U.S. DoD Commits To IPv6

babaloo writes "According to this article the U.S. Defense Department wants to move it's entire network to IPv6 by the year 2008. Will this be what pushes at least U.S. based companies and providers to actually convert over?" It's definitely a shot in the arm that IPv6 needs. This seemed to be more of a priority back when NAT was much less prevalent, but it seems we'll eventually find ourselves on IPv6, even if we drag our feet there.

IPv6 May becomre much MORE needed

[zapp]

This seemed to be more of a priority back when NAT was much less prevalent

Since several states have already banned NAT, and several more are moving in that direction... perhapse IPv6 will be necessary much sooner than we think.

Time to learn...

[krray]

You know, call me weird or something, but I happen to like NAT and, well, pretty much fully understand IPv4.

Yeah -- I know how to use a Linux box as a decent router and setup Firewall's as needed, etc.

The fact that I'm not doing anything SERIOUSLY complex helps:
- Web servers (port 80 and 443)
- imaps (port 993)
- ssh2 (private port with honey-pots all over :)
- other misc needed ports and tunnels as well.

ONLY ports I specifically opened up and re-directed are available to the general Internet. Firewalls run internally as well, but many more services (lpr, smb, hell IPX is stilled used/preferred for accounting work)...

With IPv6 I'm probably going to go the route of:
1) Ok -- I *basically* understand it, but honestly haven't wrapped my brain around it ... learn it.

2) Try and get a few IPv6 addresses as needed
3) Update front end router to use it work with it.
4) Tunnel it back into my IPv4 network per port as needed. IPv6 NAT if you will...

I really don't want anything/everything directly connected to the Internet. At anytime. Except the Internet network router. These ISP's selling "Windows DSL modems" where it plugs directly into USB or the Ethernet is NUTS, IMHO. :)

Once in a blue moon I'll come across a Linux box that has ftp (for example) enabled and there really isn't the want/need for it. Oops, not Firewalled either... Glad it wasn't directly on the 'Net (!)

Even when the need _has_ arisen to put a box completely on the Internet directly it's been easy enough to setup a 1:1 map on the router... While the video feed was going on I personally would be nmap'ing the box to double check the firewall settings...

Of course the problem exists because, well, it is TOO easy to get on the Internet. Too many have no clue what they are doing, but they get email (!) Yeah. Those are the ones spreading virus' and not knowing it or have a hacked box spewing spam around the world. Some problems could also become moot with IPv6 in regards to security and accountability...

!fp

Re:IPv6....

[JoeBuck]

You want to have vastly more addresses than can ever be used; this will kill scanning attacks by black hats and spammers who just try every network address looking for a victim. Anyone scanning thousands of bogus addresses for every real one will trigger all kinds of alarms.

Re:Oh wait, here's one

[PD]

Metric time is based on divisions of 10. And so is the metric calendar.

Last time with ISO protocols.

[dfries]

In 1998 the National Institute for Standards and Technology (NIST) mandated that equipment must support the ISO protocols (rather than TCP/IP) or demonstrate how their systems could support them. It was expected the commercial sector would adopt the ISO standards. It didn't happen, computers were shipped with ISO-compliant code, but people kept using TCP/IP. The requirement was dropped in 1994.

It is definitely a good thing, but the US isn't going to shift to IPv6 just because one government department has decided to use it. It will happen by people getting involved with IPv6. Jump on the 6-bone today.

www.freenet6.net, it's free.

Coming faster and faster

[anticypher]

IPv6 is picking up steam, another push like this is going to make it appear in all new computers a little bit sooner.

In every installation I've rolled out in the last few years, I've specced IPv6 support. Every network, router, interconnect, carrier and transit has had IPv6 working. Not always working very well, but enough that people didn't notice whether their traffic went over IPv6 or v4.

Solaris has had IPv6 for several years, and the current release its on by default, plug it into a network with an IPv6 router and it works. M$ is playing catch up by including it natively in XP, but it still takes some tweaking. The linux distros will have to start making it enabled by default (no more kernel recompiles), but that may be happening as I type this. More and more applications are being written as fully IPv6 aware, and most of the traditional apps like ping, FTP, traceroute and SSH are now re-written to use IPv6 when a AAAA record is returned from a DNS lookup. There still is a lot of work to be done, like fully working dynamic DNS updates, and DHCPng, route servers, and a free (as in everything) certificate system for IPSec. Every new release of every browser should check for IPv6 and use it whenever possible, M$ claims that will happen starting with their next desktop releases.

Where I've seen the most far-sighted development is in the newest generation of GSM mobile phones. All the big players are including IPv6 in their current handset designs, and the carriers are now developing value added services to sell. So its not just each phone is individually addressable, but can roam onto competing carriers networks and still have a globally accessible address. Internally, every carrier in Europe with 2.5G/3G services is running IPv6 for everything (except for a few dinosaurs about to be extinct). The other big area is giving each credit card with a smart chip (anti-fraud and verification chip) a range of IPv6 addresses. When the card is put into a reader or used for an online purchase, the chip will actively participate in the verification step by being uniquely addressable and requesting end-to-end encryption. There were several card manufacturers showing off their tiny IPv6 stacks at a recent smartcard trade show.

As I've pointed out in a post months ago, many ISPs here in Europe are making IPv6 available for early adopters, in the hopes of riding the next wave to some higher margins. I've had clients ask me for advice on getting onto the "new internet", because they didn't want to get left behind on the "old and obsolete internet". Then I point out how they are already on it, and my installations use the "new internet" whenever possible.

IPv6 is here, it works, and soon consumers will make it a "must-have" item when buying a new computer. When that starts happening, then techies with a few years of solid IPv6 experience will be sought after for their skills.

the AC
working with IPng/IPv6 since 1994

Re:Recap

[geekoid]

"It is simply not feasible that we will ever need anything more than IPv6."

baring an artificial scarcity. Like somebody buys 300 trillion trillion of them. You think thats unlikly, but if some company offered everybody on te board of "whoever will hand these out" 10 million dollars, do you honestly think they would run into a problem getting them?
Hell, if I had the money to do so, I would the resale on these would be huge.

One good rant deserves another

[p3d0]

First of all, when you say "everything we know about number theory", I presume that's the theory that lots of things divide 12 and 60 evenly. Well so what? That's only one small advantage to an otherwise baroque, arcane system.

Second, that essay sucks. For instance, a pint is not 250ml, but 568ml. The reason people order pints of beer instead of 568ml (or even a half-litre) is mostly historical, but it's also because it's handy to have a nice short name for a measure you use often. If they had used metric for beer all along, then people would have needed a short nickname for a half-litre, and perhaps they would have called it a pint. It's the same way we call kilometres "clicks", and it has nothing to do with base 10, or fractions, or "number theory" as you say.

This guy goes on to say:

We change everything into metric, then people find it more useful to use fractions, and then they give names to these fractions, and before you know it, we're back where we started from!

No, we are most certainly not back where we started from. If you like to give a name to 3/7 of a metre, that's your business, but I like the fact that I can do mental math in metric, and convert units just by sliding the decimal point.

For example, if I'm travelling at 31km/h, what is that in metres per second? It turns out the hardest part of that calculation is converting hours into seconds, which involves dividing by 3.6. As far as mental arithmetic goes, it doesn't get much harder than that. There's your precious number threory for you. And it only gets worse if you try to turn 31mph into feet per second.

In contrast, if my car uses 7.3 litres of fuel per 100km, what is that in millilitres per km? It's 73. It's so simple you can do it in your head, and get your answer with as much precision as you want, so long as you are capable of sliding the decimal point properly for each unit conversion.

Later, we find this demented little nugget:

So then I go to my mother-in-law-to-be, and I say, "Hey, these recipes call for cup of something, how much is that exactly?" And she pulls out her cup that she drinks coffee from to show me, and I say,"Yeah, but aren't different cups sometimes different sizes?"

And then she said, "Ja zeker!" And she took me to her china cabinet and showed me all the different cups she has and all the different sizes there are. And then I said, "Yeah but Francine, doesn't this like, ever become a problem in knowing exactly how much to use?" and she shrugged her shoulders and nodded!

So that means the European kitchens are less precise than American and English. They just take any old cup, any old spoon! So where is the advantage of being metric?

The problem here, if you'll take a moment to think about it, is that the authors of these cookbooks are not using the metric system. If they were, the problem would disappear. (In fact, if they would use any consistent system, the problem would disappear.)

How the author manages to blame this on the metric system is beyond my comprehension.

The best part comes next. I think my whole attitude on this "essay" can be focused on this one small quote:

So we have this friend who is a carpenter, and I see him, and I say, "Hey, Freddie, when you have a board a meter long, how do you divide it into 3?" And he sortof gives me a funny look, and says why would he want to do that. And I say, well, How does that work? Because in the metric system, a third of a meter isn't marked on your ruler so what do you do? don't you ever have a board of one meter that you have to divide by three? And he says No.

You don't need to read anything else in this essay---even the rest of this paragraph, where he goes on to say that people buy wood in 120cm lengths---because it's all here. Nobody cares if you can't divide a metre into 3, just like nobody cares if you can'