Accelerating IPv6 Adoption With Proxy Servers

jgarzik writes "IPv6 presents a catch-22: the most popular web sites on the Internet don't have any incentive to switch to IPv6 until a large portion of their userbase is on IPv6, and their user base does not have a large incentive to switch to IPv6 until many of the popular Internet destinations support IPv6. My proposed solution is simple: Configure a proxy server that serves IPv6 requests, passing those requests through to underlying IPv4-only servers that not have yet been transitioned to IPv6. This article describes how to configure Apache's proxy server to fill this role, and suggests a few ideas for use."

Proxy server fun

[AKnightCowboy]

Make sure they're open to the public too. You don't want to be a stingy admin right? You should share your proxy server with the world.

Re:Proxy server fun

[rincebrain]

Yes. An open proxy server on a topic just mentioned by /.

I can't imagine that's abusable. I mean, nobody would embed ads in their IPv6 proxy if it became too popular, right?

Just a thought.

Re:Proxy server fun

[wirefarm]

>I mean, nobody would embed ads in their IPv6 proxy if it became too popular, right?

I use mine not only to convert to IPv6, but also to convert English measurements to Metric, Relational Databases to Object Databases and any text to Esperanto.

Re:Proxy server fun

[maxwell demon]

Bah, that's nothing. My proxy converts first posts on slashdot into insightful comments!

Re:Proxy server fun

[tolan-b]

Hey, cool! I speak Esperanto like a native!

So not at all then? :)

The opposite is already there..

[tbaggy]

This [sixxs.net] page/site already does it.

re: The opposite is already there

[zaxios]

From there [sixxs.net]:"

Why does this service exist?

There appears to be a chicken and egg problem in deploying IPv6; ISP's serving endusers don't want to do it yet because there isn't any need for it from their clients, Hosting companies don't do it yet because there isn't any demand yet either from clients... Thus, we made this gateway, which allows users who do have IPv6 to get to all the content in the IPv4 world. If you don't have IPv6 connectivity (yet) you can of course try the SixXS Tunnel Broker.

This is essentially the same observation and the same solution except that it focuses on getting ISPs (clients) to support IPv6 rather than servers.

Word of warning

[rimu guy]

By having an open proxy anyone can send/receive data via your proxy server (duh). There are implications: e.g. I've seen someone's server bandwidth being used to serve images in a spam (pr0n) email.

If you don't want people hiving off your bandwidth and potentially using your server's bandwidth for puposes you wouldn't normally approve of, then consider controlling your proxy access [apache.org].

--
Use your VPS proxy powers for the powers of good [rimuhosting.com]

Re:Word of warning

[sploo22]

Since you obviously didn't read the article, I should inform you that that's exactly what it recommended. The Apache proxy should be set to only handle requests for a specific site under the administrator's control.

But wait:

[Trejkaz]

Is it just me? I can't see any AAAA records for ipv6.org itself. I would have thought they would be the FIRST to change.

Re:But wait:

[LogicX]

> server hornyandconfused.com
Default Server: hornyandconfused.com
Address: 69.9.172.7

> set querytype=AAAA
> www.ipv6.org
Server: hornyandconfused.com
Address: 69.9.172.7

Non-authoritative answer:
Name: shake.stacken.kth.se
Address: 2001:6b0:1:ea:a00:20ff:fe8f:708f
Aliases: www.ipv6.org

Re:But wait:

[Trejkaz]

Right, yeah. I just noticed that they have them for www.ipv6.org. But I went to the site via ipv6.org... so... oh well. Guess I just wouldn't have got the AAAA records for that one even if I wanted to. :-)

Re:But wait:

[Trejkaz]

Okay, I'll answer my own question. They have them for www.ipv6.org, but not for ipv6.org itself.

Re:But wait:

[LogicX]

there's also no A record for ipv6.org itself also -- so boo; its not like they singled out AAAA
its just another one of those loony sites thats www. only; and not just the domain name.

Re:But wait:

[stoborrobots]

that's probably mostly because the www. is a CNAME to a swedish(?) uni...

$ dig www.ipv6.org any shake.stacken.kth.se any

; <<>> DiG 9.2.1 <<>> www.ipv6.org any shake.stacken.kth.se any
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63697
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3

;; QUESTION SECTION:
;www.ipv6.org. IN ANY

;; ANSWER SECTION:
www.ipv6.org. 3449 IN CNAME shake.stacken.kt

extra hop

[pythro]

An extra hop to go through on my web surfing adventure...NOT ON MY WATCH!

Re:extra hop

[MemoryAid]

An extra hop to go through on my web surfing adventure...NOT ON MY WATCH!

I don't even have internet on my mobile phone yet, let alone my watch. I bow to your uber-geekiness.

Most people don't care about IPv6

[Anonymous Coward]

IPv6 was primarily designed to solve a *problem*.

That problem was IPv4 address space exhaustion.

If the problem isn't hurting people on either side (client or server), then there is no reason for them to migrate to IPv6.

For people in certain heavy net using countries (such as Japan and S. Korea) which have received a smaller slice of the IPv4 pie, then there is more incentive to move; for the vast bulk of the world there is very little incentive to move to IPv6.

Re:Most people don't care about IPv6

[tokachu(k)]

The problem exists just as much in the U.S. as it does anywhere else in the world. For example...

Do you use NAT (a home router)?

Blame your IPv4-based ISP for not having enough address space for you.

Do you run a web-hosting company?

You probably know how expensive address space is.

Neither Japan nor South Korea had to use IPv6. They could've stuck IPv4 and NAT (something that rural broadband companies in the U.S. do, by the way), but they didn't. They chose to solve the problem rather than ignore it.

Re:Most people don't care about IPv6

[SillyNickName4me]

> Do you use NAT (a home router)?
> Blame your IPv4-based ISP for not having enough
> address space for you.

For most peopel NAT actually solves a problem instead of being one.

Yeah, for some people it would be nice to be able to have their toaster online and reachable through the internet as well, and lack of addresses can make that difficult, but most people do not have a big urge to do such things.

They do however have a problem with their computer and an unfiltered internet connection.

A router that does NAT happens to function as a pretty good ip filter with state-keeping that is extremely easy to configure.

> Do you run a web-hosting company?
> You probably know how expensive address space
> is.

Yep, sadly enough, IPv6 sounds more advanced, and thus will be more expensive. The people who market the stuff have absolute controll over the supply so can set a price as they like.

Re:Most people don't care about IPv6

[sirsnork]

Whilst your point is valid, it's not the biggest reason. NAT is so popular because it is EASY.
Without NAT you have to have a REAL router and you then have to setup a REAL router, telling it which IP's you have attached to each interface, probably some subnetting. You can bet your average user has no idea how to setup a real router, but with NAT they can just plug in and go

Re:Most people don't care about IPv6

[asdfghjklqwertyuiop]

A router that does NAT happens to function as a pretty good ip filter with state-keeping that is extremely easy to configure.

NAT does not filter anything. A firewall does. You probably already have a firewall, so taking away the NAT would not change the security of your network one bit.

Re:Most people don't care about IPv6

[drinkypoo]

While NAT doesn't filter anything, it does achieve the same result as blocking connections by default, because people will either be trying to access your external IP which will not result in a connection without an appropriate forwarded port, or they will be trying to access your internal IP which is not routable, and backbone routers drop source routed frames. In fact, so does linux, by default, IIRC. Hence, while it's not filtering, it might as well be.

Re:Most people don't care about IPv6

[asdfghjklqwertyuiop]

Your neighbors can route the non-routable addresses to your IP, but as I said before, if you drop source routed frames then that won't be an issue.

I'm not talking about source routing. I'm talking about plain old vanilla routing.

You've got two machines on one big network which from our perspective is an ethernet. Perhaps the underlying stuff is the cable cloud in your part of town.

One machine on this network is a router with public IP 172.30.0.2, not filtering anything. Behind this router is 10.0.0.0/

Re:Most people don't care about IPv6

[Anonymous Coward]

The flaw with that logic is that, in reality, NAT was designed to solve a completely different issue. Mainly, keeping private networks away from public networks, with connectivity only as specifically allowed on a specific ruleset. A firewall, in a sense, except it was never designed to "stop" or "drop" packets as one thinks of a firewall-- only deliver them from the outside, in. The firewall effect is a side benefit in and of itself.

With my ISP package, I get eight IPs. Eight! I'm only using five of

Re:Most people don't care about IPv6

[radish]

I use NAT because I want to. I could get extra IPs for all my computers no problem, but I like them being on non-routable private addresses.

Bzzzt. Wrong. My ISP Charges for IP addresses

[NotQuiteReal]

But the allow NAT devices.

Plus it is nice to be behind a firewall.

Re:Most people don't care about IPv6

[DAldredge]

There are just a few other reasons to switch to IPv6...

http://www.ipv6forum.org/navbar/events/birmingham0 0/presentations/YanickPouffary/sld025.htm [ipv6forum.org]

Also, from another site:

*
A powerful addressing scheme that makes possible the allocation of public addresses to every device inside home networks

*
A protocol specification more powerful thanks to the extension headers

*
Restore the end-to-end of the Internet and facilitate the peer-to-peer communications

*
Simple: Plug and Play (thanks to stateless autoconfiguration)

*
A larger range of services to propose to customers

*
Security is natively defined in the protocol

*
IP mobility optimized

*
Multicast mode easier to deploy

*
(For the ISP, routing process more efficient)

Re:Most people don't care about IPv6

[tftp]

Give it ten years at least. Cell companies can want all they wish, but it won't convince major telecoms (who are a distinct entity from cell companies even if under the same corporate umbrella) to shell out billions of dollars on upgrades for no increase in revenue. TV over IP is in the same boat, they won't pay for the routers. I, as a customer, won't pay either, that's for sure - because neither me, nor any of my friends need IPv6. It has benefits that are of no interest to us, and it has disadvantages

Re:Most people don't care about IPv6

[LoveMuscle]

Bulllarky about the major telecoms.. I work for a major hardware supplier (we make the MSM's that go into most CDMA cellphones), and I am specifically working on implementing IPv6 in our software. It is the major telecoms that are pushing us to do it, not the other way around. (One starts with a V... the other starts with an S..)

They want to start rolling out services that will require full time IP connectivity to EVERY phone. If you start doing the math thats a major chunk of the IPv4 address space.

Re:Most people don't care about IPv6

[Izago909]

What happens when ISPs start running ethernet and fiber to people's homes? Verizon is already begun to roll out a fiber to the residence service in slelected areas. I can't imagine them stopping, or others not following. Your voice, data, and television transmissions will be carried across the same connection at the same time. Your cell phone will probably have built in WLAN VoIP capability. As a result, NAT will end up hurting us, and the only solution is a unique IP for every device. Have you ever tried t

Re:Most people don't care about IPv6

[Anonymous Coward]

Ever heard of UPnP? It allows auto-configuration of devices. Just plug in, and it works. Let's see, give me an IP address for everything in my house, so my piece of crap- windows running cable box can get a virus too. Good Idea! They have plenty of jobs open for people like you in Redmond.

Re:Most people don't care about IPv6

[Izago909]

See comment here. [slashdot.org] NAT has nothing to do with people running thier box with admin access rights. It has nothing to do with people who blindly open attachments, or do not use a good firewall, or do not use an AV program. NAT is a flase sense of security.

Re:Most people don't care about IPv6

[grozzie2]

IPV6 was an issue, back in the days when folks still believed every machine should be directly accessible. Nat was invented as a work-around. It turns out, in the network world of today, NAT provides tremendous benefit in preventing external attacks from reaching the internal network.

NAT was a workaround to a percieved problem, exhaustion of ipv4 address space. Now that the trend is to only have a couple ipv4 entry points to the typical lan, and have the rest of the lan in private ip space anyways, the

Nobody's running out of space

[Wesley Felter]

40% of the IPv4 address space is unallocated [iana.org], and much of the allocated space is probably unused [caida.org].

Re:Nobody's running out of space

[WindBourne]

Cool, I would like to get my Class C space that I own for my house, like I did back in the 80's.

What do you mean that I can not get one with IPv4? What do you mean that I have to pay somebody else and even then I do not own it? Hummmmm.

Irrelevant

[Wesley Felter]

It is true that ARIN will not give you a really small (/24) block of portable space.

It is true that you cannot own IP addresses.

That has nothing to do with the fact that there is no address shortage (under a sane usage model).

Re:Irrelevant

[WindBourne]

Yet, with IPv6, you can 'own' a block of ips that belong to you in the same manner that you own a phone number.

Re:Irrelevant

[stoborrobots]

In what sense do you "own" a phone number?

Switch area codes, get a new phone number - switch ISPs, get a new block... seems similar enough to me...

Or am I missing something?

Re:Nobody's running out of space

[madcow_ucsb]

Great. Good luck getting those who own class A's to give them back....

That's not the solution.

[mind21_98]

The solution is more ISP support. This is where you vote with your wallet. If your ISP doesn't support IPv6, find another. Same goes if you're hosting a Web site. They will eventually catch on and begin offering IPv6 more widely.

Re:That's not the solution.

[Wesley Felter]

I don't agree. Let's imagine that every Internet user demands that their ISP supports IPv6, and the ISPs do so. What have you accomplished? Google, Amazon, Slashdot, etc. still won't support IPv6.

Re:That's not the solution.

[ari_j]

Those companies have ISP's, as well. The problem is as the uncle comment to this one states: how many people actually have ISP's available that support IPv6? And how many people will really switch to a more expensive ISP just for IPv6 when they don't even know what it is? It simply won't convince any ISP's to do anything but raise their prices for IPv6 service.

Re:That's not the solution.

[HoneyBunchesOfGoats]

Not many people have the option to choose between ISPs. Where I am, it's either crap or crappier.

What's the rush?

[jobugeek]

I don't understand the rush for so many here to move. Unless you do live in SE Asia, then IPv6 isn't really necessary. Yes NAT can be a pain in the ass, but it is serving its purpose fairly well.

IPv6 will take over just like anything else. When it reaches critical mass and demand forces it. Probably starting in SE Asia and moving westward.

Re:What's the rush?

[Wesley Felter]

You missed the point of the article. At the current rate of non-progress, IPv6 will never reach critical mass. IPv6 needs a jumpstart. (The Asia issue is a red herring since there is no address shortage in Asia [apnic.net].)

Re:What's the rush?

[jobugeek]

I believe I understood it completely. You believe that it will never reach critical mass and want to use artifical methods to induce it. I believe that demand will eventually push it.

OK, so if there isn't a problem in Asia, what's the rush?

IPv6 is getting a jumpstart.

[Ungrounded Lightning]

At the current rate of non-progress, IPv6 will never reach critical mass. IPv6 needs a jumpstart.

IPv6 is getting its jumpstart. From the upcoming mobile IP vendors. They want IPv6 for tracking their phones/modems (for which they can't buy enough IPv4 address space to be confident of not hitting a wall). So they have made it a checkbox on equipment acquisition (i.e. you don't sell 'em a router unless it has IPv6 - period).

Since they're talking equipment purchase totaling into the billions this is NOT something the equipment vendors are ignoring.

Once there's a bunch of endpoints out there that can only be reached by IPv6 (or NAT/tunnel servers bridging to it) there will be a lot of pressure to migrate the rest of the net.

Re:What's the rush?

[System.out.println()]

Yes NAT can be a pain in the ass, but it is serving its purpose fairly well.

Is there a purpose for NAT that IPv6 won't solve better? And be less of a pain in the ass?

Re:What's the rush?

[Hanji]

Yes. The purpose of already working painlessly with the existing infrastructure without any significant thought on the part of the user.

Re:What's the rush?

[tepples]

A purpose for NAT is the closed-by-default firewall that its common implementations provide as a useful side effect.

Reverse proxy servers always open

[jgarzik]

Silly people.

A reverse proxy server (http accelerator) must be open to the public.

However, that does not mean the server is an "open proxy"... the proxy configuration only proxies for the specific web sites listed in the configuration file.

What about dhcp?

[Mustang Matt]

It seems to me that it would be really useful if the little off the shelf linksys/dlink/netgear/etc. routers did ipv6. I don't see it really being used until hardware starts using it.

On top of that it's my understanding that NAT should go away with ipv6. What is everyone with an internal network to do for IPs then? I've heard you can get free ipv6 blocks right now but they can be revoked once everything goes "live" but I don't want to deal with that.

Ultimately I guess I really want NAT ipv4 for inside my network until my hardware can hand out ipv6 addresses that I own forever.

Re:What about dhcp?

[Creepy]

There is a NAT for IPv6, but it's frowned upon by the IPv6 people because it is a hack (and was one for IPv4). The goal of IPv6 is that every machine can be traced back to its owner and therefore can be positively identified as a particular user. Nice from a security standpoint, but pure evil from a privacy standpoint.

I'm from the other camp - NAT helps security and for that matter, increases privacy since you can't identify the machine behind the firewall (especially if they leave the DHCP connection an

Re:What about dhcp?

[Izago909]

Fun stuff when the feds want to know who's been downloading mp3s over your hotspot and you honestly can't tell them :)

Actually, from a legal standpoint, the buck would stop with you. All they would have to prove is that your negligence aided and abetted in a crime. Do you think that the RIAA cares that grandma didn't download that new Brittney song? No, of course not. They can still sue her because it's her internet connection and her responsibility. It's sort of like lying by omission. NAT does not help y

Re:What about dhcp?

[kkane]

The intention with IPv6 is that you won't have "unroutable" networks, like we do with private nets such as 10.x.x.x and 192.168.x.x. Everything will have a globally unique IPv6 address. There was in the original spec what were called a "site-local" addresses, which were private addresses not routed to the outside much like their IPv4 analogues, but those have been deprecated.

However, you'll have plenty of addresses because, in the current incarnation, you're not allocated a single address, but rather you are allocated a subnetwork, which is currently 2^64 addresses. So the first 64 bits are assigned to you by your ISP, and then the second 64 bits are yours to do with as you like.

So that addresses the question of NAT: there won't be any lack of IP addresses necessitating its use. I am only addressing the use of NAT as a way around limited address space, and not any of the other uses for which NAT has.

But what about DHCP? IPv6 comes with something more elementary, called "stateless autoconfiguration." Basically, the router constantly broadcasts your "prefix" to the subnetwork, which is the first 64 bit half of your 128 bit address your ISP assigns you. The machine then takes its subnetwork ID (the MAC address), and sets the second 64 bits to a function of that. In the case of Ethernet, it isn't the 48-bit Ethernet MAC address verbatim, but a published function of it. It's called stateless because it's always a function of whatever the network's prefix is plus some kind of subnet ID, and there's no concept of leases, or any of the state a DHCP server maintains.

There is not yet an equivalent mechanism for "stateful autoconfiguration," which is more what DHCP is, where you can automatically assign an arbitrary address to a client. You can of course statically configure an interface to have a specific address, but there is no automated mechanism to always assign a particular autoconfigured client a particular address you designate. There are proposed standards for an IPv6 version of DHCP, however, and I expect eventually such a beast will eventually come around.

Re:What about dhcp?

[kkane]

Oh, yeah, I forgot one more point:

Whether or not your "prefix" changes each time will be much the same as whether or not your single IPv4 address changes each time you connect. Either your ISP statically assigns you one (perhaps for an extra fee), or it doesn't. But that 64-bit prefix will be your global identifier that gives you an address space, much as the single IPv4 address is your global identifier now, except your address space is only 1 address.

Re:What about dhcp?

[tepples]

in the current incarnation, you're not allocated a single address, but rather you are allocated a subnetwork, which is currently 2^64 addresses.

Watch residential ISPs break the recommendation and grant a /128 instead of a /64 in the name of profiteering.

Re:Why would a residential customer WANT a /64?

[tftp]

Ok.

Just as a comment: "some people" probably amounts to 0.01% of paying customers, and is therefore totally insignificant. Even networking professionals - who understand well why IPv6 is better - realize that IPv6 can not happen overnight, and there is really no clear need for it today. Majority of people just buy a $99 wireless router (NAT) from Linksys, and they are all set on their own Class A network. What else is there for them to ask for?

It is also understood that IPv6 shines in a lot of areas (w

Re:Why would a residential customer WANT a /64?

[TheRaven64]

I would guess that the killer app for IPv6 would be instant messaging. A lot of people use it, and a lot of them use it to send files. Configuring a client to be able to receive files from behind a NAT can be a pain (how many home users know enough to set up port forwarding?). The same is true, although to a lesser extent, of peer to peer file trading clients (which are certainly popular amongst the less technically competent). Anything that requires the user to be able to accept incoming connections is

Re:What about dhcp?

[Awptimus Prime]

Check with your router vendor's website. It is quite likely they have a flash upgrade which supports ipv6.

It would only make sense due to the fact that most of these devices are based on BSD code.

Not a Catch-22

[back_pages]

IPv6 presents a catch-22: the most popular web sites on the Internet don't have any incentive to switch to IPv6 until a large portion of their userbase is on IPv6, and their user base does not have a large incentive to switch to IPv6 until many of the popular Internet destinations support IPv6.

Nice try, but that's not a Catch-22.

A Catch-22 is when the solution creates the problem. From the book (yes, there was a book) if the doctor diagnosed you as crazy, you didn't have to fly any more bombing missions. The catch was that you would have to be diagnosed crazy by a doctor to want to fly more bombing missions. Thus, by achieving the status of "unfit to fly", you were actually certifying yourself to fly.

What we have here with IPv6 is two parties with no immediate reward for an investment. If one of them stepped forward, the other would step forward, and the world would enjoy IPv6. There is nothing about this that is remotely close to a Catch-22.

Re:Not a Catch-22

[Bombcar]

I always thought that the way it worked was that if you were certified insane you couldn't fly, but the Catch-22 was that if you tried to get certified insane it proved that you didn't want to fly, which was an action of a sane man, therefore you had to fly. Nothing you could do would prevent you from flying.

Re:Not a Catch-22

[skraps]

I don't think your explanation is very clear. For anyone who is really interested, here [hyperdictionary.com] is a good explanation of the term.

The part you missed is that the pilot can't be diagnosed by a doctor unless he asks to be seen; and since he fears for his own life enough to ask for a diagnosis, he is clearly not insane.

Re:Not a Catch-22

[LordKronos]

Correct. The submitter meant "Chicken or Egg", not "Catch-22"

Re:Not a Catch-22

[ComputerSlicer23]

http://www.wordorigins.org/wordorc.htm#catch-22

Here's a much better explaination (your's is fine, but I find the link to be much more entertaining).

The correct expression would have been "network effect". Which is the expression to state, that something is widely used, and anyone who starts using something different will have a hard time converting other people, thus everyone choses to continue using the original. Thus the network of people you interact with keeps you from changing.

Kirby

It's called a "viscious circle" or "chicken &

[Ungrounded Lightning]

Subject line says it all.

IPv6 Needs a Killer App

[That's Unpossible!]

That killer app may be VoIP. If everyone wants their own IPv6 phone number.

Or that killer app may be someone coming up with an awesome spam/virus/security solution that requires features found in IPv6.

But just wanting people to switch for no good reason will never work. Market forces...

Re:IPv6 Needs a Killer App

[Wesley Felter]

Unfortunately for IPv6, Skype works fine with IPv4+NAT.

ThreeDegrees [threedegrees.com] requires IPv6, but it never really caught on. Maybe it would have had better luck if MS created a fake startup shell company to promote it, so then people would think it was some kind of revolution in the making instead of yet another tool of The Man's oppression.

Wow

[stratjakt]

A reverse proxy or http accelerator with IPv6 on one side and IPv4 on the other.

That is mightily impressive and you certainly are a genious of our time.

So what does Mac do?

[mojowantshappy]

My 10.3 PowerBook seems to have both IPv4 and IPv6 running at the same time. Currently my Airport's IPv4 address is 10.0.1.25 and my airport's IPv6 address is fe80:0000:0000:0000:020d:93ff:fe88:f5c4. I can visit both http://ipv4gate.sixxs.net/ and http://ipv6gate.sixxs.net/. Does this mean my computer both has an IPv4 and IPv6 address, and I can visit both IPv4 and IPv6 websites? Maybe I am just missing the point of this news post.

Re:So what does Mac do?

[Wesley Felter]

You have a totally useless link-local IPv6 address. To get a real IPv6 address you either need 6to4, Teredo, or an IPv6 ISP.

Re:So what does Mac do?

[Midnight Thunder]

Both the addresses you specify have IPv4 addresses, and that is what your computer is using. To see how to set up a 6to4 tunnel follow this link [evanjones.ca]. www.kame.net is the site to try to connect to for testing. Typing 'ping6 www.kame.net' give you something back, other than 'ping6: UDP connect: No route to host'.

At the moment I can't get it working, so I'm trying to see what I have done wrong.

Where can I sign up?

[T-Ranger]

And get me some IPv6 addresses? Which, if any, ISPs/hosting companies support IPv6? Who do I talk to to reserve me a chunk of space so when my bacasswords ISP gets in line, I can get me some public IPs for my boxen at home?

Re:Where can I sign up?

[jgarzik]

Who do I talk to to reserve me a chunk of space so when my bacasswords ISP gets in line, I can get me some public IPs for my boxen at home?

Well for starters, you can set up 6to4 automatic tunnelling [linux.yyz.us] on your network, without having to bother your ISP at all.

Hurricane Electric [he.net] and others offer tunnel broker services, which are static IPv4<->IPv6 tunnels. Note that most tunnel brokers refuse to forward IRC traffic.

Certainly some ISPs are starting to roll out IPv6 service, and if that's available i

Funny solution

[ezzzD55J]

Sounds like a funny solution to me. Why not just multi-home the webservers? No extra hardware, extra point of failure, simpler, less dependency, etc.

This has been mentioned before. It's still moot.

[soybean]

The issue with ipv6 adoption is not an issue of servers or clients, it's an issue of routers.

ISP's need to adopt ipv6.

Tunnelling won't push adoption, but it might help YOU if you need to work with someone who is using ipv6.

Re:This has been mentioned before. It's still moot

[Awptimus Prime]

Well, yeah. But that does little good until their providers upgrade.

Getting an ISP to make large technical changes is too not hard..

Getting any of the union telco/comm workers to lift a finger in the name of change; that is the hard part.

The world doesn't need all that address space.

[acceleriter]

Sure, China and Korea would like billions upon billions of addresses, but that's because they've spammed their IPv4 address space into every blacklist on Earth.

Ummm...

[Talez]

Isn't this just 6to4 [6bone.net] which has been around for ages?

Are there any DSL providers in the US

[stox]

which offer IPV6 service?

IPv6 as a "solution" to NAT?

[venomkid]

This may be a bit OT, but I'm reading many people talking about NAT like it's some horrible thing.

As a longtime NAT user I like the fact that just one of my computers is hooked to the real internet and the others can't be diddled by outside computers.

Even if I had unlimited IPs, I'd still probably do it this way.

multicast?

[Doc Ruby]

Most people know that IPv6 delivers a bigger address space, and IPSec security. But what ever happened to its multicast tech? Is anyone sending a single multimedia stream over IPv6 to multiple recipients, without having a separately addressed packet stream like in IPv4? That feature would be the most timely, arriving just as large audiences are developing for online streaming multimedia content.

This is so obvious

[jd]

I can remember arguments on the 6bone mailing list about such proxies. Back in 1997! The argument then was that proxies would just slow down the adoption of IPv6, because nobody would really need it on their machine, at either end.

Of course, we now know that NOT having proxies has been a disasterous mistake. I can only hope the IPv6 community in general can accept that.

IPv6 is more than just addresses. You have utterly transparent mobile IP. You have automatic network configuration. Anycasting allows you to request a service and have the closest server respond, without you needing to know where that server is. You have almost-mandatory IPSec - which is more than just encryption, it authenticates that the machines are who they say they are.

IPv6 is a valuable tool. Back in the early days, I ran the first registered IPv6 node in Britain. At its peak, I had 10 tunnels running across Europe and the US. That was using IPv6 under Linux 2.0.20, using the-then VERY experimental IPv6 patches that existed. It started with static routes, but I later moved to MRT and finally Zebra.

MRT and Zebra are now fast-decaying abandoned project, as far as I can tell. The only Open Source software router I can find is Click, and whilst it's good, it doesn't have the developer- or user-base to be confident that it can really do more than be a nice experimental project.

(Any distro authors out there SHOULD put it in their distro, if for no other reason than the fact that Linux will cease to be useful as a router platform, if the last remaining projects don't get adopted.)

IPv6 would benefit from having an IPv6-over-IPv4 protocol defined, much in the same way that SIT defines IPv4-over-IPv6. Again, I've argued this from the start. The idea of a migration to IPv6 will NOT be realised or realisable until the average person can plug in an IPv6 address into a browser or some other network software, without having to care about the fact that it is IPv6, and see a result.

Once IPv6 is truly transparent to the "unwashed masses", you'll start to see people adopting it. After all, it IS easier to configure and maintain. That would make people like ISPs very happy. Less time wasted on network maintenance means more profit for them. And nobody is averse to getting a little richer, a little quicker, when it costs nothing to do. You even have the bonus that it's legal and ethical (though some wouldn't care about that part).

Because IPv6 supports host authentication, it's great for Joe/Jane Average, too. It's harder to spoof mail addresses, when the mail server can validate the transmitting machine. That won't eliminate spam, but it will make using fake addresses slightly harder, which will give people a little more confidence that the sender is who they say they are.

Because multicasting is part of the standard, it also means that video streaming to multiple recipients will be less savage on the network. Once people realise that you can get damn near TV-quality reception by multicast, versus 5 seconds a frame (with tiny, low-grade frames) via a typical webcast, who in their right minds will go back to that worn-out way?

(And by near-TV standard, I'm talking NTSC or PAL resolution at 15 to 20 frames per second. The bandwidth would be impossible to maintain, if the server had to do point-to-point to every recipient, but it's very doable over a multicast transmission, and it's very normal for any of the multicasts advertised using SDR or similar tools.)

The technology that people have, right now, versus the technology researchers have had for decades is pathetic. What you can buy as top-of-the-line off-the-shelf today was commonplace in most research labs 10-15 years ago. Some of the slow adoption comes from wanting to really test the technology. Most comes from corporations dragging their feet and exploiting the time-lag to squeeze their victims^H^H^H^H^H^H^Hcustomers for every penny they h

IPv6

[strider_starslayer]

People will use IPv6 when they need it; when every device you have needs it's own internet connection, and routing/NAT will no longer do- providers will switch to IPv6, it'll happen basically overnight, though the use of a consortium.

And even then most people will just take there shiny IPv6 address, NAT it and use IPv4 internally.

How does this help?

[Anonymous Coward]

After creating these gateways what is the incentive for users to switch? What is the incentive for popular destinations to switch? In both cases I think the answer is none.

No. The answer to rapid IPV6 deployment is for someone to create an IPV6 only P2P network with a ferocious amount of free porn and mp3s. The next day everyone will be upgraded to IPV6.

MOD me up this is both funny and the truth!

IPv6 internet?!?

[rsd]

Please, correct me if I am wrong.

Isn't the internet IPv4 only and IPv6 is archieved thru
encapsulations like The 6Bone [6bone.net] ?

If so, what's the point of worring about sites not being in the 6bone?

If I am wrong, can you post some links please?

Thanks

What problem?

[Zaffle]

Seriously, what problem is this solution solving?

I run ipv6 here at my site, every PC ont the LAN is using it.

Inside the LAN its almost totaly native IPv6. Only the printers are IPv4 only. When surfing the web, the users browser does a AAAA DNS lookup, if it succeeds, then it does a native IPv6 connection. If you try to connect to IPv4 only site (very common), then the PC initiates an IPv4 connection. Our Internet router provides the IPv6 tunnel and does NAT'ing for IPv4. Its all totaly transparent, requiring no end-user setup or mucking around with.

I regularily use IPv6 websites, and I don't notice that they are IPv6 unless a) the website notifies me I'm connecting over IPv6 (eg http://www.ipv6.org/) or b) i look at the traffic going through.

The only thing I could do to "improve" the situation here would be to have my ISP IPv6 aware, so I didn't need to use a tunnel broker.

The way that would work would be the ISP would issue a single IPv4 address and a IPv6 prefix on connect. Then the would would be a great place :)

All my applications I write are IPv6 aware, infact they are primarily IPv6 applications with fallback to IPv4.

Most applications you use today are IPv6 aware. The next step for IPv6 is hosting companies and ISPs proving IPv6 natively. This will happen once the backbone routers are fully IPv6 aware.

Nick

BGP

[Anonymous Coward]

BGP currently shows roughly 1.3B addresses as being routable. That represents a little more than 25% of the IPv4 space.

There are alot of special use /8's around and a ton of academic institutions (MIT) and large corporations (Eli Lilly, etc.) that received /8 assignments back in the day.

I can not imagine MIT utilizing 16.7M IP's, and most other /8 recipients from that time wont either.

For more information see http://www.iana.org/assignments/ipv4-address-space [iana.org]

IPv5 ?

[SammyTheSnake]

Did anyone else wonder, "whatever happened to IPv5?"?

Well, this [oreillynet.com] seems to be the answer...

Cheers & God bless
Sam "SammyTheSnake" Penny

Re:ISPs

[Trejkaz]

That's the cruel thing. ISPs will certainly try to get away with allocating only one address and charge for more, and since IPv6 addresses cost less than IPv4 addresses, they will take all the profit.

mod parent up

[CaptainPinko]

I've laways been surpised that more people haven't seen this coming. It will take a lot of time before the majours ever do, and even then they'll reap the rewards.

Re:ISPs

[iabervon]

ISPs do provide IPv6 addresses for free when they provide IPv4 addresses. Every IPv4 address has a corresponding IPv6 address. One of the points of moving to a huge address space is that you can assign each old address a new address and not use up a significant portion of the new address space.

What would be interesting is if ISPs would assign a static IPv6 address to customers who have dynamic IPv4 addresses. If the ISP has IPv6 at all, they have a huge block of addresses, which they could trivially assign to their customers by account number. And then there would be people who would set up IPv6-only sites or sites where the IPv6 address was more reliable, because the address was free.

Re:Users will never switch...

[WindBourne]

Actually users do not care one bit about the address space. They will switch when the underlieing software and networks switch to it.

Though, I do predict that once ppl realize that they can own their own IP's space, then we will see a rush to it similar to dns as well as phone numbers.

I can get a vanity ipv6 space? Cool

Re:IPv6: Not Ready For Prime Time

[eamacnaghten]

I believe you are incorrect in saying there are larger routing tables.

The IP numbering allocation in IPv6 is hierarchal, which they are not in IPv4. The first 16 bits are the FP and Top Level Address (allocated to "trunk" cos like MCI), the next is a 32 byt "Next Level Addres" allocated to ISPs, and finally "Sight Level Address"es allocated to people like you and me.

At the moment many routing tables on the trunks have thousands of entries, increasing as allocation of IPv4 becomes more and more fragmented, significantly slowing down the trunks. IPv6 will mean considerably fewer routing table entries there, increasing performance.

Although the raw IPv6 header is larger than the minimum IPv4 header, a system of, in effect, encapsulating parts of the headers in the data packet that are not needed in routing exists where it does not in IPv4 (such as those needed in TCP). The savings there should more than make up for the degregation in increasing the minimum size of 20 to a fixed size of 40.

It is a misconception that IPv4 produces 4 billion IP addresses for the world to use. By the time all the university's Class A addresses and all the wasted IP addresses of those who have networks with machines missing are considered, all the network and bradcast addresses and so on are also considered you will be lucky to see 3 billion. In fact I would not be surprised if the figure was nearer 2. This may be enough for the Western World but not for Asia as well.

IPv6 is also neccessary to adopt the up and coming internet technologies, such as those that use MultiCast (IPv4 implementation of this will NEVER get adopted). I agree with you that it is the routers that are holding this back - but once an area is enjoying the benefits of IPv6 then I believe it will rapidly spread.

My 2c worth....

Re:IPv6: Not Ready For Prime Time

[Izago909]

Cisco routers suck at IPv6. Many of cisco's routers use the router's CPU to process IPv6 packets instead of the fast-path. The reasons for this are explained in the next few points. While Juniper's routers are substantially better at IPv6 than cisco's, IT managers are often restrained by insane corporate policy that dictactes the use of cisco.

That's what happens when you let the MBA's dictate the path of technological development. I mean, why use the best solution when you can... forget using logic to justi

I call bullshit.

[Anonymous Coward]

Network folks at Brown actually have a clue. You do not. NAT is network address translator, and the common MTU is around 1450.

Re:IPv6: Not Ready For Prime Time

[Scott Wunsch]

1. Cisco routers suck at IPv6.

Okay, I won't argue with you there.

2. There are too many addresses. There are 16.7 million addresses per square metre of the earth's surface, including the oceans. This is overkill.

It's deliberate overkill. It allows things like 64-bit subnets, which in turn allow for stateful autoconfiguration. It also allows for large chunks of address space that won't be allocated at all; if it turns out in the future that our current allocation method is inadequate for our needs, we can simply devise a new allocation method in this empty space, rather than having to migrate to a whole new version of IP.

3. The problem with a 64-bit network prefix is that routing tables become massive. Just do the math and you'll see that extreme amounts of memory are required to hold routing tables.

Yes, if an IPv6 router had to hold nearly 150,000 routes in memory like it does in the current IPv4 world, it would be massive. Fortunately, IPv6 is designed to have properly aggregated addresses, so that things are much more hierarchical, and routing tables can be stored much more efficiently.

4. The IPv6 header is too large.

Aside from the fact that more and more connections are using much larger MTUs these days, IPv6 also supports more aggressive header compression than IPv4 did, often resulting in similarly compact headers.

Re:IPv6: Not Ready For Prime Time

[sn00ker]

Wow, you sure smell like a troll.

If you're so confident that your dissertation has academic merit, why don't you put your name to your post?

1) No arguments, mainly because I don't know about the architectures of the Cisco and Juniper PEs used.

2) For a post-grad student, you don't seem to know much about IPv4. Almost 17 million addresses taken by each of 127/8 and 10/8. Another million gone with 172.16/12. 192.168/16 rounds that all out to about 36 million. Almost one percent of the address space gone, just on reserved ranges. The experimental ranges take some more space again. Then there're all the network and broadcast addresses, with CIDR making that problem worse, even while it does solve the issue of giving organisations blocks of space that're wildly in excess of their requirements.

3) I dunno who makes your NIC, but all mine have a 48-bit MAC.

IPv6 does nice aggregation. Routers only need to know about their immediate network, everything else they see as an aggregation. So rather than knowing about every /64, they'll just see a bunch of /48 (or less) netmasks, and the routers for those networks worry about breaking it down to the /64s when they get sent the packts.

Plus, RAM's cheap. Even the Kingston stuff you need for Ciscos. Couple cheap memory with the very good route summarisation in the IPv6 spec, and it's a non-issue.

4) The current IP network has these restrictions. With jumbo frame and the various other techniques now in existence, you don't think it's possible that part of the migration to IPv6 will be to throw a few more bytes into the packet size?

I can't belive you got a +4 (Informative) for that load of tripe. No wonder people have no respect for the moderators!

Re:IPv6: Not Ready For Prime Time

[cabbey]

Note to self: don't hire anyone from Brown University if this is the quality of their grad students.

A few quick issues with your points, just be glad I'm not on your review board, it wouldn't be pretty.

1. Cisco is only one of a handfull of router manufacturers, and if their gear doesn't keep up with the technology then those 'insane corporate policies' you referenced will be fixed. In the early days of IPv4 Cisco's routers (and everyone else's for that matter) used the cpu to handle routing too, fancy fast path hardware didn't exist at the time. As time changed, and the amount of load on routers increased the industry leaders invented faster and better hardware to keep pace with that load, there is no indication that they won't do the same with IPv6.
2. This same argument has been made for every new addressing scheme... there was no reason to use more than 8 bits of address, because there would never be more than 256 computers in the world. Same arguments were made for phone numbers. Oh, and it's "Network Address Translation" see RFC 1631 [faqs.org], any amount of "anonymity" provided by NAT is purely a placebo effect on the less cluefull user. You focus purely on the number of addresses availabel in IPv4, but fail to take into account how many of those are usable, given the amount of reuse hacks already in use throughout the world, I'm sure we're already well over the number of usable, globally routed, IPv4 addresses. Especially with some of the Asian and European Cell carriers using their own NAT'd 10/8 network, as do a number of US cable modem companies, not only in some cases for end users, but also for their internal routers. (The route out from my cable modem travels through two routers in the 10/8 network.)
   
   Oh, and if you actually read said RFC you would learn that it is not a solution, it is a bandaid. Just read the abstract:

   Abstract
   
   The two most compelling problems facing the IP Internet are IP
   address depletion and scaling in routing. Long-term and short-term
   solutions to these problems are being developed. The short-term
   solution is CIDR (Classless InterDomain Routing). The long-term
   solutions consist of various proposals for new internet protocols
   with larger addresses.
   
   It is possible that CIDR will not be adequate to maintain the IP
   Internet until the long-term solutions are in place. This memo
   proposes another short-term solution, address reuse, that complements
   CIDR or even makes it unnecessary. The address reuse solution is to
   place Network Address Translators (NAT) at the borders of stub
   domains. Each NAT box has a table consisting of pairs of local IP
   addresses and globally unique addresses. The IP addresses inside the
   stub domain are not globally unique. They are reused in other
   domains, thus solving the address depletion problem. The globally
   unique IP addresses are assigned according to current CIDR address
   allocation schemes. CIDR solves the scaling problem. The main
   advantage of NAT is that it can be installed without changes to
   routers or hosts. This memo presents a preliminary design for NAT,
   and discusses its pros and cons.

3. What exactly is the difference between 2 and 3? Two seems to be "2^64 is too many hosts", whereas three seems to be "64 is too many bits". Well, duh. The two go hand in hand. All the same issues that apply to 2 apply to 3... but you raised an additional issue, that having 64bit addresses will bloat routing tables absurdly. That's because of the way addresses have been handed out, split, merged, moved, and generally horribly mismanaged. IPv4 routing tables today are absurdly bloated. IPv6 was designed, from the get go, to fix this problem by using aggregated routes. Say you have two networks that are very nearly adjacent in the address spac