Slashdot Mirror
The State of IPv6
Gnea writes submits this article "about the current state of IPv6, the Next Generation of Internet Protocol version 6, mostly according to Cisco. It's also an interesting roadmap about where and how IPv6 will proliferate around the world.. Apparently China has a grasp already with Korea and Japan, who leads the "Five key Chinese carriers, including China Telecom, China Unicom, China Netcom/CSTNET, China Mobile, China RailCom and CERNET (China Education and Research Network), are slated to join CNGI, building their own national IPv6 backbone independently, while interconnecting with at least two IPv6 IX." while Verio appears to have already tuned into some turnkey solutions recently that are publicly available."
And SgtChaireBourne writes "ZDNet is reporting that the EU and South Korea will collaborate to develop IPv6 applications and services. The agreement was finalized at the
Global IPv6 Service Launch Event in Belgium last week. There are good reasons to move to IPv6, including security, multicasting, simplified header structures, and better routing to name a few."
another short article from GCN on the subject.
Hasn't this already happened? Parts of europe too i think. US was like no. 10 on the broadband access list last time I checked... still pretty good on total internet access though.
Keith Moore, an author/co-author of a number of RFCs on IPv6 and other topics, posted the following to the IETF mailing list, regarding what IPv6 will enable and can be used for.
The comment was in response to somebody's claim that residential users would be happy with NAT, and non-globally routable IP addresses for their "internal" networks.
Re: dubious assumptions about IPv6 (was death of the Internet)That's like saying residential telephone users don't need to have a phone number at which they can be reached. (after all, the purpose of their residential phones is to call businesses for the purpose of obtaining services, right?)
There are lots of apps that would be valuable to residential users if residential users had reachable IP addresses. check the status of your alarm system, or your roast in the oven, or your freezer's inventory. Grab a picture from your baby-cam while you're out for dinner and have left the kid with the baby sitter. Reset the thermostat if you're going to be out of town longer than you thought. Do all of these from your portable phone/PDA which is running guess what? -- IPv6.
Also, don't assume that IPv6 addresses will be used by people or their personal computers. IPv6 enables lots and lots of individually addressable devices which don't have to be associated with individuals. Every km of highway can have an addressable traffic sensor so that police and emergency crews know exactly when and where a traffic accident happened. Every streetlight can be monitored to see if it is functioning properly or if it needs service. Every traffic signal can be made individually controllable so that they can dynamically adapt to changes in traffic patterns. For reasons like this, the demand for IPv6 addresses won't be determined by some linear multiple of the number of humans on the planet.
Finally, don't assume that IPv6 devices will require the support burdens we associate with PCs. PCs as we currently know them are dinosaurs. Appliances that talk to the network aren't going to need the same kind of technical hand-holding that PCs do (because they'd never succeed if they did), and neither will the devices that replace what we now think of as personal computers.
IPv6 will eventually replace IPv4, but it's misleading to think of IPv6 as just a replacement for IPv4. By the time IPv6 replaces IPv4, we won't recognize the IPv6 network as something that resembles what the IPv4 network is used for today. Even though the underlying technology is very similar, IPv6 is really a new kind of network, one that enables things that were really never possible with IPv4 on a large scale.
The Internet's nature is peer to peer - 20050301_cs_profs.pdf
If you read the various followups to that posting you linked to, you'll see that there are two separate IPv8s. One was a proposal that competed with IPv6 and lost. It's dead. The other is a joke.
So the deal is that there is not, in fact, a serious IPv8 effort underway.
So, when it finally stops being vapourware...
Interesting that you feel it is vaporware when I have been using it for well over a year and it has been around (in use) for quite a bit longer than that.
I guess there are multiple definitions of vaporware possible but, honestly, if a product is in use by more than a research team, I would consider it to be a current technology.
Um, is this just an oversight, or is the poster so US-centered (s)he doesn't realize that one of the major reasons why IPv6 is interesting to us in that weird "foreign" part of the world is that is expands the address space?
I don't recall how large the US allocation of IPv4 addresses is, but I'm pretty sure it's at least 25% of the space, and that's being conservative. Since the US doesn't even have 1/16th of the population, that's obviously b0rken, and IPv6 is a more or less natural fix.
Now, I'm Swedish, and I'm sure we have enough IP addresses for our puny country, but the nations of Asia probably can't say the same. Thus, more interest in switching over sooner, and less in the US where there's no (or less) pressure from simply running out of addresses.
main(O){10<putchar(4^--O?77-(15&5128 >>4*O):10)&&main(2+O);}
...but it's limiting.
say you've 2 webservers behind NAT. you can't run them both on port 80 as the port forwarding has to go to one IP address or the other.
or if you have 2 apps that use an overlapping port range - big problems.
it just doesn't *scale* but for home use, sure, NAT does the job.
Clear as mud? OK, here's an example. Say you've been assigned the 2001:1:2:3::/64 netblock. Your router will send that information out on all of its LAN interfaces. Suppose your workstation's NIC's MAC address is "05:04:03:02:01:00". When it hears the advertisement, it will assign itself an IPv6 address of "2001:1:2:3::504:302:100" [1] and a netmask of /64. Voila! It's configured and has a world-routable address.
[1] Actually, the format for the last 64 bits is slightly different - I don't recall the exact transformation function - but that's the gist of it. If you look at a host's autoconfigured address and it's MAC, you can see the correlation.
Dewey, what part of this looks like authorities should be involved?
Amen, I pay $20 a month to my ISP for a static IPv4 IP (I know, it's highway robbery). Then I have to play games with iptables and DNAT to access things from the outside.
/48 IPv6 network (2^80 addresses) for free. And with 6to4 I can get another /48 network based on my one IPv4 address. Every one of my machines (and every square micron of my house for that matter) can have its own Internet reachable IP.
freenet6 gives me a
Not really. The vendors building the equipt for IPV6 are also building in translators to the IPV4 space. I'm talking Lucent, Cisco/Linksys, etc. They're doing the work, us little guys will reap the benefits, assuming the equipment even gets installed.
If you're really industrious, you could try it out with a bunch of Linux boxen on a network. Make your own IPV6 net at home! Be the first on your block and the envy of all your friends!
Because it's nice having globally unique addresses for your devices. The private IPs used with NAT are not globally unique.
... and so have you. One of you is going to have to renumber, redo your DNS and anything else that used the IPs.
Let's say you get a roommate and you want to put both your appliances on your LAN. Well, he's been using 192.168.0.x
You just shouldn't have to do that.
Not such a big deal in a home environment, maybe, but similar scenarios on massively larger scales already happen with NAT after corporate mergers on a fairly regular basis, inflicting major pain on all concerned.
DNA just wants to be free...
I'm sorry, but that's unadulterated bullshit. There is absolutely nothing stopping you from assigning adjacent addresses, or using the phone number of the cube-owner, or any other addressing scheme you want for your IPv6 addressing scheme.
For simplicity, on my server network, I simply assigned 2001:470:1f01:109::1 for the first machine, 2001:470:1f01:109::2 for the second, all the way onto the sixth, which (predictably) is 2001:470:1f01:109::6. I could have quite easily used the MAC address instead if I wanted to. Or used 2001:470:1f01:109::dead:beef and 2001:470:1f01:109::baad:f00d if I really wanted. Or set part of the last 64 bits to be telephone numbers. Or...and the list goes on.
IPv6 doe NOT put any constraints on the way you assign addresses in a subnet.
How you manage your network is up to you. If you chose lame IPv6 allocations, that's your fault, not the protocol's fault.
Oolite: Elite-like game. For Mac, Linux and Windows
ok
all I really want is IPsec
(and maybe MobileIP)
imagine that all your IP conections are secure !
screw that crap 802.11 security just let the router only allow IPsec connections and if you want to lock it down ask for the machines keys and only allow these
why is this so hard ?
IPsec is in all modern linux *BSD *ix MacOS and Win2k WinXP (win98 with download util)
really I have not seen a laptop with a OS that could not use IPsec
IPsec is manditory part of IPv6
why do these people miss the point ?
regards
John Jones
IPv6 won't catch on until firewall software is updated to interoperate with it unfortunately.
Most firewall software already does work with it. It is supported by linux, all the BSDs, Solaris, Win2k+, OS X. All the major router manufaturers support it. The only exception I can think of off the top of my head are those $50 disposable broadband routers that you get at consumer electronics places...
No, the IPv6 loopback address is simply ::1
If you have an opinion on IPv6, why not let NIST know, in addition to posting on Slashdot?
Go to http://www.access.gpo.gov/su_docs/aces/fr-cont.ht
The last 64 bits of an IPv6 address is usually a format called EUI-64. Actually slightly modified EUI-64 in that IPv6 complements the Universal/Local bit. You take your 48-bit MAC address (EUI-48) and split it in half. Insert 'FFFE' between the two halves. Then complement the next to the least significant bit in the first octet. So, to use your example, if your MAC address was 05-04-03-02-01-00 (which it could not be since this is a multicast MAC address), and your link prefix was 2001:1:2:3::/64, your autoconfigured address would be 2001:1:2:3:704:3FF:FE02:100.
I've always built my own firewalls (it's easy, and I trust them), and since about 1995 or 1996, they've had IPv6 support.
...but I recently shut my cable off so I need to bring it up over DSL, just haven't got around to it.
I had a tunnel over my cable to the 6bone via http://www.freenet6.net/
OS X configures up IPv6 by default, as far as I can tell. My router solicitations help, of course. I've got two IPv6 subnets (wired and wireless). All's well.
-- The world is watching America, and America is watching TV.
LinkLocal addresses begin with fe80 and contain the mac address in the lower portion. This is generally not the IPv6 address you should be dealing with from an administrative point of view. All addresses that would interest you must be assigned to the interfaces manually, just like IPv4. DHCP is also available for IPv6 if you don't want to configure them by hand.
actually, you can tunnel back and forth (there's ipv6tov4 and ipv4 to ipv6)
www.freenet6.net
Out of curiosity, what's the point of complementing that bit?
::1, which is not global). Without the inversion it would be something like prefix:2:0:0:1.
To make manually-configured addresses shorter. For example, the router's address is normally prefix::1 (the EUI-64 part is
I couldn't agree with you more and so Ill share with you something I posted to my LUG no more than 3 days ago.
Basically, Ive been toying around with IPv6 for the past couple of months and I decided to make myself a nice little init script and share it with you guys. I made this init script for Mandrake but AFAIK it should be compatible with any Redhat-like distro. There is alot of information on IPv6 and alot of the good info is scattered all over. There are quite a few ways to set up an IPv6 tunnel but though much searching and testing I found this way to be the easiest. If you want to try out IPv6 just follow these easy steps.
- You must compile IPv6 Support into your kernel
- You must register with an IPv6 Tunnel Broker. Fortunatly enough there
are quite a few free ones, and I list two below:
- Once you register with the Tunnel Broker they will issue you a
/64
subnet. That's right a /64 subnet which allows you to have up to 2^64 (18.4
million-billion) IP's!! - Download my init script at www.identityflux.com/ipv6 (Slashdot effect here I come!)
- Once you get all the information from the Tunnel broker, simply edit my
init script and start'er up. Here are the 5 variables you must edit:
- LOCAL4: This is simply just your IPv4 address
- LOCAL6: This is the IPv6
/64 subnet address that I was talking about earlier
- REMOTE6:. This is the IPv6 address of the server on the other end of the
tunnel
- NUM_ALIAS: This is how many aliases you want to bind to your new IPv6
interface. You can assign a differnt host name to each one, www/ns/mail etc
etc.
My init script creates the conf file for radvd which is basically the IPv6 Router Advertisment Daemon. This is not necessary to have for the tunnel to work, but its a nice feature. Just make sure you start up radvd after you start up my ipv6 script. To test that your IPv6 tunnel is working, just ping6 any IPv6 enabled server. For example:- Hurricane Electric: http://tunnelbroker.net (Based In California)
- Bt Exact: https://tb.ipv6.bt.com (Based in the UK)
Due to the predominate IPv4 nature of the Internet, you must tunnel your IPv6 packets encapsulated into IPv4 packets and send them off to your tunnel broker who will then route them nativly within the sixbone. Therefore you want your tunnel broker as close as possible, so choose accordingly. Unfortunatly HE recently banned IRC traffic due to abuse, so If you want to join an IPv6 enabled IRC server you are forced to use Bt Exact which is what im currently using.One of the other cool features of IPv6 is that you are currently allowed to host your own reverse DNS for your IPv6 addresses. Thus if you want to spoof your IP on IRC without having to resort to running your own hosting company or doing illegal activities this is how you would do it. My hostname on IRC currently resolves to 0.0.0.0
All but LOCAL4 will be given to you by the tunnel broker.
Agree with me or DIE!