no matter what, right?
4.) A larger address space opens up the ISP industry to small competitors. While most ISPs are owned or operated by large corporations that can afford the pricey IPv4 addresses, IPv6 stands to give every man, woman and child on the planet a bigger address space than many tier 1's currently have in IPv4. The low-level ISP scene under IPv6 could very well look a lot like the BBS/internet scene of ten years ago. Not to mention all the private little portals that could end up competing with MSN and Yahoo (with or without a DNS name). But still, the little guys could probably make a stab at making that happen with IPv4, using NAT to drive down the cost of a small IP address block. Why don't they do that?
Lather, rinse, repeat.
How to make the world convert to IPv6 real fast! (Score:3, Funny)
Offer free pr0n on IPv6 only servers.
IPv6 :: OSI (Score:3, Interesting)
the OSI of the 21st century (following on from
ATM, the OSI of the 1990s). IPv6 solves a
problem of 1992 --- proliferation of subnets,
exhaustion of v4 space --- while other, incremental, changes did the job just as well.
NAT and DHCP mean that huge ISPs don't need
huge blocks, and the falling price of RAM means
that large routing tables just aren't the problem
they were. The Internet simply isn't a bunch
of LSI-11s linked by 56K lines anymore, and I
recall ``look, doing that will mean every router
has to have a megabyte of RAM'' being used as
an argument-ender.
To compound things, IPv6 suffered from feature
creep (see also: ATM, X.400, Modula 2 standards)
and tried to solve a bunch of other problems as
well, such as QoS. But _those_ were being
solved in v4 land, too, with RSVP, and it's
compatible and interworking with existing
code. Those over 35 should compare the complex
``look, we need multi-part mail'' solution
proposed by the X.400 lobby, which requires MTA
support all the way, with MIME, which will pass
transparently through any MTA.
The final nail in v6's coffin is that, largely,
it's not had the attention of the A team inside
vendors, and has been seen as another add-on
protocol, like OSI, ATM, etc.
I think Vernon Shryver said a few years ago that
he didn't expect universal IPv6 in his working
lifetime. I don't (I'm 37), anymore than I ever
expected my email address to because
ian
Re:Too costly at this point (Score:2, Informative)
They basically just wrap an IPv4 wrapper around the IPv6 packet and send it back out across the net. A lot of network edge routers do similar types of things already, and many edge routers are doing IPv6 tunneling now.
Check out info about netBSD's IPv6 packages [netbsd.org] to see what solutions are already available and starting to become more wide spread.
Re:Too costly at this point (Score:2)
What's standing in the way is that a large number of routers are not upgradeable to IPv6, and the cost of replacing would be greater than the return on investment.
Let's say that you replace an existing IPv4 router with an IPv6 router costing 3000USD. Labor and downtime costs during the replacement will probably range a couple thousand more USD. So you're looking at 5000USD. In order to justify the investment, you must realize at least 5000USD (plus interest) profit from sales of IPv6 bandwidth over the life of the router. You won't sell IPv6 bandwidth until there is a definite need; with all the various "patches" out there (DHCP, NAT, Dynamic DNS, etc.) it may be quite a while before IPv6 is needed. You may find that IPv6 is not needed until AFTER the MTBF of the router!
Bandwidth providers are waiting for the need. However, I think it would be wise when installing new or replacement hardware, to replace it with IPv6 capable products.
If you can't do that, it's a waste of money, and wasting money is no way to do business.
On a side note, there are only 16^12 MAC addresses available. When will we run out of these?
Completely off-topic: I've seen only one forward-compatible technology: WordPerfect 6/7/8/9/10/etc. Save something in WP10, you'll be able to read it in WP6 (minus some formatting, but you'll be able to read it, with most of the formatting intact). I may be wrong, but I believe this was designed when Borland owned the product. Kudos to Borland! "Backwards compatible" implies that current technology is compatible with legacy formats and protocols. "Forwards compatible" implies that current technology will be compatible with future formats and protocols, is designed to be expandable, and designed to tolerate unknown features.
Re:Tech Issues (Score:2, Insightful)
Fear that!
Re:Get some from the U.S. (Score:2)
Re:"IPv6-ville" (Score:2)
Re:Still paying for IPv4 deployment (Score:2)
The cost to "upgrade" to IPv6 can be simplified by having IPv6 be translated at or near the border to IPv4 private addresses on the inside. No OS upgrade needed. No application upgrade needed. Just make sure your border routers can do IPv6, add the NAT, and you're live.
IPv6 Header (Score:2, Informative)
Actually, it doesn't really make that much difference.
An IPv4 header is actually quite difficult to process for hardware routers because it can have a length of anywhere between 20 and 60 bytes.
An IPv6 header on the other hand consists of a main header with a fixed length of 40 bytes and possible extension headers which do not need to be processed on all systems.
The 40 bytes of the IPv6 main header includes the 128 bit source and destination addresses.
The IPv6 headers are actually quite efficient and are designed in such a way that they can be easily processed by hardware.
So no, there will not be a BIG increase in bandwidth because of the headers.
Re:IPv6 is easier than you think (Score:2)
Just put 6to4 capability in, or right next to, your border router. Put some IPv4 private IPs in for the inside pool, and away it goes. It should be easy (but I don't know if implementors are that smart) to take a /104 chunk of your IPv6 space and map it 1-to-1 to the whole 10/8 space by keeping the low 24 bits the same. That should give you plenty of time to transition your inside servers, and all your access customers (if your an ISP) or all your offices and cubicles (if your a business) to working on IPv6.
Re:The era of the 4 to 6 Gateway (Score:3, Informative)
if you mean "4 inside, 6 outside" then it has some limitations. If you're on a 4-only box inside and want to connect somewhere, it has to have an IPv4 address, or you have to have some IPv4 address mapped to the IPv6 address with corresponding DNS change (I hear this is what the BSD folks are doing). Doing servers this way is easier as the client (outside) is connecting to a specific IPv6 address, and the NAT can translate that easy enough to (inside) IPv4 (no DNS juggling needed).
Such network address translation should at least prevent any delays in upgrading servers from delaying IPv6 deployment to the backbone. Clients will seriously need to be upgraded, and if Microsoft drags their feet, that can set things back really bad. But we also need solid IPv6 router code for the backbone, and I gather that Cisco is not moving very fast on getting it widely implemented solidly. Maybe when the economy picks up they might be able to (if they see the demand for it).