Slashdot Mirror
O'Reilly's IPv6 Overview
Scooter[AMMO] writes: "I thought people might be interested in this
IPv6 overview currently on
O'Reillynet. It touches on what a lot of us already know, like a larger addressable space, security, and mobility, but it also goes into some detail that others may not know yet. It gives information on how addresses are divided between host bits and network bits, address creation, NDP, name resolution, multicasting, localnets, and localsites. It also has RFC references for the more demanding researchers among us."
Hmmm, since you mention patents, I'll just say:
DNS. Can you say prior art?
I can throw myself at the ground, and miss.
whois.arin.net and do lookups for those huge class A blocks. Bbnplanet at least uses their 4.x block while GE and few other large companies just have them reserved.
Only the State obtains its revenue by coercion. - Murray Rothbard
Aparently with Cisco's next major IOS train release, there will be support for IPV6 which I'm certainly looking forward to.
Three letters:
D N S
Take a look at anything in the domain ipv6.drobnak.com for examples. I have a mini IPv6 net setup here, using a very nice tunnel broker - hurrican electric. (www.he.net)
You use a 'quad A', AAAA, or an A6 record to put IPv6 addresses into the DNS database. Quite simple, just as long as you have a dns provider who supports it. (ie www.worldwidedns.net)
-Matt
Well, okay, sure...but he's talking about the simple case. And if you qualify his point a little, he's right. Portforwarding only enables a single box to act as the server; fine for a home network but not for a corporate LAN. Proxying requires additional code running somewhere to compensate for the problems introduced by the NAT.
I'm writing an application proxy right now, and guess what---embedding routing info in application packets adds additional routing logic that is separate from your normal routing infrastructure. Can you say security hole?
He is pointing out how NAT is an incomplete solution to the problem of mapping multiple hosts to a single v4 address. And he's right, it's a pain in the ass.
Premature optimization is the root of all evil
Sorry, I didn't realise Microsoft filed for bankrupcy and *BSD took control of the desktop.
Tongue in cheek aside, I'd venture to guess a huge percentage of the net's traffic flows through *BSD hardware.
Microsoft owns the desktop, UNIX owns the net's infrastructure.
Japan has a huge IPv6 infrastructure ready to roll, this doesn't mean the end users would have to adopt it right away. IPv6-to-IPv4 products exist already.
grubTrolling is a art,
Very impressive article.
However, unfortunately, the author got the EUI-64 algorithm wrong. Before inserting the fffe in the middle of the MAC address, the universal/local bit has to be inverted. So 01:23:45:67:89:ab will give you as host part of the IPv6 address: 0323:45ff:fe67:89ab
--jochen
So you're saying all Cisco and Microsoft (or even Linux) users can take a few minutes to install v6 on their current hardware/OS and have everything working just fine?
Didn't think so.
Or better yet, use those the first two or three F's for subnet addresses. Let's get real here: 33 bits are enough to uniquely identify every single human in the world. So prepending a MAC supertype of a few bits should do just fine. What point is there in arbitrarily sticking it in the middle, and basically forcing everyone to waste these bits?
[100% ISO 646 Compliant]
SVM, ERGO MONSTRO.
Well, when you have 340,282,366,920,938,463,463,374,607,431,768,211,45 6 possible addresses, do you want to be using a long string of numbers? The numbers aren't all meant to be memorizable, that is why there are things such as autoconfig and DNS.
It's more its 4hex digits a set not 256
42
Why do you say IPv6 is faster than CLNP?
The usual excuse is that IPv6 has fixed-length address fields which are easy to handle, say, as struct's. But who says CLNP can't? While CLNP allows many AFIs, it's quite reasonable for the IETF to standardized on a narrow subset, with defined length.
Little work has been done lately on speeding up CLNP, but I think it should be quite feasible to run it through the fast path.
IPv6 is a failure, and has been for the ten years or so that it's been in the works. Now that Cisco has lost most of its technical talent, it's finally pushing something that should have died years ago.
IPv6 was misbegotten in the first place. There was a working protocol, CLNP, designed for the OSI programme. While OSI had many errors, CLNP, its equivalent of IP, was very good. It had a flexible address field. The first byte was the "authority and format identifier" (AFI), which indicated how to parse the rest. The maximum length was 20 octets but it varied depending on the AFI. Then came the "initial domain identifier" (IDI), which corresponded to network, and the "domain specific part" (DSP), which corresponded to a host on the network (and which could have a subnet-like hierarchy). CLNP was in Cisco, Wellfleet, and other routers over ten years ago! Applied to the Internet, it was called TUBA (TCP and UDP with Bigger Addresses).
The IETF almost standardized on TUBA; had they done so, the migration would have been done years ago and we probably wouldn't have had NAT, except maybe for some firewalling. The opposition came about because it was tained by OSI, a religious issue among some immature IETF hotheads. Paul {Francis|Tsuchia} of Bellcore and Steve Deering each wrote their own candidate replacements for IPv4, called PIP and SIP (Paul's and Steve's IP, respectively). Both were undergraduate quality. They merged their efforts (the anti-OSI alliance) into what we now call IPv6. At the last minute, Vint Cerf (the Chauncy Gardner of the Internet) switched his vote from TUBA to IPv6. And real progress in the IP layer basically stopped.
IPv6 doesn't do what it's supposed to. The article at least doesn't claim that its flows are useful for QoS; they're not. The address space is horribly wasteful; because the low-order 64 bits are globally unique (based on MAC), the net result is 64 effective bits, twice. Security is no better than with IPv4. The long addresses result in more header overhead, more bandwidth wasted, and thus either worse performance or more cost. Think of how the bigger headers will work with short-payload streaming payloads!
They should put this turkey out of its misery. There are LOTS of IPv4 addresses in reserve. Properly allocated, 32 bits should last for a decade or more. Of course many Class As were given out wastefully back in the old days, but we really don't need globally unique addresses for every appliance in every house anyway.
OK, try reading this post after these:
s/(IP addresses|IP address|IPs)/recorded music
s/IPv6/Napster/g
s/IPv4/FTP/g
s/NATs/site indexing/g
Interesting reading, eh?
I like to play children's songs in minor keys.
"We're all sons of bitches now." --J. Robert Oppenheimer
Not every medium is ethernet, some have 64 bit node identifiers and you can't just truncate them without risk of duplicates. See RFC 2373, 2462, 2464 and references in the latter.
But you can't assign identifiers with perfect efficiency. See RFC 1715 for examples.
Jeez, I know when a statement is tongue in cheek..
If you notice the original article, the submitter was saying RFCs are too hard to read.
This was a neat opportunity to point out that RFCs should be mandatory reading, for techies, at least.
(And also to prevent any bright kid out of law school from taking the idea seriously).
And the +2 was because I have earned it, and on merit. I haven't karma whored yet.
I can throw myself at the ground, and miss.
So you're saying all Cisco and Microsoft (or even Linux) users can take a few minutes to install v6 on their current hardware/OS and have everything working just fine?
If you run OpenBSD (and I believe FreeBSD), you'll see that you're already IPV6-ready
(pardon the formatting for this paste)
grubTrolling is a art,
Can you say dumbarse?
--
Artix
Your Linux, your init.
Sorry, I didn't realise Microsoft filed for bankrupcy and *BSD took control of the desktop.
Can you imagine the broadcast traffic you'd get on a several billion host subnet? I would hope you don't have an IPv6 aware rwhod running. :-)
There seems to be a fscking chasm of missing pieces in the IPv6 rollout. Set it up on your LAN, but I don't see it in the internet arena for at least the next 20 years.
I have an idea. I should probably patent this first but I'll pass it along since I love Open Source ideas. How about we create some kind of huge distributed database of "names" to would map to these IPv6 addresses? Then we could just remember these names instead. :-) Then the only time you'd need the IP address is when you're configuring thie naming database thingamajig and your machine.
It seems that every overview of IPv6 I read talks about it eliminating the need for NAT. However, this is only going to be in the case of, for example, a large corporation that is using NAT solely to avoid spending money on IP addresses. In my little piece of the world, I run NAT (IP masq) NOT because there aren't enough addresses but rather because my ISP adds about $7/month for each additional computer, and only up to three on a home account (at least double the price if you want a business account).
There is no way in H-E-double-hockey-sticks that my ISP is going to just up and say "Okay, now there are plenty of addresses, so we'll stop charging extra for additional computers." They're not going to just let me have six computers connected with IPv6, IPv4, or whatever. For the home user (cable modem, xDSL, modem, or whatever), there will always be a need for NAT.
Here's a good cisco doco that I should have included in the origional post: here
111.222.333.444.555.666 That would give, to my math, 256^6, or 281 trillion, IP addresses. 281,474,976,710,656 to be exact.
creation science book
www.cisco.com/ipv6
http://msdn.microsoft.com/downloads/sdks/platform/ tpipv6.asp
What's the problem?
Vintage computer games and RPG books available. Email me if you're interested.
Trolls throughout history:
Trolls throughout history:
Jonathan Swift
Now that I finally understand what all:those::colons:are in the addresses my OpenBSD box spits out, I'm no longer afraid of them. It's actually pretty straightforward.
We all know that no one will be deploying IPv6 until Cisco starts to support it in its router software. Furthermore, it won't be deployed on a near universal basis until Microsoft decides to get off their asses and support it. So don't count on having any of the benefits of IPv6 at your disposal any time soon...
Friends don't let friends use multiple inheritance.
Will firewalls become obsolete after IP4 is gone?
With provider assigned space in the network address, how does any organisation do multi-homing?
Or do they change addresses each time a link goes down?
Or will we have a similar situation as of today, where we lease provider space from APNIC/ARIN/RIPE?
And for smaller organizations which do not have that large requirements?
I can throw myself at the ground, and miss.