UK ISP PlusNet Testing Carrier-Grade NAT Instead of IPv6 445
judgecorp writes "Faced with the shortage of IPv4 addresses and the failure of IPv6 to take off, British ISP PlusNet is testing carrier-grade network address translation CG-NAT, where potentially all the ISP's customers could be sharing one IP address, through a gateway. The move is controversial as it could make some Internet services fail, but PlusNet says it is inevitable, and only a test at this stage."
Regarding the failure of IPv6, these graphs imply otherwise.
I recall MxStream (Score:4, Interesting)
Re:I recall MxStream (Score:5, Insightful)
This may be a feature and not a bug to these ISPs.
The business has changed. They are probably fine with screwing up incoming services. They can charge to fix what they screwed up by using NAT.
Re:I recall MxStream (Score:5, Insightful)
Consumer grade network connections do not run servers.
A far bigger problem is that a lot of internet services these days use IP-based blocks as the final "brute force" version of "you are abusing the service, go away". It would really suck to be under an ISP that shows every customer coming from a single IP. You'd find yourself banned from all kinds of random places as soon as someone using the same ISP decides to be an idiot.
Re: (Score:2)
Re:I recall MxStream (Score:5, Insightful)
That will be a problem of the ISP then, if their customers can't use legitimate services because the ISP can't differentiate between the culprit and the innocent customers, the ISP has a problem. The ISP then has to have either a very good customer management which allows to disconnect culprits very fast without too many false positives, or the ISP has to introduce some kind of class ips, where the customers without complains share the "good ip", and customers with some bad stains get degraded to other, partly blacklisted IPs.
Do you really think any ISPs are going to take on these kinds of responsibilities? You're expecting them to basically be moderators for every forum on the Internet. Aside from the fact that they *shouldn't* be doing this (they should be dumb pipes), they also don't *want* to do this because it's logistically impossible and would open them up to potential legal liability.
Re: (Score:3)
Re: (Score:2)
Re: (Score:3)
Big Dumb Pipe (Score:5, Interesting)
Re:I recall MxStream (Score:4, Interesting)
> That will be a problem of the ISP then
What a wonderfully-naive view of the internet. As we all know, consumers in Britain and America have bountiful high-speed low-latency broadband choices within a healthy, competitive marketplace. We have cable OR dsl... maybe cable AND dsl if we're incredibly lucky, and... er...um...
Ok, right then. We're fucked.
Cellular data has low caps and rapidly gets expensive if you're allowed to exceed them without getting throttled to sub-dialup speeds. Satellite data has insane latency, and *insidious* caps whose throttling kicks in at thresholds that aren't necessarily transparent or obvious from the marketing literature. Fiber to the home barely exists, and with the exception of Google in Kansas City, is still the exclusive fiefdom of basically one incumbent large corporation with its own agenda that's vehemently opposed to network neutrality. And those incumbent carriers have all done their best to bribe/buy/bully state officials into passing laws making it illegal for communities (or even existing neighborhoods) to take matters into their own hands, leapfrog over those incumbent carriers, and lay their own open-access fiber *anyway*.
Re: (Score:2)
depends which part of America.
In the U.S., around 40% have no broadband access [foxnews.com]. There was also a resurgence of dial up users [foxnews.com] because of the economy.
Re: (Score:2)
the customers without complains share the "good ip", and customers with some bad stains get degraded to other, partly blacklisted IPs.
You fascist! I'm sending a complaint to your ISP!
Comment removed (Score:4, Insightful)
Re:I recall MxStream (Score:5, Insightful)
Yes they do, pretty regularly. Ever played a multiplayer game?
Graham's hierarchy (Score:3)
X-Forwarded-For: (Score:2)
A far bigger problem is that a lot of internet services these days use IP-based blocks as the final "brute force" version of "you are abusing the service, go away". It would really suck to be under an ISP that shows every customer coming from a single IP.
That's what X-Forwarded-For: [wikipedia.org] and agreements with ISPs are for. See, for example, Wikimedia's implementation of X-Forwarded-For: [wikimedia.org].
Re: (Score:3)
It would really suck to be under an ISP that shows every customer coming from a single IP
not necessarily.... I'm waiting for the RIAA to come down hard against this carrier-grade NAT concept... Maybe someone should tell them they're trying to sneak this pirates free-pass in... :-)
Re: (Score:2)
EULA of almost every major ISP here in America for a non-business class connection.
You read it yourself. I'm not going to be bothered to hunt down the ToS/EULA for every US ISP.
Re:I recall MxStream (Score:4, Interesting)
NAT has implications for the peer-to-peer nature of the Internet.
For a lot of organizations, that's a bonus. If you don't trust the outside network, you certainly don't want to peer arbitrarily with them, and certainly not at any outside machine's initiative. With NAT, an outside system can't initiate connectivity with any machine inside the NAT boundary without some kind of prior arrangement, so no open-ended network scanning.
If you treat the Internet as a big happy cloud of egalitarian peers collaborating at will, NAT sucks. If you treat the Internet as a bad neighborhood, which you have no way of avoiding between your house and the mall, NAT is the gated neighborhood you live in to keep the unsavory inhabitants of that bad neighborhood away from your pristine lawn and Lexus in the driveway. And people choose gated neighborhoods, and NAT, for that precise reason: separation and protection from the riff-raff, the panhandlers, the burglars and the car thieves, the Jehovah's Witnesses. Mostly the JWs, I think.
Re:I recall MxStream (Score:4, Informative)
NAT has implications for the peer-to-peer nature of the Internet.
For a lot of organizations, that's a bonus. If you don't trust the outside network, you certainly don't want to peer arbitrarily with them, and certainly not at any outside machine's initiative. With NAT, an outside system can't initiate connectivity with any machine inside the NAT boundary without some kind of prior arrangement, so no open-ended network scanning.
That's what firewalls are for, not NAT. Please stop confusing the two.
Three birds with one stone (Score:5, Interesting)
That's what firewalls are for, not NAT. Please stop confusing the two.
But they're not entirely orthogonal, as NAT imposes a firewall by default. It takes down three birds with one stone, namely delaying the effects of IPv4 depletion until an IPv6 rollout can be afforded, firewalling out those assumed to be unsavory, and upselling business class connections to home-based businesses. How would NAT be implemented without a firewall?
Re: (Score:3)
How would NAT be implemented without a firewall?
We should probably stop using the term "firewall" for anything that is not a filtering appliance. It means less and less all the time. We know what IP filters are, let's call them that. Anything with ACLs is a firewall, most firewalls are also lots of other things these days, minimally including VPN appliances...
NAT thus requires a router, with NAT capabilities. You don't have to actually do any deliberate filtering. And yet, as you say, you do gain some of the benefits of firewalls for those clients on the
Re:Three birds with one stone (Score:5, Insightful)
This is actually not true. Most NATs can be penetrated from the outside; they have to be able to be penetrated, or things like Skype don't work. Pretty much any UDP-based protocol requires that the NAT open holes. So the notion that NAT == Firewall is utterly incorrect, and in fact the feeling of security that you apparently have based on this misconception is likely to cause you harm in the future.
Re: (Score:2)
Re: (Score:3)
Re: (Score:3)
That's the inherent problem with NAT... and CGN in particular. Unless you punch holes in a NAT, the Internet breaks for any end-to-end communication. You can only punch holes in a NAT when you administrate the NAT.
But this is Carrier-Grade NAT.... ie, the NAT is not at the consumer level, but at the ISP level. Can you imagine the nightmarish logistics of having all of the ISP's customers be able to individually punch holes in it for their own applications on a NAT that they don't even actually own?
Re: (Score:2)
To invite someone who's not quite unsavory (Score:3)
NAT is the gated neighborhood you live in to keep the unsavory inhabitants of that bad neighborhood away from your pristine lawn and Lexus in the driveway.
So how should a resident invite someone who's not quite unsavory? For example, to use your example of Jehovah's Witnesses, I study the Bible weekly with one of them. If my neighborhood were to adopt a firewall with a "JWs keep out" policy, I'd be pretty disappointed.
Re: (Score:2)
You and MickeyTheIdiot in this post http://tech.slashdot.org/comments.pl?sid=3386471&cid=42603673 [slashdot.org] are saying essentially the same thing, from two different perspectives.
But it basically boils down to this, for the most part, TPTB simply don't like the peer-to-peer nature of the internet, precisely because it is egalitarian and empowering.
By design, internet access really ought to be a utility, serviced, managed, and regulated just like electricity, POTS, natural gas, etc. For one simple reason, that's
Re:I recall MxStream (Score:4, Informative)
With NAT, an outside system can't initiate connectivity with any machine inside the NAT boundary without some kind of prior arrangement
That's untrue. Most consumer NAT routers (at least the ones I tested about 3 years ago - doubt its really changed) don't bother to include a stateful firewall and with appropriate ISP-side routing, will happilly let connections into the private network. What you need is a stateful firewall, not NAT - that will protect you, and also doesn't completely fuck up loads of protocols at the same time.
The depressing thing (other than idiots claiming that NAT is good for security) is that Plusnet *were* trialling IPv6, but pulled the plug on the trial last year. When I asked them a month or so ago, they informed me that they had no plans to roll out IPv6 at all. Time to switch to a competent ISP if you're with Plusnet, I suspect (EntaNet and AAISP both offer v6 connections over DSL).
Re:I recall MxStream (Score:4, Funny)
Sure they do... but you have to keep recasting it every few rounds because it expires.
Re: (Score:2)
No. Firewall != Router != Network Address Translater. But often all three functions sit in the same box.
Re: (Score:3)
Re: (Score:2)
Not true. The tighter you make the port set that the customer is assigned, the worse their network works. Most interesting web sites open dozens of connections at a time; each of these connections consumes a port. The fewer ports you have, the sooner you notice a problem with this. The more devices get added to the network, the quicker these problems surface. There is no fix for this other than IPv6.
The right way to approach the problem is to deploy an IPv6 network and then do lightweight port-sha
Not "instead of", but "in addition to" (Score:5, Insightful)
Dual-stack deployment with NAT'd IPv4 alongside with IPv6 is the only viable short-term option for consumer ISPs. You can't just cut off people from the IPv4 internet, you'd leave them with a pretty much useless internet connection.
Re: (Score:2)
You can also cut them off on ipv4 with cg nat (did you know the marketing name changed from c-nat to cgnat not because there's anything wrong with "carrier nat" as a name, but everyone was calling it "crappy nat" instead?)
Then the end users can all connect to ipv6 providers. Free tunnels from he.net, or maybe their game company. I think it would be interesting if every windows machine connected to steam lit up a ipv6 tunnel for game server purposes.
In the long run I agree it would be nice to provide ipv6
Re: (Score:2)
(did you know the marketing name changed from c-nat to cgnat not because there's anything wrong with "carrier nat" as a name, but everyone was calling it "crappy nat" instead?)
Crappy gnat sounds even better than crappy nat to me!
Re: (Score:3)
... You can't just cut off people from the IPv4 internet, you'd leave them with a pretty much useless internet connection.
Luckily, IPv6-only connections are becoming less useless every day.
Re: (Score:3)
Luckily, IPv6-only connections are becoming less useless every day.
Yep. I love browsing Slashdot at home with my IPv6 conn... oh wait.
Re: (Score:3)
Dual-stack deployment with NAT'd IPv4 alongside with IPv6 is the only viable short-term option for consumer ISPs.
NAT'd IPv4 alone is also a "viable" option :(.
From a quick search it seems plusnet have run an IPv6 trial in the past but are not currently offering any IPv6 service :/ Hopefully they fix that before they start rolling out ISP level NAT for real.
Re: (Score:2)
Depends on what proportion of customers actually use those applications, whether those are customers the ISP actually wants to keep and whether the customers have any other decent options.
Also remember ISPs don't have to put every user onto ISP level NAT, just a sufficiant propotion of them to allow for expansion.
Re:Not "instead of", but "in addition to" (Score:5, Interesting)
You are right.
I never really understood why we didn't just map all the IPv4 addresses to a IPv6 subset and provide a very simple rule to translate, say by adding all zeros or some other number to the IPv4 address to get its IPv6 one. Then start forcing the adoption of IPv6 by not accepting v4 traffic from the top down though the domain registration authorities and hosting providers. Get legal agreements from them to not route IPv4 traffic in exchange for IPv6 address assignments and allowing new domain registrations, force top level domain authorities to only support IPv6 going forward.
You want to keep your website available? You want your customers to see new domains? You need a IPv6 assignment because we won't route v4 traffic and DNS is going to give you an IPv6 address. ISP's would then be free to provide IPv4 connections, but only if they did the translation to IPv6 internally themselves, which would end up costing IPv4 customers more money and limiting what they can see.
Eventually, there would be enough pressure for the ISP's to push IPv6 down the food chain to the end user who will either pay more for IPv4 service, or upgrade to IPv6. Eventually there will be a tipping point and IPv6 will see universal acceptance.
The problem here is that nobody really has the necessary power to force IPv6 on the world.... So we will keep bumping along trying more and more incremental patches to IPv4. Eventually, you could be behind 20 NATs wondering why your SIPP/VOIP device won't make any calls...
Hey, how about we just put all of the adult content on IPv6 only addresses.... You know THAT would set a fire under things....
Re:Not "instead of", but "in addition to" (Score:5, Informative)
I never really understood why we didn't just map all the IPv4 addresses to a IPv6 subset and provide a very simple rule to translate, say by adding all zeros or some other number to the IPv4 address to get its IPv6 one.
Um....they did?
http://en.wikipedia.org/wiki/IPv6#IPv4-mapped_IPv6_addresses [wikipedia.org]
Re: (Score:2)
I doubt the ISPs will have a whole lot of luck getting their customers to all upgrade their home routers.
Considering that many areas only have one ISP, if people were told they have 1 year to buy an IPv6 enabled router or they will lose access to the internet, they will buy a new router. It might be the only good thing that comes out of ISP monopolies. Besides, don't a lot of non-techie people just rent a router from the ISP? Most techies will be full willing to replace their routers with IPv6 enabled ones even without coercion.
Re: (Score:2)
A lot of ISPs that are serious about IPv6 are just counting on attrition to solve this problem. As new customers are added, they get an IPv6 router. Old customers get a new router when they get tired of the problems with the old one. There's no rush.
Re: (Score:2)
Most provider sites can make the transition to IPv6 really easily. Chances are their colo facility already offers IPv6; all they have to do is turn it up. It's not trivial—you have to get the DNS right, and get the routing right—but it's pretty easy. Sites that have a harder transition are, by and large, already done with that transition. Google, Yahoo, Netflix, Akamai, all already have working IPv6 networks. If all you have is a web site with a shopping cart or a user forum, switching
inevitable? (Score:2)
why in the world is it inevitable? Inevitable because they want to keep holding off on newer technology? If I was with Plusnet I'd use this as a good reason to start looking elsewhere.
Re: (Score:2)
I suspect we will see virtually all ISP's converting to CG-NAT in the coming years, with an upgrade to an IPv6-capable circuit becoming an option shortly thereafter. Any customers who simply u
Re: (Score:2)
I can't speak to the customer owned routers, but for the modems, given how often my cablemodem dies on the RF side from lightning or "whatever" and how very long its been illegal to install anything but docsis 3.0 ipv6 compatible modems, I'm unimpressed. That was a pretty good argument in '03 but its '13 now.
I also can't speak for the DSL users. Maybe they're stuck in the stone age, maybe they've also all been ipv6 compatible since the 00s.
Re: (Score:2)
right, so give customers the option to upgrade to something else - I never use a service that bundles a modem anyway. I'm currently using IPv4 as it's one of the 10 IPs my ISP assigned when I joined them.. I'm in no hurry to go the IPv6 route but it would not be a big issue to reassign another set of IPs and I would just migrate over. The netgear I bought in 2002 supported IPv6 (which I subsequently bricked with custom firmware *cough*) and yes it was a premium router at the time but if they are selling I
Re: (Score:2)
there is nothing stopping them keeping the current users on ipv4 and just adding an IPv6 layer... customer wouldn't need to exchange them
However, I had to laugh when you said upgrade the firmware on the router ... router manufacturers are kinda like cell phone providers when it comes to software updates.
They would much rather you bought a new product than fix/upgrade an older one
Re: (Score:2)
Because everyone sat on their hands for too long.
Afaict the plan was that everyone would get dual stack, then once IPv4 only hosts/services became negligable v6 only hosts and services could be introduced. Unfortunately it didn't work out that way. There was little immediate value in having IPv6 and as such most companies did not work on deploying it. As a result IPv4 addresses have pretty much run out while many services (including the website we are discussing this on) are still V4 only.
Therefore any grow
Am I reading that graph wrong? (Score:2)
Am I reading that graph wrong?
What I see is less than 11% of the thousand most popular sites has adopted IPv6
Either that or we seem to be using different definitions for the word "failure".
Re: (Score:3)
I'd imagine the hundred most popular sites account for the vast majority of internet traffic. So it really depends where in the list of 1,000 sites that 11% is. I wonder if folk would feel differently if the ISP in question were to offer an unrestricted ipv6 connection or NAT based ipv4 at the customer's choice?
If a country the size of the UK were to set a switchover date and move to ipv6, the vast majority of English language si
Re:Am I reading that graph wrong? (Score:5, Informative)
Google reports about 1% of their traffic is IPv6. That's probably a better estimate of IPv6 deployment.
Re: (Score:2)
What matters is not that every site adopt IPv6, but that enough sites adopt it that having an IPv6 connection gets you useful value. We are already at that point—you can do all your google stuff over IPv6. You can do all your yahoo stuff over IPv6. You can do all your netflix stuff over IPv6. Facebook is fine over IPv6. If you had a v6-only connection, yes, you'd have trouble getting to the long tail. But most of your packets would go over IPv6.
Re: (Score:2)
Just recently an IPv6 proponent sent me a chart showing IPv6 traffic growing from 0.25% to 1% of the Internet in a year as proof of its "impending success" and "rapid adoption".
In the unlikely even that 400% annual growth continues, get back to us in four years when ipv6 is 256% of the internet.
Re: (Score:3)
Just recently an IPv6 proponent sent me a chart showing IPv6 traffic growing from 0.25% to 1% of the Internet in a year as proof of its "impending success" and "rapid adoption".
Let's invent IPv8 and setup a single server and client; the rate of adoption will be 1.#INF within it's first year!
Re: (Score:2)
The technological version of "it moved, I swear, I saw it move, don't unplug the machines just yet!"
I don't think that's it. I think it's more like, "God dammit, you assholes, get moving or you're going to fuck us all over!" Or what, really, do you suppose our other option is? We're running out of addresses. NAT isn't an alternative.
Really instead of ? (Score:2, Insightful)
I highly doubt it makes sense for plusnet to do this "instead" of IPv6, but it does make sense to do this "as well" as IPv6.
I see the transition involving something like these 5 steps.
1.) Everyone needs IPv4, IPv6 is useless (no content).
2.) Everyone needs IPv4, IPv6 reduces the amount of IPv4 traffic you use.
3.) Most people still need IPv4, but IPv6 is most of the traffic.
4.) IPv4 is a niche requirement. Most normal users won't notice if they don't have it.
5.) IPv4 is Cobol and I come back and get a fat pa
Re:Really instead of ? (Score:5, Insightful)
Some of us did. All the computers and network equipment at my house has been ready for IPv6 for years. I am just waiting for my ISP to get with the program.
ISPs are the problem here. But with government-granted monopolies without regulation, they have no incentive to support IPv6.
Re:Really instead of ? (Score:4, Informative)
ISPs are the problem here.
Actually Windows 7 is also part of the problem and a step backwards. You see it has a buggy Teredo implementation leading to a ton of Teredo Ethernet adapters hanging on to their entries in the ipconfig tables. Some people report up to thousands of adapters. This has lead to various organizations disabling the IPv6 stack in their Windows network configuration.
Re: (Score:2)
ISPs could support IPv6 and let users disable it at the modem.
Re: (Score:2)
All the computers and network equipment at my house has been ready for IPv6 for years. I am just waiting for my ISP to get with the program.
Get a free ipv6 tunnel, like I did... more than a decade ago.
Once it works, its actually pretty boring. It has gotten easier over the past decade or two.
Re: (Score:2)
Some of us did.
But many more did not and it wasn't just ISPs. There is plenty of blame to go arround.
MS added IPv6 support in windows XP but didn't enable it by default until windows vista (which was a flop for other reasons) so there are still lots of machines arround that even if placed on a dual stack network will not get IPv6 access by default.
Home router vendors didn't add IPv6 support until pretty recently and even when they did it was often only half baked.
Vendors of serious routers often made products with half ba
Re: (Score:2)
ISPs are the problem here. But with government-granted monopolies without regulation, they have no incentive to support IPv6.
Yep. I'm on Comcast. You know, the US ISP that made a big deal about supporting IPv6, including making dumb posters about it [comcast6.net]? I've got an IPv6 capable device serving as a router/IPv4 NAT. I upgraded my cable modem so that it's be able to do IPv6. Let's see what IPv6 addresses were assigned to me by Comcast...
That'd be none. Still. Because IPv6 hasn't rolled out in my area yet. Or maybe it hasn't rolled out for the particular cable modem I have, I'm not sure. Who knows, because Comcast sure isn't making it c
Re: (Score:2)
5.) IPv4 is Cobol and I come back and get a fat paycheque because I still remember how it works.
Step 5 is that IPv4 is one of the most common IP versions in business environments and plenty of people will still be trained to use it?
Re: (Score:2)
5.) IPv4 is Cobol and I come back and get a fat paycheque because I still remember how it works.
Step 5 is that IPv4 is one of the most common IP versions in business environments and plenty of people will still be trained to use it?
Yeah like SNA/SDLC. My VTAM skills are not exactly in demand and are pretty rusty anyway. Or DECTALK. How bout Novell IPX/SPX? Classic Appletalk? Or my first home LAN tech, that being ye olde Arcnet? Although you could run ip over arcnet and that was my plan using early linux. I would imagine recent linux kernels no longer support the arcnet card (there was only like one implementation for arcnet as I recall) A pity I threw out all the weird arcnet coax a decade or so ago, I believe it was something
Fastweb Italian Provider (Score:3)
The Italian provider Fastweb (pioneer of optical fiber connections in Italy) has been doing it for ages, technically since the very beginning of its business.
The main drawback for it's customers has been with P2P programs, as direct peer-to-peer connections do not work well with NAT. As the Fastweb customers are not NATed with respect to each other, some of them even developed a special version of aMule (the most common P2P network at that time) called "adunanza" that would work inside the ISP-level network. Bittorrent is somehow less sensitive to the NAT problem, hence an "adunanza" torrent client was never developed.
I suspect this may actually be a strong motive behind such a silly ISP choice: reduce the exposition of P2Ping customers to the outside world. If the aim is to reduce P2P or just to hide it from the mayor's private police, it's hard to tell.
Re: (Score:3)
Fastweb is opening up its network. Residential customers with new routers have a public IPv4 address and can open ports on the router (but not port 5000).
Too bad the new routers are not very good. Other customers and I are experiencing weak WiFi signal and lot of lag over WiFi between devices inside the home network (wire is fast). That's ok for browsing with a phone but I'm also experiencing problems handling concurrent connections: even a 2 Mb/s data stream (video streaming, a backup, etc) seems to aff
This is just the beginning (Score:5, Informative)
Re: (Score:2)
Comcast is delivering IPv6 to end users now. Lots of ISPs in Europe are too. IPv6 deployment is growing in Asia. CGN is expensive and delivers really crappy service—tiling fails on Google maps, sites with lots of AJAX fail in mysterious ways, etc. CGN is the worst of all worlds, and ISPs that put all their eggs in that basket will shrink over time, even if they manage to avoid dying off completely.
My Rant.... (Score:5, Informative)
Re: (Score:2)
You must be new here. It doesn't even support "edit" which is breakthrough technology from the 1980s.
It's like a flashback to Unix ca. 1980 when you couldn't edit the command line if you made a mistake while typing a command.
Re: (Score:2)
You must be new here. It doesn't even support "edit" which is breakthrough technology from the 1980s.
It's like a flashback to Unix ca. 1980 when you couldn't edit the command line if you made a mistake while typing a command.
I think the lack of an edit feature is due to the way that moderation works. They don't want someone to get modded up, then edit their post to something a bit more trollish. While it would be nice to be able to fix typos, that is a handy feature. Though they could of course allow you to view the revision history.
Re: (Score:2)
Though they could of course allow you to view the revision history.... and severely punish your userid and IP if you ever replaced a +5 Insightful with spam.
Re:My Rant.... (Score:5, Insightful)
Edit should be supported until moderation or a reply occurs.
Re: (Score:2)
Re: (Score:3)
Re:My Rant.... (Score:5, Informative)
Forget IPV6 ... it doesn't have valid HTML [w3.org], valid CSS [w3.org] and looks terrible on mobile devices [fourteenminutes.com].
Re: (Score:2)
Doesn't properly support Unicode either. That's why you will regularly see garbage if you copy and paste content that contains characters like a British pound symbol.
Re: (Score:2)
Worst rant ever (Score:4, Funny)
Re: (Score:2)
How the hell does slashdot.org not support IPV6, I thought this was a tech website?
IPV6 is great in theory, but it's solving a problem that does not exist. When the internet was started, the idea was that every workstation would be on the internet. Once security became a concern, all those workstations ended up behind firewalls. With firewalls, there is no reason to not NAT. Since only the firewalls need be internet facing, the number of IPs drops drastically. Multiple web servers and web sites can share a single IP. There are people that think that they still need an internet facin
Re: (Score:2)
Mod parent down. The IP address shortage is real, and using NAT doesn't solve all the issues.
As this ISP will soon find out.
Re: (Score:2)
The more services run on the same IP addresses, the fewer ports are available for each service. Address sharing is great for small sites that have few hits per day, but is useless for large sites, where a single domain will actually have more outstanding connections than can even be supported by a single network node.
Re: (Score:3)
IPV6 is great in theory, but it's solving a problem that does not exist. When the internet was started, the idea was that every workstation would be on the internet. Once security became a concern, all those workstations ended up behind firewalls. With firewalls, there is no reason to not NAT.
Doing away with ALGs makes the system more secure than restricted cone NAT.
Since only the firewalls need be internet facing, the number of IPs drops drastically.
It is still much less than the number of people on this planet. I believe each and everyone one of them with network access should have the opportunity to be individually addressed if thats what they want.
Multiple web servers and web sites can share a single IP.
Or we can bite the bullet and dispense with all of these shitty hacks that suck, dramatically increase complexity, incur security and accountability problems, don't scale and require permission/coordination from the ISP. Native IP
Re: (Score:2)
SSL requires unique IP addresses on webservers. More sites use SSL.
Actually, Server Name Indication allows multiple SSL servers behind a single IP, though support for it is slightly lacking, e.g. No version of IE on XP supports it, nor does the Blackberry browser or Android's stock browser prior to Honeycomb.
Re: (Score:2)
How the hell does slashdot.org not support IPV6, ...
In a way, it does seem hypocritical: Slashdotters regularly complaining about IPv6 not being adopted quickly enough, while the Slashdot site itself is still not available via IPv6 despite carrying such reports for over a decade.
However, the problem may have at least as much to do with their hosting provider, Savvis, which AFAIK still does not offer their customers native IPv6 support. Of course, Slashdot could decide to set up an IPv6-over-IPv4 tunnel instead, but the traffic involved would probably be s
ipv6 (Score:3)
failure if IPV6 = We don't want to spend money helping our customer.
wtf (Score:2)
IP Theft from IP... (Score:5, Interesting)
I hope, for their sake, that they are a small ISP (Score:2)
Because otherwise, they will just end up running out of ports when they have a larger number of people simultaneously using their services.
Quite quickly too.
This plan is so colossally doomed to fail that I have no words for it.
Where can I buy the popcorn? This is gonna be funny as hell to watch.
Re: (Score:2)
I can think of some words.
failure? (Score:3)
Carrier Grade NAT.... (Score:2)
Its that like Military grade NAT and Combat ready NAT?
The NAT I use is the SAME NAT that they use. There is no such thing as "Carrier Grade" NAT.
Should be noted (Score:3)
Where BT test on PlusNet then likely everything else BT will follow
This will screw up VPNs - probably (Score:2)
In my area the 4G Verizon WWAN devices are doing this. It screws with VPNs big time. It connects you to verizon on an internal IP and then verizon NATs you the web content through their system.
The WWAN dongles can connect to the 3G service and then you're fine, that still works the "old fashioned" way.
This is fine for Bubba lookin at boats on craigslist or grandma getting emailed pics of little Johnny, but if you are in that 1% of non-typical use, whoops.
Re: (Score:3)
Re: (Score:3)
Whats the worm traffic (ssh and other) on the IPv6 internet?
According to the network administrators I've spoken to (admittedly a biased sample), almost all the malware traffic they're seeing is over IPv4. They say they'll deal with IPv6 malware when it appears.