Slashdot Mirror
Free IPv6 Subnets Are Going Away
ar32h writes "The 6bone is going to be phased out soon.
This means all of us who have IP addresses or subnets beginning with 3ffe from tunnel brokers like Freenet6 are going to be sorry out of luck." According to the linked phaseout plan, "It is anticipated that under this phaseout plan the 6bone will cease to operate by July 1, 2006, with all 6bone prefixes fully reclaimed by the IANA," but there are a number of sub-deadlines along the way.
I used a 3ffe prefix a few years ago to get acquainted with IPv6. These days, my JANET provided tunnel serves me well. Performance to a lot of 6bone networks has been deteriorating with all the free subnets they have been allocating.
You can get free IPv6 subnets using the much more efficient 6to4. 6bone isn't needed any more; that's why it's being phased out.
Hurricane Electric also provides free IPv6 tunnels...I used one to play around with IPv6, but tunnels seem to have fairly high latency.
New addresses can be allocated until July 1, 2004.
Existing addresses can be used until July 1, 2006.
the 6bone network was a TEST NETWORK, if you didn't fully expect this TEST NETWORK to go away after a while, you are just plain delusional.
Here's the relevant text, snipped from the TOP of the memo (i.e. you didn't even have to read MUCH of it.)
The 6bone was established in 1996 by the IETF as an IPv6 Testbed network to enable various IPv6 testing as well as to assist in the transitioning of IPv6 into the Internet. It operates under the IPv6 address allocation 3FFE::/16 from RFC 2471. As IPv6 is beginning its production deployment it is appropriate to plan for the phaseout of the 6bone.
So, please, please, PLEASE stop complaining about something that was supposed to be going away from the very beginning!!!
- A.P.
"Remember when the U.S. had a drug problem, and then we declared a War On Drugs, and now you can't buy drugs anymore?"
refer to RFC 2471, which established the current address allocation: "These addresses are temporary and will be reclaimed in the future."
And why are they closing the 6bone? "As IPv6 is beginning its production deployment it is appropriate to plan for the phaseout of the 6bone."
They're just cleaning up from the testing phase so they can move into official use. It's only a step backwards if you consider the end of a beta test a step backwards.
Yes 6bone itself is going away, which means the 3ffe::/16 address allocation is going to be reclaimed down the road. What this means is tunnel brokers like freenet6 are just going to need to get a new address allocation. There are a number of tunnel brokers already using other addresses, mainly under 2001::/16. So for all the posters who are going all doom and gloom, get a clue, wait, this is slashdot.
I wish people would *read* the articles first and *understand* what they mean before blathering on about them.
-AS
You do realize that you can get a block of IPs from one of your ISPs, and if they are willing, they will SWIP it to you, assign you an ASN, and you can do BGP between the main ISP (that the IPs belong to) and any other ISP that will do BGP with you.
/20 as of 1998 i believe it was)
/20 or more, you are suppost to buy the block from ARIN directly.
:)
/24 of theirs on its own ASN, and tell the other ISPs you use to route over the whole block. /28 out of that, your more than welcome to. /24, it would be more wasteful to leave them unused than to simply route them to you in the first place.
Even if your link to the main ISP goes away, your IPs that belong to them will still route through the other ISPs you have connections to.
This is how you are suppost to get IP space and multihome for small blocks of IPs. (Small being under a
If you need a
In their contract, it actually states you have a years time to renumber your networks and give the ISPs IP space back to them, and use only your ARIN space. If you dont give the ISPs space back, you are in voilation of your contract.
But the whole reason that is there is because getting an ARIN block of IPs is an upgrade path from your large block of ISP IPs.
Both can still do BGP just the same.
Also to get an ARIN block, you must be multihomed already. That in itself should tell you you can multihome without their help
The main problem is, alot of routers are configured to ignore routes smaller than a C class (/24) so if you got less than that, they cant garentee all backbones over the world will have routing table entrys for their customers/transiant trafic to find your network.
Any backbone that used such filters would never route traffic to you, either from their customers, or from anyone that has to route packets through them.
Backbones do this because they do not want to buy memory for lots of routers. This has nothing to do with ARIN.
Some nicer ISPs will still do BGP with you on very small blocks of IPs, but as a large chunk of the net wont see you.
The only way to solve this is for the main ISP to mark a whole
If you want to subnet just a
But as the ISP cant use any of the other IPs in that
I don't think you know what you're talking about.
The IPv6 protocol declares that extension options are end-to-end, meaning that in-between nodes do NOT look at any of the options headers. The ONLY exceptions are the Hop-by-Hop option header, the Routing header, and the Destination options header.
Packet fragmentation and reassembly are ONLY done by the source and destination nodes. (Yes, the underlying link may do fragmentation, but that is entirely the problem of the layer below, IPv6 does not care...) The IPv6 header area - which includes the Hop-by-Hop header, Destination options, and Routing headers, if present - is considered UNFRAGMENTABLE.
You need to re-read RFC 2460.
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
Currently the internet uses IP protocal version 4. Version 6 is supposed to fix some of the problems of ipv4. Notable among these is the larger address space (128 bits instead of 32... actually I seem to recall that this may also have changed in the spec to an expandable scheme(?)), and things like QoS.
The biggest problem is that none of the primary routers support it. Network providers aren't interested in the expense and difficulty of upgrading, and hence aren't buying the new equipment and software required. Others are waiting for the equipment and software to become more common. In turn, product and software manufacturers aren't terribly interested in it until they get orders. Others are waiting for everyone else to use it (and be the Guinea pigs).
A "chicken and egg" situation.
The Internet has some serious problems that need fixing, but it also has way too much inertia to allow change to occur.
By far the best tunnel provider I've used is IPNG-UK. I can whole-heartedly recommend it to anybody wanting to use IPv6 now!
why do you think that ip6 is going to remove the necessity of NAT? I've seen several network installations that use 1-to-1 NAT. This configuration does not cause anywhere near the number of problems that you are thinking of. I can even think of one site that used 1-to-1 NAT twice on the same network block. Once to go from public IP to a private range, and then on the other side of the network another router did 1-to-1 NAT back to the packets' original IP.
Not to mention that many users of consumer level NATing devices (Cable/DSL routers) do so for financial reasons, not out of necessity. Why pay your ISP for another IP address when you can run upwards of 200 machines on the one you already have.
My spouse works for the cable co, so I get free cable modem service, but I only have 1 IP because I'd rather not play the dhcp game with every machine on my home network, praying that they stay within the same subnet so they can talk to eachother directly. Plus, I don't like the idea of all of my local traffic being bridged to the NOC just because the modem firmware doesn't know any better.
Guys, there are a lot of misconceptions about IPv6. I appreciate this - it's not an intuitive subject, and it's possible to believe you know a lot more about it than you actually do. But, the details are there. Please do the reading and start asking your ISP for connectivity. No, your real ISP. There are people out there who want to deploy this, now, and we're waiting for customer demand. Go nuts!
Dave
Note that any single IPv4 address can be used to claim a /48 -- that's 80 bits of address space -- of IPv6 address space by sticking 2002: in front of it, e.g. 192.0.2.69 -> 2002:c000:0245::/48. This is called 6to4; see RFC 3056.
Let me put it this way.
:)
A long time ago, we had a network. It was quite good. It was the phone network. It was great, but it carried voice traffic, and not a whole pile else.
Some bright spark had this notion of packet switching, and it caught on. It's like this - once you deploy the packet switching network, the telco is no longer the arbiter of what applications are run on it. You are. You can run a mail server, I can run NNTP, and some maniac over there is writing something called a Web Browser.
The innovation that made the internet what we know today came from the fact that any idiot could develop a protocol, not just a telco engineer.
Now, cut forward. We have an internet, but we're kind of short of address space, so we use a lot of NATs to conserve them. What's going on here? Well, I can use a sensible TCP application, but that's about it. If I want to run some crazy app that needs Multicast, or an instant messenger, or something that just doesn't get on with the TCP congestion algorithm - well, not only do I need the permission of my network security team (which is good and proper) - but I need support from the NAT box.
The NAT box needs to support my protocol, which might not even exist yet. You want to talk about chicken and egg?
And innovation stops. There's a lot of talk of the end-to-end principle and handwaving and that, but that's the meaning - there's no more innovation.
NAT is not a security policy. It's a means to conserve addresses. It has an added feature that prevents you connecting directly inward to hosts on the network - but so does a stateful firewall. The point of compromise is exactly the same. It's rude to use global IP space behind a firewall like that in IPv4 land, but only for purposes of conservation. In IPv6, that doesn't apply.
I'm not claiming that IPv6 is going to solve all these ills - but NAT is a bigger hassle than you give it credit for. A prerequisite for solving this is having mnore address space. We'll tackle the rest in good time.
Given that IPv4 space is no longer at risk of being exhausted...
That's not really a given, you ought to prove it.
Barring genocide or a complete halt to the current trend in internet access growth, I don't think IPv4 is going to last forever.
0 1 - just my two bits
Right, I browse the WWW from my router all the time. Sun has a MAC range, but the addresses are easily changeable. Whether Apple has one or uses it I do not know, but plug any random PCI ethernet NIC into it, and suddenly your Mac becomes a PC.
It hands out the MAC to anyone on the Internet, which can be nice for MAC-related attacks if a hacker can compromise a nearby system...
If the hacker can compromise a nearby system, he can just hang around on it until he sees an arp request fly by. Or, with IPv4, simply scan whatever pitiful subnet the two machines are on.
As a non-privacy-related but nasty issue, my IP changes if my Ethernet card breaks and I get a new one. People running a server will love that (and "IP numbers unassociated with MACs" become a premium item to sell to business accounts).
Finally, I can *get* a new IP number if I want one today. If my ISP has a policy (and has routers that depend on) my IP ending in my MAC, I'm stuck with it.
You seem to be holding on to this notion of "my IP". "My IP" only applies to end user devices, like when you bring your laptop to work and it gets an IPv6 address. Whenever you are actually connecting to an ISP and not just borrowing someones network, you get your very own /48. If you prefer to allocate addresses the RFC 2322 way, feel free.
You can't do that on any card that I'm familiar with, though I'm sure there are some that you can finagle into pulling that off on. The Linux approach of "changing the MAC" just kicks the card into promisc mode and then does software filtering when listening for frames with the right MAC. It wastes CPU time.
I have no idea what makes you think that Linux cannot do hardware filtering of MACs for software assigned addresses. A reference for that claim would be nice. Not that hardware filtering makes any sense these days - when did your NIC last receive a packet that was not addressed to you or a broadcast packet?
Anyway, many drivers for Windows allow you to change the MAC address. If yours does not, try this
Finally! A year of moderation! Ready for 2019?
Ouch. I'm sure that somewhere out there, a Cisco engineer started to cry.
It sounds nice and all, now we just need to develop a router that can handle 6+ billion routes. When little Timmy grows up and goes to college, does his block range go with him? Great, another routing table entry. Giving addresses out with no regard to geographical proximity was one of the biggest mistakes during the allocation of IPv4. Strain on the core routers is more of a problem now than insufficient address space. The switch to IPv6 was seen as a chance to correct that mistake, not compound it exponentionally.
The Revolution. Now available as a convienent six tape series from PBS.
The Internet would be so much better if there wasn't this huge number of self-proclaimed experts, who think they now everything better.
Look, I'm not on a Windows machine, but a 5 second google search gives me MS IPv6 FAQ as the first hit. Microsoft are even running a 6to4 tunnel at 6to4.ipv6.microsoft.com.
Mac OS X 10.2 also supports ipv6 and can be enabled with 2 lines in the terminal. I'm not sure, but I think it is safe to say that all free Unices also support ipv6.
So basically, you have absolutely no point.
-- The plural of 'anecdote' is not 'data'.