Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
The Internet Chrome Firefox Networking

Some Telcos and ISPs are Frustrating IPv6 Adoption (guardian.ng) 135

An anonymous reader writes: "There are indications that telecommunications operators and traditional ISPs in the country are frustrating adoption of Internet Protocol version six (IPv6) by other networks," reports Nigeria's Guardian newspaper, citing Nigeria CommunicationsWeek. The magazine found 32 networks with IPv6 addresses -- but only three which are using them. And the newspaper cites "a network engineer with a university who does not want to be named" frustrated that their ISP's network isn't IPv6-compatible, so the university can't use its own IPv6 address. "Mohammed Rudman, chairman, IPv6 Council Nigeria, said that most telecommunications operators and internet service providers in the country have not adopted IPv6 which raises the issue of compatibility with other networks."
Firefox has a fast-fallback-to-IPv4 option, which you can disable in about:config (as well as an option to disable IPv6 altogether). But "the Chrome browser supports IPv6 natively and doesn't allow users to decide which protocol to use," reports TechGlimpse.com.

How does your browser perform? Long-time Slashdot reader ourlovecanlastforeve shared a link to Test-IPv6.com, which detects whether "when given the choice, your browser decided it would prefer to use IPv4 instead of IPv6."
This discussion has been archived. No new comments can be posted.

Some Telcos and ISPs are Frustrating IPv6 Adoption

Comments Filter:
  • Doesn't IPv6 hide the anonymization about which device beyond the firewall is using a service. Do I really want people outside my home to know how many devices I have, or which is viewing what?
    • Re:Isn't this good? (Score:5, Interesting)

      by johnw ( 3725 ) on Sunday December 24, 2017 @04:00PM (#55801617)

      See RFC4941. You can set up your devices (or device) so that they keep changing their IPv6 addresses, concealing both which is doing what and how many devices you have.

      • All that means is I can add an arbitrary number of phantom devices. I want to emulate only having one device.

        • by LiENUS ( 207736 )

          Properly implemented they have no way of telling if its a bunch of real devices, a bunch of phantom devices, or a single device. Everyones network looks the same, constantly changing suffices

        • by johnw ( 3725 )

          There's nothing to stop you doing that as well if you really want to - although you might want to stop and ask yourself why you want that. Is it for any other reason than, "I want things to be the same as they were before"?

    • Your ISP probably assigned a /64 to your home - so you can always keep rotating IPv6 addresses on your computer(s) if you feel the need to confuse your enemies. But they’ll still be able to see what sort of requests flow to and from your cable modem (or whatever)... just like they could with IPv4.

      • > Your ISP probably assigned a /64 to your home - so you can always keep rotating
        > IPv6 addresses on your computer(s) if you feel the need to confuse your enemies.

        That does *NOT* necessarily help anonymization. A static /64 (or /56) is still a CIDR. You can dick around with the MAC ID ("privacy extensions") and jump around in your CIDR all you want. But once someone identifies a static /64 or /56 with you, you're marked permanently. The big privacy battle with IPV6 will be for dynamic /64 or /56 alloc

        • My point is: this issue is nothing new... it's the same thing we already have with IPv4. You only get one address from your cable company, and (at least with Comcast) it doesn't seem to change much, if at all. In practice, the only time my cable modem's external IPv4 address ever changed was after extended power failures.

          • by rtb61 ( 674572 ) on Sunday December 24, 2017 @07:33PM (#55802275) Homepage

            They are crippling IPv6 for one reason and one reason only. They have an existing investment in IPv4 addresses that they rent for profit or can sell, IPv6 simply reduces IPv4 addresses from being worth hundreds of millions of dollars to sweet fuck all. The longer they can keep out IPv6 the more money they can make out of IPv4. Straight up greed.

            • by Anonymous Coward

              No, they're just lazy and cheap. It costs a lot to ensure all of the devices and software involved work properly with IPv6. Telcos are full of legacy gear and apps.

              • by Agripa ( 139780 )

                They are crippling IPv6 for one reason and one reason only. They have an existing investment in IPv4 addresses that they rent for profit or can sell,

                No, they're just lazy and cheap. It costs a lot to ensure all of the devices and software involved work properly with IPv6. Telcos are full of legacy gear and apps.

                AT&T went out of their way to block IPv6 tunnels before they started charging for IPv6 "upgrades". One of the justifications they gave was that otherwise their customers could get static IPs without paying.

        • > Your ISP probably assigned a /64 to your home - so you can always keep rotating > IPv6 addresses on your computer(s) if you feel the need to confuse your enemies.

          That does *NOT* necessarily help anonymization. A static /64 (or /56) is still a CIDR. You can dick around with the MAC ID ("privacy extensions") and jump around in your CIDR all you want. But once someone identifies a static /64 or /56 with you, you're marked permanently. The big privacy battle with IPV6 will be for dynamic /64 or /56 allocation versus static allocation.

          That may be true, but it's only useful if one wants to block your devices from accessing their sites. However, if one wants to attack any of your devices, the /64 ain't enough: one needs the entire /128 address. If they were to try a brute force method of attack, they'd either take forever to exhaust all 2^64 addresses, or they'd need some algorithm to randomly pick addresses and hope that they match

    • by Craig Cruden ( 3592465 ) on Sunday December 24, 2017 @04:12PM (#55801677)
      Stateful Firewalls Provide Security (Not NAT)

      NAT does not provide any real network security, it actually prevents many security measures.

      Consumer grade firewalls (most of them) built into the modems they get from their ISP -- are often almost useless when it comes to providing real security. Many of them don't even bother to force the administrator to have anything more than the default password.

      By your argument -- you would be even happier if your ISP shares your IP address across many households (double NAT'd) -- which mine does.
      • I said obfuscation, not security. It seems better, from my point of view, not to have any security tied to IP address at all.

        And yes, it seems better if my ISP shares my IP address across many households. Why would it harm me in the slightest?

        • I'd imagine that from an ISP's POV, it's more useful to assign one subnet to a single household, and keep it simple. If the guy who's bought the service is a techie, and is running, say, a server of some type at home, it lets him manage the whole thing. If you split it b/w households, that would no longer be feasible, w/o him having to contact every other family on the subnet

          Part of this I blame on the design decision to make every subnet 2^64 instead of 2^32. I mean, which subnet needs to have even 4

      • Stateful Firewalls Provide Security (Not NAT) NAT does not provide any real network security, it actually prevents many security measures. Consumer grade firewalls (most of them) built into the modems they get from their ISP -- are often almost useless when it comes to providing real security. Many of them don't even bother to force the administrator to have anything more than the default password. By your argument -- you would be even happier if your ISP shares your IP address across many households (double NAT'd) -- which mine does.

        That's tangential to the argument the GP appeared to be making

        The GP was expressing concern about a telco, or anyone else, being able to know how many devices you're hooking up to the internet using your service. In other words, if you are paying Comcast $50 a month for a service, it's none of their business how many devices are hooked on to it. Under IPv4, it's somewhat trivial for them to find out. Under IPv6, if security extensions are being used, it no longer is.

        Same thing about who's watching wh

    • Re:Isn't this good? (Score:4, Interesting)

      by Ramze ( 640788 ) on Sunday December 24, 2017 @04:12PM (#55801679)

      Yes and No. With a proper firewall, no one can scan your network for devices as it should only allow incoming traffic through that is a reply to outgoing traffic. But, sites you visit from IPV6 devices would show their full IPV6 unique ID on your network -- so say... Facebook or Netflix might know exactly how many devices you have at your home that you use to connect to their services.... BUT, they really know this anyway because they scan for device IDs, browser fingerprinting, etc.

      NAT is a hack and not a security feature. It has its own security issues as well.

      https://www.internetsociety.or... [internetsociety.org]

      IPV6 is only bad if you have no proper hardware firewall between your ISP and your network... or if your ISP is spying on your traffic (in which case, you have bigger issues and need a VPN)

      • Note that most stuff ships with privacy addresses enabled, so your "IPV6 unique ID" used for outbound connections will change to a new, completely random ID every time you restart a device, reconnect one to the network, or in any case after 24 hours, which should limit its usefulness for tracking.

        Of course, as you say, everybody is already tracking you via cookies and fingerprinting anyway.

      • BUT, they really know this anyway because they scan for device IDs, browser fingerprinting, etc.

        YOu mean all things my devices all self-report. Yeah, I get that. It's modestly annoying to solve, but not difficult. Hint, all my devices report what I tell them to.

        By the by, I read your article. It argues, e.g. that geolocation will be aided by IPv6. Sign me up to stay on IP4! Yes, I get that it's not a security feature, but it's definitely an obfuscation feature.

    • > anonymization about which device beyond the firewall is using a service.

      You're not really hiding anything. Between user agent strings, cookies, etc., the trackers know one device from another. In fact since most web access is from mobile devices these days, and mobiles get new IPs all the time, IPs aren't used much for tracking anymore anyway.

      Because IPv4 lacks enough addresses, you're pretty much forced to use only one IP for all of your devices. That's a hack and while it works well enough most of

      • by mark-t ( 151149 )

        You *can* still do that with IPv6; you aren't forced to.

        This. Exactly.

        Also, with IPv6's extension header system, you can theoretically even route right through a NAT, completely neutralizing its most significant disadvantage, as long as the NAT in the middle recognizes and handles the extension, and the session layer on the remote machine that may need to be able to route a raw IP packet to an otherwise undetectable IP address knows to add the extension to the appropriate outgoing packets.

      • If I'm the kind of person who is worried about the lack of NAS leading to people tracking me more effectively, why don't you think I'm the kind of person who can handle user-agent-strings (and other browser fingerprinting) and cookies?

        IPv6 seems dedicated to preventing me from hiding. Even if my device is randomly hopping among IPv6 addresses, they're all on the same subnet (does that term still apply) meaning they can all be used to id me.

        • > Even if my device is randomly hopping among IPv6 addresses, they're all on the same subnet (does that term still apply) meaning they can all be used to id me.

          Yes they will be chosen from a range of 9,007,199,254,740,991 addresses or so. Some ISPs will assign you 32 times that many addresses, some a bit fewer, but roughly 9 quadrillion addresses. Compared to your ONE IPv4 address. As someone who has developed security systems which use IP addresses as one indicator of whether it's the same person, I'l

        • by johnw ( 3725 )

          Even if my device is randomly hopping among IPv6 addresses, they're all on the same subnet (does that term still apply) meaning they can all be used to id me.

          Just like when you were on IPv4, all your devices were behind one IPv4 address, providing precisely the same facility.

          IPv6 seems dedicated to preventing me from hiding.

          You've yet to provide a single example supporting this contention.

        • If I'm the kind of person who is worried about the lack of NAS leading to people tracking me more effectively, why don't you think I'm the kind of person who can handle user-agent-strings (and other browser fingerprinting) and cookies?

          And TLS session caching, DNS fingerprinting and port range mapping (CGN).

          IPv6 seems dedicated to preventing me from hiding.

          IPv6 really does make it easier to track individual systems on a network of more than one user. Even with privacy addresses short term correlation is probably still useful.

          Even if my device is randomly hopping among IPv6 addresses, they're all on the same subnet (does that term still apply) meaning they can all be used to id me.

          IPv6 customers are generally assigned subnets rather than single IP addresses. Whether you get a single IPv4 address or a single IPv6 prefix your "network" can just as easily be tracked in either case.

          Options here are same for both IPv4/IPv6 use a VPN/tunnel/proxy/

        • If I'm the kind of person who is worried about the lack of NAS leading to people tracking me more effectively, why don't you think I'm the kind of person who can handle user-agent-strings (and other browser fingerprinting) and cookies?

          IPv6 seems dedicated to preventing me from hiding. Even if my device is randomly hopping among IPv6 addresses, they're all on the same subnet (does that term still apply) meaning they can all be used to id me.

          If somebody outside knows your /64 and they run a website, they can use their knowledge of your /64 to block you from getting into their site. But if they want to attack any of your devices, they need to know your entire /128 address, not just your subnet address, and that's where your device hopping b/w the addresses in your range helps.

      • But cookies would have to use something like your MAC addresses, or some other physical (read layer 2) info in order to have a count of your devices. In layer 3 - the IP layer - IPv4 can be used to track how many devices you are using, but IPv6 can't, due to the security extensions. So IPv4 vs IPv6 is no longer an argument if a foreign host, like Facebook or Twitter, is using something outside layer 3 to track everything about you

        • Mac addresses aren't needed, a random number does just fine. The whole idea of cookies, the definition of a cookie, is that the device returns back the same value that was previously set. So the server sets a cookie called device=7573+4758585 and next time the browser sends back that number.

          Obviously the cookie is only one of many parameters used. Cookies might be "blocked" (which often just means they are cleared when you shut down your browser, session cookies typically aren't blocked). To "track" a u

    • by mark-t ( 151149 )
      Not inherently. NAT is still entirely possible under IPv6 (and in some cases, where end-to-end communication is not needed, may even sometimes be preferable), but the nice thing about still using IPv6 is that you will have a greater freedom of choice on which machines are invisible to the outside and which are not.
    • Doesn't IPv6 hide the anonymization about which device beyond the firewall is using a service. Do I really want people outside my home to know how many devices I have, or which is viewing what?

      Absolutely! Since the subnet size is fixed - 2^64, it's impossible for any service to know how many devices there are behind the firewall. Particularly if they are set up with security extensions, which is to have the interface IDs keep changing periodically so that not only can't a device's ID be nailed, but it would also be impossible to find out at the layer 3 level how many devices one has, or who's viewing what

  • by Billly Gates ( 198444 ) on Sunday December 24, 2017 @03:48PM (#55801581) Journal

    Not every level 1 helpdesk jockey in India making $5/hr can do IPv6 subnetting in their heads to fix connectivity problems

    • You are right, but v6 subnetting is a lot easier than v4 subnetting because of the way that hex lines up with binary more easily than decimal does, so this seems more like an argument in favor of v6 rather than against it.

    • by sjames ( 1099 ) on Monday December 25, 2017 @12:33AM (#55803247) Homepage Journal

      To be fair, most of the tier 1 people can't do anything that's not in the flip book. That is, they can guide you to reboot the router. They can giude you to reboot Windows. If you tell them you have Linux they'll tell you that Windows Linux reboots the same way as other Microsoft operating systems.

      So no real difference there.

      Tell them they have a routing failure in your network and they'll transfer you to premium Windows support to explain to you how to set up your email.

    • by Koutarou ( 38114 )

      What subnetting? Nearly everything in v6 is a /64.

      • The latest Microsoft MCSA/E exams have lots of /96 vlan questions

        • Are there any other subnet sizes in VLAN that are used? Incidentally, /96 makes more sense than /64, and had that been the rule, having automatic routing embedded in the global prefix would have been more achievable
  • C'mon Editors (Score:5, Informative)

    by great throwdini ( 118430 ) on Sunday December 24, 2017 @04:00PM (#55801621)
    I typically refrain from calling out the staff supporting /., but is it really too much to postfix the submission title with "in Nigeria"? Or is that somehow at cross-purposes with what you all are trying to achieve on this site?
    • Re: (Score:2, Insightful)

      by kenh ( 9056 )

      Agreed, too many/most Slashdot readers simply read the headline and then try and blame some combination of the following:

      a) Ajit Pai
      b) Donald Trump
      c) Republicans
      d) Comcast, Verizon, etc
      e) Windows/Microsoft

  • by AlanObject ( 3603453 ) on Sunday December 24, 2017 @04:02PM (#55801631)

    I know it is cool here to hate on Comcast but my cable modem service supports it so easily now that I don't see any barrier's to adoption.

    I used to use one of my Apple Time Capsules (so shoot me) for my router but when I needed better VPN service I got a $35 Mikrotik and made that the gateway router and the Time Capsules are now bridge-mode Wifi access points behind that.

    Fast forward a couple of years and I hear about Comcast has IPv6. I found out that my Mikrotik needed an upgrade for IPv6 support but that was surprisingly painless. Once you have that and turn it on the router gets your IPv6 address assignment from the upstream DHCPv6 server Comcast runs. That gives you a 64-bit "address pool" (which is what Mikrotik calls it) and without doing anything else all your household devices get an IPv6 address according their own capabilities.

    Comcast did it right, but you still need the right router software on your end. The Time Capsules didn't cut it but the Mikrotik router did. I can't speak for other products because the router worked and there was no need to try anything else.

    Windows no problem. MacOS no problem. Smart phones, TV, cams and all the other junk no problem.

    The only reason you need IPv4 at all is because there are still a LOT of servers and services out there that can't be reached by IPv6. But I have had no issue with Safari, Chrome, or Firefox or any other networking application.

    The payoff for me is that I run a fair number of VMs out in the cloud. My co-location host is reasonably OK with giving me IPv4 addresses when I need them but now I don't even bother assigning an IPv4 address to a system unless it is for public access. IPv6 straight from my system at home to the VM out there.

    Fringe benefit: The public IPv6 addresses, at least those that don't have well-known AAAA DNS records, don't get constantly assailed by bots with dictionary attacks.

    Gripe: XenCenter doesn't support IPv6 for management. And it is a mess to try and install a mitigating tool like fail2ban in the XenServer hypervisor. What a pain.

    That's my take anyway.

    • Yep, Comcast did it right:

      Between me and Comcast, we're predominantly doing ipv6:

      Your IPv4 address on the public Internet appears to be 73.187.x.y

      Your IPv6 address on the public Internet appears to be 2601:982:8202:e17x:y:z:z

      Your Internet Service Provider (ISP) appears to be Comcast Cable Communications, LLC

      Since you have IPv6, we are including a tab that shows how well you can reach other IPv6 sites. [more info]

      HTTPS support is now available on this site. [more info]

      Your DNS se

    • Two days ago I got my wife's store provisioned with a Comcast business internet (there was no other provider) with 5 static addresses. They provided an envelope with the static address range hand written on it for *only for IPv4*. They also got the addresses wrong and the they had not set the routes up, so nothing can route to those addresses anyway.

      The installer who came said a couple of things that were obviously untrue about the address range available on the router's switch and then admitted to not unde

      • by Rick Zeman ( 15628 ) on Sunday December 24, 2017 @04:52PM (#55801799)

        >Comcast did it right

        Bullshit. They can't even set up a static address range.

        Don't confuse architectural design and their overall design with everyday low-level ineptness. Haven't you seen the ads for Comcast techs: "...no experience necessary?" You said it yourself, "...the installer who came" not "the network engineer who came....."
        Don't confuse the two.

        • just need a truck and tools to be an 1099'er for comcast in the past they did even do background or DMV checks.

    • Comcast subscriber here. I use the IPvFoo extension for both Firefox 57 and Chrome Browser and it shows the IP version and other information for connected websites. Comcast handles IPv6 very well.
    • I have Comcast at home: it's the only carrier available at my residence. No IPv6
  • has applications beyond elementary school math.

    Next story.

  • Were there actual technical limitations to enabling a larger address space or was it just a lack of foresight?
    • A bit of both. First, back when the Internet Protocol was created, there weren't 4 billion people on Earth let alone 4 billion devices that needed to be connected to a network. Secondly, handling and transmitting 128-bit identifiers would have been a bit much for the computers and networks of that era.

      So, as I said, very few (if any) people thought the internet would get as big as it is and systems 30 to 40 years ago wouldn't have been able to handle IPv6 the way systems now can.

      • by ELCouz ( 1338259 )
        40-bit is enough (XXX.XXX.XXX.XXX.XXX)...who need 128-bit addressing space?
        • by AHuxley ( 892839 )
          Re 'who need 128-bit addressing space?"
          Products within a company. Everything gets a ip so it can be scanned and more product arrives just in time.
        • The internet does.

          Actually, 64 bits might be enough for the internet, especially if you were willing to put up with some degree of increased costs and admin headache (and oh boy are we willing to do that), but "might" isn't good enough. If you're going to do an incredibly difficult protocol switchover to increase the address size, you really want to get it big enough the first time.

          "Whoops. Tehee. It's still not big enough. We need to make it bigger again." is just not going to cut it.

      • First, back when the Internet Protocol was created, there weren't 4 billion people on Earth let alone 4 billion devices that needed to be connected to a network.

        It was pretty close. World population was estimated to cross 4 billion in April 1974, while the paper describing IP was published in May 1974. Vint Cerf has apologized [networkworld.com] for choosing 32 bits, saying "The problem is the experiment never ended".

      • A bit of both. First, back when the Internet Protocol was created, there weren't 4 billion people on Earth let alone 4 billion devices that needed to be connected to a network. Secondly, handling and transmitting 128-bit identifiers would have been a bit much for the computers and networks of that era.

        So, as I said, very few (if any) people thought the internet would get as big as it is and systems 30 to 40 years ago wouldn't have been able to handle IPv6 the way systems now can.

        Actually, when the Internet Protocol was first created, it was only created for the US Department of Defense and their clients: there was never any intention for this to be used by the entire civilian population of the US, let alone the world. Once it became clear that it was catching on, the IPv6 (then IPng) started.

        Also, at the time IPv4 came about, most computers were 8 or 16 bit, much less 32, so having a 128 bit address would have really slowed things down

  • by seoras ( 147590 ) on Sunday December 24, 2017 @06:20PM (#55802075)

    I just checked that test URL. 10/10. Nice xmas surprise. I run a couple of popular websites (Amazon EC2's running Ubuntu) so I could add IPv6 easily. But why?
    What's the upside to IPv6 for a website? Better Google page ranking? Security? Faster page load? Others?
    It's been years since I've worked on IPv6, I was one of the small team who wrote the IPv6 stack for Cisco's high end routers.
    So I know the protocol - sort of. It was still in flux back then (15 years ago) with the IETF.
    Can someone bring me up to date? As a website master, why do I need it?

    • Facebook have done measurements that show v6 as giving ~10-15% faster page loads [facebook.com] compared to v4. On some specific ISPs the difference will be even higher (for instance T-Mobile in the US backhaul all of their v4 traffic across the country to the datacenters that host their NAT64 infrastructure, while routing v6 more directly).

    • I just checked that test URL. 10/10. Nice xmas surprise. I run a couple of popular websites (Amazon EC2's running Ubuntu) so I could add IPv6 easily. But why?
      What's the upside to IPv6 for a website? Better Google page ranking? Security? Faster page load? Others?

      The tangible benefit I know of for websites ATM is faster page loads for those stuck behind IPv4 CGNs.

    • Websites need routable addresses, so address exhaustion is a real problem that NAT cannot resolve. Neither can virtual hosting. In which case, they'd be forced into IPv6, and then they may or may not take advantage of other IPv6 features. Also, virtual hosting would be a thing of the past, as foo.bar.com would map into 2001:db8:dead:beef::1 while foobar.bar.com would map into 2001:db8:dead:beef::2. No more need for the IP address to be shared
  • Seriously, at this time, it would be better if apps would prefer IPv6 and start running massive traffic through it.
    If IPv6 is not available, so be it. BUT, by moving Chrome, Firefox, etc to 6, it will only hasten the move.
    • They do. If you take a dual-stack network and measure the traffic on it, you'll find that about half of it by volume already goes via v6.

      Technically the priority is usually set by the OS/system resolver library, which sorts DNS results by an algorithm that is roughly "v6 first if you have a public v6 address, otherwise v4 first". Some software does override the ordering, and other software (like Firefox) has ADHD and will try to connect over v4 if the first connection attempt hasn't finished within 300ms, b

  • How will the Nigerian economy keep up with the western world without a timely shift to IPv6! /sarcasm

    Seriously, it's Nigeria...

  • by kenh ( 9056 )

    "There are indications that telecommunications operators and traditional ISPs in the country are frustrating adoption of Internet Protocol version six (IPv6) by other networks," reports Nigeria's Guardian newspaper, citing Nigeria CommunicationsWeek. The magazine found 32 networks with IPv6 addresses -- but only three which are using them. And the newspaper cites "a network engineer with a university who does not want to be named" frustrated that their ISP's network isn't IPv6-compatible, so the university can't use its own IPv6 address. "Mohammed Rudman, chairman, IPv6 Council Nigeria, said that most telecommunications

  • Here in the U.S., New England region with Cox and Verizon. I know Cox offers IPv6 and my router can handle it. But I've been loathe to do so as the 255^3 addresses using only three octets that I have available are plenty. And the NAT works perfectly.
  • I tried the test at http://test-ipv6.com/ [test-ipv6.com] cited in the article. It said "Connections to IPv6-only sites are timing out. Any web site that is IPv6 only, will appear to be down to you."

    According to the test site Down For Everyone Or Just Me at http://downforeveryoneorjustme... [downforeve...justme.com], the IPv6 test URI http://ipv6.vm1.test-ipv6.com/... [test-ipv6.com] -- timed out for me -- is down for everyone. The IPv6 test URI http://2001470118119/ip/?callb... [2001470118119] gives the result "Huh? [2001:470:1:18::119] doesn't look like a site on the interwho

    • I wouldn't put too much trust in DFEOJM.com; it even claims that Google [downforeve...justme.com] is down. Meanwhile, I have no trouble connecting to ipv6.vm1.test-ipv6.com:

      Connecting to ipv6.vm1.test-ipv6.com (ipv6.vm1.test-ipv6.com)|2001:470:1:18::119|:80... connected.

      You might be single-homed behind Cogent, who have an issue with reaching HE (specifically, the issue is that they just can't stop being assholes). If so then you should probably talk to your ISP and get them to get an extra upstream.

  • It takes twice as much work to configure IPv6 (assuming you need to keep supporting IPv4). It's no big deal if you are just configuring a few switches, but if you talk about the number of routers a large ISP has, it becomes a lot of work. So, until they get close to running out of IPv4 addresses to assign to customers, don't hold your breath.

    • by sl3xd ( 111641 )

      if you talk about the number of routers a large ISP has, it becomes a lot of work.

      Configuring large numbers of routers isn't an unsolved problem, [safaribooksonline.com] even if you roll your own automation.

      A large ISP is insane if they dodn't use automation to configure their hardware -- it guarantees consistency across the network, which reduces their overhead.

      At that point, adding a "new" router is no different from updating the configuration on an existing router.

      • That will work if every switch and router is the same and is running the same OS version (as was pointed out in the article you referenced). That's not likely to be true in a really large network.

        Also, it's been my experience that script based solutions (especially ones that exercise a user interface) are fragile and require a lot of tinkering. And it's still going to be twice as much work (assuming that adding more configuration steps to the script only increases the probability of failure linearly, whic

You are in a maze of little twisting passages, all different.

Working...