Submitting a review for consideration is easy; please first read Slashdot's book review guidelines. Updated: 2008114 by samzenpus
All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.
wow (Score:5, Insightful)
And the rate of downloads of Ubuntu 8.10 is up infinity percent in the past two years.
up 300%? (Score:5, Funny)
you mean it went from 1 person to 3 people?
Re:up 300%? (Score:5, Funny)
No, up by 300% would means there are now 4 users.
</pedant>
Parent
Re:up 300%? (Score:5, Interesting)
Parent
Re:up 300%? (Score:4, Informative)
We get it from basic English skills. It's "up 300%" not "300% of what it was".
1 -> 3 = 300% of what it was.
1 -> 4 = up 300%.
Again:
300% x 1 = 3
1 + 3 = 4
Parent
no, your numbers are wrong (Score:5, Funny)
1. start with 1 throwaway silly joke
1
2. multiply that by the Humorlessness constant
1 * H
3. add 300% overhead cost of a mediocre informative rating
1 * H * 300%
4. factor by the coefficient of who gives a shit
F(1 * H * 300%)W
and you are left with 3 users of IPv6
so there
Parent
Re:up 300%? (Score:5, Informative)
Parent
Re:up 300%? (Score:4, Funny)
Son of a.... *hangs head, hands over geek card*
Parent
Re: (Score:3, Funny)
If something increases by 100%, that means it doubles, not stays the same. Induction can take it from here.
So going up 300% means doubling 3 times ?
Re:up 300%? (Score:5, Funny)
wow. I mean, like.. wow
Where the heck do you guys get 4 from?
--
I can sum it all up in three words: Evolution is a lie.
I guess you worked out "Evolution is a lie" is three words using the same calculation you made above.
Parent
Obviously technologically superior (Score:5, Funny)
The news is important because IPv4 addresses (e.g. 123.23.56.98), which are assigned to your computer periodically, are running out. IPv6 addressing (e.g. 2ffe:1800:3525:3:200:f8ff:fe21:67cf) was invented as a longer and more secure replacement.
Look! IPv4 addresses just have numbers and dots. IPv6 addresses have numbers AND letters . . . and colons (TWO stacked dots)!
No question, which one is better, and tastes better, and lasts longer, and is less filling.
I'd like the IPv6 prefix dead:beef, please and thank, you.
IPv6 address for slashdot.org (Score:5, Insightful)
Any chance Slashdot could get IPv6 connectivity?
Progress in this direction is "stuff that matters", after all...
Do you remember CSS? (Score:3, Insightful)
Do remember how long it took /. to move from a tablefest of tagsoup to a CSS-based design? A good 10 years, give or take.
IPv6?
I'll switch when my ISP does (Score:4, Insightful)
The biggest thing holding me back from switching is that my ISP [verizon.com] doesn't seem to care one whiff about switching. The only way I have available to get on is to set up a tunnel, which seems to defeat the entire purpose of IPv6. I don't want to run IPv6 just for the sake of saying that I run IPv6, I want to run it so I can have an address for every device and finally get rid of the annoying NAT solutions.
Re: (Score:3, Informative)
Expect mobile phone companies to switch first. They are already NATing most of their customers when they want IPv4, but their next generation networks are IP-only and run everything else on top of IP. Using NAT will be a colossal pain for this, because they only have 2^24 (around 16 million) IPs in the 10/8 range and most mobile phone companies have a lot more than 16 million customers. You could NAT each cell, but then you'd have massive routing issues. Running IPv6 natively is going to be a much easie
Make it work! (Score:3, Interesting)
I seriously considering setting up my internal network for IPv6 and trying to get connected to the web via IPv6, but ran into so many roadblocks that I just gave up.
It's no wonder adoption is so slow if this is the way things are.
The US is lagging (Score:3, Insightful)
I'm wondering how far behind the popular adoption of IPv6, the nay-say'ers admissions that they were wrong will lag.
Progress will never happen. Things will always be the way they are now. There's no reason to change now, and there never will be. Pshaw.
How IPv6 will happen, and why it hasn't yet (Score:3, Insightful)
The main problem with IPv6's slow adoption is that no transition scenario was ever devised. The protocol was spec'd, implemented, debugged and ... that's it. Nobody ever asked the question, who's gonna switch and why?
Currently, if you want to use the Internet, you need to be on IPv4. The only existing transition mechanisms are those which allows an IPv4 host to emulate IPv6 on top of it. And 100% of any other hosts you might be interested in talking to are on IPv4, even if they happen to also be on IPv6. So basically, in the rare cases where you can use IPv6, you can also use IPv4 to do the exact same thing.
So there's no point.
What's missing here (and has been missing since the beginning of IPv6) is a mechanism whereby an IPv6-only host can talk to an IPv4 host. I believe there's something called "nat64" that's being worked on, but it's in preliminary stages.
Here's how it's going to happen: for a veeery long time (10, 20 years), most corporate networks will remain IPv4 only. They have no reason to switch. It's not just network stacks, it's networking equipment, firewall rules, inertia but also stupidity and incompetence. Consider this: right now, there are major websites still incompatible with Explicit Congestion Notification. It's not that they just don't implement it; it's that their networking equipment suffers from a 10+ year old bug that prohibits hosts with ECN enabled to access them. Non-buggy stacks just ignore the bit and let packets through, buggy ones silently drop the packets and cause the connection to hang. This used to be the case on www.cnn.com up until a few months ago, and is still happening on www.afp.com.
Instead, it's mobile networks that will implement IPv6. There is not even enough addresses in a class A (10.0.0.0/24) to even give addresses to all mobiles phones in an European country. It's trivial to implement proxies for HTTP and other common protocols, so that those mobile devices will be able to see CNN.com. But obviously, it would be much better to have a way to NAT those devices onto IPv4.
Technically, IPv6 is running out as well (Score:4, Funny)
It's just there a lot more to go until the end~
Hey, I did say technically.
For everyone who says v4 isn't running out (Score:5, Insightful)
2) NAT is not a proper solution. It crosses the Network and Transport layer boundary to provide a hack solution to a Network layer issue. Having something like NAT prevents anything besides UDP or TCP from being used behind a NAT, since NAT relies on port mapping between UDP and NAT
3) What makes people think uPNP is a good idea? Wouldn't it be better to just have *real end-to-end connectivity* like was actually intended and used to be the case?
4) As the world of networked devices and content providers increases as fast as it always has been or faster there will be a growing need for content providers (servers) that cannot be behind a NAT while still hoping to use well-known ports for services
5) NAT does not scale. State tracking tens of thousands of connections? Since state needs to be tracked, load balancing something like NAT is just yet another hack on top of a hack.
I would love to hear someone explain how using NAT is a feasible solution permanently. Reclaiming unused sub-allocations from legacy
Re:Fun with statistics (Score:5, Funny)
Why is that lying?
Parent
Re:IPV4 addresses are NOT running out (Score:5, Informative)
God, I'm tired of it being repeated that IPV4 addresses are running out. Everybody who's not a journalist should know that it's not true.
And everyone who's a network admin knows that it is.
Nat+uPNP is perfectly capable and 100% backwords compatible.
Great, so I can re-write every application to support a half-assed workaround like NAT. I'd much rather have each host bugging the crap out of the router to forward a specific port, please! than to just get the migration over with and be done with it. If you think that NAT+uPNP is a replacement for IPv6, then you need to find a hobby more suited to your skill level.
Parent
The potential of IPv6 is kinda scary. (Score:5, Interesting)
And everyone who's a network admin knows that it is.
You're right, 100%, and I fully support IPv6 adoption end to end, because I know managing port assignments is a pain in the ass for non-UPnP compatible apps, and the problems that NAT has created. Even more absurd is the solutions to those problems (e.g. Skype-style) that are more like hacks than fixes.
NAT has created a very lazy fix to the problem of network security and filtering. If you're behind NAT, you're not addressable unless UPnP or an explicit port forward does it for you, and that's extremely convenient.
In a situation where every single computer in a network is internet addressable (something not always desired in business, which is probably the reason IPv6 adoption is so slow), you have to implement a very strict firewall to block and filter unsolicited traffic to those machines. If you're NATing them, as long as your network is physically secure, you don't have a problem.
This puts a lot less stress on network security than there should be in a business environment, and much less attention to what should or shouldn't be allowed through a local firewall, let alone a site firewall.
I'll stop ranting, but the point is that NAT has created an artificial deficit of proper network security, and I fear that when IPv6 becomes ubiquitous, NAT will linger on as a replacement for real security. The skills required to secure a fully addressable network of machines simply aren't needed in the majority of current environments because making every host in a network internet addressable today is simply not an option.
Parent
Re:The potential of IPv6 is kinda scary. (Score:5, Insightful)
Parent
Re:The potential of IPv6 is kinda scary. (Score:5, Insightful)
This puts a lot less stress on network security than there should be in a business environment, and much less attention to what should or shouldn't be allowed through a local firewall, let alone a site firewall.
I disagree. Say your current NAT setup is:
The firewall equivalent is:
The decision making process is identical. You've already decided which ports are which machines should be exposed, and that's the hard part! Once you're past that, the semantics of NAT and a "default deny" firewall are almost identical.
Parent
Re:IPV4 addresses are NOT running out (Score:4, Interesting)
Or intelligently design protocols to assume that not everyone has a direct IP back to them? In the early days of online gaming, one had to forward easily a half-dozen ports (UDP, and maybe 3 ports TCP) to play online. These days, it's normally 1 UDP and 1 TCP port, if that.
IPv6 won't change any of the issues seen with NAT. At best, you'll have a firewall blocking incoming connections to all but a single IP (the system providing the gateway and firewall), so you'll juat have huge spaces of IPv6 addresses that are unreachable anyways. So your toilet might have a real live IPv6 address, but it's not reachable outside the local network anyhow. Heck, that gateway may very well perform NAT on IPv6. To assume all the issues with NAT, firewalls, etc, go away magically by using IPv6 is naive - they're still going to be around. At the minimum, there's going to be firewalls up, and apps will still have to request people poke holes in it somehow. Most likely, nothing will change.
Despite having all these addresses available to them, most ISPs will probably just offer the user 1 or 2 IP addresses (though, an IPv4 and IPv6 address), and charge them an extra $5/month for another one. Or maybe they'll get a clue and give them a pile of addresses, to which the user will probably just stick a router in and use 1 address. And might as well stick all the machines behind it in the private address range anyhow.
IPv6 is important because we're running out of addresses (or some countries already have). But unless the protocol mandates things like evil bits and other junk, people are still going to put up firewalls, NAT-based routers, etc, and we're really just going to end up in the same situation we're in now. Everyone talks grand of "even your toilet can be connected", then it just takes someone to say "well, if it is, I don't want people to hack into it". IPv6 won't save us from buggy exploitable services, spam, OSes with poor default security, etc. The only thing it may save us from is that portscanning blocks of IPs got significantly harder, but botnets are good for that sort of thing. Heck, even exploits have seemed to work around the fact that a good chunk of people are behind a firewall.
Parent
Re:IPV4 addresses are NOT running out (Score:5, Insightful)
Most machines don't need an externally accessible IP.
Unless they want to use something as exotic and unpopular as BitTorrent, you might be right.
Parent
Re:IPV4 addresses are NOT running out (Score:5, Funny)
Parent
Re:IPV4 addresses are NOT running out (Score:4, Informative)
Many people do not want IPv6 because getting set up for it will be expensive and time consuming.
Except it's not.
Remembering or just typing an IP will be much more of a bitch.
I haven't typed my IP since I added it to DNS.
And some people don't want machines to have publicly accessible IPs.
Then don't open the firewall.
I for one don't want my fucking toaster or condoms
I think (hope!) you didn't mean it that way.
to have IP addresses.
Then don't plug them into the LAN.
Parent
Re: (Score:3, Insightful)
Ugh, I meant to say more before I posted. Anyway, here's the rest:
The main reason I mentioned publicly addressable hosts was that the OP brought it up when he mentioned UPnP in conjunction with NAT. No, you don't need (or want) every host to be directly reachable. When you do, though, a real end-to-end solution like IPv6 is vastly preferable to a slew of machines behind the NAT asking for port allocations.
Re:IPV4 addresses are NOT running out (Score:5, Informative)
Most machines don't need an externally accessible IP.
Which has nothing to do with the IPv4 vs IPv6 debate. Regardless of which stack you use, you are never forced to have externally accessible IP addresses. This is what firewalls, routers, and reserved, non-routable addresses are for.
Parent
Re:IPV4 addresses are NOT running out (Score:4, Interesting)
The problem with IPv4 isn't really that we're running out of addresses, although that could become an issue in the near future. No, the problem is routing. Reallocating the remaining IPv4 addresses would mean abandoning any presence toward maintaining hierarchical subnets. High-level routers would need to know where to send packets based on not just the /8 or /16 prefix, but perhaps /24 -- or worse. That's potentially millions of additional records in every router, when we're already having trouble with an explosion of routing-table entries. IPv6, on the other hand, has enough bits in just the upper (network) portion of the address (/64) to permit purely hierarchical routing to the ISP level, which means that the routing tables become far simpler. There's no need for each router to know about dozens -- perhaps hundreds, or thousands -- of minuscule disjoint subnets serviced by each ISP.
The other advantages of IPv6, such as improved security and access to a routable /48 subnet for each local network, are merely bonuses. The routing issues alone are sufficient justification to migrate.
Parent
Re:IPV4 addresses are NOT running out (Score:5, Informative)
Lots of them.
Any kind of webserver. Try running two of them on the same IP address.
Of the above, especially websites using SSL. Can't have more than one per IP address.
FTP is a horrible pain when NAT is involved.
Many video conference applications.
Programs like instant messengers with file transfer.
BitTorrent and any form of P2P in general.
IPsec in transport mode
Many games. Two players trying to play online doesn't work at all with some games, no matter how much you fiddle with NAT.
Remote desktop. When troubleshooting, I can't just ask the person I'm helping to install VNC, because then I'd have to explain to them how open the port.
I'm sure the list can get a good deal longer, but this seems enough.
Parent
Re: (Score:3, Informative)
We're using OpenBSD's FTP proxy [openbsd.org]. It works well, and is easy to set up (much easier than it used to be, anyway).
IPv6, DNSSEC, and ubiquitous SSL or IPSec are things that are long overdue.
Re:IPV4 addresses are NOT running out (Score:5, Informative)
Nat+uPNP is perfectly capable and 100% backwords compatible.
NAT is a hack, and uPNP is not universally supported -- not in the routers themselves, and not in every program you might want t ob accessible.
Besides which, there are a limited number of ports, and you're still preventing people from picking a standard port and leaving it open, to connect to it later -- for instance, if my ISP NATs me, how do I ssh or vpn back home? Let alone run a webserver out of my house..
That's not even getting into all the millions of unused IP's being held by the early internet companies.
True, but consider that IPv6 would prevent anything like that from happening again.
Start with $1 per year per ip to EVERYONE who owns an IP's and you'll see the "IP Shortage" vanish overnight.
I'd also very likely see my own public-facing IP go away, and more and more ISPs NAT-ing all their customers -- who are then doubly-NATed behind their routers -- which is then a gigantic pain in the ass to deal with, versus simply upgrading to ipv6.
I'd also likely see my hosting costs go up a bit.
All to manage this artificial scarcity, and push it back for awhile -- which could be so easily dealt with by simply upgrading to ipv6, and giving an IP address to every device on the planet -- and, as a nice side effect, making it possible for me to assign a public-facing IP address and DNS entry for every toaster in my house.
Parent
Re:IPV4 addresses are NOT running out (Score:5, Insightful)
God, I'm tired of it being repeated that IPV4 addresses are running out. Everybody who's not a journalist should know that it's not true.
There's no reason every person on earth needs an IP. Nat+uPNP is perfectly capable and 100% backwords compatible.
That really isn't entirely true.
NAT and uPnP may work well for your average home user... But it causes some headaches in larger networks. And if you've got a pile of servers that need to be globally accessible - like webservers - you don't really have an alternative to multiple IP addresses.
That's not even getting into all the millions of unused IP's being held by the early internet companies.
This is certainly true. There are several huge blocks of IP addresses sitting unused. Freeing these up would go a long way towards keeping IPv4 alive. At least for a while...
IP's just need to be charged for on a early basis. Start with $1 per year per ip to EVERYONE who owns an IP's and you'll see the "IP Shortage" vanish overnight.
It might very well vanish overnight... But it'll return eventually. The fact of the matter is that we keep coming up with new reasons to route information over the Internet. And all these new devices and gadgets require an IP address.
One of the cities that we support recently bought a new chiller for their ice rink. Their old one was just managed in-house. You had to be standing in front of the device to do much of anything. And if it was malfunctioning they had to send someone out to eyeball the machine. Their new one has a network jack and can be monitored remotely through a web interface. So we had to get them bandwidth and a static IP address so they could keep an eye on things even when nobody was physically at the civic center.
Sure, there are some absolutely stupid and frivolous things we're doing these days. Folks don't need to be able to surf the Internet from their microwave oven. But it is getting to the point where we expect to be able to gather information from just about everything, and view it just about everywhere. Folks expect to be able to hit Google or Wikipedia from their cell phones. Lots of industrial equipment can be managed remotely. I know I routinely troubleshoot issues remotely.
To a certain degree we can hide these devices behind NAT... I can have a dozen web-enabled appliances in my house and just use different ports forwarded through a single NAT'ed IP address to access them. But what about devices that don't necessarily sit behind a router? What about my web-enabled phone?
And what happens when the ISPs start running out of addresses? Are they going to install giant NAT routers themselves? Are we going to wind up with several layers of NAT?
Parent
Re: (Score:3, Insightful)
Try LogMeIn or GoToMyPC, or something similar. I manage nearly 100 remote PCs thru LogMeIn, and only 3 of them have static IPs.
I think you're kind of missing the point of my post.
I use LogMeIn for quite a few things. I've got it installed on my home computer, my work computer, and dozens of client computers. It works very well for me. It's a great solution for folks who can't or won't pay for a static IP address. But LogMeIn doesn't somehow magically negate the need for an IP address.
If you've got bandwidth, you've got an IP address. And more and more devices have bandwidth these days. Which means more and more IP addresses i
Re: (Score:3, Insightful)
Yes, NAT is wonderful.
Like when I want to play a game online with me, a friend in my house, and people over the internet. Then we're sometimes confronted with that the game wants specifically port 12345 on UDP open, and there's no way to NAT that to two computers at once. There goes at least half an hour of everybody's time, plus another half an hour to convince the less technical players that no, it's not working and it's not going to.
UPNP doesn't solve this problem, and is yet another horrible hack that s
Re: (Score:3, Interesting)
That only works so long that:
1. You're the only one who has this problem. Doesn't work when two other people are also going to share a connection.
2. You can convince everybody that they move to your server. There can be a serious hassle in getting maps, mods, patches and so on set up.
3. Your connection has enough bandwidth and low enough latency to work a
Re: (Score:3, Interesting)
There's no reason every person on earth needs an IP. Nat+uPNP is perfectly capable and 100% backwords compatible.
Yeah, unless you still hold out hopes that the internet could live up to its original promise of being a network of peers, where a person's home computer could be their server when they are out.
Throwing people behind ever increasing layers of NAT erodes the functionality of the internet. If your goal is simply to disprove that IP addresses are running out, that may be acceptable. If you don't w
Re: (Score:3, Insightful)
God, I'm tired of it being repeated that IPV4 addresses are running out. Everybody who's not a journalist should know that it's not true.
There's no reason every person on earth needs an IP. Nat+uPNP is perfectly capable and 100% backwords compatible.
I'm so tired of seeing someone post this rubbish every time these articles come out. uPNP is a security issue and many routers either don't support it or smartly have it turned off. NAT is a hak at best and limits the power of users while creating no end of issu
Re: (Score:3, Insightful)
Nat+uPNP is perfectly capable
Spoken like someone who grew up with NAT being the norm. NAT is terribly broken, and UPNP is even worse. There shouldn't be a need to resort to hack-upon-hack to get networking to work. I long for the day when I only have to worry about routing & firewalling on my network again.
That's not even getting into all the millions of unused IP's being held by the early internet companies.
IP's just need to be charged for on a early basis. Start with $1 per year per ip to EVERYONE who owns an IP's and you'll see the "IP Shortage" vanish overnight.
Great, $1 per IP. 2^32-1 possible IPs... that's only a touch over $4B per year. Who want to bet that Microsoft would eat up all it could, just to have control? Hell, at that price I'd buy a couple hundred just for me. Star
Re:IPV4 addresses are NOT running out (Score:5, Insightful)
In the end, we want peer to peer connectivity. That's what the Internet was designed for. We currently use a clumsy group of non-transparent hacks that "mostly work" to work around the fact that we can't give every device a predictable IP when it leaves the factory. IPv6 is a clean architecture that scales, that works predictably, that works now, and that allows peer to peer connectivity between IPv6 nodes transparently.
The only reason why people aren't switching to it now is because everyone's still hung up on hacks to get IPv4 to work acceptably. If the router manufacturers followed Apple's lead and incorporated IPv6, including 6to4, into all new routers, most people would switch to v6 without even knowing it. We'd suddenly have an ecosystem where everything would "just work" - buy an Internet-enabled widget from the shop, plug it into any Ethernet port on your network, and it'd work, no configuration required, regardless of what it's supposed to do.
To get there, we have to stop doing what we're doing.
Parent
Phone numbers are NOT running out (Score:4, Interesting)
There's no reason every person on earth needs an IP.
There's no reason everyone needs their own phone number, either. In the old days, several houses shared the same phone number. Calls were distinguished by different rings. They got along just fine with that.
Parent
Re: (Score:3, Insightful)
The scheme would not be targeted at people like you. It's targeted at institutions like MIT, Ford and Halliburton. If they each had to start coughing up $24 million per year to hold onto their sparsely used /8 IP blocks, they'd be clamoring to unload them.
Re: (Score:3, Interesting)
The way it actually looks, why not just use MAC addresses?
IIRC, it does. I thought it appended the MAC address to the first part of the IP, and the second part is assigned(statically?) by the DHCP(?) server.
Re: (Score:3, Informative)
Well, one good reason is that MAC addresses do not have embedded routing information in them and do not pass off the local network. They were intended for local identification of the interface and have manufacturer information and a serial number in there by default.
Another is that the MAC address space is smaller than the IPv6 space.
Re: (Score:3, Informative)
Which part are you complaining about? The use of hex? The use of colons? The length? The use of hexadecimal digits is to make it shorter, I think (since the addresses are so long). I believe the colons are to unambiguously distinguish them from IPv4 addresses.
One thing the summary didn't show was the use of the double-colon. IPv6 addresses commonly have long sequences of zeroes in them, so you can write something like 3f::4:1e:f106 and everything between the :: is zeroes (enough zeroes to make it the right
Re: (Score:3, Informative)
http://www.potaroo.net/tools/ipv4/index.html
Re: (Score:3, Informative)
Next, you deploy 6to4 on your routers and start running dual-stack clients. Then call your ISP again and say 'we're currently using 6to4, but we want to disable this soon and switch to a proper v6 address, do we nee