Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Networking The Internet Technology

Comcast Activates IPv6 Trial Users 214

Spacecase writes "Comcast announced the first group of trial users have been activated on their IPv6 Native Dual Stack solution. Considering the recent news about IPv4 addresses becoming scarce, this looks to be one of the better solutions to get out of the IPv4 problems."
This discussion has been archived. No new comments can be posted.

Comcast Activates IPv6 Trial Users

Comments Filter:
  • by wasabii ( 693236 ) on Tuesday February 01, 2011 @08:03PM (#35075120)

    It's actually the only solution.

    • by dgatwood ( 11270 )

      NT... It's actually the only solution.

      Did you leave out an "A" in the middle of that?

    • Your assuming a false dichotomy between choosing dual stack IPv6 or choosing nothing at all.

      Embedding IPv4 within the IPv6 address space and allowing for a smooth transition was another option. As a society, we have chosen not to take that option. We have chosen uncertainty, confusion, and NAT instead.

      • by XanC ( 644172 )

        IPv4 is embedded in the IPv6 address space. What would you have done differently and how would that have made the transition smoother?

        • Specified the act of sending a packet to ::x.y.z.z to allow an IPv6 host to seamlessly communicate with an IPv4 host. Obviously they'd need to be a proxy in the middle doing the translation. Basically NAT64 or SIIT, but with a fixed address and specified early on.
      • First: IPv4 is actually embedded in the IPv6 address space in a few places, for different tunnelling mechanisms, 6to4 being one of them. Secondly, how do you think that would avoid the need for dual-stack solutions? Even ignoring the fact that v6 and v4 packet headers are completely different, v4 hosts can't just talk to v6 hosts using magic. What do you expect an IPv4 client to do when it sees a server with an IPv6 address?
  • by magsol ( 1406749 ) on Tuesday February 01, 2011 @08:09PM (#35075162) Journal
    To be honest, they're the last ISP I'd have expected to start IPv6 implementation.
    • Re:Comcast really? (Score:5, Informative)

      by rritterson ( 588983 ) on Tuesday February 01, 2011 @09:07PM (#35075598)

      I have been a comcast customer for 8 straight years now (give or take a few months)

      Had the announcement broken 3 years ago, I would have agreed with you, but Comcast is on a long, upward trend in technical competitiveness.

      They were the first major ISP to go DNSSEC, I believe, and have done DOCSIS 3.0 rollouts in most of their markets (we get cheap 20/4 service here, with a 50 down option available. Some parts of the service area have 100mbps down.) They also rolled out a bunch of 6to4 servers recently. While 6to4 is not a great technology, it is useful to have ISP servers, since my IPv6 traffic (auto tunneled via an Airport Extreme) goes through my local NOC and not first to wisconsin and then back to silicon valley as was the case before.

      They still lag when it comes to technical support via phone, as they assume all of their customers are techno-illiterate, but I have to give them a lot of credit for being on the leading edge when it comes to their network and network technologies.

      • Comment removed based on user account deletion
        • What is somewhat odd is that they continue to assume that you're technically illiterate even when you've proved you're not... I had a Comcast tech (who was at least level 2 if not level 3 support) repeatedly ask me what the computer's timed-out message was... even when it was the same message over and over again... and after we had had a fairly extensive discussion about how I used DD-WRT generally but had plugged the computer directly into the cable modem to rule that out as a possible source of the failur
    • by sjames ( 1099 )

      They seem like two different operations. The behind the scenes people seem to be good, but their phone support people seem to be entirely clueless and trained to lie as a matter of policy. If they really want to be more profitable, they should try actually performing diagnostics before dispatching someone for inside support when the problem usually turns out to be on the lines outside (which requires a second dispatch to solve, the inside techs aren't equipped for it).

    • Re:Comcast really? (Score:5, Insightful)

      by petermgreen ( 876956 ) <plugwash@p[ ]ink.net ['10l' in gap]> on Tuesday February 01, 2011 @09:29PM (#35075810) Homepage

      Comcast has a slightly unusual situation. They are so massive that their "control plane" network has exhausted 10.0.0.0/8. That means afaict they are now using public IPs not just for customers but for internal use as well. The space that most ISPs would use to put their customers on ISP level NAT is ALREADY TAKEN for their "control plane" network.

      http://www.nanog.org/meetings/nanog37/presentations/alain-durand.pdf [nanog.org]

      Given that they have little choice but to go IPv6 for thier internal networks (or "federate" the network but that is a large management headache) before IPV4 addresses run out it is not that surprising that they are proposing to offer it to customers as well.

  • Where are the routers for IPV6? does comcast still mac address lock there modems to one mac? or under IPv6 is there network now setup that you just need a switch and only a router if you need wifi?

    • by borcharc ( 56372 ) *

      how long ago did you use comcast? this restriction went away longer ago then i can remember. Plug new computer into cable modem and reboot, your done.

      • You're done alright. The modem won't give you an IP address (as of Jul 10) if your MAC doesn't match what it's activated against.
        • by ashridah ( 72567 )

          uh,. no. that's not true.

          You have to wait, last i checked, 2-3 minutes for the remote end to forget your old mac address. then you plug the cable back in.

          I've had to do this, when swapping from a laptop (for the comcarse support or installation tech), and then as soon as they're gone/done, i turn off the modem, plug it into my linux gateway, and wait a few minutes. then turn the modem back on, and the linux gateway gets an IP immediately.

        • by bucky0 ( 229117 )

          "data" isn't the plural of "anecdote", but where I am in the chicago area, that isn't an issue. Before my roommate and I got our router (both of us thought the other was bringing one, then we had to order one off the internet), we swapped out without an issue.

    • http://en.wikipedia.org/wiki/6to4#Consumer_routers_with_6to4_support [wikipedia.org]

      http://www.comcast6.net/ [comcast6.net]

      Apple's base stations are certified IPv6 ready, which means not only do they work with IPv6, but they have it on by default. The others might require you turn it on. Instructions on how to set up some of them are on Comcast's site.

      I've had Comcast internet for two years, they haven't MAC-locked their service in the time I've had them. If you want more than one device at your house to work, you need a NAT/PAT gateway

  • Each user has been delegated a /64 block of approximately 18,446,744,073,709,551,616 (18 quintillion) unique IPv6 addresses.

    That seems a little silly. I thought end users were going to be assigned /48s with IPv6?

    • Well, folks have thought better of this and decided that they had to plan for the day where we develop nanotech medicine, and have an IP address available for each cell-nanotech pair for an entire family, plus enough overhead to give the same for each pet.

    • by XanC ( 644172 )

      The smallest subnet normally designated in IPv6 is a /64. When you use automatic addressing based on MAC addresses, then you need a 64-bit host address. Assigning each household (at least) a /64 allows everything to work automatically.

      • Ah I see, so really only 2^64 unique addresses are routable within that framework.

        • No, all are routable.

          • Perhaps I should rephrase, yes all are routable, but since the way the protocol is going to work will see every end user getting at least a /64, doesn't that effectively cut the allocatable address space in half?

            • by XanC ( 644172 )

              Every subnet gets at least a /64. That does lead to a lot of unused addresses, sure, but it doesn't mean that there are only 2^64 addresses either.

              By the way, going from 2^128 to 2^64 isn't cutting in half; it's taking the square root.

            • Depends on the site. You will get a /64 and may only use it for four machines. If everyone did this, then that would mean that, in practice, you only had 2^66 addresses. On the other hand, a university will also get a /64 and may put tens of thousands of machines on it.

              A large part of the point is that it allows edge networks to grow without anyone else caring. With IPv4, lots of sites got a /24, thinking that 256 computers was a huge number. Then they grew a bit, and needed another /24. This happe

    • Home users don't need a /48 (which is 1024x bigger than a /64). It would be nice if they did allow for subnets , and gave home users at least a /62 (room for 4 subnets). But very few home users would use such a feature.

      A /64 allows for more devices connected to your home subnet than all the network interfaces ever built, or will be built in our lifetimes. There isn't any worry about it being "too small".
      • A /48 is actually 65536 times bigger than a /64 (2^(64-48)), but it's still reasonable to give home users that much. Only 4 subnets is extraordinarily restrictive. Think many (actually probably not that many) years down the line when you have subnets per room and such. I'd want my kitchen to be on a different subnet than my garage, for instance.

      • You can use subnets with a /64. You can't, however, use subnets and stateless autoconfiguration with a /64. If you're using subnets, however, you probably want to do some explicit configuration, so this isn't really a problem.
    • Assigning a /48 for end users is still the recommended thing to do. Some ultra-conservative types are planning on /56 instead. I expect ISPs assigning /64s to go out of business (maybe that's hope).

    • by Junta ( 36770 )

      It is really silly. They should have at least given each user 4,722,366,482,869,645,213,696 addresses, 18 quintillion is being way too stingy.

      Only half joking, I kind of wanted at least some headroom to segment my home network if I chose. Even a /62 would have been nice.

    • by hpa ( 7948 )

      In other words, if you want to subnet your home network, you have to hope everything you care about supports DHCPv6 as opposed to RA. Since DHCPv6 got standardized pretty late, cuts down on the compatibility tremendously.

      • I don't understand this, how can you not be able to create subnets out of a whole 64-bit address space? Is this some fault or oversight in the IPv6 standard?

  • by mccrew ( 62494 ) on Tuesday February 01, 2011 @08:18PM (#35075248)

    Each user has been delegated a /64 block of approximately 18,446,744,073,709,551,616 (18 quintillion) unique IPv6 addresses.

    "18 quintillion unique IPv6 addresses should be enough for anybody." -me

    • Unfortunately it isn't, afaict the only widely supported autoconfiguration system for IPv6 is stateless autoconfiguration and that by design depends on a /64 subnet mask.

      This makes life dificult if you want to run more than one subnet but your ISP will only give you a /64. ARP proxying may be a soloution but is likely to be quite painful to set up. Afaict the linux kernel guys are refusing to implement v6 nat on principle which rules out that option for those of us who use linux boxes for routing.

    • Actually, this is not enough. IPv6 always uses /64 subnets. The standard policies suggest that an ISP should allocate a block of /48 to /56 to each end user. This means that every end user can have 256 to 65,536 /64 subnets. Furthermore, the standard policies say that /19 to /32 should be allocated to each ISP.

      I agree that it sounds wasteful, but it should be possible without problems.

      Assume an allocation of /48 to each end user (actual numbers: /48 to /64). This means every end user can run 65,536 networ

  • by wasabii ( 693236 ) on Tuesday February 01, 2011 @08:25PM (#35075312)

    The point of this is to uncover any issues with customer equipment that prevents it. Any modern Vista or Windows 7 box by default has IPv6 enabled, and it works just fine. I know. I use it on all of my company's machines. Any devices that isn't aware of IPv6 will just ignore it. I'm expecting some poor IPv6 translation technologies on cheap routers that break with real IPv6 presence. That's kind of the only downside I can imagine.

    Customers behind an existing IPv4-only NAT device won't even be touched.

    • by Nemyst ( 1383049 )

      Some software, namely DirectPlay-powered games, semi-implement IPv6; enough to detect the IP and know it exists, but not enough to actually use it properly. More often than not, that means you'll have the game trying to connect through the IPv6 stack despite being unable to do so instead of just sticking to IPv4 where available and not doing anything where not.

      I'm sure this isn't an isolated case. Chances are IPv6 is sufficiently similar to IPv4 for some sloppier implementations to understand half of it, en

    • by dbIII ( 701233 )
      There's a few annoying and weird little quirks with IPv6 on Win7 (google will help). They should get fixed as IPv6 adoption increases. Then just because the OS works don't expect all the applications to work for a version or two.
      Expect corporate networks that have to suffer such shit as Macromedia's flexlm to be on IPv4 for about another decade to allow floating software licences to work unless a competitor emerges. The obvious solutions such as running on virtual machines etc are all against the licence
  • Comcast also supports 6RD and 6to4 servers, so even if you don't have dual-stack, you can get on the IPv6 bandwagon.

    6to4 should "just work", but 6to4 itself has some known issues with some kinds of routing (the IPv6 prefix doesn't have a routable prefix, so not everyone you can see can see you).

    Their 6RD servers are few and far between, and that gives bad performance, but it work correctly. You just need to configure your connection properly for 6RD to their 6RD border router.

    Windows or Mac OSX
    • by wasabii ( 693236 )

      The 6to4 prefix is routable, isn't it? I can connect to any IPv6 native stuff I've tried with it. Thought the real problem was if your packets got grabbed by something that advertised a route for it, but didn't do it properly.

      • The current routable prefix for IPv6 is 2000::/3. That covers all the currently allocated addresses, including the 6to4 block (2002::/16).
    • If you have a home router, it probably doesn't support IPv6, but you might be able to use DD-WRT (www.dd-wrt.org) or other replacement firmware that does. I do this, and it works fine

      FYI the Apple Airport Extreme and Express have supported IPv6 for quite a while now. Basically if your Airport router is square, it can handle IPv6. The older ones shaped like a Hershey's kiss do not.

      I've got both types of Extreme in use at home right now - the older single band square Extreme providing 5GHz 802.11n, and the "kiss" router for some older devices that can only handle 802.11b/g. All I had to do (as a Comcast customer) was put it in "tunnel" (6to4) mode, and it was able to autoconfigure without

    • DD-WRT doesn't support IPv6. At least not in any usable sense. To get it working, you need to create the RADVD configuration file, and write a script to calculate the 6to4 address and add it to the interface. There are no GUI options for configuring IPv6.

      It has less functionality in this regard than the firmware that came with the router (a Linksys WRT610N). At least that automatically configured 6to4, even if it still didn't have any GUI options.
  • It is looking more and more like Comcast waited too long to do this, and will run out of IPv4 addresss before people can make the transition. Dual-stack still requires you to have an IPv4 address.

    So they are also testing DsLite, a system where the home user only gets an IPv6 prefix, and no IPv4 address. This connects to a NAT64 router that allows you to get at IPv4 sites, by translating your IPv6 address into an IPv4 address.

    NAT64 is an ugly solution, but ARIN will run out of IPv4 blocks to give Comc
    • by Tacvek ( 948259 )

      NAT64 (as commonly presented as an ISP level-solution[1]) is idiotic because of the DNS abuse it uses (DNS64).

      DsLite seems far preferable to me based only on that consideration. DsLite is also what pretty much everybody has been expecting the whole time. Assign users routable IPv6 prefixes, and throw their IPv4 addresses behind "carrier-grade" NAT. Most users will not even notice the "carrier-grade" NAT. Those that do can pay more for the routable IPv4 addresses free up by gradually transitioning most users

    • I don't know about that. Qwest has yet to even offer an open beta for that yet. And while I see references to them doing it, I can't help but think that they'll wait to provide it with their fiber, which is to say only when Google or the city decides to bring fiber in to compete with them and starts actually laying fiber.

  • I always thought it was a matter of economics not technology that ISPs are generally unwilling to go to IPv6. I think ISPs like IPv4 because they can charge extra for static addresses. Since IPv6 has virtually limitless addresses this kind of removes an extra profit generator. Now it would seem end users can have large address blocks and soon it might be economically feasible for uber geeks like myself to do BGP routing!
  • This is ridiculous (Score:3, Interesting)

    by ugen ( 93902 ) on Tuesday February 01, 2011 @11:29PM (#35076642)

    "Each user has been delegated a /64 block of approximately 18,446,744,073,709,551,616 (18 quintillion) unique IPv6 addresses. "

    So, effectively, they just shortened an IPv6 address to 64 bit - and allocation haven't even started yet in earnest.
    This is the problem with people. Even technical people (and moreover - everyone else) will waste any resource (including artificial resource) until there is scarcity regulated by monetary means. If that's the way IPv6 will be assigned - /64 to an individual user, /32 to a corporation, /12 to interplanetary internet or whatever other cooky idea there is - these addresses will run out in a jiffy. And then we'll be trading in these and IPv4 just the same.

    • by Nigel Stepp ( 446 ) on Tuesday February 01, 2011 @11:58PM (#35076780) Homepage

      Give rfc3177 [ietf.org] a read, especially section 4. That RFC is obsolete now, but the math hasn't changed.

      These numbers are ridiculously huge, and it is intended in the design that subnets would normally be sized at /64. Thinking of that as 18 quintillion addresses is thinking like IPv4. IPv6 is different, and you think in terms of subnets. There are also (since an address is 128 bits) 18 quintillion /64 networks. If we give each person on the planet 65536 /64s (that's a /48) then we have enough for 5000 times the current world population in the current pool of addresses, which is 1/8th the full IPv6 address space. If you use the whole space, then it's 40,200 times the world population.

    • by hpa ( 7948 )

      This wasn't done by Comcast, but the IPv6 architects. This is pretty much the consequence of having a fixed-size address space... people will mismanage it partly because of the way we think... we are mentally programmed to hoard.

      It's the class A/B/C problem all over again.

    • From Larger address space [wikipedia.org]

      The most important feature of IPv6 is a much larger address space than in IPv4. The size of IPv6 addresses is 128 bits, compared to 32 bits in IPv4. The address space therefore supports 2^128 or approximately 3.4×10^38
      addresses. By comparison, this amounts to approximately 5×10^28 addresses for each of the 6.8 billion people alive in 2010.

      It's not going to be exhausted anytime soon, and the shear number of devices that you'd need to exhaust that would be completely unimaginable. And not in the sense that we failed to imagine how many devices would be connected, but that would be more than every singe possession that everybody owns having multiple addresses whether or not they contain any circuitry.

    • You are very confused. A /64 is enough space for every network device ever built or will be built in our lifetime to be part of one home network. And you think that is too small? That you will run out in a jiffy?

      IPv6 works. Subnets cannot run out of addresses in any foreseeable future. Business will get a /48 or at least a /56. They won't have a problem.

      All of the IPv6 problems are in the transition.
    • Assigning /64 spaces to users is by design. IPv6 is a 128 bit address space. The first 64 bits are used for the globally routable address space, the last 64 bits are created by the hosts. The simple implementation is the ISP gives you a single routable 64-bit address, and then you stick your MAC address (on more strictly, the link-layer address) in as the last 64 bits - and bingo, you have a unique routable 128-bit IPv6 address per machine. If you want privacy, you just randomly generate the last 64-bits, w

    • by Alioth ( 221270 )

      This is how IPv6 is designed to work, the smallest allocation given to a user is a /64 to allow stateless autoconfiguration. It's why the address is 128 bits in the first place.

      The 64 bits left for the network is still incredibly huge. You may be falling for the (intuitive) fallacy that 64 bits is just twice as big as 32 bits, but it's not. 64 bit subnets mean there are 2^32 *times as many* subnets than there are entire addresses in the whole of IPv4, that's to say, you can have *4 billion* networks the siz

  • Is there software that can NAT IPv6? Clearly anything's possible in theory - but are there existing solutions.

    I'd like all my devices to appear as a single IP address to the outside world, as they do now - to maintain uncertainty.
    My Google mojo does not help - any mention of IPv6 in connection with nat that I am finding, is something about ipv4 nat or tunneling.

    Ideally, it'd be nice to have that built into dd-wrt

    • by Zan Lynx ( 87672 )

      To maintain uncertainty you want to go from 18 quintillion possibilities to only 65535?

      Are you high?

      Look at what Windows Vista and 7 as well as other OS's are doing with temporary IPv6 addresses.

      • Re: (Score:2, Interesting)

        by ugen ( 93902 )

        I want to go to a *single* IP address that represents all systems on my network. Same thing I am doing today with IPv4. I don't like people outside to be able to enumerate devices on my network - and using a single address is a first step (tweaking IP stacks to change signature and replacing browser agent string helps too).

        I kinda expected that instead of "this is how you do this" (which is what freedom of choice of technology should be about) I am going to get the usual ideologically painted answers about

        • You can do NAT on an IPv6 connection the same way you are doing NAT on IPv4. Also, instead of using NAT to protect resources you should be using a border firewall that has the same rules for IPv6 as you have for your IPv4. That way from the outside even if they scan one of your IP addresses it still has the proper ports closed.

          Assign internal IPv6 addresses to your network, and then NAT on those. Simple.

          Whatever gateway you have that is doing route advertisements for IPv6 is still the primary location for f

        • I want to go to a *single* IP address that represents all systems on my network. Same thing I am doing today with IPv4. I don't like people outside to be able to enumerate devices on my network - and using a single address is a first step (tweaking IP stacks to change signature and replacing browser agent string helps too).

          It is possible today to recover the users internal IP address on their private IPv4 network using flash / javascript when they visit a web site.

          NAT == stateful firewall without packet mangling.

          Effectivly anyone who wants it gets the same information and capabilities from your users regardless of IPv4 NAT vs IPv6 firewall.

        • As per request I'll refrain from saying "that's not what you need" but still. They wont be able to "enumerate" if you have a firewall, you don't need NAT to block incoming ports. I prepared these diagrams and post links whenever this is discussed on slashdot:

          IPv4 NAT : http://cyclomedia.co.uk/blog/media/nat.png [cyclomedia.co.uk]

          IPv6 Firewall : http://cyclomedia.co.uk/blog/media/ipv6.png [cyclomedia.co.uk]

          Note the devices in the house that don't have any incoming ports. Not even ping? Note how it's the same in both diagrams? Do you get it yet?

    • Not necessary. IPv6 has "privacy enhanced IP addresses". A random IP is used each time you connect outbound, and so anyone that records your IP will find it useless. And guessing IP addresses when even a home user has multiple quintillion doesn't work at all.
  • Now people are using ipV6 isn't it time for someone to invent ipv7, so the uber-geeks can still tell everybody how they really should switch to the latest technology?

If all else fails, lower your standards.

Working...