Four Root DNS Servers Go IPv6 On February 4th

I Don't Believe in Imaginary Property writes "On February 4th, IANA will add AAAA records for the IPv6 addresses of the four root servers. With this transition, it will finally be possible for two internet hosts to communicate without using IPv4 at all. Certain obsolete software may face compatibility problems due to the change, but those issues are addressed in an ICANN report (pdf)."

Routers!

[arth1]

The main problem isn't obsolete software, but hardware. Changing routers to some that support IPv6 isn't done over night. And even if you do, and get IPv6 assigned, it doesn't help unless your provider also supports IPv6 -- else you might as well be tunelling the old way anyhow.

Regards,
--
*Art

Re:Finally

[CastrTroy]

They don't do dynamic IP addresses because they don't have enough addresses. They do it for stopping you from running a server on your home computer. Sure you can still run a server, but it's harder to run one when your IP address keeps changing.

two of 'em, eh?

[Anonymous Coward]

With this transition, it will finally be possible for two internet hosts to communicate without using IPv4 at all

Well, I guess that IPv6 transition is coming along nicely.

HAR HAR HAR.

Yeah, when slashdot drops it's IPv4 address, then I'll believe in this IPv6 nonsense.

Best IPv6 Read ever (not the article)

[Anonymous Coward]

But the off topic link I'm making to the wikipedia page...

IPv6 [wikipedia.org]

common to see examples that attempt to show that the IPv6 address space is absurdly large. For example, IPv6 supports 2128 (about 3.4×1038) addresses, or approximately 5×1028 addresses for each of the roughly 6.5 billion people[1] alive today. In a different perspective, this is 252 addresses for every star in the known universe [1] - a million times as many addresses per star than IPv4 supported for our single planet. These examples, however, have an underlying and inco

Re:two of 'em, eh?

[shentino]

Actually, v4 and v6 are quite independent. A single host can have BOTH at the same time.

I'd hope /. keeps its v4's at least until my college switches to v6.

I think it's backward compatibility IIRC.

Re:Routers!

[ArsonSmith]

This may beg for the question, but it does not beg the question.

Re:No, wait, not THAT game server...

[Denis Lemire]

Sorry, thats not a valid IPv6 unicast address. The unicast block is 2000::/3 so 2000: - 3FFF. ;)

Also IPv6 addresses can be compressed if they contain contiguous 0's.

ie) 2610:0078:00ad:0001:0000:0000:0000:0001 -> 2610:78:ad:1::1.

Worry not though, this is what DNS is for... Humans need not memorize IP addresses.

Re:Er...

[Olmy's Jart]

Deprecated. Alone with ip6.int, bit fields for reverse look-ups, and site local addresses. Nice ideas that didn't work out in practice.

Re:About time..

[Denis Lemire]

What is so difficult about adding a default rule to your firewall that blocks all incoming connections to your subnet and then adding rules specifically for the devices and services that do require incoming connections?

ie) deny ip from any to 2610:78:ad::/48

With NAT you are eliminating the possibility of incoming connections, with IPv6 you can deny connections all you want but can allow incoming connections where required or desired. Sure you can setup a port forwarding rule to allow a service for a given machine, but what happens when you need the same service to go to more than one host? You know need to accommodate for that by changing the incoming port on your real IP.

Not to mention all the issues raised by protocols that embed IP's that are not routable within the protocol themselves (take the SIP protocol for example). Work-arounds need to be put in place for many protocols on an individual basis in a NAT'd environment. This is a pain in the ass that would be highly unnecessary in a post IPv4 world.

If you're so fond of the kludge that is NAT, nobody is stopping you from using NAT with IPv6 in combination with a non-routable unique-local prefix (fc00::/7).

Dragging your feet on adoption of a superior technology that works for every situation in favor of a broken setup that happens to meet YOUR rather limited requirements is delaying progress for the rest of us. ;)

Generally speaking the consumer world isn't ready for IPv6 yet anyway (Too many Windows machines with limited IPv6 capabilities)... but I still get annoyed with all the anti-IPv6 commentary by those that have not fully investigated the specifics.

Just the personal pet peeve that is looking forward to moving behind the network design of choice for the 1980's.

Your argument is leaky.

[DrSkwid]

You do know that DHCP can assign a fixed IP don't you?

"Get IP address automatically" has nothing to do with dynamic / fixed assignment.

Re:About time..

[growse]

Everyone, lets all hold hands and repeat now:

Firewalling and NAT are different things...
Firewalling and NAT are different things...
Firewalling and NAT are different things...

Re:ipV6?

[Todd Knarr]

1. Makes address allocation a lot simpler. Most of this comes from the expanded address space having a lot more blocks available for allocation without having to play games with the bits.
2. Allows the address sub-netting hierarchy to mirror the physical routing structure. This makes the routing tables smaller and simpler, which makes life easier for the routers.
3. Address prefix independence. Fancy term for not having to reconfigure all your machines just because you've moved to a new netblock. This is part and parcel of the previous item, actually.
4. Things like IPSec were designed into the protocol from the start, rather than being bolted on afterwards as they were for IPv4. Makes VPNs and such a lot easier to configure and get running. The packet headers were also redesigned based on experience with IPv4, so routers have an easier time handling them and don't have to work so hard to do common things.

Re:So when will I be able to connect?

[Chris Mattern]

Right now.

No, really.

You appear to have misspelled your answer: the correct answer is "Real soon now. Not really."

Google has no IPv6 address to connect to. Nor have most other major net sites. IPv4 is still the only way to connect to almost all of the internet.

Chris Mattern

Re:Er...

[shentino]

Here's the RFC header, straight from the IETF's website

Network Working Group Request for Comments: 2874 Category: Standards Track

And its current status is "experimental" so unless there's something not-so-technical deciding A6's fate, then you've made a mistake to call it deprecated.

Unless of course the IETF doesn't have this categorized right...

Re:Routers!

[zsau]

"To sticketh" is not grammatically correct. The "to" signifies that we are using an infinitive of the verb, yet the "-eth" is a finite ending. -eth is simply the original form of the -s suffix on verbs: it marks the singular third person present tense. So "he sticketh", "John sticketh" are fine, but "have to sticketh" is not.

Re:Not true

[tgd]

I bunch of people said the same thing but I don't want to reply to all of them.

From the customers standpoint, the different doesn't really matter except as an inbound DNS address, however managing static IPs via DHCP is still complicated because you can't easily move machines around subnets as the leaves of your network change in terms of device concentration and data load.

You pay more for a static IP address because once you have it, they have to adjust the network around you.

(FWIW, I built out a number of large telco dial-up infrastructures as well as hosting environments in the last 15 years, so while I'm sure the reasons vary by company, I can say with certainty that this is the reason for an increase in price... the actual amount will be obviously adjusted for the market based on maximizing profit, but this is the core reason for it)

Re:About time..

[Denis Lemire]

What exactly is simpler in your viewpoint about IPv4? I'd like to see just one single pointer from you. Remember, just because you lack understanding of a technology doesn't mean it is more complex. In fact, in many ways IPv6 is simpler to deploy and maintain than IPv4. How many people that have deployed a network fudge up a subnet mask? With the large address space of IPv6 it is no longer necessary to deal with subnet masks, every subnet is 64 bits. Isn't that easier then having subnets of length somewhere between 8 and 30 bits and requiring the administrator to calculate the required number of hosts and the subnet masks to go along with that? What happens when a large network that does require end to end connectivity (think hosting provider network or the like here) provisions their network for 254 hosts and later outgrows this limitation? They need to re-number. Is re-numbering your network every time it grows to exceed an arbitrary limitation imposed by an obsolete standard "simple?" Thats only a couple examples.

Also, what part the word firewall makes you think that the firewall has to run on the host that you are trying to protect? I agree 100% that would not be ideal. Your gateway in IPv6 would still handle all the firewalling needs of your subnet. It is still a single point of administration at the edge of your network, nothing changes here!

You could turn my argument around, but you'd be dead wrong. How many people wonder why transfers over IM networks are so painfully slow or don't work at all? With both endpoints being behind NAT the IM clients need to each establish a connection to a third outside host to relay the transfer for them. How many people wonder why their SIP phone doesn't work properly in their hotel room. How many people wonder why a given game won't work behind their NAT. The examples are damn near countless. A lot of things happen behind the scenes to alleviate these issues to an extent but these are all added complexities. Here I thought your goal was to simplify things.

Have a look some day at how many protocols and standards exist, each to find yet another way around the limitations of NAT for a particular service or protocol (STUN, UPNP, NAT-PMP, etc, etc).

The thing is, there is nothing in the IPv6 spec that breaks functionality that you are used to today. There are however a great many things that are simply impractical with IPv4 unless you are one of the lucky few that has a sufficiently sized chunk of globally routable IP space.

Perhaps when you've administered a network larger then your personal home network you'll have a better grasp of what some of these issues entail.

Re:Why did they skip 64-bits?

[Just Some Guy]

I belive that they skipped the 64-bits address to be able to fit the 48-bit MAC (Level 2) address inside the IP (Level 3/4) address, and thus avoiding the need for the router to use ARP to find the MAC address corresponding to a local IP address.

Not even close. Those bottom bits are used for the completely optional autoconfiguration feature. You're equally welcome to hand-configure hosts or use DHCP6 to assign network::1, network::2, network::3 and so on without regard to MAC.