Major 'Net Players Mulling IPv6 Whitelist 158
netbuzz writes "From this week's IETF meeting in Anaheim comes word that leading Web content providers are talking about creating a shared list of customers who can access their Web sites via IPv6. The DNS Whitelist for IPv6 would be used to serve content to these IP addresses via IPv6 rather than through IPv4. David Temkin, network engineering manager with Netflix, says: 'We're looking into the same service that Google has, where we will try to track what connectivity the user has. We're in discussions with Google, Yahoo, Netflix and Microsoft to see whether it makes sense to have a shared, open source DNS whitelist service.' ISPs are not wild about the idea."
Re:yeah also if you unplug your modem and forget.. (Score:4, Informative)
Seriously, whitelisting just because people smart enough to set up a tunnel forget that it doesn't work any more?
Huh? What the hell are you talking about? The reason this whitelist is necessary is because many people are victims of routers that send out v6 router advertisements despite not having v6 connectivity, or are on a network that claims to have v6 connectivity, but that connectivity as actually broken. As a result, these people get v6 IPs, and then when software tries to connect to websites that advertise AAAA records, they get long delays while their browser times out attempting to connect over v6, at which point it falls back to v4.
Hell, all you have to do is Google for "ubuntu disable IPv6" to see how many people are suffering with this problem.
So, please, quit being a paranoid jackass. There are *very* good reasons to set up this whitelist, and TBH, I think it may be the only way to start getting sites to advertise AAAA records (right now they don't because they're afraid of impacting the user experience due to this very issue).
Re:I'm sure they have a reason for it... (Score:4, Informative)
The real 'island' problem is that IPv6 routing is kind of a mess. If you're on the east coast of North America and want to connect to western Europe, depending on who your provider is it may well decide to send all of your traffic through Korea, if it even makes it to your target at all. I imagine that's a problem that will solve itself as more routes come online.
It's actually worse than that. Currently many people have routers at home that send out v6 router advertisements despite not actually having IPv6 connectivity. The result is that many people end up with v6 addresses, and when those machines then try to connect to websites that advertise AAAA records, they end up with long delays as the browser first attempts a v6 connection, times out, and falls back to v4.
Honestly, try googling for "Ubuntu disable ipv6" some time... it's amazing how many people are struggling with this issue. Which is why so many sites are reluctant to roll out v6 connectivity and AAAA records (even Google doesn't do external AAAA resolution unless your ISP has arranged a special agreement with Google which guarantees proper v6 connectivity (luckily Hurricane Electric has such an agreement, so as long as I use their DNS servers, I get v6 connectivity to all of Google's services)).
Re:Nice Try but... (Score:3, Informative)
Comcast is doing an IPv6 trial right now [comcast6.net]. Freenet in France has had IPv6 running using 6RD for quite a long time now. You can get IPv6 tunnels from Hurricane Internet [he.net] and Sixxs [sixxs.net]. If you are interested in IPv6, go start using it. Don't just sit there on your (no doubt svelte) ass! :')
Re:DNS (AAAA and PTR -record) syntax, why? (Score:3, Informative)
But why is the PTR so damn verbose?
Delegation without a hack like RFC 2317.
Re:Nice Try but... (Score:3, Informative)
Indeed! After the recent 1.3 release of m0n0wall, which now supports v6, I rolled out v6 on my home network using Hurricane Electric as my tunnel broker. It was dead easy to set up and works extremely well (particularly when combined with a AAAA-capable free DNS hosting service like Afraid.org... goodbye dynamic DNS, it was great knowing ya). Though I did have to manually set up a script to update HE when my v4 IP changes...
Meanwhile, on the road, I just fire up Miredo (a Teredo tunnel client for Linux and presumably other Unixes), and voila, I get v6 connectivity that I can use to access my home network.
Re:The issue is metadata (Score:4, Informative)
How do you get on this whitelist?
*You* don't get on the whitelist. Your ISP gets on the whitelist, by demonstrating they have functional v6 network connectivity. Once that's done, the ISP is added to the whitelist, and thereafter, any DNS records resolved using the ISPs DNS servers will include AAAA records from participating content providers.
For example, Hurricane Electric entered just this sort of agreement with Google. As such, anyone using HE's DNS servers get Google's AAAA records, and so because I use HE as my tunnel broker, I get access to Google via v6. However, Google knows nothing about me in particular.
Re:Not a "whitelist" (Score:3, Informative)
LOLFR, "globally unique MAC address"... riiight. No manufacturer has *ever* reused a MAC address... *snicker*
Not to mention a lot of NIC drivers let you specify your own MAC address.