Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
The Internet Networking Hardware Technology

Most IPv6-certified Home Network Gear Buggy 174

Julie188 writes "The University of New Hampshire InterOperability Lab held an IPv6 consumer electronics Plugfest on Feb. 14 and CableLabs has scheduled two more for this year. UNH is tight-lipped about the results, but the sad fact is that most home routers and DSL/cable modems certified as IPv6-compliant by the IPv6 Forum are so full of implementation bugs that they can't be used by ISPs for IPv6 field trials. And that's not helping the Internet have a smooth, fast transition to IPv6. Though OpenWRT and DD-WRT solve the problem, ISPs point out that requiring the average consumer to upgrade their own firmware, because the manufacturer can't do IPv6 right, isn't a practical solution."
This discussion has been archived. No new comments can be posted.

Most IPv6-certified Home Network Gear Buggy

Comments Filter:
  • by oracleguy01 ( 1381327 ) on Friday March 04, 2011 @07:00PM (#35385570)
    From TFA:

    However, Cisco isn't sure yet if routers bought prior to 2011 will get IPv6. "We are currently looking into which 'legacy' Linksys product can support IPv6. (There are many things that influence us being able to do it -- including if there is enough memory, as well as other factors.) The engineer teams are working on that," the spokesperson said.

    I would be shocked if they offered firmware upgrades for old hardware to add IPv6 support even if the hardware could do it. It seems more likely they and others will use it as an excuse to obsolete a ton of old hardware and force people to buy new stuff.

    • I would be shocked if Cisco ever produces a Linksys router that is worth the money, IPv6 or not. The hundreds I've seen in the field are so unreliable that I'd never buy one, and I replace one or two more every week. Linksys is the reason I carry two Netgear or Dlink wireless routers in the car.
      Sure, I do see other brands fail after a year or two, but I've seen more brand new defective Linksys routers than I have Netgear routers that dies of old age.
      • by interkin3tic ( 1469267 ) on Friday March 04, 2011 @07:40PM (#35385786)

        Sure, I do see other brands fail after a year or two, but I've seen more brand new defective Linksys routers than I have Netgear routers that dies of old age.

        Obviously Cisco is tackling the IPv6 problem proactively: make IPv4 routers with very short half life, so when we to switch to IPv6, the number of people who need to buy a new router will be only slightly higher than normal!

      • by Anonymous Coward on Friday March 04, 2011 @07:50PM (#35385836)

        Some of their models might suck, but their WRT54GL line has been pretty awesome. We've probably sent out a few hundred ourselves, and a half dozen failures a year would be a bad year. Uptimes with third party firmware like DDWRT or Tomato are pretty much "since the last power failure". We replaced one that was on battery backup to upgrade to 802.11n, and the uptime before disconnecting it was over 600 days.

        Netgear's pretty good too, but D-Link? They couldn't code a DHCP server to save their lives.

        • by AmiMoJo ( 196126 )

          Buffalo use DD-WRT with a custom interface (more of a skin but with some re-wording and support for features popular in Japan like game console and one button setup support). In fact some of their models officially support vanilla DD-WRT.

          They are most popular in Japan, not least because they were some of the first to support routing at close to 100Mb for fibre connections. The packaging actually had "98.6Mb" in big letters on it. Now they offer gigabit too, although the routing capability isn't up to 1000Mb

      • I've always had good luck with Linksys reliability and stability - I recently upgraded from my antique BEFSX41 to a newer model that had 802.11n support,and they're fine. (Of course, when I finally got around to looking at how to configure IPv6, and found that the answer was "folks on the net say it supports DD-WRT", I was much less happy :-)

        By contrast, while I've always really liked Netgear's Layer 2 switches, the one Netgear router I bought (which did 802.11b) was a cretinous piece of junk, and I haven'

        • Linksys is part of CISCO
      • by wagnerrp ( 1305589 ) on Friday March 04, 2011 @08:16PM (#35386002)

        Sure, I do see other brands fail after a year or two, but I've seen more brand new defective Linksys routers than I have Netgear routers that dies of old age.

        I've got a WRT54GS, a WRT54GL, and a WRT54Gv8 scattered around my house acting as dumb access points. The oldest is probably seven years old. Once configured, I haven't had to touch any of them. Meanwhile, my pair of Netgear gigabit switches are awful. I've replaced them each twice. Good thing they have a lifetime warranty. I get some issue where they will just start flooding the network with traffic, preventing anything from getting through, and requiring a power cycling. The 24-port Netgear switches at work have the same exact behavior. The only thing I can think of is some sort of STP failure.

      • Comment removed (Score:5, Insightful)

        by account_deleted ( 4530225 ) on Friday March 04, 2011 @09:16PM (#35386288)
        Comment removed based on user account deletion
    • by antdude ( 79039 )

      How often third party firmwares like with Linksys WRT54GL?

    • For hardware that supports it, why not sell an upgraded IPv6-ready version of the firmware for like $10-20 (with free updates for 2 years or something)?

      I, for one, don't expect free updates forever (if I just bought the router within one year of the IPv6 firmware version being released, I might expect a free upgrade, but further back than that, I could reasonably see buying the upgrade.

      I would think that, without needing to manufacture or ship any new hardware, that $10-20 would give them almost as much pro

      • by jimicus ( 737525 )

        So - what, ISPs will write to their customers saying "You'll need to upgrade your router. A firmware upgrade may be available cheaply or even free, check with the manufacturer's website"?

        How many routers do you think actually get firmware upgrades in the field? I'd be surprised if it was 10%.

    • by Myria ( 562655 ) on Friday March 04, 2011 @10:21PM (#35386490)

      In Windows Vista and 7, if DNS resolves the name "isatap", Windows will automatically try to acquire an IPv6 prefix using an IPv4 tunnel to the ISATAP server, and use that server to route all your IPv6 traffic. Windows XP SP1+ will as well, once you enable IPv6.

      When an ISP implements IPv6, why can't they also add an ISATAP server? With ISATAP, customers with IPv4 routers will have computers that notice the ISP's IPv6 router and start using it through their IPv4 NAT router automatically.

      Cisco could implement ISATAP into their routers so that ISPs' internal routers could provide the ISATAP interface, which would be better than a normal machine being a single point of failure. Is this an ISATAP packet destined for the fake IP address we set up as the isatap DNS result? Yes. Let's translate this packet to IPv6 and send it on its way.

      Since this is effectively bypassing the customer's IPv4 router's pseudo-security inherently present in NAT, the ISP could have a policy that those using ISATAP as opposed to an IPv6-capable router will have incoming IPv6 traffic blocked, to maintain the status quo in security.

      Sometimes, I feel like this transition process is being handled the wrong way, and that there are much easier solutions to these seemingly difficult migration problems.

      • you assume that the consumer has a IPv4 address to tunnel over - this assumption may not hold true shortly in the future.

  • Looks familiar (Score:5, Interesting)

    by 93 Escort Wagon ( 326346 ) on Friday March 04, 2011 @07:04PM (#35385594)

    Okay, this may be a new article on the subject - but it's repeating exactly the same thing we've talked about ad nauseum before.

    Apple's routers are fine with regard to IPv6, and D-Link's routers are fine as well; it's just that, once again, the reporter says "most home routers" instead of using the brand name Cisco.

    Wait - is this actually a new article?

    • Didn't read past the first page, I guess:

      "With the exception of some products by D-Link and Apple's AirPort Express and AirPort Extreme, none of today's CPE can operate using IPv6 well enough for a field test trial, Bulk says."

      Also, even the high points of Apple and D-Link have gaps in their best models and many models that are still very broken. IIRC, only one of the D-Link (the newest one) includes a stateful firewall and older models probably won't ever because of memory limitations.

      http://www.getipv6.i [getipv6.info]

    • by makomk ( 752139 )

      Apple's routers are fine with regard to IPv6, and D-Link's routers are fine as well; it's just that, once again, the reporter says "most home routers" instead of using the brand name Cisco.

      Not just Cisco; pretty much all consumer routers except Apple's AirPort and a couple of models of D-Link router (out of the dozens of different models they currently sell) completely fail to support IPv6. That's what, 3 models total? As a consumer, unless you went to a specific effort to buy a router that supports IPv6 chances are yours doesn't.

      What's more, none of these routers have integrated ADSL modems, which means that most broadband providers can't usefully supply them bundled with their service - and

  • by blair1q ( 305137 ) on Friday March 04, 2011 @07:07PM (#35385612) Journal

    I read this as

    "Most (adjective) Gear Buggy"

  • by Anonymous Coward on Friday March 04, 2011 @07:10PM (#35385630)

    If we had known years ago that we needed to switch to IPv6 we could have tested and then fixed these bugs with firmware updates!

  • The exceptions (Score:4, Interesting)

    by CharlyFoxtrot ( 1607527 ) on Friday March 04, 2011 @07:11PM (#35385632)

    "With the exception of some products by D-Link and Apple's AirPort Express and AirPort Extreme, none of today's CPE can operate using IPv6 well enough for a field test trial, Bulk says."

    Which apparently makes Apple the only company to be ready for IPv6 across all of their current products.

    • Re:The exceptions (Score:4, Informative)

      by pushing-robot ( 1037830 ) on Friday March 04, 2011 @07:16PM (#35385662)

      And even their not-so-current products; all Apple routers have supported IPv6 since March 2008.

    • Re:The exceptions (Score:5, Informative)

      by Kizeh ( 71312 ) on Friday March 04, 2011 @08:48PM (#35386144)
      Too bad Apple has been entirely unwilling to address DHCPv6 for purposes of DNS information, which means that all of their products must have DNS servers configured by typing in their IPv6 addresses. (Yes, several other vendors suffer from the same issue) but I still suggest that disqualifies them form the "Ready for IPv6" badge of honor. See http://discussions.info.apple.com/thread.jspa?threadID=2607101&tstart=1 [apple.com], or most any education networking IPv6 discussion.
      • by Thinine ( 869482 )
        Lion fully supports DHCPv6 and other IPv6 broadcast technologies.
        • by Kizeh ( 71312 )
          Really? People on the NANOG list from late February claim the developer copies do not have it. Having Apple officially announce this would be awesome, can you provide a link or documentation?
  • The manufactures bother with custom firmware? Don't they make the money on the hardware? I can see it in the business world, where Cisco makes a fortune on charging for patches to their custom firmware, but in the home space you don't pay Cisco for a patch, you go buy a D-Link.
  • the simple thing to do would be to create a decent web interface to OpenWRT and DD-WRT that can be branded by people and then we would be in a better situation !
    most of them use linux anyway so it's simply that they dont know how to ship quality
    encourage them to use Open systems and not and they will

    infact was there not a competition to write a good web interface ?

    regards

    John Jones

    • The WNDR3700's default firmware is based on OpenWRT and Netgear (apparently) still managed to botch IPv6.

      Personally, I run my own OpenWRT build on mine and that works great, providing a he.net v6 tunnel for my entire LAN.

  • This "Internet" thing was getting out of hand anyway. Consumers will be happy to stay behind a safe and cheap NAT and everything else will be tightly controlled and expensive.

    Seriously, I can't see this being fixed in any clean and fussless way soon (or at all). All have been sitting on their hands far too long. It's pathetic, really.

    • by jmorris42 ( 1458 ) * <jmorris@[ ]u.org ['bea' in gap]> on Friday March 04, 2011 @07:37PM (#35385774)

      Ding! We have a winner.

      Where is the upside for a customer in caring about ipv6? Will they want to decloak when/if ipv6 becomes popular? OMG, my PC is broadcasting an IP address, of course I want your wonderful product to protect me! All ipv6 would do is get every Windows PC pwn3d twenty four hours after deployment and then everyone retreats behind a NAT and dynamic IP again, this time grafted onto ipv6. Or no ipv6 for end users. What is going to happen is that as addresses get tight the big ISPs will put residential users on 10/8 nets and double NAT just like they have been doing overseas for years and on mobile phones since day one. That will free up enough addresses for servers for the indefinite future. And end the open Internet as we have known it. P2P is over, end users consume content like they are supposed to and content producers produce content like they are supposed to. Or we implement IPv6 at a cost of billions in a down economy and uncork the P2P genie again along with untold new services once any host can reach any host as the Internet originally intended.. Put that way it is a real easy decision for the large players isn't it.

      • Or we implement IPv6 at a cost of billions in a down economy

        Because investing in infrastructure is certainly no way to get the economy moving again?

      • NAT needs a connection state tracker to work anyway (which forms the basis of a stateful firewall). Slap a stateful firewall on v6, no need for actual NAT, and you get better security without the drawbacks. As for dynamic IPs, every IPv6 customer gets at least 18,446,744,073,709,551,615 IPv6s to himself. It's pretty easy to make computers pick one at random. This alone makes IPv6 a lot more resistant to attack than IPv4, since IP netblock scanning becomes all but impossible.

      • by smash ( 1351 )
        I think you severely under estimate how long it would take to scan / malware install over the entire ipv6 address space...
        • by jmorris42 ( 1458 ) *

          > I think you severely under estimate how long it would take to scan / malware install over the entire ipv6 address space...

          To be so naive again.... they will adapt. Almost certainly before IPv6 spreads to average end points. Server logs will become the new hot item to steal. The webbugs in spam will be a rich trove of IP usage, etc. Then they will start hacking routers so they can see the traffic passing through. Huge lists of active addresses will pass around the underground. And remember, for th

      • Where is the upside for a customer in caring about ipv6? Will they want to decloak when/if ipv6 becomes popular? OMG, my PC is broadcasting an IP address, of course I want your wonderful product to protect me! All ipv6 would do is get every Windows PC pwn3d twenty four hours after deployment and then everyone retreats behind a NAT and dynamic IP again, this time grafted onto ipv6.

        How many times do we have to tell you people, NAT is not a security mechanism. All it does is translate packets from one address to another. All of these consumer NAT routers could just as easily become consumer stateful firewalls. Block all traffic unless originating from the internal physical network, or there is a specific rule to allow it. It's not hard. It's really functionally no different. You just lose those restrictions like not being able to run multiple servers on the same port, or not bein

        • by jmorris42 ( 1458 ) *

          You know all that tech stuff. I know all that tech stuff. Explain to typical cable modem customer why they should care enough to not only pay more or replace hardware but to agitate to get their cable company to implement IPv6. Reread what I wrote, that last part was cast as how a large ISP that is in the content business (as every cable provider and most DSL providers are) will be evaluating the decision. Spend billions on something customers don't realize a need for and cost your content side of the h

      • by MavEtJu ( 241979 )

        > All ipv6 would do is get every Windows PC pwn3d twenty four hours after deployment

        How will you get its IP address? Don't tell you are able to scan through 2^64 IP addresses within a reasonable time.

      • My cynical side has to agree. ISPs hate P2P technology - not only does it suck up network capacity and force them into expensive upgrades, but many of them are closely tied to content companies or distribution services too. Give them a chance to kill P2P through inaction, and I imagine a lot of them will be more than happy to sit back let it happen. No more piracy to reduce the demand for cable TV, no more VoIP to compete with their telephone services.
      • how many times do people have to be told that NAT is not a firewall.

        OK, in most people's minds "NAT" means "that box that provides a secure local network safe from the outside", when the reality is really "NAT is a packet router that usually comes bundled with a firewall that provides a secure local network safe from the outside". Think of the 'DMZ' or port forwarding options on in their NAT router to clarify.

        You can have the safe local network without NAT. If the IPv6 routers come with a firewall, configur

  • Seems no one tried a Fritz!Box 7390 or other current models.

    • by RichiH ( 749257 )

      Or a RouterBoard, for that matter.

      • There's a problem: your average tech can't even suspect Apple to be a "well known" IPv6 router maker ... see? IPv6 marketting was dead on arrival even for those who *deserve* to boast their early mastery.

        I never heard of RouterBoard or Fritz!Box 7390 at the local giant computer store, or Staples, Circuit City, Best Buy, Sears, or even RadioShack. I also paid $150 for a router with no physical* sign that it was fully compliant out of the box. *That* is still the problem: even *they* don't care that they *car

    • Seems no one tried a Fritz!Box 7390 or other current models.

      I don't believe it is sold outside of Europe. I suspect the routers tested were those available in the US market.

      As to the RouterBoard, mentioned by RichiH, I doubt that consists of an out-of-the-box solution for most people.

    • by Teun ( 17872 )
      I just installed a 7340, the 'light' version of the 7390 as offered by my ISP.

      There's a build in wizard that helps you with 2 or 3 clicks through the settings and it's up and running :)

      The past several months there have been quite a few problems with this modem's firmware and that's why I waited before changing out the 7170, things look OK now.
      But my main reasons to get it was for it's VDSL and the build in DECT base station.

    • I'm running a 7270 with the Lab firmware. The moment it came up it created an IPv6 tunnel before I had even configured it.

      It should be interesting to see whether it is able to skip that step entirely when my ISP finally rolls out V6 later this year, after 8 years of sticking their fingers in their ears and going "La la la" about IPv4 depletion. Now if only I can get my web hosts to stop doing that too...

  • ipv6 cpe survey (Score:4, Informative)

    by thanasakis ( 225405 ) on Friday March 04, 2011 @07:24PM (#35385708)

    Very thorough survey here [ripe.net].

  • OpenWrt makes you install the ipv6 packages yourself in the interest of keeping the base image small, after all almost nobody needs ipv6 currently. And I suspect Cisco/Linksys is right about the impact on the lower end of their range, even running OpenWrt. I'd have to see a Wrt54GL install the ipv6 packages and actually run under load to believe it. As for their current retail products running on half the ram? Not bloody likely. Me, I'm running a D-Link DIR-825 with 64MB of ram in it, I could probably load the OpenWRT ipv6 packages without a problem.... but AT&T has said word zero about support for IPv6 for residential DSL customers so I'm keeping the 1.3MB of remaining flash open for other stuff.

    • by adolf ( 21054 )

      I know it's a kludge, but:

      What about 6to4 with anycast?

      On my Uverse connection in Ohio, a traceroute to 192.88.99.1 is only 8 low-latency hops long (including my own router(s)). For me, it ends up in Chicago, and traverses only AT&T pipes.

      If I understand the concept correctly, it should operate similarly anywhere on AT&T's network. (I haven't tried, though, and likely won't until one of the Tomato firmwares grows GUI support for IPV6.)

      • by bbn ( 172659 ) <baldur.norddahl@gmail.com> on Friday March 04, 2011 @08:33PM (#35386090)

        What about 6to4 with anycast?

        The problem with 6to4 is that it is asymmetric. Your outgoing packets will be going through that 192.88.99.1 node you found by traceroute. But your return packets will be going through whatever gateway is closest to the IPv6 host you are accessing.

        This means that you will be using a lot of different gateways all around the world. And a lot of those are badly configured and give poor quality. One usual problem is badly configured MTU such that all larger packets do not make it through. Ping will work but any actual download fails.

        The 6rd protocol is a small tweak to 6to4 such that the return gateway is forced to be one operated by your ISP. This way the ISP can ensure it is working properly and give you a good experience.

  • Most of my substantial home machines run IPv6, as do my offsite machines, and I link them via Hurricane Electric tunnels. It's a mix of OSX 10.5 and 10.6, Solaris 10, Open Solaris and Solaris 11, with Apple basestations and such. It all "just works", to the point that once I got the DNS sorted out "ssh machine-in-next-room" goes via IPv6 by default, as does remote access to websites that offer IPv6 connectivity.

    But I guess Apple and Solaris isn't a typical "home" network...

    • But I guess Apple and Solaris isn't a typical "home" network...

      Substitute Solaris with NexentaStore, and it's no more unusual than mine, which includes Free and OpenBSD, Windows, and Linux. ;-)

      Still, the article is an interesting one in that it describes in fair detail what the issues are and makes it clear what everyone (ISPs, hardware manufacturers, consumers, etc.) is up against.

      Relying on Soekris boxes running FreeBSD, for example, may give me the right to a chuckle, or even be dismissive, but the gnash

    • by jmorris42 ( 1458 ) *

      And the benefit is? Bouncing all of your traffic around like that is just adding latency. Until there are resources only reachable by IPv6 most people aren't going to get interested enough for ISPs to offer it native.

      • by breser ( 16790 ) on Friday March 04, 2011 @11:00PM (#35386640) Homepage

        I don't know about the person you're responding too but I actually routinely get better latency via IPv6 tunneled via Hurricane Electric than IPv4 through my own ISP.

        Fact of the matter is that IPv6 should be slightly faster since the routers don't have to recalculate a CRC for every hop. HE has multiple tunnel broker servers around the world. So you can pick one close to your network and the only CRC latency you'll eat will be the hops between you and the tunnel broker site.

        Example:

        --- leguin.freenode.net ping6 statistics ---
        10 packets transmitted, 10 packets received, 0.0% packet loss
        round-trip min/avg/max/std-dev = 205.932/215.147/262.156/16.624 ms

        --- leguin.freenode.net ping statistics ---
        10 packets transmitted, 10 packets received, 0.0% packet loss
        round-trip min/avg/max/stddev = 280.228/329.908/374.605/31.503 ms

        And I just picked a random IPv6 host that I knew I could target the same machine via either network. I didn't dig around to find a machine that gave me better latency via IPv6 than IPv4.

        • by igb ( 28052 )
          For that testcase, my latency is (fractionally) worse over IPv6.
          --- leguin.freenode.net ping statistics ---
          4 packets transmitted, 4 packets received, 0.0% packet loss
          round-trip min/avg/max/stddev = 71.533/71.775/72.425/0.376 ms

          --- leguin.freenode.net ping6 statistics ---
          5 packets transmitted, 5 packets received, 0.0% packet loss
          round-trip min/avg/max/std-dev = 81.079/81.913/83.537/0.881 ms

          But more generally, I've seen cases where indeed it is lower.
      • by igb ( 28052 )
        In my case I have research interests in IPv6, so it's a testbed, and being able to see all my home network via a /64 is handy. But as breser says, I actually see comparable or better latency via HE as compared to via my own ISP.
  • I have little sympathy for the ISPs. No devices support IPv6 because there's no evidence that any of the networks for which they are intended has any plan for implementing IPv6 within the lifetime of the products. There are enough Apple routers out there to run a trial. What we need is the ISPs to turn on support, and a couple of intrepid web sites to put up attractive content. (An IPv6-only free porn site would be ideal.) Final debugging is going to occur only with real use, and you can't get real use if t
    • I basically agree with your sentiment, but you need to test more than just website. It would be good to do things like get IPv6-enabled versions of a some popular games (like the Quake/Doom/Wolfenstein games, CoD, Halo, etc), and IPv6 enabled builds of the game clients also (because, of course, IPv6 Server with no IPv6 client will have no audience). Maybe an IPv6-enabled VOIP/SIP server (let people make free calls in USA, Canada, or Europe, for example).

      Try to get as many different protocols as possible be

    • "(An IPv6-only free porn site would be ideal.)"

      One was actually tried, but AFAIK it collapsed due to a combination of repeated delays and licencing issues actually getting top-quality free porn legally. There's plenty of free porn on IPv4 already, so you need something people would pay for... and if people would pay for it, the studio isn't going to be too happy about giving it away for free. If you want to though, go ahead and set it up yourself. Servers arn't that expensive to rent, though you'll have t
  • Given that router manufacturers shipped buggy products...
    And given that the solution is a firmware update...
    And given that the companies best equipped to handle this are ISPs...
    And given that the products are implicitly warranted for fitness of merchantabilty...

    I propose that rather than a product recall or class action lawsuit, the manufacturers jointly agree that they will pay a fee to the ISPs for each firmware upgrade performed by their techs for the residential and home office markets. The techs can si

  • ...even if you left out "IPv6-certified".

  • "Most Home Network Gear Buggy"
  • I've just had a couple of days off work with a nasty virus, and even with my head full of cotton wool I had a play with setting my Netgear DG834 into "Modem only" mode (via the hidden page http://192.168.0.1/mode.htm [192.168.0.1]) and running RP-PPPoE [roaringpenguin.com] on my linux server. I managed to get it up running IPv4 pretty quickly. Now all I need to do is wait for my ISP to start supporting IPv6. Unlike Andrews and Arnold [aaisp.net.uk] who have been running IPv6 for ages, they don't think it will be a concern for some considerable time [zen.co.uk]. Don't

"jackpot: you may have an unneccessary change record" -- message from "diff"

Working...