Akamai To Offer IPv6 To All In April 110
netbuzz writes "Akamai says that it will offer IPv6 services to its entire customer base beginning next month – a long-awaited move that is expected to be a major boon to the adoption rate of the next-generation Internet Protocol. Akamai hoped to release its production-grade IPv6 services by the end of 2011, but the task proved more difficult than originally anticipated. Akamai has been beta testing its IPv6 services with key customers since last fall."
Probably still waiting for their security software (Score:5, Interesting)
Based on my own company checks for readiness I assume the big hold up feature parody with IP4 and IP6 security software and equipment.
I know many of our security appliances have been able to route IP6 for a long time, but few of them could filter or manage the traffic with any sort of detail close to that of IP4 since the features had not been ported.
Re: (Score:1, Funny)
Think IPv4 PAE.
Re:Probably still waiting for their security softw (Score:5, Informative)
Re: (Score:1)
True, but high-end equipment has been able to run IPv6 for ages now.
Re: (Score:1)
No, that would require every OS to replace the TCP/IP stack. No backwards compatibility and no better off than IPv6.
Re: (Score:2)
No, that would require every OS to replace the TCP/IP stack. No backwards compatibility and no better off than IPv6.
IPv6 boosters are fond of this talking point, but "no backward compatibility" is a gross exaggeration, or to be precise it is a false dichotomy, when in fact the ability to preserve front end interfaces that are familiar to users and administrators is a form of backward compatibility. But that certainly would not be the only form of backward compabitility offered by an extended IPv4 stack.
Re: (Score:2)
Re: (Score:1)
Wah wah, we can't figure out where to put some more bits. There must be just no way. Right.
Re: (Score:2)
Re: (Score:2)
Actually, you can pack extra bits into an IPv4 packet in such a way that a) valid packets using 32 bit addresses remain valid and b) packets with extra address bits are seen as invalid by unaware network drivers. Therefore "they" are *not* all going need to be retrained, only thoes that want to access a wider address range. So how much smoother that would have been rollout wise? We would already be there by now if a sensible approach like this had been adopted instead of the throw out the baby with the bath
Re: (Score:2)
Where do you specify that? The IPv4 header ends w/ the destination address, and then the payload starts - the type of message, code, checksum, identifier, sequence number and then actual data. Before source address, there was version#, type of service, length, identification, flags & offsets, time to live, protocol and checksum. So where exactly do the extra address bits go? Oh, and remember, it will be needed for both source and destination.
Okay, let's say it was expanded to 40 bits, and we calle
Re: (Score:2)
Nice straw man. You assumed that an some of the bits of an extended address could be interpreted as a valid address and nasty things would happen. But these nasty things will not happen if an IPv4+ packet with extended addresses is constructed to appear invalid to an unaware network driver. So basically you could have saved typing your last two paragraphs.
Your question of where to put the new addresses bits is constructive. The obsolete [ietf.org]stream id option seems like a reasonable candidate, providing additional
Re: (Score:2)
I don't see why that's a straw man. An unaware network driver could just read what's in the source and destination addresses, and ignore the areas that have the extended addresses - particularly if it happens to fall within a deprecated area in the header. Which is why the new addresses created would have to be compatible w/ what currently exists, thereby capping the growth headroom mentioned.
Also, this proposal essentially means kicking the can down the road, requiring a future generation to have to de
Re: (Score:2)
So the principle is this: two extended address bytes are tucked away in places that will not destroy the internet. Such packets are constructed to appear invalid to unaware applications. If a path exists between a source and a destination both supportting extended addresses then the source and destination can communicate in the extended address space. The new byte goes at the least significant end, not the most significant, so that routing databases do not need to change.
These ideas really boil down to the failure to understand the issue is not about IP headers, packet formats or finding clever places to put things.. It is about ADDRESSING.
If the address spaces between IP protocols overlap then nobody knows apriori what paths support which protocols. We can not know if host A communicating via IPv4 can also reach host B on IPvDP or what router along the path prevent host A from communicating with Host B . If the address spaces are kept separate this is not an issue. Ope
Re: (Score:2)
I don't see why that's a straw man. An unaware network driver could just read what's in the source and destination addresses...
Not if it's an invalid packet according to an unaware network driver. For example, the checksum might be wrong. There are all kinds of things that can go wrong if an application tries to act on addresses contained in an invalid packet indeed. Delivery to the wrong protocol for example. What a mess that would make. An unintentional straw man is still a straw man, and you knocked that one down yet again.
Also, this proposal essentially means kicking the can down the road, requiring a future generation to have to deal w/ it.
Sure. We need time, and this buys time. If you are saying that is a bad thing, your argument is weak. We ki
Re: (Score:2)
We can not know if host A communicating via IPv4 can also reach host B on IPvDP...
Yes we can. If the low order byte of host B's address is zero, they can communicate, otherwise A needs to upgrade in order to establish a direct connection with B.
...or what router along the path prevent host A from communicating with Host B .
IPv6 has the same issue.
If the address spaces are kept separate this is not an issue. Operationally this is critical to facilitiate migration.
What? Your leap of logic escapes me.
You could solve the problem for peers only by giving all existing IPv4 hosts addresses on the new extension network...
As I already stated. Standard IPv4 addresses are extended with a byte of zero at the low order end.
but this does not address routers, requires everyone renumber anyway...
How do you conclude that renumbering is required?
and is therefore no better than IPv6.
You haven't proved that, especially not without filling in your logical holes above.
Operationally IPv6 massive address space is a huge win for operators and end users
Both those claims are firmly in the "hopefully, one day"
Re: (Score:2)
Yes we can. If the low order byte of host B's address is zero, they can communicate, otherwise A needs to upgrade in order to establish a direct connection with B.
I want to send a message to host A from host B. Host A is on IPv4. Host B is NOT. Host B does NOT have an IPv4 address because ah ...well they ran out and running out has consequences.
How does host B know if host A will be able to receive host B's message?
IPv6 has the same issue.
IPv4 and IPv6 are separate networks, separate routing, separate addressing. There is no problem of partial reachability within an IP universe in a dual stack environment. Either you have IPv4 connectivity, IPv6 connectivity or both. IPv4 and IPv6 un
Re: (Score:2)
Sure. We need time, and this buys time. If you are saying that is a bad thing, your argument is weak. We kicked the can down the road when we went from 8 to 16 bit microprocessors, and again when me moved to 32 bit. What would have happened if the industry had decided to start off with 64 bit processors, just to avoid "kicking the can down the road"?
Had the industry started w/ 64-bit CPUs and OSs, that would have been fantastic. Imagine Windows being a 64-bit OS when the Alpha was around - it would have flown. Similarly, nobody would ever have been going through 32-bit to 64-bit transitions. Given that Unix resource requirements were much higher, most of them became 64-bit ages before Windows did. But had we all started w/ that, we'd have avoided the 8 -> 16 -> 32 -> 64 transitions. We're doing it correctly here by going directly from 32-
Re: (Score:2)
Had the industry started w/ 64-bit CPUs and OSs, that would have been fantastic.
OK, you sent the message loud and clear: you have no concept whatsoever of the advantages of pragmatism. Like a typical IPv6 booster, you live in a cloud where efficiency does not matter, compatibility does not matter, only forcing the wodl to accede to the brilliance of the great new white elephant matters.
Hint: if intel had tried to market a 64 bit microprocessor instead of an 8 bit, or indeed, 4 bit processor they would have been years late to market and nobody would know about them now, nor care.
Re: (Score:2)
Yes we can. If the low order byte of host B's address is zero, they can communicate, otherwise A needs to upgrade in order to establish a direct connection with B.
I want to send a message to host A from host B. Host A is on IPv4. Host B is NOT. Host B does NOT have an IPv4 address because ah ...well they ran out and running out has consequences.
How does host B know if host A will be able to receive host B's message?
Simple: if host A does not understand 5 byte IPv4+, it cannot establish a direct connection with host B. Host A should upgrade if it wants to connect directly to host B. Meanwhile, host B, with a 5 byte address, can connect directly to any IPv4+ enable
Re: (Score:2)
How does host B know if host A will be able to receive host B's message?
Simple: if host A does not understand 5 byte IPv4+, it cannot establish a direct connection with host B. Host A should upgrade if it wants to connect directly to host B. Meanwhile, host B, with a 5 byte address, can connect directly to any IPv4+ enabled host whether the other host has a four or five byte address.
The question remains unanswered. How can you tell whether Host A AND your specific path to Host A supports IPv4+? Do you just try it.. if request times out assume it does not have connectivity? This delay is not commercially viable. What if the host was down or routing changed thru a router without support for IPv4+..how do you know? How does it work?
To connect to an unaware IPv4 host, host B needs some help from a NAT. This is where having the fifth byte on the low order end is really helpful: the NAT does not need to be stateful and does not need to delve into protocols. It just needs to manage its pool of dynamic IPs as dynamic IP shemes already do.
It most certainly needs to keep state... 1 real IP shared by a bunch of fake (IPv4+) IPs requires state to manage the 1:many association on the real IP.
Re: (Score:2)
How can you tell whether Host A AND your specific path to Host A supports IPv4+? Do you just try it.. if request times out assume it does not have connectivity?
That is how any connection to the internet works.
This delay is not commercially viable.
Only if you assume that a host with a 5 byte address tries to make all its connections directly before falling back NAT. But there is no requirement to do that. A 5 byte host can always use its ISP's nat, except when it discovers another 5 byte host via some out of band mechanism. For example, two users may be interested in establishing a secure connection for conversation or telephony, in which case they can well afford to take a few seconds to establish the
Re: (Score:2)
OK, think about this. Clearly, IPv4+ will work just as well as plain IPv4 if you have a 4 byte address, whether that is static, or like the vast majority of connections today, dynamically allocated from a pool owned by the ISP. Now in addition you have the option of giving 5 byte addresses to up to 256 computers in your house or business or village sitting behind your four byte IP. These will all act just as if they had a four byte net-local IP, but in addition they all have globally routable addresses for
Re: (Score:2)
Only if you assume that a host with a 5 byte address tries to make all its connections directly before falling back NAT. But there is no requirement to do that. A 5 byte host can always use its ISP's nat, except when it discovers another 5 byte host via some out of band mechanism. For example, two users may be interested in establishing a secure connection for conversation or telephony, in which case they can well afford to take a few seconds to establish their route.
IPv6 uses naming system and standardized default host policy to avoid all of this guesswork. Saying if you don't use IPv4+ ("always use its ISP's nat") then its not a problem is rather telling. "out of band" is punting to a magic unicorn that in many cases does not exist.
Adding delay and unpredictability to the current system is not going to fly with content. Whatever we transition to needs to be at least as good as IPv4 if we expect content to be a driver for adoption.
Your IPv4+ universe is the same empty cliff DISCONNECTED from the IPv4 universe.
Completely wrong. A 5 byte host is no more disconnected from the internet than an IPv6 host is today. See 6to4
You can bridge them using a number
Re: (Score:2)
OK, think about this. Clearly, IPv4+ will work just as well as plain IPv4 if you have a 4 byte address, whether that is static, or like the vast majority of connections today, dynamically allocated from a pool owned by the ISP. Now in addition you have the option of giving 5 byte addresses to up to 256 computers in your house or business or village sitting behind your four byte IP. These will all act just as if they had a four byte net-local IP, but in addition they all have globally routable addresses for whatever segment of the internet has also adopted 5 byte addresses. At least that is something, don't you agree? Or don't you?
I think that would be really cool to have 5 bytes instead of four so we call get an extra 256 hosts per address.
Unfortunatly while cool the problem is the world is running out of IPv4 addresses. This means there will be no more 4-byte IPv4 addresses left under which an extra 256 computers could be made avaliable. The IANA free pool and APNIC are now mostly deserts and everyone else except afrinic will be deserts in a year or two.. Even the emergency reserved morsels to facilitiate IPv6 transition will ev
Re: (Score:2)
...there will be no more 4-byte IPv4 addresses left under which an extra 256 computers could be made avaliable.
Not a problem, addresses already recycle regularly. Nearly every time you relocate your home, for example. Or every time you connect if you subscribe for a dynamic address like most people.
Re: (Score:2)
Ah, and the point is that an ISP could put multiple subscribers behind one four byte address. And it would be better than today's NAT, which is limited by available port addresses and is really a nasty, nasty kludge. And 5 byte address owners can establish direct connections with each other.
Re: (Score:2)
Ah, and the point is that an ISP could put multiple subscribers behind one four byte address. And it would be better than today's NAT, which is limited by available port addresses and is really a nasty, nasty kludge. And 5 byte address owners can establish direct connections with each other.
We're going to spin new ASICS, patch all network, naming, application stacks, databases and backends all to accept an extra byte..essentially the same work needed to deploy IPv6 then at the end of all that we still have NATs and severe addressing problems?
Say you wanted to be an ISP and picked up a shiney new 4-byte ASN with your name on it. What would you expect to be able to route to your customers after all IPv4 addresses are long gone?
Re: (Score:2)
It is not just extra bits, the entire routing / switching strategy changes. IPv6 has no layer 2 i.e. switching is based on IP not mac addresses. Also routing doesn't use routing tables.
If it were just packing extra bits, it would be easy enough to layer IPv6 on top of IPv4 and in fact that is exactly what IPv4 -> IPv6 conversion devices do.
Re: (Score:2)
http://en.wikipedia.org/wiki/Neighbor_Discovery_Protocol [wikipedia.org]
Re: (Score:2)
I hope you realize that ICMP does not replace layer 2. And that IPv6 is always encapsulated in some layer 2 protocol like ethernet, just as IPv4 is.
Mocking standards? (Score:5, Funny)
"feature parody"?
Re:Mocking standards? (Score:4, Informative)
"feature parody"?
Yes.
Re: (Score:2)
"feature parody"?
Yes.
That would be "parity"
Not if you mean "parody".
Re: (Score:2)
Maybe the OP felt his vendors were taking the piss out of him?
time to move off of norton then (Score:2)
time to move off of norton then
Re: (Score:2)
Re: (Score:2)
I don't know about Norton, but Windows 7's firewall works just fine with IPv6.
Re: (Score:2)
Re: (Score:2)
Yes there are finer details. When it actually comes to things like router and firewall code lots has to change.
For example there is no more NAT, so security layers provided by proxying addresses have to be added directly.
There are no more routing tables, so the layout of equipment should be different.
There is no more layer 2.
etc...
For companies that laid out a complex network in the 1990s they have to do something like "port the code" over to IPv6 based solution.
Re: (Score:2)
Routing tables and layer 2 still exist. It's just a differently sized header, and protocol version.
Networkworld confirms it! (Score:1)
i mean we all are just waiting on akamai, because without akamai ... or not.
nobody could run dns
Re: (Score:3)
Akamai are big. Really big. Having them offer IPv6 services to their customers is a big step forward in terms of making IPv6 adoption practical.
Re: (Score:1)
i mean we all are just waiting on akamai
Lets just say if you run TCPview (netstat on steroids) you'll find you have a lot .deploy.akamaitechnologies.com
of a184-84-209-18.deploy.akamaitechnologies.com's. The prefix will change but
a lot of what you get (Browser wise) is through
Yes, we ran out (Score:5, Funny)
We actually ran out of IP's last year, there's been one guy in Virginia running a NAT for the whole U.S. with the last one. But it's on an old lynxsys, he'd really like to free up the plug to vacuum and so we have to all get over to ipv6 pretty soon so he can power it down.
Re: (Score:1)
The US is not out of IPs. The rest of the world, notably the asia-pacific region, is nearly so. Not only that but in most places on the edges of the internet, double and triple nat is becoming commonplace. This is a far from ideal situation, and it can only get worse, (with solutions like carrier grade nat which shares one ip among dozens of gateways, restricting the available port ranges to each device to keep them all on one ip)
You think your ssh connections only lasting an hour or two now on your hotel's
Re:Werent we supposed 2 run out of ips a while bac (Score:4, Informative)
IANA, the top level of organizations which handle the allocation of IP addresses, has run out of IPv4 addresses more than a year ago: http://www.youtube.com/watch?v=orJpEJuZick [youtube.com]
The regional registries still have addresses and are going through them at different rates, so they'll run out at different points in the future.
RIPE (Europe) is down to about 40 million addresses, including the last 16 million which will be assigned under a different, more stringent policy: http://www.ripe.net/internet-coordination/ipv4-exhaustion/ipv4-available-pool-graph [ripe.net]
APNIC (Asia) is already on the last /8 block: http://www.apnic.net/community/ipv4-exhaustion/graphical-information [apnic.net]
ARIN (North America): http://www.compusophia.com/en/ipaddrstat/ipv4_arin_pool.html [compusophia.com]
LACNIC (South America): http://www.lacnic.net/en/registro/espacio-disponible-ipv4.html [lacnic.net]
AfriNIC (Africa):
http://www.compusophia.com/en/ipaddrstat/ipv4_afrinic_pool.html [compusophia.com]
When those are depleted, it's going to be NAT all the way down.
Re: (Score:2)
IANA, the top level of organizations which handle the allocation of IP addresses, has run out of IPv4 addresses more than a year ago: http://www.youtube.com/watch?v=orJpEJuZick [youtube.com]
The regional registries still have addresses and are going through them at different rates, so they'll run out at different points in the future.
Just because we run out of IP addresses doesn't mean the Internet suddenly evaporates. The 4 Billion existing IPv4 addresses will still work just fine. If you show up too late . . . . . . . the Internet is full, go away.
Re:Werent we supposed 2 run out of ips a while bac (Score:4, Insightful)
Or buy them on the secondary market. The current price is around $12 [theregister.co.uk] per IP [gigaom.com].
Re: (Score:3)
Ah, but it works the other way too. See all those people doing business on the new IPv6 Internet? Shame you can't join them because 'too bad' they don't have IPv4 and you don't want to move to IPv6, because it is just hype.
At a certain point that snow ball will take on speed. You can deny it is coming, but will hit you sooner or later. Better off if you are prepared for it.
Re: (Score:2)
Re: (Score:3)
RIPE (Europe) is down to about 40 million addresses, including the last 16 million which will be assigned under a different, more stringent policy
Its worth noting that most (all?) the RIRs have similar /8 policies, which makes the idead of having "run out of IP addresses" slightly confusing. Basically, this means that once they are down to the last /8 (~16.8 million addresses), each LIR is only going to be allocated a single /22, forever. So with such a restrictive policy, it will take many years for the RIRs to actually run out of addresses, but as soon as they hit the last /8, addresses will get very scarce - this is the "crunch point" - by the t
Re: (Score:2)
and even when they run out, they can NAT most of their customers and charge a premium to anyone who needs an un-NATted connection
That's called carrier based NAT and the carriers aren't setup for it. Further the regulators are hostile to it. So carriers would be looking at doing a change that's roughly as expensive as implementing IPv6 except they would also have to implement IPv6 soon thereafter and it would annoy regulators. Carrier based NAT is not going to happen.
What is going to happen is the carr
Re: (Score:2)
Further the regulators are hostile to it.
In what way are the regulators hostile to it? Here in the UK, I've seen no comments from OFCOM on the subject at all (getting *something* from them about IPv6 would be good, at the moment they seem to just be completely silent on the subject. Which is a shame because they really should have enforced ISPs supporting IPv6 a long time ago).
Anyway, whether the regulators like it or not, CGNAT isn't going to go away - we are far past the point where a transition to IPv6 will be an easy disruption free affair.
Re: (Score:2)
Great comment lots to reply to. The bulk of your comment is about the fact that equipment manufacturers aren't ready yet and in practice their equipment is way behind where they claim it is. I agree with you 100% on that. It is going to be infuriating for people who say buy equipment in 2013 to maybe have to toss it in 2014.
Though I should mention I assume carrier home/small business router/modems will do IPV6->IPV4 as part of their dual stack, so people with home small business equipment could run an
Re: (Score:2)
I should mention I assume carrier home/small business router/modems will do IPV6->IPV4 as part of their dual stack, so people with home small business equipment could run an IPV4 subnet and keep their equipment. More than just network equipment there are expensive network attached printers and no one wants to replace all of them,..
I'll address this in 2 parts:
Firstly, most consumer grade routers (that is: the sort of Netgear, etc. thing most people have at home and in small offices) do no IPv6 *at all*. Individual workstations are going to be able to use the likes of Teredo to tunnel v6 traffic over IPv4, but that's a really poor bodge at best.
Second: equipment like networked printers, etc. are largely unaffected anyway. No one (sane) is suggesting turning off IPv4 entirely on the LAN - most people will run IPv6 and IPv4 concurrent
Re: (Score:2)
Firstly, most consumer grade routers (that is: the sort of Netgear, etc. thing most people have at home and in small offices) do no IPv6 *at all*.
I agree. Which means that either upstream from them the device is going to be doing IPv6 -> IPv4. This capability is going to need to be in Home / Small business modem/router/switches provided by carriers.
Second: equipment like networked printers, etc. are largely unaffected anyway. No one (sane) is suggesting turning off IPv4 entirely on the LAN -
Re: (Score:2)
Which means that either upstream from them the device is going to be doing IPv6 -> IPv4. This capability is going to need to be in Home / Small business modem/router/switches provided by carriers.
That seems silly. If the carrier is going to provide hardware to to IPv6 over IPv4 tunnelling because the customer's router doesn't do IPv6, they may as well simply provide a replacement router that _does_ do IPv6.
legacy equipment won't be able to connect to IPv6 services
They are going to have to. Which means some piece of equipment upstream from them is going to have to handle translation.
I disagree. I can't really see a reason for legacy equipment to talk to IPv6-only equipment. The sort of equipment we're talking about is stuff like games consoles, which may need to contact the vendor's servers to do DRM, etc. There's no reason why the vendor can't continue to provide servers
Re: (Score:2)
Lets be clear: no one is going to be running significant v6-only services any time soon
They already are for cell phones. The carriers are running all kinds of services to their cell phone / mobile customers. So far it is all internal to the carrier's networks but they exist. There are also services in Asian languages that are v6 only.
I agree we are still several years away from v6 only services.
As for the lifetime of printers. Good printers can have lifetimes in terms of many years. During the 90s I
Re: (Score:2)
As for the lifetime of printers. Good printers can have lifetimes in terms of many years. During the 90s I worked on channel printers from the 70s.
And yet still, I see no reason why a printer needs to connect to an IPv6-only service on the internet...
Re: (Score:2)
Actually, given the requirements of Mobile IP and the fact that carriers needs plenty of addresses for all the mobile nodes they'll need, IPv6 is their only option, given how NAT completely breaks the way they'd work w/ IPv4.
For printers, the only thing that makes sense is putting them in a VPN, so that an employee @ a remote location can print out something while he's out. Otherwise, there is no reason for printers to have public IP addresses. And the urgency for office LANs to be IPv6 is just not ther
Re: (Score:2)
The urgency for office LANs to be IPv6 comes from the fact that external facing systems start needing to be IPv6 and other resources start going IPv6. That's a while away. Eventually though it will make sense for new LANs to be IPv6 and old LANs to be dual stack.
Re: (Score:2)
To connect to an IPv6 user, like a cell phone.
Re: (Score:2)
To connect to an IPv6 user, like a cell phone.
I can't think why a printer would ever need to connect _to_ your cellphone.
You might want to print from your phone though, which would necessitate a connection from your phone to your printer. This is the same as connecting to any IPv4 service from an IPv6 device (except in actual fact it probably won't be possible anyway since your printer isn't going to have a global scope address). If your phone is connected to your local wifi then it will have a v4 address anyway, of course.
Re: (Score:2)
TCP/IP is bidirectional.
Remember the context. Home network is IPv6. Home LAN is IPv4 since the printer is v4. Cell phone is v6 on a v6 network but could be going wifi off a v4 or v6 network.
Re: (Score:2)
TCP/IP is bidirectional.
Remember the context. Home network is IPv6. Home LAN is IPv4 since the printer is v4. Cell phone is v6 on a v6 network but could be going wifi off a v4 or v6 network.
Ok, with a v4-only printer on a LAN, the choices seem to be:
1. Cellphone also on the LAN (probably over wifi) and wants to connect to the printer: The cellphone has a v4 address so can just talk to the printer as usual.
2. Cellphonw is also on the LAN and the printer wants to connect to it: Again, the cellphone has a v4 address, no problem.
3. Cellphone is on a v6-only mobile network and wants to connect to the printer. The cellphone can connect to any v4 service through NAT64, including a printer, so no pro
Re: (Score:2)
Agree with this. As for globally reachable addresses and printers. The way it is done now is using something like dynamic dns and port forwarding. For example the home computer might "check in" with its addresses every hour to a remote server. Now that is going to be the address of the router, but the router port forwards to the printer. So even though the addresses are dynamic the printer is reachable.
The only case you are missing.
Home router is on a v6 network but printer is on a v4 subnet. So the ext
Re: (Score:2)
This reply is only going to deal with the CGNAT.
First off on the regulators I was talking ARIN and FCC, sorry typical American assumption that we are addressing Americans. I have no idea what the situation is in the UK, but the UK doesn't make a lot of its own carrier grade equipment so I doubt they are going to follow their own strategy in the UK, unless you've heard differently. As far as carrier strategy I assume USA, France (Alcatel-Lucent), Israel are the big 3 for whether CGNAT gets rolled out or no
Re: (Score:2)
In terms of ARIN they've declared this to not be "best practices" which means from a US legal standpoint using CGNAT would create liability situations that don't exist under an IPv6 transition.
I'd be interested to know what ARIN consider to be "best practices" in this regard. Obviously it is poor if ISPs are going to offer CGNAT *instead* of IPv6 support (I don't really see how this is viable in the long term though - at some point people will need to access v6-only content). However, ISPs are going to have to offer IPv4 connectivity for the forseeable future, until IPv4-only equipment and services have been almost entirely phased out. With a shortfall of IPv4 addresses, ISPs are going to have
Re: (Score:2)
I'd be interested to know what ARIN consider to be "best practices" in this regard
Dual stack. Customer should get an entire /64 or larger to build subnets and do translation on their side. Carriers should provide a IPv6 -> IPv4 gateway to access v4 resources from v6 networks. No v6 upstream from the customer's site, they do not want ISP's creating complexity in the v6 address space and maintaining the purity of the routes.
By "v4 only equipment", I mean your IPv4-only games consoles, etc. which will
Re: (Score:2)
What you seem to be describing in your first answer is Dual-Stack lite, which is somewhat the converse of tunneling. Here, the IPv4 packets get encapsulated in IPv6 before being sent over the network. Incidentally, this is where your CGNAT would be used - at the end points where the IPv6 decapsulation takes place and the IPv4 packet proceeds to its destination. Sounds the same as LSNAT. Dual stack OTOH simply means an IPv4 network and an IPv6 network running side by side.
Are no routing tables still an
Re: (Score:2)
I don't know anything about LSNAT in terms of IPv6 and sharing. So I'm not following. I agree on what dual stack means.
As for routing tables I thought that was still an objective. And yes multiple ISPs means multiple provider dependent addresses I'm not following why that presents a routing problem. Two ISPs to the same box means two addresses which the company internally would translate.
Re: (Score:2)
I'd be interested to know what ARIN consider to be "best practices" in this regard
Dual stack.
Dual-stack requires either:
1. Enough IPv4 addresses for each piece of equipment
2. NAT
Customer should get an entire /64 or larger to build subnets and do translation on their side.
Do what translation exactly? Are you talking about tunnelling or translating? Bearing in mind that we're talking about IPv4-only equipment at both ends of the connection, I can't see how you can be talking about translating here.
Carriers should provide a IPv6 -> IPv4 gateway to access v4 resources from v6 networks.
So you're suggesting that the customer's router (which has no globally routable IPv4 address) takes v4 traffic from the customer's network, encapsulates it in v6, shoves it over a v6-only connecti
Re: (Score:2)
That's NAT at the client side. Carrier modem/routers/switches for home/small business provide that today. The issue was whether the carriers are going to NAT throughout their network not after the handoff.
Re: (Score:2)
That's called carrier based NAT and the carriers aren't setup for it. Further the regulators are hostile to it. So carriers would be looking at doing a change that's roughly as expensive as implementing IPv6 except they would also have to implement IPv6 soon thereafter
IPv4 addresses are going to run out for some providers before a critical mass of servers are available on IPv4. Those providers will HAVE to implement some kind of NAT like soloution at the ISP level regardless of whether they implement IPv6. The only question is whether it will be plain V4 NAT, an encapsulated soloution like DS-Lite or a protocol translation soloution like NAT64.
Carrier based NAT is not going to happen.
It's already happening with some providers, particually mobile ones.
Re: (Score:2)
I agree I'm just saying they are going to do NAT64/DNS64 i.e. IPv6 -> IPv4 not Carrier Grade NAT.
It's [Carrier Grade NAT] already happening with some providers, particularly mobile ones.
Well yes, but there isn't as much mobile infrastructure. And note that most of the devices get dual stack capability.
IANA (Score:2)
I've been on Slashdot too long: "IANA... I Am Not A... what? What are you not?? Tell me!!"
Re: (Score:2)
Re: (Score:2)
Right now it is not people who are the problem it is carriers. And they are under pressure, they no longer can get IPv4 addresses to grow their networks. Every carrier is working on IPv6 some at different rates, but they are all progressing.
Re: (Score:1)
ah the MS model
Re: (Score:2)
The switch takes 5-7 years for most people. Last year there was some testing and some of the major services like google offered IPv6 services. The carriers are doing their part. This is not a small project and you will be hearing about it all through the decade.
Why should I trust Akamai to get it right? (Score:2)
If they can't get simple HTML/Javascript right, how can I trust them to get anything more complex right?
Re: (Score:1)
Re: (Score:2)
I have not looked, but I guess they have an onChange listener, and those are not activated by keyboard changes. If you want to complain about that, write a mail to w3c because they explicit said that this was the way it should be.
Re: (Score:2)
cloudflare (Score:1)
cloudflare is already doinf that for free : http://blog.cloudflare.com/introducing-cloudflares-automatic-ipv6-gatewa [cloudflare.com]
Nice, but... (Score:2)
Re: (Score:2)
The move to IPv6 wouldn't - and shouldn't - free up any IPv4s. IPv4s (I'm talking about routable IPv4s here) will still be needed and used to support dual stack. What would change is that for every node that requires external connections and offers IP based services, IPv6 would be used, while IPv4s would only be used for things like websites. In fact, think of IPv4s as mirrors of IPv6 websites for those who can't access IPv6. Or, in other words, use IPv4 only for services that absolutely must be offered
Re: (Score:2)
To make all this happen, the large hosting services and major ISPs should come to agreement on this. This is more true for the major ISPs in markets where they compete. For me, that is com
Re: (Score:2)
The internet is global. There isn't going to be a coordinated switch. Rather it is going to go:
a) Carriers go dual stack
b) Cell / Home / Small business on IPv6 with IPv6 -> IPv4 gateways. That's one transition.
c) MId / large business go internally dual stack while having IPv6 outward facing.
Then probably in a decade or more.
a) Most carriers stop offering IPv4
b) The gateways get crappier and worse and finally become an extra cost feature.
c) Mid / large business have only very small isolated IPv4
Re: (Score:2)
Actually it will free up IPv4s because of pooling.
Lets say I provide internet connections to 1m people via IPv4. That is 1m IPv4 addresses, dynamically allocated but they are held for a day plus on average. Now I start pooling so that an IPv4 address is surrendered after 5 minutes of being idle. I might be able to drop down to 200k addresses freeing up 800k. That is the in fact exactly the incentive for the carriers to move home / small business to IPv6 with IPv6 -> IPv4 pooling.
So when will Slashdot be on IPv6? (Score:4, Insightful)
Re:biznat3h (Score:5, Funny)
In addition, re)cent article put driven out by the Learn what mistakes these challenges Something done asshole to others (I always bring my
Mod up +10 insightful.
Best post ever.
Re: (Score:2)
The only way to get IPv6 and IPv4 speaking together would be via a proxy and that would only work for certain protocols.
Many companies will probably find themselves having to do just that, because they have wanted to deny the reality of IPv6 and therefore have not developped a migration strategy.
Re: (Score:2)
no. There is a address-range for ipv4 in v6, so its no problem to transmit v4 packets in v6. The other way round is not possible without tunnels.
Re: (Score:2)
If you are talking IPv4 compatible addresses (::/96), that standard is deprecated. If you are talking about IPv4 mapped addresses (::ffff:/96), that is still available but its implementation varies from OS to OS, behavior is implementation dependent, and there are potential vulnerabilities if it is enabled. It was originally intended as a transition mechanism, but it caused more problems than it solved, so it is better left unused, and ideally, disabled.
I don't see tunnelling as them speaking together -
Dual Stack Lite (Score:3)