Windows 7 May Finally Get IPv6 Deployed 283
Esther Schindler writes "According to this article at IT Expert Voice, Windows 7 and IPv6: Useful at Last?, we've had so many predictions that this will be 'the year of IPv6' that most of us have stopped listening. But the network protocol may have new life breathed into it because IPv6 is a requirement for DirectAccess. DirectAccess, a feature in Windows 7, makes remote access a lot easier — and it doesn't require a VPN. (Lisa Vaas interviews security experts and network admins to find out what they think of that idea.) The two articles examine the advantages and disadvantages of DirectAccess, with particular attention to the possibility that Microsoft's sponsorship may give IPv6 the deployment push it has lacked."
Re:IPv6 addresses are overly complex (Score:5, Insightful)
Uhh... 3 letters for you. D.N.S.
Re:IPv6 addresses are overly complex (Score:3, Insightful)
Do you seriously believe "the addresses are really long" is going to be the main thing blocking IPv6 adoption? Or even something the average person will care about in the slightest?
Another Genuine Advantage ? (Score:4, Insightful)
I have to say that this is what struck my eye :
In addition, DirectAccess can be integrated with Network Access Protection (NAP). NAP, which was introduced in its current version in Windows Server 2008, automatically checks that a remote PC has up-to-date software and the proper policy-set security settings.
OK, it checks for software status, which I guess is cool, but what makes me suspect that there is a "Refuse to operate unless the licenses appear OK" aspect to this ?
By the way, this sets up an IPSEC VPN, so I am not sure why the OP says it doesn't require a VPN.
Re:Why? (Score:4, Insightful)
Re:IPv6 addresses are overly complex (Score:1, Insightful)
Even worse is the fact that a lot of routers still can't handle it.
This has caused a lot of problems for users of Ubuntu Karmic Koala, which enabled IPv6 by default.
After upgrading to Kubuntu 9.10 I was getting huge delays and failed connections (but not all the time) on everything from Konqueror to apt-get.
It turns out the problem was a bug in my DSL modem, causing it to choke when trying to connect to a host that has IPv6 enabled.
I was able to work around it, but a lot of people are still having trouble.
Let's see how Microsoft deals with all the older installed hardware.
Re:IPv6 addresses are overly complex (Score:2, Insightful)
We won't run out. It's like peak oil - we won't just have one random guy scrape and hit rock bottom and suddenly the world panics. It'll become gradually harder and harder to find and prices will slowly go up, reducing consumption. Essentially, we'll never use 100% of our oil until it is completely superseded by newer technologies. Same with IPv4 addresses. They'll become more and more valuable, universities with 16.7 million each will be forced to give them up, and we'll have more and more bureaucracy surrounding the IP address system. IPv6 will come in slowly.
Re:IPv6 addresses are overly complex (Score:4, Insightful)
Dynamic DNS, then. I use that for remoting into my computer and router from other places.
Re:Why? (Score:2, Insightful)
Who the hell needs 13 Gazillion addresses on their LAN? On the internet sure, ok....who the fuck going to connect a Windows box to the internet without NAT/Firewall?
Network address translation came into use because you had limited supply of IP addresses, pigeonhole problem basically. With IPv6 that's not needed, because surely 3.4×10^38 addresses should be enough for anyone. You'll just need a firewall to reject requests from outside your own assigned block.
They've invented SSH/SSL! (Score:3, Insightful)
Except that it doesn't work with the networking you have.
Second link drowned. (Score:1, Insightful)
And that was just by paragraph four. I gave up -- this person can't write. I'm certainly not going trust that this "Expert Voice" can assemble facts correctly.
Either that... (Score:4, Insightful)
Re:IPV6 is fatally broke (Score:2, Insightful)
Wait, are you claiming you don't use IPv4 for anything? Or are you claiming you use IPv6 for some things? Because if the latter, you're right in line with Bernstein's claim. Note he doesn't say IPv6 doesn't work, he says there is no smooth transition path for IPv6 adoption from IPv4.
Websites with external consumers cannot stop using IPv4 until all potential consumers use IPv6. So until everyone uses IPv6, every host must continue to run IPv4 or both.
Does this mean you cannot run IPv6 at home? No, it just means you must also run IPv4 to get to websites that haven't bothered to support both.
Which relegates IPv6 to hobbyists, same as in 2002.
Re:IPv6 addresses are overly complex (Score:2, Insightful)
I'm sorry, but you're simply uninformed. This is exactly like global warming and I made the analogy before in reverse [slashdot.org].
In both cases, the experts say it's happening and it's a problem, while layman continue to have a flawed and incomplete picture. For example, you're stating that "it'll be harder and harder to find", however there is no market in IPv4 addresses, they are not sold or bought at the ISP level, but rather they are supplied on demand by the registrars. Market analogies do not apply. It is a finite resource with extremely low elasticity in supply. Partitioning IPv4 addresses to small chunks and coming up with a procedure to reclaim them would be extremely hard, for routing reasons. Even if you'd attempt to set up a market for IPv4 addresses, you'd need global agreement (the Copenhagen Climate Summit showed recently how well that works out) and you'd risk fracturing the Internet due to conflicts of interests when it turns out that you can't get IPv4 addresses anymore unless you pay for them. The question who gets the money is a big open question. To put it simply, you just can't apply market schemes to a finite addressing scheme. It does not work.
Oh, and just to lay the "universities with large address spaces" argument to rest, even if we'd reclaim the legacy spaces, we'd extend exhaustion by 3-5 months. No, an IPv4 address market is not viable, is not going to happen and we're better off focusing on migrating to IPv6 instead of picking the "do nothing" option and waiting for a panic solution when the IPv4 addresses run out in 2011 (IANA pool)/2012 (RIRs). Besides, why meddle with temporary solutions? Data shows that IPv4 address space consumption [potaroo.net] is accelerating. We simply need IPv6 to provide for the increasing addressing demands.
Re:Why? (Score:4, Insightful)
The funny thing is, however, that NAT isn't entirely obsoleted by ipv6... because it is almost inevitable that ipv6 space will be almost as poorly managed as ipv4 space was in the beginning, we will probably still run out of ipv6 space sooner than we otherwise would. Of course, due to the sheer size of ipv6 space, I suspect that's not likely to happen in most of our lifetimes.
In most of our lifetimes? Per Wikipedia:
The very large IPv6 address space supports a total of 2^128 (about 3.4×10^38) addresses—or approximately 5×10^28 (roughly 2^95) addresses for each of the roughly 6.5 billion (6.5×10^9) people alive in 2006. In a different perspective, this is 2^52 (about 4.5×10^15) addresses for every observable star in the known universe.
It will take way more than poor management to use up all those numbers in any timescale with meaning to a human life.
Re:IPv6 sucks monkey bawls (Score:2, Insightful)
1/2. would you prefer 192.168.127.123.67.88.76.44.246.254.65.183?
3. I have no solution for that.
4. For suitably small values of "works". NAT breaks a lot of stuff, adds needless complexity (annoying hacks such as UDP hole punching and the like) and merely trades one addressing limit (2^32 IP addresses) for another (2^16 ports).
Re:IPv6 sucks monkey bawls (Score:3, Insightful)
We already have a simple solution, IP4 with NAT. It works great.
I take it you've never had to program any application that needs peer to peer communications then?
Re:Why? (Score:3, Insightful)
In most of our lifetimes? Per Wikipedia:
The very large IPv6 address space supports a total of 2^128 (about 3.4×10^38) addresses--or approximately 5×10^28 (roughly 2^95) addresses for each of the roughly 6.5 billion (6.5×10^9) people alive in 2006. In a different perspective, this is 2^52 (about 4.5×10^15) addresses for every observable star in the known universe.
It will take way more than poor management to use up all those numbers in any timescale with meaning to a human life.
That quote from Wikipedia you pulled, is immediately followed by this:
"While these numbers are impressive, it was not the intent of the designers of the IPv6 address space to assure geographical saturation with usable addresses. Rather, the longer addresses allow a better, systematic, hierarchical allocation of addresses and efficient route aggregation."
If we could arbitrarily ignore the network structure and special ranges assigned in IPv4, we have 4.2 billion possible IP numbers (2^32). Do we have 4 billion computers on the Internet? No. Do we have IPv4 shortage? Yes. In fact we had IPv4 shortage even back in the early 90-s when Internet was far from being mainstream yet (which prompted the jump from classful network to CIDR).
Re:Why? (Score:3, Insightful)
You haven't met my managers.