How Things Will Change Under IPv6

Da Massive writes "IPv6 Forum leader Latif Ladid provides an insight into the workings of IPv6. He also talks about how peer-to-peer file serving as we know it today will be redundant with the newer protocol." From the article: "Q: What is the most significant benefit that IPv6 offers the world? A: Global connectivity. Currently we have less than 50 percent world-wide Internet penetration, and we have used most of the address space. If you look at the Western world, we have more than 50 percent penetration. In total we have close to a billion people connected to the Internet. So it is a false perception that we have full Internet penetration. We have six billion people on the planet. When the Internet protocol was designed back in 1980 there were 4.3 billion address spaces; it was already insufficient for the population. By 2050 we will be nearly 10 billion people. But there are not only people. There are things. Billions and billions of devices that will service these people."

Why not give PEOPLE addresses?

[KinkoBlast]

Like Jabber. if my IP was 1:2:3 then my fancy Intenet Coffee Pot would be 1:2:3:coffeepot1

IPv6 Changes

[mrtroy]

What people dont seem to realize is that IPv6 is not only about adding more addresses.

They also improve the packet structure (by doing things like removing the fragmentation flag)

And we should be looking at making wireless roaming easier (consider forwarding mechanisms when changing WAP's)

But more addresses is a key benefit. And there is no real harm, just the cost of transition which can be minimized due to the backwards compatibility provided through tunneling, etc. So if everyone just starts installing IPv6 hardware, everything is happy. Why is this issue being rehashed?

Re:Why not give PEOPLE addresses?

[bhirsch]

How about if your domain name is blahblah.com, then your web server could be www.blahblah.com? It gets better: Your mail server could be mail.blahblah.com. And yes, your coffe pot could be coffeepot1.blahblah.com.

Re:Why not give PEOPLE addresses?

[MosesJones]

Errr you did read the bit that said that IPv4 can't support the number of people on the planet already? Also you do know that all you are talking about is a secondary addressing approach (network 1 : 1.2.1.2, sub-network : 2.3.3.3) which is already possible on IPv4, but requires an agreed standard for the secondary networking approach.

Oddly secondary networks have been considered during all of this, but it was easier to update the primary network addresses rather than formalising NATs which had other issues.

Why is NAT so bad?

[mightypenguin]

I understand that NAT is considered a hack, but isn't the fact that a device's real address is hidden a security feature for the user? Wouldn't it be that much harder for malicious users to track my internet usage? This would be especially true if I had a mobile device, since moving from one NAT system to another would make following my movements remotely more difficult. So I'd think NAT would be considered a privacy boon. The article doesn't really address this effectively. Also, since most mobile devices have limited bandwidth, I'd think that having a constantly changing IP address, or hiding behind a NAT would mean that DOS attacks against them would be more difficult. If most big mobile device ISPs like the blackberry and sidekick folks offered NAT based access in the future, I'd think that we'd be relatively safe from IPv4 address exhaustion. So stating the main reason for IPv6 being address exhaustion I think is crap. It IS very useful for other reasons though, and I think those reasons warrant it being switched to.

Re:"Billions and billions"

[mindstrm]

Private addresses + NAT is not a security measure, although it looks like one.
The same issues can be addressed without the need for NAT and private addressing.

The main reason private addressing is used is because getting public address space is a hassle... whether people realize it or not.
Just imagine.. if you could just have a million public IP addresses that worked, why wouldn't you use them?

Re:Why not give PEOPLE addresses?

[dslauson]

Not a terrible idea, but it assumes that end users are going to be able to figure out how to configure static IP addresses for all their devices, which is a pretty big assumption.

Plus, who would be in charge of assigning them? Would that mean that I have to register for an IP like I do for a domain name? Who's handing them out, the DMV? The Social Security office? The UN?

Also, it seems like it would be easy for hackers to mimic other people's IP address. Seems like maintenence nightmare.

Re:I don't get it

[it0]

I always understood that ipv6 has the ability to send 1 packet to mupltiple persons at once. So for example if you use bittorrent, and there are 7 people connected then you only have to send out 1 packet to reach to 6 people in stead of 6 packets with ipv4.

The rest I don't know

Re:Mismanagement of the IPv4 address space

[Wishful]

Except you're assuming that you force every network programmer to design their client/server programs the right way. I've lost count of the number of times my company has had a turf war over a vendor trying to force a badly designed client/server setup on us where for example , the vendors wants to directly connect to 3000 devices on our network. (oh but of course we both use the same RFC1918 space...ie all of it). So what happens......they ask me to setup 3000 static NATs. This is the kind of work that makes me pull my hair out, and its all caused by crappy choice by software designers who have no grasp of the issues faced by network/firewall people at the IP layer.

Big Brother?

[thealsir]

<begin irrational? fear> Implanting an RFID chip in everybody with a unique address makes it a very easy way of tracking people...and explains why IPv6 is being pushed so hard even though it is unnecessary. Sure, NAT will handle boatloads of expansion to come, but it offers a layer of anonymity to computers behind the NAT...security through obscurity...how many 192.168.x.x addresses are out there? This way, a unique IP can be given to each computer, more unique even than MAC addresses. And it can be reached around the world. If Those Above get their way through, I see computers eventually having hardcoded IP addresses. And RFID implants with a unique IP address for everybody. </end irrational? fear>

Re:Why is NAT so bad?

[smbarbour]

NAT is the one of the best "hack" that has ever been made for networks. I don't want to have every computer publicly accessible. Is there NAT on IPv6? How many addresses are available for v6? Using NAT, the maximum number of connected devices (sorry for not having the figures in front of me) on IPv4 = Total # of public addresses x Total # of addresses in a class A private network (10.x.x.x).
 
According to my calculations, using Class A private NAT with each address in a Class A public network comes to: 281,474,943,156,225 available nodes. That's over 281 trillion for the utilization of 1 class A IPv4 network. There are plenty of addresses if we use them properly.

I am surpised that Broadband ISP have jumped.

[LWATCDR]

Think about it. Almost every broadband ISP offers a "home network" package where they charge you extra for extra computers on the connection. However everyone else on the planet is selling easy to use broadband routers to do it on the cheap. If every device gets an IPv6 address then you can bill them very easily for all those extra computers on that DSL line.

Why NAT is so bad

[TallMatthew]

If you've ever tried to implement an IPSEC VPN with numerous endusers that have DSL/CableModem gateways that default to 192.168.1.x, you'll know why NAT is so bad, particularly if you're using that address space internally already. Granted, there are workarounds to this.

That's dicey, but what's even more dicey is trying to interconnect corporate networks that use the same private address space. Companies that run virtual trading floors, for example, offer private line connections. You end up with multiple IP subnet conflicts and it's an incredible headache. That having been said, there are workarounds to that, too.

When NAT became popular way back when, I was part of a few really painful reIPing projects. The reason we went to NAT was because there was no way to get portable IP space and our ISP was being a complete dick, jacking their prices and refusing to run BGP with us. Moving to NAT meant portability and portability meant our ISP couldn't dick us. If I was to move away from NAT and put v6 addresses in my corp network, that's what I'd worry about more than anything.

In fact, I would think of the metric issue

[WindBourne]

Back in the 70's, President Carter was going to move us to the Metric system. Road signs were being converted to mph/metric, goods were dual marked, etc. The idea was to make the conversion in 1981. Then reagan came in and stopped it. America was nearly ready, but it was stopped. Now, we are just about the only nation that does not do metric. That means that special labeling is done just for us. That also means, our goods are more expensive. Sadly, at this point, we have raised several whole generations without as much metric as we had in the 60's, and 70's. When we decide to finally change, it will be expensive and hard. reagan's choice was very short-sighted.

Right now, is the time to switch. In the future, it will only be more expensive esp. as small devices get IPs. They will also have to be switched. Finally, a new wave of software development could take place with IPv6, that is more difficult to do with IPv4. Not siwtching is very short-sighted.

Re:Why is NAT so bad?

[Anonymous Coward]

I understand that NAT is considered a hack, but isn't the fact that a device's real address is hidden a security feature for the user?

Nope. Your real (read public) address is visible. Your fake (read private) address is hidden. NAT is not a security mechanism, and in fact causes security issues because of a false sense of security. Next.

Wouldn't it be that much harder for malicious users to track my internet usage?

Nope. It's just as difficult for malicious users. It's more difficult for "valid" users (sys admins, etc.). Next.

So stating the main reason for IPv6 being address exhaustion I think is crap. It IS very useful for other reasons though, and I think those reasons warrant it being switched to.

Agreed. The root problem isn't really the address exhaustion, it is address allocation. It wasn't handled very well, and now we're running out. (NAT does buy us some time.) Unfortunately we can't go back and reallocate everything nicely now...

Oh wait, we can. IPv6 fixes the issue with a brute force approach, increasing the number of available addresses by a large factor. This will work for now, but isn't elegant. If the IPv6 addresses aren't allocated well, we'll have the exact same issue crop up again. And much sooner than anyone currently believes, of course.

I'm going to simply things dramatically, but assuming a flat 128-bit addressing scheme, we could have up to 3.4028236692093846346337460743177e+38 addresses, or about 56.7 octillion addresses for each person on the planet. A bit much, I should think.

Now, IPv6 isn't flat, it's true, but 80-bit (anyone remember IPX?) would be more than sufficient, even when considering allocation losses. IPv6 does have some useful features, but its addressing scheme is not one of them.

Re:But when?

[jrockway]

Doesn't qmail need a non-DJB patch to use IPv6? I enjoy Bernstein's writing, but in this case, he is doing a whole lot of talking and not a whole lot of acting.

Personally, my entire home network is IPv6. If people don't want to use IPv6, that's fine with me. My ISP charges me $10/month for static IPs, but with IPv6, I got 2^64 of them for free. 2^64!!! That's 2^32 more than all the IPv4 addresses in existence.

I think it's easy to see why people don't want IPv6. Without artificial scarcity, they can't gouge you for IP addresses.

Re:But when?

[megarich]

but for some reason ISPs are holding back and because of that businesses are holding back. Everyone is waiting for somone else to make the first move.

I feel the ISP's have to be the ones who make the first move. A not so great example but gives an idea of how I'm viewing this is an official language of a country. Since I'm from the states I'm going to use English as my example. Most people here naturally speak english. Sure you have others here or there who knows other languages but they can't communicate by in large with the rest of the country without knowing english(thus its a GREAT benefit to know english). Now if there was a movement by a good portion of the poplulaton to move to spanish, what benefit would other people have moving to spanish if the key people(in this case the gov) still back english and will not change?

That's how I look at the whole situation, until the key players, namely the ISP's, are willing to change to ipv6 there is no advantages of small/medium size businesses to switch over because everyone else is still talking in terms of ipv4.

The myth about IPv6

[deviate_this]

My biggest problem with IPv^6 is the deliberate hobbling of newer protocols to try and force the move to IPv6 on people. Take SIP for example, which has no built in support for NAT because either 1) they were too lazy to tackle it or 2) they were too arrogant and assumed everyone would just jump on the IPv6 bandwagon just because they were told to do so. The reason there's no rush to v6 is because the internet works just fine right now. What is it about v6 that's going to change the internet experience for my parents? Nothing.

People have been predicting the depletion of v4 addresses for 5 years now but NAT has changed that. My question is, why aren't new protocols deliberately taking NAT into account so that we don't have to create hacks to get around this limitation later?

History is full of companies trying to start over from scratch because it wasn't done exactly right the first time, but then end up bankrupt because they didn't stop to consider the most important part: the enduser. How many people are going to want to buy new routers or new dsl or cable modems because they don't support v6? And before anyone says that manufacturers could just offer a firmware upgrade, how many of them are going to do that when they could just as easily use it as an excuse to sell new equipment?

There might be advantages but all I hear on slashdot are the sheep. How about we talk about the disadvantages?

It doesn't matter

[keithmoore]

The notion of a complete transition is fairly meaningless. We're going to be using IPv4 for the web, email, and dedicated appliances like printers that are hard to upgrade, almost indefinitely. However for those applications the limitations of IPv4 addressing aren't such a big deal as there are fairly acceptable workarounds. IPv6 enables many more hosts to participate in peer-to-peer interactions than before, and this opens up potential for many new kinds of protocols and networked applications.

As for deployment - Some large ISPs are already selling IPv6 access to commercial customers. Consumer ISPs will be the last to see IPv6 because consumers will be the last to understand why it is useful. But this isn't such a big problem either, as anyone with a static IPv4 address can use IPv6 right now using 6to4 or an IPv6 tunnel broker. Bottom line - if you want to use IPv6 with an application today, there's a way to do it using existing networks and services. What we're waiting for is new applications that make use of IPv6 to do things that they couldn't do with IPv4 (maybe because they couldn't access enough devices that way). I think we'll see IPv6 used to control traffic lights, monitor security cameras, etc. before we see it widely used to transport web and email.

I use IPv6 every day between home and work. It's what lets me have multiple individually addressible machines at home with a residential DSL connection. My work network now supports IPv6, but my home ISP doesn't. 6to4 solves the problem handily.

Re:"Billions and billions"

[drinkypoo]

WTF? My ISP is not doing NAT. I have a different routable address dynamically assigned every time I connect. I am doing NAT, thus I am trusting that I will not be owned. My border gateway (linux box) does not accept packets for non-routable networks on the external interface; nor does it accept packets for services I am not running.

You may well have an argument, but I can't tell from the above comment.

A story

[MightyMartian]

"Tell me, Grandpa, what was it like in the days of IPv4?" young Suzy asked as she played with the IP wireless transmitters in her golden locks of hair.

"Well Suzy," Grandpa said, his mind on the distant past, "back then we only had 32 bit addressing, and much of it was provisioned out to various regional entities, with large corporate interests sitting on whole chunks of the space. We had these things called NAT routers."

"Sounds scary, Grandpa." Suzy shivered.

"It was." Grandpa replied. "The first NAT routers could only support FTP and IRC, and folks using some chat programs could barely get their software to work at all. Still NAT did okay, for a while."

"Then what happened Grandpa?" Suzy asked, enthralled.

"Well, as I recall, the first problems came when handheld wireless devices became more common. They had to sit behind various other networks, without direct connectivity. Proprietary solutions abounded, and connectivity was in the hands of large corporate communications giants. Everyone knew that IPv4 had been in trouble for many years, but some folks said 'NAT's all we need' while others didn't think there was a crisis at all, and even if there was one coming, it was nothing to worry about."

"But there was, wasn't there Grandpa?" Suzy knew the best part of the story was coming.

"Very much so." Grandpa said after a moment. "You see, even with NAT and various other networks between the IPv4 network and the average person's devices, the Internet was growing too fast. The limited supply of IP addresses as beginning to slow the expansion of the Internet. Finally, with the great IP Famine of '18, we had no choice. IPv6 was rolled out. Some folks were mad, because they had put their heads in the sand and refused to recognize the problem had been coming for a while. It costs those people lots of money, and some either had to put up with being stuck behind NAT routers and losing out on new functionality or simply going out of business."

Suzy laughed. "They were very silly people, Grandpa!"

Grandpa nodded. "Yes, they were, but most of us survived. Now it's time to go. Don't forget your data glasses and your book tablet. The last flight to Tokyo leaves in an hour, and I promised I'd get you home before dinner."

Re:Why not give PEOPLE addresses?

[Sharkeys-Day]

If you're arguing that they're equivalent, or something like that.

I am, actually. You should have quoted my next sentence, which explains that they are all the same (i.e. invisible) to the end user, who doesn't even want to know about IPv4 or IPv6 addresses. "google.com" gets him where he wants to go, and everything else is implementation details.

And as a home user, it may be a bit annoying to me too, but it is still just implementation details. Set it up once, and I'm done. Now I actually have to build that website...

Most corporations don't suffer from the dearth of IP addresses that the rest of us do, and my goal is not to get around security that's in place on purpose.

Actually, 99.99% of of corporations do suffer from the same lack of IP addresses. But NAT and firewalls have solved that problem for them, and most are actually happy for the extra guarantee that their internal traffic cannot be accidently routed over the network at large.

You keep bringing up the work-arounds that are already in place, and while I agree that they work all right for the way we use the net right now, making them go away could open the door to new ideas, new functionality, and a whole new experience for everyone.

That may be true. But vague hopes are not going to convince anyone to switch to IPv6.

You cannot ignore the needs of large corporations, because IPv6 will not be widely adopted until they get on board. The bigger address space is not convincing them, because they are going to keep their firewalls whether they NAT or not, so the proxy is not going away. They need another, better benefit before they will adopt IPv6.

I'm not arguing that more addresses are bad, or that we should NOT adopt IPv6. I'm simply asking for another reason, any other reason, why we SHOULD adopt IPv6.