IPv6 Readiness Report

MythoBeast writes "In the latest episode of the Intellectual Icebergs podcast, Brett Thorson of Ravenwing provides a very good review of how ready our industry is for IPv6. He also provides a pretty good implementation guide for those who want to set up IPv6 at home."

By the time IPv6 is ready

[Anonymous Coward]

We'll need IPv8.

Re:By the time IPv6 is ready

[comcn]

That may be a joke, but in reality IPv6 is ready. My UK ADSL provider, Andrews & Arnold [aaisp.net], provide me with an entire block of IPv6 addresses. They will even route it to you natively if your router will support it, otherwise you have to use a 6-over-4 tunnel. My network uses it by default over IPv4; it's kind of neat when e-mail has IPv6 addresses in the headers. ;-)

Re:By the time IPv6 is ready

[VGPowerlord]

One company does not an industry make.

Re:By the time IPv6 is ready

[Znork]

Anyone who has an IPv4 address has an entire block of IPv6 addesses. With 6to4 you dont need any support from your ISP (well, as long as they're not actively blocking such traffic).

"For any 32-bit global IPv4 address that is assigned to a host, a 48-bit 6to4 IPv6 prefix can be constructed for use by that host (and if applicable the network behind it) by prepending 2002 (hex) to the IPv4 address. Thus for the global IPv4 address 207.142.131.202, the corresponding 6to4 prefix would be 2002:CF8E:83CA::/48. (IPv4 addresses use decimal notation while IPv6 addresses use hexadecimal notation). This gives a total prefix length of 48 bits, the same as an end site is supposed to be allocated under normal IPv6 address alocation leaving room for a 16 bit subnet field and a 64 bit address within the subnet." - Quote from Wikipedia 6to4 entry

Re:By the time IPv6 is ready

[FireFury03]

Or their routers aren't routing v6. Or their routers aren't configured for 6to4. Assumedly that would have to be done at the edge, as it would confound fast switching algorithms and push a core router over. Or the core routers between your ISP and your destination's ISP aren't configured for v6. Or your ISP is not getting v6 routes via BGP. Or another half-dozen reasons it won't work.

WTF are you talking about? You clearly need to go read up on IPv6 because what you just said is complete rubbish. Your ISP does _not_ need to know anything about 6to4. Every IPv4 address is assigned an IPv6 /48 subnet and the traffic for that subnet is carried between the anycast 6to4 relay router (or other 6to4 gateway) and your 6to4 gateway entirely over IPv4.

I assume by "that would have to be done at the edge" you mean the edge of the ISP's network, which is incorrect - the encapsulation/de-encapsulation is done at the edge of *your* network. The ISP only sees IPv4 traffic.

They are not blocking traffic when they are not configured to support it.

If the ISP isn't "configured to support" 6to4 then they shouldn't be calling themselves an ISP since they aren't "configured to support" IPv4 in that case.

A Tier1 provider can't just throw things in their configs and hope everything's OK.

Well, firstly, most (all?) tier 1 providers already do _native_ IPv6 and secondly, why exactly do the tier 1 providers need to do any reconfiguration to carry 6to4 traffic?

A podcast guide?

[Qzukk]

Personally, I'd rather have a written guide of some form to refer to when I implement IPv6, though I'm going to listen to this just to see how it turns out. It'll probably be just like class where I scribble furiously to write down everything the professor says.

Re:A podcast guide?

[daniel23]

I agree with this, unlike a written guide a podcast has no copy'n'paste and it is much harder to follow talk than written text when the language used is not your native tongue.

Written guides for what?

[jd]

For installing IPv6 on Linux: Go to any IPv6 provider (British Telecom, Hurricane Electric, WIDE - there are plenty of them). Download the script. Enter your IPv4 address and MAC address into their web form. Run their script on your machine. You are now fully IPv6-ready. (Most Linux distros come fully IPv6-enabled.)

For installing IPv6 on any *BSD: Pretty much the same. All the *BSDs have been IPv6-ready for a long time, under the KAME project banner.

For installing IPv6 under Windows: You go to Microsoft Research and install the stack. Unless it's already on the CD - it is, for some versions of Windows.

For actually implementing an IPv6 stack? Well, for that you want the RFCs on the IETF website, and the IPv6 evaluation kit (TAHI) that is listed on Freshmeat. I didn't type all the damn information for the various testing packages into the record for nothing!

Aside from that, I really can't think of anything you could need a guide for.

Re:Written guides for what?

[Tony Hoyle]

British Telecom, Hurricane Electric, WIDE - there are plenty of them)

The btexact tunnel has been down for weeks with no sign on resolution.. I can easily imagine it going away.

Hurricane electric works fine. WIDE is not a tunnel broker.

Last time I went on a search of tunnel brokers only a month ago there were less than 10 (pretty much all in the US only). Most of the ones that were there a year or so ago have shut down.. Also, KAME is dead... even the 6bone is being closed down.

Re:A podcast guide?

[dodobh]

man ifconfig

Enjoy

IPv6 isnt really wanted

[Anonymous Coward]

IPv6 is a solution looking for a problem, at the moment in its current state nobody will use it, its complex , doesnt play with legacy systems (even win2k support is flaky at best) all those routers and wifi boxes that best buy are selling, most of the ISP's dont want it and dont support it let alone the users figure it out

its another "its coming" technologies thats "nearly" with us for the last 10 years and STLL nobody really cares, its like W3C validation, nice in theory but most people dont care about it and most of the html generation tools dont create it

Re:IPv6 isnt really wanted

[shawn(at)fsu]

Just wondering is it better to fix a problem before it arises or wait until it's about to bite you. I'm thinking of the /. [slashdot.org] issue with VIN's to run out soon It wasn't really a failing of VIN as it achived what it's goals were for the required time. Can't some of the same be said about IPv6.

Re:IPv6 isnt really wanted

[cgranade]

It is wanted, as it solves a very pressing issue. With more and more mobile devices and embedded devices requiring their own IP addresses, we are running out of address space. Furthermore, the design of IPv4 relies upon assumptions that are no longer valid, nessesitating such ad hoc and stop gap solutions as NAT. While NAT may be useful in its own right, it should not be used solely to allow for more devices.

As for the comment about W3C validation, it always has been, continues to be and will most likely continue to be very important in the future. Without such a service, how is one to tell what XHTML, HTML, etc. actually are? Machines are not intelligent, and so we cannot be content with the tag soup that passes for HTML on most sites, but we must reqire some sort of standard for quality. I would love to see a browser that, by design, will choke on any non-validating input, since by design such a browser would be simpler and easier to maintain. Without quality control mechanisms such as W3C validation, we would have a very poor Internet indeed.

Re:IPv6 isnt really wanted

[Anonymous Coward]

> While NAT may be useful in its own right, it should not be used solely to allow for more devices.

Umm, that's precisely why it's used. So it doesn't adhere to the purity of the end-to-end argument (in fact, it pretty much smashes it), big deal. It works, and it's the defacto standard, and it's pretty much pushed off the need for IPv6 to the unforseeable future.

NAT provides a firewall

[tepples]

Umm, [adding more devices is] precisely why [NAT is] used.

Apart from that, NAT is also useful because of an inherent side effect, namely that a basic firewall comes "free" once your router has implemented NAT.

Re:NAT provides a firewall

[evilviper]

a basic firewall comes "free" once your router has implemented NAT.

No. NAT PROVIDES NO SECURITY WHAT-SO-EVER. No matter how many times it is said, people still don't get it. It REALLY doesn't provide any security. All it does is add a couple simple steps before someone can address your inside machines. NAT is the equivalent of locking your door with a rubber-band.

Here, instead of repeating myself over and over again, just look at the last time I talked about it:
http://slashdot.org/comments.pl?sid=169925&cid=141 66128 [slashdot.org]

Re:NAT provides a firewall

[tepples]

All it does is add a couple simple steps before someone can address your inside machines.

Hmm... let me see... In your other comment you wrote:

Send source routed pings to the broadcast addresses of the private address ranges

Do most NAT devices support source routed pings? How do most deployed residential NAT devices handle ICMP ECHO and source routing?

make no mistake, those are certainly not the only way to easily pierce through a NAT.

What other ways were you talking about? Did you explain th

Re:NAT provides a firewall

[Paradox]

make no mistake, those are certainly not the only way to easily pierce through a NAT.

What other ways were you talking about? Did you explain them in other Slashdot comments?

NAT is attackable with a variety of active and passive techniques. NAT is also very obnoxious because it requires packet rewriting, making it hard to use with things that verify packet integrity like IPSEC. NAT has served us well, but it's only needed because we have an IP address limitation.

In order to get FTP to work prope

Re:NAT provides a firewall

[evilviper]

I had a nice long and detailed response typed out... Then Firefox crashed :-(

What other ways were you talking about?

I don't really want to take the time to detail them here (that's why I typically just mention the simple source-routed+ICMP method) and I'm not finding any good search results on the subject. Perhaps someone else here is more inclined to spend time detailing other methods than I am. I'll cover one more simple method though...

Instead of source-routed packets, you can gain access to another m

Re:IPv6 isnt really wanted

[bigpat]

big deal. It works

Ummm, no it doesn't work. It works for a few things, and breaks a whole lot of other things. You are arbitrarily limiting a whole set of end-to-end applications simply because you have no imagination. The simple fact is that I can, with my static IP, do a hell of a lot more than you can with some short leased DHCP IP behind a NAT.

Re:IPv6 isnt really wanted

[Tony Hoyle]

The 'mobile devices' argument is total bullshit.

The only devices that need public IPs are servers. Hell, it's a potential security hole to give a non-server a public IP *at all*. *all* mobile devices can sit behind a NAT with absolutely no issues. Mobile phones for example do *not* have public IPs and never should do - there is no legitimate reason for wanting to access a mobile phone remotely.

Also, ipv6 doesn't get rid of NAT. There is IPV6 NAT in cisco routers, simply for the security aspect it's requ

Re:IPv6 isnt really wanted

[frakir]

there is no legitimate reason for wanting to access a mobile phone remotely.
hmmm............

Re:IPv6 isnt really wanted

[ultranova]

The only devices that need public IPs are servers. Hell, it's a potential security hole to give a non-server a public IP *at all*.

In Internet, every device is a server. That some of them are dedicated specifially to server duties does not change this. Filesharing networks, netphones, anything that lets two machines to exchange information in realtime - they all require at least one machine to have a public IP so it can be contacted. So yes, in Internet, every device needs public IP in order for the network to function.

Of course there are many interests that would love to see Internet to get broken and replaced by old-style broadcast network, since that would stop the competition from independent parties to those interests power. RIAA and MPAA, as two best examples, want to close Internet as a distribution channel for anyone but themselves. ISPs don't want you to be able to run your own servers, since that will increase the bandwith consumption and therefore decrease their profits. Blizzard and other MMORPG makers want to keep the costs of running a (small) server ridiculously high to keep competition to a minimum.

These are the real reasons for dynamic IPs, port blocking, and NAT. They are inconvenient, because they are designed to inconvenience you, to keep you in your role as a consumer. Producers don't want competition, and will do anything to stop it from happening.

Mobile phones for example do *not* have public IPs and never should do - there is no legitimate reason for wanting to access a mobile phone remotely.

Unless, of course, you want to call one ;). IP address is simply the Internets equivalent to a phone number.

Re:IPv6 isnt really wanted

[hhr]

IPV6 suffers from the another-technology-is-good-enough-and-cheaper problem.

Beta was superior, VHS was good enough and cheaper.

Audiofile stereo equipment is superior. An IPod is good enough and cheaper.

IPV6 is superior. IPV4+NAT is good enough and cheaper. Which is very unfortunate because IPV6 solves real problems.

Re:IPv6 isnt really wanted

[phoenix.bam!]

I so wish that wasn't true. It would be awesome if IPV4 stopped working right now and we all had to go to IPV6. Then finally file transfers would start working well.

Re:IPv6 isnt really wanted

[darkain]

Windows and Linux both come with IPv6 sollutions, as well as 3rd party firmwares for routers such as the WRT54G line (and derivitives). It isnt like VHS vs Betamax where you where forced to use one or the other, its like the difference between DVD-R and DVD+R, just get a system that does both at the same time.

Re:IPv6 isnt really wanted

[dozer]

[IPv6] is wanted, as it solves a very pressing issue.

Do you have any evidence? If so, why are adoption numbers so vanishingly small? They that IPv6 is wanted by almost nobody, probably because they don't have any pressing issues that only IPv6 solves..

While NAT may be useful in its own right, it should not be used solely to allow for more devices.

Er, that's the whole reason NAT was invented. Why shouldn't it be used that way?

Without quality control mechanisms such as W3C validation, we would have a very

Re:IPv6 isnt really wanted

[DDLKermit007]

Actually NAT serves us quite well in our situation. Cellular devices (mainly from China) are the big pressing fricking issue here and for the most part cell phones do NOT need real public IP space. There are extremely far and few betweens where a cell phone from any nation needs an IP that can be pinged from the outside or otherwise accessed. Cellphones make thier own calls out to the internet and negotiate a way for the data to be sent to them. Only in the case of network present apps and say Crackberries

Re:IPv6 isnt really wanted

[pair-a-noyd]

Not everyone can code HTML as well as "some" on /.

I see you're new here... :)

Re:IPv6 isnt really wanted

[dodobh]

Cellular devices (mainly from China) are the big pressing fricking issue here and for the most part cell phones do NOT need real public IP space.

Chinanet users are double NATted. Those are end users behind two layers of NAT. Broadband in China has started rolling out. Indian broadband is taking off. VoIP has been deregulated to some extent in India, and that is THE fastest growing cellphone market right now.

When you have half a billion users requiring IP address space, IPv4 isn't very likely to be able to s

Re:IPv6 isnt really wanted

[comcn]

doesnt play with legacy systems (even win2k support is flaky at best)

Heh, that's because Win2k is a legacy system...

Re:IPv6 isnt really wanted

[jamesh]

I'm right now struggling with the various implementations of NAT-T (IPSEC NAT Traversal) and the fact that they won't play nice together. Wouldn't be necessary with IPv6.

Ever tried to set up a VPN between two sites which both use 10.0.0.0/24 as their network range?

Ever wished you could just ssh direct to your desktop machine from home without futzing around with vpns?

So you may not want it or see the need for it, but if you understood the amount of work that has gone into making NAT the 'solution' it is today you might appreciate it a little more :p

Re:IPv6 isnt really wanted

[cardpuncher]

Indeed: there's a very simple test - if it were wanted it would have been adopted by now!

There was a powerful driver to IPv6 - the shortage of IPv4 addresses - but the people working on it couldn't resist the urge to try and solve a bunch of other less pressing problems while they were at it. The practical experience of people who've been in this kind of "upgrade" situation before is that unless you have absolute central control over the network you have to do migrations in very simple, evolutionary steps w

Re:IPv6 isnt really wanted

[AKAImBatman]

seriously IPv6 is just futureproofing we will eventually run out of IP addresses when each vehicle will want one, each of your kitchen appliances will want one etc.

I'm just not sure that's true. It certainly seemed that way when IPv6 was invented, but since then NAT has become a regular feature on home and business networks. Add in the regular use of DHCP to autoconfigure devices to a network, and you find that there's no longer any real pressure to make the switch to IPv6. Thus it made a lot of sense when

Re:IPv6 isnt really wanted

[toddbu]

I'm just not sure that's true. It certainly seemed that way when IPv6 was invented, but since then NAT has become a regular feature on home and business networks. Add in the regular use of DHCP to autoconfigure devices to a network, and you find that there's no longer any real pressure to make the switch to IPv6. Thus it made a lot of sense when it was developed, but now it seems pointless.

It may be pointless to you, but there are many people who could deparately use it. Think of all the problems that go away when NAT is gone. Like being able to use BitTorrent or SIP or any other "push" technology without having to set up port forwarding on your router. And even when you do get it set up right, you can't run on multiple machines behind a firewall without some kind of proxy on the other side. NAT is to the Internet was segmented memory was to CPUs - a great idea to move things forward but not a good long term solution.

I'm really jazzed about the idea of having my own personal 64 bit address space on the Internet. Then again, I'm not sure that even that will be enough. :-)

Re:IPv6 isnt really wanted

[AKAImBatman]

Think of all the problems that go away when NAT is gone. Like being able to use BitTorrent or SIP or any other "push" technology without having to set up port forwarding on your router.

For many (most?) people, this is a feature. That NAT firewall keeps them safe against unwanted traffic and unexpected attacks. The minor issues with BitTorrent and the like are best dealt with by Universal PnP.

There are definite advantages to IPv6, but the general populace doesn't feel any pressure to replace their equipment

Re:IPv6 isnt really wanted

[darkain]

UPnP brings about the same problems that the hardware/router firewalls try to protect you from... applications on your computer accessing the outside world. with exploits such as WMF (and stupid people downloading krap they shouldnt), these apps will exploit UPnP to open a port for itself, and most users would never even know. manually setting port forwarding features is more secure, but much more of a hassle for novice users.

Re:IPv6 isnt really wanted

[Jugalator]

Also, one need to keep in mind IPv6 does a whole lot more than increase the address range for more space and removes the NAT need. It's about end-to-end IPsec support, modularized packets for less traffic across the routers, better support for ad hoc networking, and much more.

Re:IPv6 isnt really wanted

[jacksonj04]

Just shove a port open request through UPnP. Works fine for P2P apps, and a few pieces of IM software. Azureus for BitTorrent does it quite nicely. Haven't yet seen a game do it though, anybody know of one?

Like Y2K?

[microarray]

Could someone tell this uninformed person what the hype is all about? So, we run out of IP addresses, so what? Seems like a market then exists where you could on-sell your IP addresses for $$$. Prices go up too high, market forces then result in IPv6 implementation. What's the problem?

Re:Like Y2K?

[Trejkaz]

I can't exactly on-sell my only IP address, because then I wouldn't have one. Hell, one is already too few (I want about four, but for some reason the cost of four addresses is more than four times the cost of one.)

The main benefit of significantly inflating the address space is that you can allocate enormous blocks for each subscriber, and remove most of the need for NAT.

Re:Like Y2K?

[vux984]

Seems like a market then exists where you could on-sell your IP addresses for $$$. Prices go up too high, market forces then result in IPv6 implementation. What's the problem?

The way ipv4 addressing is structured. 209.112.155.123 and 209.112.155.124 are in the same block. They don't have to be next door neighbours in the real world, but they do have to be 'close' to each other from the networks point of view. That will mean they belong to the same ISP, in the same city, and quite probably a fairly small chunk of that city.

IP addresses, by virtue of the numbers that make them up have to be hooked up to the network in a specific place in order for packets to find them. They exist in 'blocks' for convenient routing. The "routing tables" that you hear about describe where to send traffic addressed to a specific block should go. For example a backbone router A might know that traffic destined for 209.x.x.x goes "thatta way"... and and another router B further down the line might know that 209.112.x.x goes "through that pipe there"... and so forth, until it finally reaches a router C that says hey that destination block is right on the LAN here!

If 209.112.115.122 were suddenly "sold" to a guy in another city all his packets would would still end up at Router C, where they would be undeliverable because the owner isn't connected directly to that router.

As a rough analagy it would be like "selling your home address", but not your home. Even if you transfer the address to a guy in china all the mail is going to end up at your door step. Sure you could make special arrangements to have it forwarded back to china (and you can do this with ip too)... but that has two repurcussions:

1) The guy in china still needs a chinese address for the forwarded mail to arrive at so he's accomplished nothing!

2) Any mail addressed to him, even from his next door neighbour is going to be shipped around the world because it won't know its supposed stay in china until it arrives at your place. The chinese post office will see the Dutch (or whatever) address on the evelope and ship it off for a round trip through Holland...

IPv6 isn't just addressing.

[jd]

IPv6 includes the following features that either don't exist in IPv4 or you need to install bunches of other stuff to get it to work:

• Zero configuration of the IP stack. It's self-configuring, completely.
  
• Privacy. IPv6 mandates IPSec and I believe all IPv6 stacks out there provide that.
  
• Speed. IPv6 addressing is heirarchical and the headers are simpler and stacked, so much less information needs to be processed even though the headers are technically longer.
  
• Mobility. IPv6 supports Mobile IP - indeed, that was a design consideration - with fully optimized routing. It's only available under IPv4 as a hacked implementation of a workaround.
  
• Routing. Native IPv6 routing (as opposed to RIP-ng and OSPFv6) is designed from first principles, as opposed to being something that has evolved over time to be sub-optimal but backwards-compatiable.
  
• Multicast. IPv6 mandates multicast, which will reduce bandwidth consumption on broadcasts drastically.
  
• Anycast. This allows you to find a service by querying the network rather than some moron in technical support.
  
• MTU feedback. Your computer won't send what the network can't carry. This means you don't get packet fragmentation, which is great for firewalls and users on networks with restricted packet size. This will become more significant as jumbo packets increase in popularity.
  

Tell me again why you don't need IPv6. Only, this time, say how you're going to meet these criteria whilst you're at it.

Re:IPv6 isn't just addressing.

[Fred_A]

This is nice and has been repeated again and again, but what inquisitive minds want to know is what really happened to IPv5 ?

It's time for the truth to come out ! no more coverups ! They can't silence us all !

Today's Internet should be trivial.

[jd]

Most home users use DSL or cable modems and the ISPs would be quite capable of pushing new firmware to those to become IPv4/IPv6 gateways. You can then convert the entire "real" Internet to IPv6 without home users ever having to lift a finger.

Once that's been done, it's just a case of those same ISPs offering a CD to accelerate Internet usage (ie: which use native IPv6 rather than the gateway) and conversion is complete. Complete conversion of the Internet, by converting each ring in turn transparently to all outside layers, should be possible over the course of a few months at most. A solid concerted effort could probably achieve everything up to the end-user level in a matter of weeks, without a single person realizing what was happening.

Of course, I don't seriously expect that to happen. Not because it can't, but because the level of cooperation needed is likely beyond most businesses today. It's purely a political problem, not a technological one.

Re:IPv6 isn't just addressing.

[Jugalator]

Yes, but you do realize what e.g. common multicast support would give to end users in the form of entertainment etc, as well as the improved mobility support? This is far from a geek matter, really. If it was, it would hardly even be on the table.

Re:IPv6 isn't just addressing.

[mwood]

The people who don't care will be switched without knowing it, as soon as their suppliers decide that they want to or have to. If Microsoft decides that every XP user should have IPv6 enabled for some reason, the fix will come along through MS Update and you'll get it whether you know what it is or not. If your ISP decides that IPv6 is necessary, it'll be enabled whether your client requests an IPv6 address or not. When both have happened, hey presto! you have IPv6 and you didn't click a single button.

Re:IPv6 isn't just addressing.

[jd]

So convert them whilst they're not looking. Most people use DSL or cable, where others control the software and the configuration. If you wanted to be more forceful, Windows is vulnerable to viruses and viruses can install software - including TCP/IP stacks. (Mind you, I wouldn't recommend doing the latter, but technically it would be possible and it would defeat the laziness issue.)

Re:IPv6 isn't just addressing.

[rtb61]

They will change for the same reason they have done in the past, a sufficent number of businesses will see the need for it and to make the application of it uniform they will convince their government to make it compulsary, goobye IPv4 hello IPv6 (of course the only people at the moment who really want to retain IPv4 are people who already profitably control blocks of IPv4 addesses and those who want to retain randomly re-asigned IP addresses for "er" other reasons).

Re:IPv6 isn't just addressing.

[Psiren]

Huh? If the headers are longer it's slower. Not faster.

Not exactly. Slightly slower to send, yes, but not process. As I understand it the main difference with IPV6 headers is that they are word-aligned, so require less processing than IPV4 headers which use chunks of bits, therefore requiring bit shifting and extra processing in order to use the information.

So yes, they are longer, but you can use the values in the headers without any additional processing. Okay, the processing is minimal, but when you're d

The article's an MP3, not text! Text Version?

[billstewart]

I don't want to listen to some podcaster ranting about some topic that they may or may not have a clueful opinion about. Is there a text version of that person's comments? Skimming text is not only important for deciding if the author is providing any new or useful information, it also gives you much better control over how much of your time you want to spend on the quality of information you're getting. http://www.intellectualicebergs.org/ [intellectualicebergs.org] indicates that there are two main topics and three other sections, and doesn't say how long the podcast is. I normally don't rant about Slashdot's choice of material, but this is a waste of time; I could probably do better by going to a random social event* around here and asking about IPv6 readiness.

(mid-90s silicon valley story - friend of mine was visiting a friend, the house phone rang, somebody answered it and gave some technical advice about windows. "Who was it?" "Just a wrong number, but it was an easy question.")

Re:The article's an MP3, not text! Text Version?

[sootman]

This is why I hate podcasts. Text can be indexed, skimmed, and searched with everything from Control/Command-F to Google. It can be cut, copied, pasted, and even plagiarized if you want. A sound recording has none of these advantages, and it has several disadvantages: the speaker might use a lot of "um"s and "uh"s or be otherwise unpleasant, you can only listen at a constant speed (more or less), skimming is pretty much impossible, etc etc etc. Also, you can read a lot faster than you can listen--i.e., how

Wasting time

[quokkapox]

I don't want to listen to some podcaster ranting about some topic that they may or may not have a clueful opinion about. Is there a text version of that person's comments?

This is becoming a bigger problem on the net lately, people who post links to video/audio streams which do not have accompanying transcripts. The submitter may find it interesting, but I personally don't have a spare half hour to devote to your pet video/audio link (even if it is in a usable, open media format). I'll happily skim even

Why do we need to be ready?

[Wesley Felter]

I didn't bother to listen to the podcast, but luckily this is Slashdot so no one will hold it against me.

Geoff Huston's "IPv6: Extinction, Evolution or Revolution?" [circleid.com] is probably the most insightful thing I've ever read about IPv6 deployment, although the conclusion is pretty negative.

But assuming that IPv6 is worth deploying, Microsoft is way ahead in getting computers IPv6-enabled. Their work on Teredo [microsoft.com] should make life a lot easier for P2P developers.

Re:Why do we need to be ready?

[TubeSteak]

I didn't bother to listen to the podcast, but luckily this is Slashdot so no one will hold it against me.

I don't the fact that you're commenting without listening to it against you.

What I will hold against you, is that by not downloading the 47MB MP3, you do not contribute to the slashdot effect.

This is a community and communities work together. Now go download that MP3!

Re:Why do we need to be ready?

[porttikivi]

I didn't bother to read the link you provided, because as an IPv6 trainer in our company I already know:

IPv6 is not needed, NAT works. Some people will even insists NATing their IPv6 network to protect the internal addresses.

You don't need IPv6 to have global reachability for VoIP and P2P. Teredo actually proves, that you can contact anyone with a private address if you really want. You just need some form of global addressing, and an active "NAT circumvention" server like Teredo. Skype and other P2P networ

Re:Why do we need to be ready?

[Jugalator]

IPv6 is not needed, NAT works.

For a fraction of what you can do on the Internet, yes. Stop oversimplifying.
Even I as a regular user have run into the problems with two NAT'ed people trying to communicate with each other.

Re:Why do we need to be ready?

[A beautiful mind]

"But assuming that IPv6 is worth deploying, Microsoft is way ahead in getting computers IPv6-enabled."

You mean that you still need to install a patch for WinXp while Linux, BSD, etc. distributions have ipv6 enabled by default already?

Spam must be controlled

[humankind]

We can't move to IPv6 until the spam problem is solved. With the additional address space that IPv6 offers, spam will increase by a googol if the spam gangs are not stopped. More spam is stopped because of RBLs now than any other method. IPv6 would make that obsolete.

Re:Spam must be controlled

[AnotherBlackHat]

We can't move to IPv6 until the spam problem is solved.
With the additional address space that IPv6 offers, spam will increase by a googol if the spam gangs are not stopped.
More spam is stopped because of RBLs now than any other method.
IPv6 would make that obsolete.

Even assuming that were true, it would just mean that we couldn't move email to IPv6.
The amount of spam being sent is unlikely to change because of IPv6.
In test after test, I've found RBLs far less effective at stopping spam than spam assassin,

Re:One and only one thing will stop spam.

[grolschie]

Nah. If no-one consumed the products or services or scams that spammers offer, then it would dry up. Then make it an criminal offense to respond to spam. :-)

Anyone watch 24?

[someonewhois]

IPv6 isn't going to work because of television. Chloe: "Jack, give me the IP Address of the workstation and I'll send you a decrypter." Jack: "Okay one sec........... Alright, got it! F as in food, E as in earth, D as in death, C as in card, colon, B as in bad, A as in apple, six, eight, colon, three, six, four, four, colon, one, two, zero, seven, colon, A as in apple..." FBI Agent breaks in: What's this? Jack? You're supposed to be dead! [shoots Jack] [Season Ends] Man oh man oh man. That's gotta be the reason why IPv6 isn't implemented yet. (Seriously, tech support nightmares)

Re:Anyone watch 24?

[someonewhois]

Oops, forgot linebreaks...

IPv6 isn't going to work because of television.

Chloe: "Jack, give me the IP Address of the workstation and I'll send you a decrypter."
Jack: "Okay one sec........... Alright, got it! F as in food, E as in earth, D as in death, C as in card, colon, B as in bad, A as in apple, six, eight, colon, three, six, four, four, colon, one, two, zero, seven, colon, A as in apple..."
FBI Agent breaks in: What's this? Jack? You're supposed to be dead! [shoots Jack]
[Season Ends]

Man oh man

Re:Anyone watch 24?

[curious.corn]

There's no Karma for Funny mods. Get it over

Podcast Mini-review

[Da Stylin' Rastan]

I listened to the podcast being someone who is quite knowledgeable in IPv6 and thought that Brad did a good job of laying out the important points and stakes in terms that someone new to IPv6 can understand pretty well, and he was very accurate on his information from a technical standpoint (aside from when he talks about the implementation headaches of PKI, he was way off on that one). I also agree with him on the state of IPv6 (fun for geeks/military types now, but not business and consumer-level primetim

WRT54Gs IPv6

[Solosoft]

If your WRT is running DD-WRT v23 you can run a 4-6 tunnel through the router and run RADVD on it to give your clients IPv6 address's.

Here is a IPv6 Install Guide for DD-WRT and a WRT54Gs [solosoft.org]

I would love some more people to test out my little config and tell me if there is anything they do not understand in it. It's very straight forward and uses SMB for people who have a v4 Router (not enough room for JFFS). Of course you could simply move a conf to your /jffs/ file system.
As Long as your running Linux (with ipv6 enabled) and Windows XP (run "ipv6 install") once the router is setup and running your clients get IP's automagicly. (or any ipv6 enabled OS for that matter)

Thanks :)

Re:WRT54Gs IPv6

[Wesley Felter]

Tunnel brokers are obsolete and inefficient; you should advise people to use 6to4 instead.

Re:WRT54Gs IPv6

[Solosoft]

Oh yeah ? How is it so shitty ?

I don't mind people bashing things but if your going to bash things please have somthing to back it up. By Semi-Heavy load what do you exactly mean ?
You do know there are known issues with the router such as overclocking it 16MHz (which the newer stock linksys firmware does) fixes up tons of issues.

~ # sed -n 's%.* src=\(192.168.[0-9.]*\).*%\1%p' /proc/net/ip_conntrack | sort | uniq -c
4 192.168.1.1
3 192.168.1.100
68 192.168.1.101
686 192.168.1.102

Re:WRT54Gs IPv6

[Solosoft]

Really ?
I have about 2 torrents constant on this computer and sometimes emule or bearshare, my sister is always on limewire and my moms always on torrents too and no problems. Even my ipv6 is stable and never disconnects. Hmm ... wonder why your router is so sick, oh did you forward the right ports. I believe DD-WRT doesn't enable upnp by default thus most of your torrents prolly had no outside access.

Maybe some more information and I would be glad to give you a hand with that.

If you would spend a c

IPv6 Design Mistakes

[Eravnrekaree]

I believe that the design of IPv6 was flawed in ways that it has inhibited adoption which could have been much more rapid. The IPv4 address space should have been a subset of the IPv6 address space. This would allow easy interconnectivity to Ipv4. The other direction, for going from Ipv4 to Ipv6 is trickier, but could involve manipulation of DNS. When a ipv4 peer requests a IP for a DNS address, the DNS server will reply with a private IPv4 address, the router/gateway associated with the DNS server will catch the connection to this IP and reroute the connection to the proper IPv6 address. It does only work with DNS addresses, yes. A special block of Ipv4 addresses should have been set aside for this purpose exclusively. Problem solved. Most people use DNS anyway. Other solutions could be devised to access a ipv6 address without DNS from ipv4, a protocol that would allow users to configure a forwarding route on the router via some utility, so that all connections to a private IP are rerouted to a specified IPv6 address. This could have eventually been built right into clients as well. This would have allowed a gradual switchover. The problem with the current switchover plan is that since there are so few Ipv6 users, there is not much incentive for websites to make themselves accessible on ipv6, but at the same time, users see no benefit from moving to ipv6, since there are not many websites avialable from it. So in order to access the internet, people need two seperate Ip configurations, people are not going to bother with ipv6 since it is pointless to them, all of the websites are on ipv4. Thus we get nowhere. It is absolutely true that there must be a gradual transition period where both protocols will be used and where both protocols must be interoperable.

Re:IPv6 Design Mistakes

[Eravnrekaree]

I think another interesting concept was IPv7 proposals. These put some additional address fields into some unused space in the IPv4 headers, if memory serves me. Each IPv4 address would basically contain a massive address space then.

The IPv4 routers would just send all of the packets right through, ignoring the additional fields. This basically allows a new address space to be layered on top of IPv4, although, it does require hosts to have upgraded software to understand the new fields.

You mean, addresses like:

[jd]

::192.168.0.1, as a substitute foe 192.168.0.1?

Hold on a moment. Close your eyes and count to three. One... Two... Three... Now, open your eyes and try, say, pinging ::127.0.0.1 and see if you can reach your loopback address. Hey! It worked! Magic, I tell ya!

Try ping6

[jd]

Some Linux distros don't ship with IPv6-enabled net tools, but do include distinct IPv6 versions. Dunno why, that's just so broken.

Re:IPv6 Design Mistakes

[nurmr]

There are three subranges in ipv6 'assigned' for IPv4:

• ::192.168.0.1 - real IPv4 connections
• :ffff:192.168.0.1 - for IPv6 sockets receiving IPv4 connections
• 2002:192.168.0.1:: - for 6to4 implementations

see http://unfix.org/projects/ipv6/IPv6andIPv4.gif [unfix.org] for a diagram of how traffic can be automatically translated between the two networks. The NAT-PT box allows the IPv6 only hosts to connect to the IPv4 network, and the socket5/6tunnel box allows the IPv4 only hosts to connect to the IPv6 network by doi

Re:IPv6 Design Mistakes

[Eravnrekaree]

Perhaps I did not explain clearly enough. If we have an IPv4 host on an IPv4 network, that wants to connect to say, awebsite.com. However, awebsite.com has an IPv6 address. The host would send a DNS request to its DNS server, the DNS server instead of replying with the IPv6 address, it will provide a temporary IPv4 private address (using an address block set aside for IPv4->IPv6 routing purposes perhaps) back. The IPv4 requesting host will be using a gateway server that is working in concert with the DNS

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Private networks and the business case.

[AgentGibbled]

Well, end-to-end connectivity would certainly make VOIP solutions considerably less hacky. Is that a bulletproof business case? Probably not, but it's an example of a useful application and it took me a couple of seconds to come up with it. I'm sure there are others if one were to actually think about it.

While I don't claim to be the world's leading expert on IPv6, I don't believe (and someone please correct me if I'm wrong) that it makes routers, proxies and firewalls go away. It does make NAT kind of redu

Business case for IPv6

[jd]

This one's easy. Firewalls don't like fragmented packets, because you can't verify subsequent parts. This means that firewalls either offer limited protection (ie: let the remaining fragments through) or re-assemble the packets themselves (which is slow).

IPv6 doesn't support fragmented packets. It forces both sides to restrict the MTU of that connection to the smallest MTU of any intermediate network component. In consequence, firewalls don't need to check for fragmentation and don't need to reserve any space for extra state information.

The practical upshot is that your bottleneck (the firewall) can handle far more connections with far lower latencies, which means B2B (business-to-business) and e-commerce network traffic can run much more smoothly and the system can manage much higher numbers of connections.

More connections with lower latencies, more business transactions. More transactions, more profit.

QED.

IPv6 supports fragmentation

[Helevius]

That's hardly a "business case." And as another poster (unfortunately not being modded up) pointed out, IPv6 supports fragmentation. It's just that end hosts have to fragment and reassemble, and not intermediary routers. So, your firewall will see fragments anyway.

Re:Business case for IPv6

[jd]

And that comes to a different conclusion how? Less waste = more speed. More speed = more business. More business = more money. If it makes the business people money, why should they care about the technical details of why? My business case for IPv6 is that it makes money, and that making money is a Good Thing (for businesses).

Re:Business case for IPv6

[AK Marc]

Pray tell, do you know what the fragmentation rate for packets actually is on the net? There is a reason they did not put fragmentation into IPv6 and it certainly was not for firewall speed. It is because the amount of fragmentation is on the order of sub 1%. Therefore, it was deemed unnecessary.

Right. Fragmentation takes place mostly because of misconfigured devices and intentional attacks. Dropping fragmentation support, and many of the other options that are unused or greatly underused, improves spee

Re:Business case for IPv6

[jd]

The argument is that IPv4 is excessively complex. The header has a vast amount of information, much of which any stateful device will nee to check and validate. With IPv6, the extra information either doesn't apply (as in the case of fragmentation) or is pushed into secondary headers and only examined by layers that actually NEED to care.

Since I used fragmentation as an example, when is fragmentation important? Well, let's say Business A uses standard ethernet frames (1500 bytes) and Business B uses jumbo f

Re:Private networks and the business case.

[roystgnr]

I keep hearing about handhelds and that millions of them will need their own IP addresses. I don't see why. I'm sure most of the wireless providers want to control the content that their subscribers can send or receive - that business model does not want a wide open network with each host directly connected to the internet.

Back when it was just a proprietary BBS, Prodigy wanted to charge me $0.25 per email I sent - that business model does not want a wide open network where any host can connect to any SMTP

comcast needs it

[geddes]

Here is a business case for IP v6:

Most cable companies, in their TOS, specify that you are only allowed ONE connection with your account, that is one computer. If you want 4 computers in your house to have internet, you need to pay for more.

What most families due, usually clueless to the fact that they are breaking a TOS, is buy a spiffy looking linksys or netgear WAP, which has NAT enabled by default, and share their single connection amongst all 4 of their computers. Because of NAT, comcast, or whateve

Re:comcast needs it

[lidocaineus]

What? You think there won't be any ipv6 nat devices? First off, there already are. Secondly, the reason comcast charges for extra IPs is because they, like everyone else, needs to be fairly frugal about handing out IPs. ipv6 negates that.

And by the way, comcast for SURE knows that people are using NAT ("none the wiser?" please). That's why they tell you to connect your computer directly to the cable modem when you have a problem. Some ISPs even GIVE you modems with built in NAT.

Re:Private networks and the business case.

[MythoBeast]

This needs to be qualified. IPv6 has no current business case in the US. Everywhere else, they're running out of IP space pretty quickly. Mobile phones have already switched over. Japan is in full distribution. Korea's IPv4 allocation is so screwy that business were having to figure out how to build encrypted connections through multiple levels of NAT. The US Government is switching over and, if you want to do business with them, you had darn well better think about it yourself.

As for real use cases,

Re:Private networks and the business case.

[AK Marc]

Most internal hosts are firewalled, proxied, and natted INTENTIONALLY.

Most internal hosts are natted. I'm not sure about firewalled, and certainly not that many proxied. NAT is not a security measure. It does provide some security, but then so does having oil poured all over your front porch - but neither was created for or ideal for security. NAT was created to connect previously unconnected networks. It was not created for security. Security is an idea that was tacked on to it later to explain wh

this just in:

[Gothmolly]

$PERSON makes $TRENDY style comment about $TECHNOLOGY. $EDITORS don't edit, they greenlight based on $TRENDY. Oh wait, we're talking about whether IPv6 is redundant, necessary, or useful? Thats actually secondary to the point of the accepted submission.

Does someone have a transcript?

[afaik_ianal]

I pity the poor deaf slashdotters [slashdot.org]... Oh, and those of us who cannot download mp3s at work.

Why IPV6 will be accepted

[techno-vampire]

IPV6 will finally get accepted when it's discovered that it's the only way to play a network game of Duke Nukem Forever.

Re:Why IPV6 will be accepted

[VGPowerlord]

So, on Tue, 19 Jan 2038 03:14:08 GMT?

SixXS is great for experimenting

[spinfire]

I run a dual stacked network at home using tunneled connectivity from SixXS [sixxs.net] (I live near Boston, MA, the tunnel endpoint is in NJ. This gives excellent latency performance.). With this tunneled connection came a subnet with enough IPs to last me many lifetimes. Additionally, I maintain a server with native IPv6 access including public access Jabber, NTP, and IRC. See here [isomerica.net] for more info.

IPv6 won't neccessarily get you anything you don't already have at this point, but the technology is ripe for experimenting and things work remarkably well.

IPv6 Business Case

[netrangerrr]

There was no business case for the transition from ARPANET's old NCP protocol to TCP/IPv4 in the 1980s - but there were technically compelling reasons. Luckily the ARPANET pioneers realized that a new protocol was needed to easily integrate the new services and applications they were thinking of deploying. Soon the WWW, e-mail, etc. exploded as they were simple to deploy on a powerful TCP/IP infrastructure. IPv6 makes it cheaper to deploy new network services and applications (like imbedded IPsec and QOS routing) by adding new extension headers to define new services. It also scales massively and offers both private networks and E2E options. You'd be amazed at how much extra code/infrastructure is necessary to get around NAT today to make many applications work.

We are currently working on a paper, with help from subject matter experts of the North American IPv6 Task Force, on HOW to get a return on investment from IPv6 technologies by adding new IPv6 based network services to enhance reliability, security, QOS, and mobility support in networks.

Re:IPv6 Business Case

[Midnight Thunder]

You make a good point, but there are still hurdles left:

- not all DNS entries yet have a AAAA attribute
- transistion technologies still half-baked. For example no home router gateway supports it. There is no suitable NAT compatible tunnel that I have yet found - this is true for the Mac at least.
- NAT provides a means for individuals to easily allocate a private address space without having to register each appliance. So far I haven't seen any suggestions on how

Re:IPv6 Business Case

[VGPowerlord]

There was no business case for the transition from ARPANET's old NCP protocol to TCP/IPv4 in the 1980s - but there were technically compelling reasons. Luckily the ARPANET pioneers realized that a new protocol was needed to easily integrate the new services and applications they were thinking of deploying.

To be exact, ARPANET switched from NCP to TCP/IP on January 1, 1983. NCP had a few shortcomings

• Like UDP, NCP had no way of handling lost packets. TCP introduced packet acknowledgement to fix this.
• NCP had no real routing. TCP/IP introduced the concept of gateways, routers, and independant networks/subnets.

The difference between IPv4 and IPv6? The size of the address space and the human representation of the addresses (hexadecimal instead of decimal).

While we're on the subject, it took over 8 years from the publication of Vint Cerf and Robert Kahn's A Protocol for Packet Network Interconnection (May 1974), which described TCP, for ARPANET to incorporate TCP/IP.

It's also important to note that the size of the Internet in the 1980s was nothing like it is today. The Internet only had 562 hosts in August 1983, 8 months after the changeover. The same source states that the Internet had 353,284,187 hosts in July 2005. (Source: Hobbes' Internet Timeline [zakon.org], with data taken from Mark Lottor's zone program reports [nw.com], and the ISC [isc.org])

PKI and IPsec in IPv6

[netrangerrr]

I listened to the audiocast and picked up an important point- the commentator said IPsec (an integral part of IPv6) has historically proven undeployable except in small networks and would not enhance security.

He is probably unaware that just a few weeks ago, the IETF released a series of updates to IPsec [RFCs 4301 - 4309] and a new automated key exchange (IKEv2) [RFC 4306] to update IPsec to simplify and standardize implementations and automate key exchange. Also, many a few large organizations (DoD, MIT, pharmaceutical companies, etc...) have extensive public Key Infrastructures (PKIs) ready for IPv6 IPsec. A new deployment guide on updated IPsec and IPv6 will be published shortly by the IPv6 Forum.

Industry is ready as "sort of"

[layer3switch]

Verizon DSL (NYC) not ready. Oh so NOT ready. CableVision (NYC) so not ready. All of my old linksys routers don't even support IPv6. Only thing I have ready for IPv6 is my damn Linux box.

Yeah, so far, I can ping myself all day... I'm just getting myself ready... any day now... really... c'mon... do it. do it.

Re:Where's the "podcast"???

[idonthack]

"Podcast" is really just a fancy word for "streaming audio".

Re:Where's the "podcast"???

[jumpingfred]

No podcasts don't stream. You don't stream to your ipod you download and copy to your ipod.

Re:At home?

[VGPowerlord]

Really? OK, I agree with the great-grandparent, then. A 16-octet address is just ridiculous.