Slashdot Mirror
U.S. DoD Commits To IPv6
babaloo writes "According to this
article the U.S. Defense Department wants to move it's entire network to IPv6 by the year 2008. Will this be what pushes at least U.S. based companies and providers to actually convert over?" It's definitely a shot in the arm that IPv6 needs. This seemed to be more of a priority back when NAT was much less prevalent, but it seems we'll eventually find ourselves on IPv6, even if we drag our feet there.
But that's just my two cents.
Good that the DoD is still support projects that came about from their original idea, ARPANET, or as we so lovingly call the contemporary version- the internet.
"Now there's a look in your eyes, like black holes in the sky"-Pink Floyd
Why would it be? I assume most US based companies and providers don't have many connections to the DOD network :) ;)
When a: there is a decent amount of IPv6 only content, and b: when the most widely used OS in the world ships with it enabled by default, (ipv6 install doesn't count here) then it might start taking hold. But it's a chicken and egg situation at the moment. That autopr0n guy should switch his site to IPv6 only, and force his viewers to start using IPv6 (or IPv6-over-IPv4)
Sign yourself up to an IPv6 tunnelbroker today, and get your own n * 2^64 addresses to play with.
In fact, why isn't Slashdot an IPv6 enabled site?
Get your own free personal location tracker
I agree, we will never need anything more than IPv6...or 640K of ram...
When there are more IP address than there are atoms in the universe, YOU CAN NOT USE THEM ALL UP.
How freakin' hard is that to understand?
NAT is the spawn of SATAN. Really it is. Get two hosts behind NAT, and they are unable to establish connections between themselves. It's truely horrible. At the moment, I am using a tunnel broker to give my lab IPv6 connectivity ( tunnelled over IPv4, but you wouldn't know it.)
Because my workstation is behind NAT on IPv4, I have to either VPN in, or SSH to the firewall, and then onto my workstation. With IPv6 however, because I can address my workstation directly, and because I've allowed SSH to it, I can ssh right in through the firewall. It's just better. Abolish NAT.
Get your own free personal location tracker
[note, it really should be NAPT (network address and port translation), NAT alone is pretty harmless]
Let's say I'm the author of a voice over IP application on a platform that supports IPv6, like, say, Mac OS X. I get myself a NAPT-replacement box that I stick on the edge of my home network. It assigns an IPv6 address to each of the inner systems using 6to4. Then, when my caller wants to try to phone me, I give her my IPv6 address. She connects to that address and her magic box sets up an IPv6 tunnel to my magic box automatically. Then my magic box forwards the packets to the right machine in my network.
Add a firewall to that, and you've got something that replaces NAPT.
You could keep IPv4 NAPT as a legacy feature for inside hosts and applications that don't support IPv6 yet. But apps that do support IPv6, would not have to do any work to traverse the NAPT.
simon
home page
Good points. And that essay is hopelessly biased anyway. As if some culture calling 250ml of beer a "pint" were a redeeming argument in favor of old system.
Saying that the metric system sucks for not having simple names to use is a sad, desperate argument. A 300ml can of pop doesn't have to be called "three-hundred-and-fifty-milliliter-can-of-soda" as the essay brilliantly suggests -- it can be called a "can".
OK, this is very funny. IP addys for every bullet. But listen gang, the ISPs have been tight fisted with IP addresses for so long that most of you young-uns don't even remember the day when anyone with a router could count on a Class-C or even B to themselves. Those days are LONG gone; now you get DSL and you pay for ONE frigging static IP address, and if you want anything like a big chunk of a Class-C you have to pay serious cash. Monthly. And upgrade? You want more? Well all the IPs on either side of your teeny tiny block were sold to other shmoes already, so if you want more you get a whole new block. So you better get more than you think you will need...ever...or else everytime you run over your public IP space you will need to reconfig your entire public facing Internet presence to a new block.
But you know what, that's not really a technology limit, that's a BUSINESS MODEL.
Watch this. When they finally go over to IPv6 and later install your new DSL, know what the knee-biting bastards will do? First, they will charge you MORE for a basic DSL with dynamic IP because now it is the new-fangled IPv6 (new=$$$). Then they will assign you a SINGLE IP addy from their store of 128 trillion. And they will assign IP addresses this way in SEQUENCE to all subscribers so that as soon as you get yours you are boxed in by other subscribers just getting theirs. You know they will, it will be a strategic decision to completely undermine the freedom you SHOULD have when there are about 1 billion IP addresses for every human alive on earth.
The only way around this would be to issue IP blocks to physical locations on the earth, so no matter where you are you have all the IP addresses reservered for that square meter of dirt, and if you have a large home/office/company then you have a big block indeed. ISPs would be forced to backbone their entire geographic area, including the whole planet if they are big enough.
As a business model it sucks big wind. But I like it as an end user.
Wire the planet. Freedom to connect! No more IP address space tyranny!!
=^..^= all your rodent are belong to us
I don't think so. As machines get more and more powerful and bandwidth availability increases at some forms of scanning will reemerge. I realize the magnitude of IPv6 (or at least I think I do) but how long will it take Moore's Law and whatever lays beyond gigabit ethernet to catch up? and remember we're talking a protocol that will probably be in use for hundreds of years. This will only stop scanning as we currently know it.
Maybe you read it the first time when it was called Pentagon Wants IPv6 by 2008. I know that Yahoo! isn't exactly known for their great reporting skills but come on folks... sheesh. And its dupes like this that keep my crummy news suggestions from getting accepted.
Get two hosts behind NAT, and they are unable to establish connections between themselves.
This is sometimes true, and is usually considered a benefit. Put servers on the public Internet, put client workstations behind NAT.
The differences between the two aren't so cut and dry. Workstations may run services on it. Game servers are file sharing services being two popular ones. There's also File servers, remote display servers, SSH servers... plenty of server type things that need inbound connections but run on a workstation.
Because my workstation is behind NAT on IPv4, I have to either VPN in, or SSH to the firewall, and then onto my workstation.
Have you ever heard of port forwarding? Basically, you can take a high port (say, 60125) and forward any connections to a IP/Port on your internal network.
And what if you have a number of machines that run the same services? Now from the outside you have to have all kinds of different ports forwarded and you have to remember what port number corresponds to what machine.
And then there are IP protocols that don't work very well with NAT, like PPTP and IPsec.
What is to prevent the independant ISPs from switching thier systems over?
.mil is going IPv6 in 2008, does that mean the rest of the net waits until then?
I believe that cisco already supports IPv6 on most (all?) of thier equipment. There are IPv6 packages for most OS, and you can support IPv6 and IPv4 simultaneously if neccessary.
Is it neccessary for the smaller guys to wait?
If
That seems a little ass backwards to me.
Read, L