How Things Will Change Under IPv6 450
Da Massive writes "IPv6 Forum leader Latif Ladid provides an insight into the workings of IPv6. He also talks about how peer-to-peer file serving as we know it today will be redundant with the newer protocol." From the article: "Q: What is the most significant benefit that IPv6 offers the world? A: Global connectivity. Currently we have less than 50 percent world-wide Internet penetration, and we have used most of the address space. If you look at the Western world, we have more than 50 percent penetration. In total we have close to a billion people connected to the Internet. So it is a false perception that we have full Internet penetration. We have six billion people on the planet. When the Internet protocol was designed back in 1980 there were 4.3 billion address spaces; it was already insufficient for the population. By 2050 we will be nearly 10 billion people. But there are not only people. There are things. Billions and billions of devices that will service these people."
But when? (Score:4, Insightful)
"Billions and billions" (Score:5, Insightful)
IPv4 does not have enough numbers to give every single device its own unique IP. On the flip side... if we were locked into the system, it would still be workable.
What About Private Address Space? (Score:2, Insightful)
IPv6, in some ways, is not a good thing, and my vote is to continue using the current addressing system, albeit in a more conservative manner.
Oh, penetration (Score:5, Insightful)
A: Penetration! Because we don't have everybody connected yet!
Q: And how does IPv6 increase penetration? Does it build wires to people's houses or make provide satellite dishes to third-world countries?
A: No, but it does make sure we have enough addresses once they have some money to buy the actual hardware stuff!
Look, I know that eventually we're going to have to transition off IPv4 because of the address space issues, and that we might as well start now, but articles like this make it more like a marketing stunt to sell new hardware RIGHT NOW.
Re:But when? (Score:2, Insightful)
Re:What About Private Address Space? (Score:4, Insightful)
Re:What About Private Address Space? (Score:5, Insightful)
Actually, it'll eliminate the need for costly conversions to a new standard for a period of time, after which we'll all need to upgrade anyway, when it'll be even more costly.
Ladid's main point seems to be that NAT-proponents take this kind of short-term, client/server-centric view. There's nothing wrong with client/server, but it's a significant hinderance for independent development of things like VoIP, where peer-to-peer makes far more sense.
Basically, it's not just that we're running out of address space; it's also that treating NAT like anything other than a (relatively) short-term fix ultimately hinders the development of new uses for the internets.
Re:"Billions and billions" (Score:1, Insightful)
For a home network thats fine, but in the business world, it's got serious limitations. Sure, we could number all of our office computers in the 10.x.y.z network, but what do we do when we merge with another company, start over from scratch and renumber everything (sure, its easy with DHCP, a script to update all 2000 machines' addresses in the DHCP server, another script to update all the firewalls with the appropriate machines ip addresses, another script to update the network backup configuration, another script to....)? What if we just need to establish a VPN connection with another company? These are excessively complex things to deal with, when everyone could have had unique addresses and a decent firewall from the start.
I don't get it (Score:5, Insightful)
Why does it remove the need for servers?
Why does it mean that we "won't need providers such as Skype anymore because we'll be able to do it all ourselves"?
I don't see how IPv6 lets you do ANY of these things. You'll still be firewalled, you'll still need servers and software vendors like Skype. In fact the only thing about IPv6 that would seem to me to help P2P is that slighly more people might end up not being NATed but that won't affect anything much.
Does this person actually know what they're talking about or are they from marketing?
Re:But when? (Score:5, Insightful)
This is the thing that bothers me, it looks like y2k all over again. No body thinks it's a problem until there's a last minute scramble to get the issue resolved.
The only difference is this time around there's no clearly defined cutoff date and when the transition happens it'll probably be spread out over months or years as people start to clue in that they are missing half the internet.
Most of the technological hurdles in connectivity have been overcome, even home users can upgrade their linksys routers in 5 minutes or so to take advantage of IPv6 but for some reason ISPs are holding back and because of that businesses are holding back. Everyone is waiting for somone else to make the first move.
Re:What About Private Address Space? (Score:2, Insightful)
Why IPv6 Is Coming (Score:5, Insightful)
It gives you nothing. You're already on the internet.
IPv6 is going to give India and China and other high-populous countries connectivity. As it is, they don't have enough IPv4 addresses even to *nat* their country, let alone to provide real services with which NATing interferes.
And that's why you and I have very little say about the adoption of IPv6. It's gonna happen, and it's gonna happen soon (say, the next 5 years, tops). Pretty soon, those of us who remember IPv4 are going to be like 3-digit
Re:Oh, penetration (Score:3, Insightful)
Re:But when? (Score:3, Insightful)
Start turning businesses on internal networks and when it is realised that IPv6 is in fact far nicer, because you're not playing hell trying to set DNS servers and allocate IPs, they will demand more from their ISP.
Longhorn has an IPv6 stack built in, find your favourite Linux distro and demand an IPv6 stack in that.
Re:Mismanagement of the IPv4 address space (Score:3, Insightful)
What if the "average" user wants to host their own content, without worrying about some external entity having control over it?
That was the original point of the Internet - not to differentiate between content/service "providers" and "consumers," but to enable redundant p2p information sharing.
Re:But when? (Score:5, Insightful)
Address space not the biggest feature (Score:3, Insightful)
Re:Mismanagement of the IPv4 address space (Score:1, Insightful)
This won't only kill almost all P2P schemes, but every direct file transfer between any two Internet users.
Re:Mismanagement of the IPv4 address space (Score:3, Insightful)
Creating a system where one has to opt in to have a routable IP is treading on a slippery slope. Soon after, you might need a special permit to have a server, and before you know it we're back to gatekeepers and the telephone network.
Why shouldn't non-geeks have routable IPs? How many future Shawn Fannings, DVD Jons, or Linus Torvalds' would we lose through such restriction? The Internet should stay as connected as possible, so that the innovation and creativity at the ends stays unencumbered and free. Just think about how long it took telephone companies to implement call-waiting, *69, etc. Also check out the End-to-end Arguments in System Design [reed.com], it's a classic.
Re:Mismanagement of the IPv4 address space (Score:3, Insightful)
Billions and billions (Score:3, Insightful)
Ah yes, in the immortal words of Carl Sagan
gasmonso http://religiousfreaks.com/ [religiousfreaks.com]Re:Mismanagement of the IPv4 address space (Score:4, Insightful)
Uh... no.
How about anyone that is running software that requires a peer to peer connection (and I'm not just talking about filesharing software)? And it's further worth pointing out that the only people that require such connectivity are not just the techie geekoid people. Running VoIP through NAT, for example, is a bitch and a half, and often not even possible if the end user does not have administrative rights on the NAT.
Your argument does touch on a very good reason why NAT would not be entirely obsolete even upon the move to IPv6, however.
(Also, by playing around with IPv6 extension headers and a gateway that adds or strips headers to a packet, it's theoretically possible to do routing right _THROUGH_ a NAT on IPv6).
So really, it seems that the only argument against IPv6 migration is just that people are lazy and cheap and don't want to do it right now because it'd actually require some effort.
Re:"Billions and billions" (Score:3, Insightful)
Ok, NAT itself isn't. HOWEVER. MOST people relate NAT with a firewall performing NAT. Which is a level of security.
Nitpicking that a NAT machine is not a security measure fails to take into consideration that most people, NAT assumes some sort of firewalling taking place between the networks.
Re:"Billions and billions" (Score:1, Insightful)
* You want all your workstations to go through a proxy to get outside the network for filtering/monitoring reasons.
* You don't want your staff to have direct external access and don't want to have to limit this with firewall rules (i.e. you want it done by the nature of the network not by the configuration of the network devices).
* You don't want any incoming connections.
* You don't want the possibility of some junior tech bodging the firewall and opening your network wide open by removing filtering.
* You don't want some senior tech bodging the firewall on a Friday afternoon after pub lunch and accidently opening your network up.
There are quite a few reasons and quite a few situations where you wouldn't want this. Most corporate networks for a start.
Consumer Driven (Score:5, Insightful)
IPv6 benefits individuals. It benefits P2P, VoIP, photo sharing, blogging and email (yes email - you don't need a third party server if you have a permanent web presence). Yes you can have all of that with IPv4, but its held together with hacks like NAT, port forwarding and man-in-the-middle servers. That's fine, if like me, you hold a degree in computer science and arn't put off by the nuances of network security, berkley ports and subnet masks but if you're a noob who just wants to share their Christmas pictures with friends and family its a pretty steep learning curve.
I'm a pretty typical nerd. My home network has 4 computers that regularly connect to the internet. Of those, 2 offer services such as SSH, bittorent, email and my testing web server. After christmas that will probably extend to a new XBox360 and a PSP (admittedly passive net users). Next Christmas it might be my mobile. The Christmas after that my espresso machine will probably be consulting a distributed database to see what is the best way of brewing Co-op's Fairtrade Java.
You can buy a computer the size of a pack of gum with a complete Linux operating system and enough horse power to run a web server for ~$200. That's too expensive to be ubiquitous but in 2-3 years time that figure will be in the region of $20 and it will be a WiFi network. It's going to happen.
IPv4 forces our devices to be passive because configuring a NAT Router and Firewall is hard for Joe Public. IPv4 means that we have to poll to get system updates. IPv4 means that I can't just ask my fridge what its contents are without configuring a seperate box. IPv4 means that I'm happy when a third party agrees to handle my communications - I actually ask them to listen in and they 'promise' not to read my mail or listen to my conversations. IPv4 means that when I get an email from my girlfriend at 195.95.195.94 I have no method of authenticating that.
IPv6 means that I buy bandwidth and nothing else. I don't get 100MB of web hosting, or a whopping 5 emails addresses, I get to use my over powered desktop machine with 200GB of 'web space' and as many email addresses as I please. IPv6 means that I can start to build a web of trust, so that I can start to authenticate the messages I receive against a web of my peers - not a single verisign certificate. IPv6 means that consumer electoronics can be connected to my data pipe and that the manufacturer can be responible for its up keep - including firewalls and virus protection.
In short IPv6 allows people to own a bit of the internet and say it's theirs rather than renting an inch and getting kicked off that inch every 4 hours.
Re:What About Private Address Space? (Score:3, Insightful)
NAT, on the other hand, is already solving the address scarcity problem. It isn't necessary for every IP-enabled toaster to have a globally unique address - it isn't even necessary for every home computer to have a globally unique address! People who only use the internet for web and email can happily sit behind symmetric NAT without even noticing (many of them already are). People who use P2P need full-cone NAT, but assuming an average of 128 connections per user at peak times, you can fit about 500 users behind a single address even with full-cone NAT.
IPv6 has some good features, but solving address scarcity isn't one of them.
Re:In fact, I would think of the metric issue (Score:3, Insightful)
Re:Why not give PEOPLE addresses? (Score:5, Insightful)
No? Why not? Why can't you just get more IPv4 addresses so that I can connect to each of them?
The advent of NAT has solved the main problems that ISPs have had with giving their customers addresses to use for connecting to "content providers", but it has pretty much eliminated the original "every node is a peer" architecture of the internet.
Sure, if you're an ISP that works for you, but if you're some random guy that wants it to be easy to connect two (currently natted) devices together without involving a third device as a go-between, it's not such a good solution.
It's easy not to get it, just because we're all so used to having to do things the way we have been forced to. The epiphany comes when you realize how much more flexible the system is when NAT is not involved.
Re:Billions and billions of devices... (Score:3, Insightful)
Ah, if only Carl Sagan were alive to hear that comment!
Nonsense (Score:5, Insightful)
IPV6 solves the problems of the Internet, as originally conceived - egalitarian and end-to-end.
Nobody in power wants that any more. I'm sure that those in power would mostly prefer that the Internet would just go back and hide under the rock it came from, but they DO like the benefits it gives to THEM. If IPV6 goes forward, it'll only be because it has enough momentum as the "logical successor," and because TPTB can't propose what they'd really like.
If IPV6 were being designed TODAY:
It would have DRM built-in for the ??AA, as well as router-based monitors and controls for peer-to-peer networking.
It would have built-in provisions for wiretapping, even at the opportunistic VPN level, for government TLAs.
It would have content and traffic filtering provisions, for China and the Religious Right.
Of course IPV6 really runs counter to all of these "design criteria."
Re:But when? (Score:3, Insightful)
Admittedly, I do use a web proxy that fetches IPv4 websites for these machines, but I did that anyway. Having IPv6 lets me ssh to my machines without having to ssh to my firewall first. Convenient. And ready for the future.
People can sit here and whine about how nobody's moving to IPv6, but the fact of the matter is that it's super simple to do, and once you have, you're done. If everyone does this, there will be no "great transition". It will just be done. And that's it.
Not nearly as exciting as everyone wants it to be, is it...
Re:Why not give PEOPLE addresses? (Score:3, Insightful)
Yes, it is quite easy with named virtual hosts and reverse proxies, and the usual NAT firewall.
...and then you give an example of something that demonstrates specifically that I cannot connect to those web servers...I have to connect to a proxy.
So, your answer is "no, you can't do that without a third machine as a go-between".
I'm not talking about removing firewalls...access control is a necessity in any network that's open to the public (I think I even mentioned having a firewall in what you responded to). What I'm talking about is the perversions that NAT forces us through.
Suppose we were talking about a different protocol...should we have no choice but to use proxies for any given protocol just because we want to connect to it on more than one machine in a given network?
Again...NAT solves the problems that ISP's have. It ensures that they can continue on without making significant changes, and lets their customers make outbound connections pretty easily, most of the time. It does so by removing the ability of any machine on a given network to be a peer simultaneously with other wanna-be peers if they're behind a NAT device.
NAT is an artful hack, and it has spawned many other artful hacks (virtualhosts, name-based and otherwise, being examples), but why would you want to make things complicated and restrictive when they can be simpler and open?
There comes a time when you're just arguing to argue. I know, believe me (been there, done that). Drop me a note when you've had your own moment of clarity.
Re:But when? (Score:4, Insightful)
I'm afraid you're talking crap - I use IPv6 on my internal network *and* over the Internet, it coexists quite happilly with IPv4. Enabling IPv6 support on a system does _not_ require leaving the IPv4 network. If you have both protocols enabled then IPv6 will be preferred when it is available on both ends (since the DNS lookup you make to find the remote server's address will return both A and AAAA records) but if one end doesn't do IPv6 then the IPv4 address will be used.
The problem here is an economic one, not a technological one:
1. Why should the content provider invest in rolling out IPv6 addresses to their servers (there is an administration cost in running an additional protocol) when 100% of their clients have IPv4 addresses (the number with IPv6 addresses is not important here if it is significantly less than 100%)
2. Why should the ISPs invest in rolling out IPv6 networks if 100% of the content on the internet is accessible over IPv4?
3. Why should the consumer grade DSL router manufacturers bother to include native IPv6 support in their hardware if the ISPs aren't going to support it?
Most of the end-users neither know nor care about IPv6, but if the ISPs provided native IPv6 connectivity, the customers' DSL routers provided IPv6 support and their OSes shipped with IPv6 enabled by default (Fedora Core does this, as does OSX... sadly XP doesn't) then the customer wouldn't need to care about it because it would just automagically work - IPv6 does autoconfiguration our of the box.
So whilest there are economic reasons why businesses won't be inclined to change without everyone else changing, there is no technical reason why anyone can't support IPv6 without everyone else changing.
Re:"Billions and billions" (Score:2, Insightful)
You can repeat some mindless drivel endlessly, but that does not make it so. All the small users like me who have Netgear or Linksys NAT routers have thereby a very significant measure of security. With the default setup with no port forwarding, no WAN packet containing ANY destination address in the header is going to get routed to the LAN side except as part of a connection established FROM THE LAN SIDE, except by stumbling into an established translation state sequence, which is exceedingly unlikely.
Cool it with the misdirection. It is POSSIBLE to use NAT and still permit inbound routing, but only a statistically insignificant proportion of NAT users would do so.
Re:"Billions and billions" (Score:3, Insightful)
Not clear. There are so many ways to compromise a Windows box that NAT is pretty much irrelevant. If you're not running Windows then the potential threats are greatly reduced anyway. And there are ongoing efforts to define ways by which apps can ask the NAT to forward traffic to them without explicit configuration.
Marketers love to promote the delusion that they can sell you a magic box that will provide security without harming your ability to run apps. Whether or not the box implements NAT, it's a delusion just the same.
Re:But when? (Score:1, Insightful)
People can sit here and whine about how nobody's moving to IPv6, but the fact of the matter is that it's super simple to do, and once you have, you're done. If everyone does this, there will be no "great transition". It will just be done. And that's it.
It's funny how people completely miss DJB's point.. great, you've set up some random network protocol inside your house or whatever. Congratulations, you had a little extra free time one day, and you had a little fun.
What you run at home just doesn't matter. The fact is, you are still using IPv4 (otherwise, how could you post on slashdot?). Using IPv6 alongside IPv4 doesn't mean anything. You can use fidonet tunneled over IPv4, who cares?
I've said it before, and I'll say it again: IPv6 doesn't "happen" until a majority of *users* and a majority of *sites* are using IPv6 *ONLY*. In other words, the majority of their traffic is IPv6 from end to end without any IPv4 in between. Until then, IPv4 still works, and people will use what already works. What company is going to cut themselves off from IPv4? What internet user is going to cut themselves off from IPv4? You yourself haven't done it!
What DJB is saying is, what will change this situation? What will make people disconnect from the IPv4 internet? I can't really think of anything. Maybe, government mandate combined with blocking IPv4 at every device? Why would the government do that?
Just remember this simple concept: to consider yourself "on IPv6" you must be completely disconnected from IPv4. If you analyze the situation from that point of view, you'll come to agree with Dr. Bernstein and the rest of us who tell our clients "IPv6 will never happen, don't worry about it".