Slashdot Mirror
Federal Agencies Must Use IPv6 by 2008
MoiTominator writes "The White House Office of Management and Budget announced on Wednesday that all federal agencies must deploy IPv6 by June 2008. So far, Defense is the only agency which has made any progress toward implementing the new protocol." From the article: "While we know that IPv6 technologies are deployed throughout the government we do not know specifically which ones, how many there are, or precisely where they are located...For cost, the agencies must report on estimates for planning, infrastructure acquisition, training and risk mitigation."
Its nice to see that government is implementing IPv6, but I'm more curious as to when it will be implemented by the private sector and widely used. (Is there an FCC ruling or guidelines for transition time somewhere or are we just oozing towards it?)
Those who study history are doomed to watch others repeat it.
How, NAT wont help that 1 IP-adress can only have one owner.
Another choice quote: Microsoft's next operating system, dubbed Longhorn, will be "fully IPv6-capable," Khaki said. That should really be: Microsoft's next operating system, dubbed Longhorn, will be "fully IPv6-capable, unless that gets dropped too..." Khaki said.
Oh, I don't know? Cisco? Microsoft? IBM? There are lots of people having interest in computer infrastructure investments.
Although there has been alot of noise around it, actual progress hasn't been so convincing and the 2008 date appears highly unlikely. In many cases its more a matter of "here's how we'd do it if you gave us X dollars" than a funded plan forward.
This has appeared all along like a deliberate attempt to force a "technology refresh" that would be beneficial to major US networking companies than any real response to technical superiority of the IPv6 protocols.
If the technical merit were really there (many of the supposed IPv6 improvements have been backported to v4), my guess is a specific mandate wouldn't be necessary. Business would take care of it.
And I need at least 2 IP addresses: One at home and one for my co-loc server...
extern warranty;
main()
{
(void)warranty;
}
Before people jump and say that we don't need IPv6 because NAT is good enough: No, NAT is not good enough. While I am grateful for NAT (and I am sure every other pood sod stuck with a single address only is grateful too), NAT has some serious shortcomings and limitations which increase the need for sometimes ugly, drastic or awkward workarounds for many things. It would be nice to be able to communicate with machines behind routers directly, though the security aspect that NAT provides really is useful.
Especially "anycasting". But what about SCTP ? Now that would be worth wide support.
What other industry is so stupid as to work for free?
Mothers and housewives?
Well, I'll bite.
IPv6 has such a large address pool to allow autoconfiguration of addresses for now and in the future. It basically redifines the whole issue of keeping up with who has which IPs. Just keep up with their network number and autoconfig the rest.
While the addresses may be 4 times the size and the header is twice the size, the header itself can be processed and delivered faster.
Yes because NAT sucks.
Your hair look like poop, Bob! - Wanker.
Obviously you only read trade mags and know nothing about networking:
1) You're thinking older Cisco equipment. But, the same argument could be made for any number of enterprise/carrier routing vendors. If you have a router/multilayer switch designed for IPv4, you're going to have to either upgrade it with IPv6 ASICs, or replace it completely. That's part of the price of transisition, and there's no way around that.
2) No one with any level of education in the matter says "We're running out of addresses." We're running out of address SPACE. Big difference. The huge class A and B networks issued to large US corporations and the military means those countries who got online later on are losing out. Case in point...I was on the redesign team at a USAF base that had two class B networks -- for 30,000 customers.
And NAT is only a stopgap. You end up with a massive number of interoperability problems when you start NATing. With IPv6, there simply isn't the need for it, and you remove those problems.
3) Memory and CPU performance hasn't been a major issue with most routers in a long time, especially BGP routers. Massive OSPF networks, yeah, the Dykstra algorithm hits hard, but there are other, less CPU-intensive options like IS-IS, or just design your network right from the ground up and summarize properly.
Again, the problem we're going to run into here is the specialized memory used for wire-speed packet switching. But, if you're doing wire-speed, you're going to have to replace the ASICs anyway, so the TCAM gets replaced too.
4) You're right, minimum MTU size in IPv4 networks is 576 bytes. But that's a difference of 3.5% versus 7%. Not a major issue -- especially since most MTUs are in the range of 1250-1500, or even higher in pure GigE networks.
The road to IPv6 will be bumpy, but the only issue you mentioned with any real weight is the first, and that's an easy one. You just throw money at it.
Where the problem is going to lie is in long-haul data transport, IPv4 interoperability, and legacy application support. The network's the easy part.
1 is a valid point: switching to IPv6 is going to be a bitch as far as hardware is concerned.
In reference to 2 & 3, I can't see how you can have too many IP addresses, and network speed has increased by more than enough to deal with IPv6's mildly increased header size.
In reference to 4, the minimum MTU for IPv6 is much larger at 1280 bytes.
Page 46, CCNP Self-Study, Paquet Teare
...all desktops in the US Federal Government will have unique IPs, making it even easier for the bad guys to exploit a machine many layers deep in a network. After all, why secure the routers when your department managers just keep complaining that they can't connect from home?
A firewall can not protect you from yourself. Turn off what you do not need. Do not use the firewall to do your work.
Mac OSX has had great IPv6 for a while (10.2)
http://evanjones.ca/macosx-ipv6.html
And the feds moved back their deadline so many times that even 2008 will be pushed back.
Apple even had a demo of ipv6 in OS9 once, and a long while back was big on it.
Most people, who enjoy semi-anon IP addresses from defacto forced reissue taht I know are against IPv6 and see it for all its regretful faults, despite its wonderful goals and alleged benefits.
In an IPv6 world... there will be no more anononymity except at a WiFi cafe lacking video cameras.
Looked up something interesting. Minimum MTU in IPv6 is 1280 bytes. So, now you're talking a difference of 1.5% versus 3.1% (rounded). Even less of a big deal.
1) You're thinking older Cisco equipment.
Wrong. Recent IOS releases still have the same problems, they are also quite catastrophic from a usability point of view in comparison with the IPv4 features.
3) Memory and CPU performance hasn't been a major issue with most routers in a long time, especially BGP routers.
This is always an issue, as memory costs money. The global routing table has just passed the RAM barrier a few months ago for many routers; most Cisco routers holding that table now require 512MB minimum route memory. (of course it also depends on what else the router has running, but as a general rule, the mark was hit.)
Either way, IPv6 means more memory and resource requirements, which in turn means a lot of investment with no return. That's why IPv6 will only come when it has become absolutely necessary. Which will take a few years still. So no, it is not "ready for prime time".
I see a lot of reasons to go IPv6, especially now China (1.3 billion people) and India (1 billion people) get connected.
extern warranty;
main()
{
(void)warranty;
}
Somebody really needs to mod this down. This exact comment has been posted multiple times before on Slashdot: Googe results.
I'm paid well for my linux work. Software is a service, not a product. Once the artificial scarcity of copyright law is eliminated and we return to a free market, I'll still be doing fine. The windows weenies won't be.
"4) You're right, minimum MTU size in IPv4 networks is 576 bytes. But that's a difference of 3.5% versus 7%. Not a major issue -- especially since most MTUs are in the range of 1250-1500, or even higher in pure GigE networks."
In a world where an ever increasing percentage of IP traffic is streaming, the MTU is becoming irrelevant, and the header size a huge burden.
I was referring to what is available for purchase, not what's currently deployed. I still work with production Cisco 2501's on occasion, so believe me, I know that the IPv6 transision is not going to be cheap, or easy.
Thing is it'll never be absolutely necessary here in the US, at least not for a long time to come. Enough kludges have been developed for NAT that it's "good enough" for the time being, espeically to IT managers facing the hard choice between sticking with NAT or dumping a metric ass-ton (roughly equivilant to an Imperial crapload) of money into an IPv6 infrastructure.
The "prime time" buzzword has been an excuse for the last few years, even though no one can really give a hard definition of what "prime time" is.
While the addresses itself gets longer, the routing tables will become easier. Because it can be consistent routing, i.e all that has 3ffe: goes in that direction, d4ae:f9821: goes in that direction. So I guess you'll se less change in routing table size than you guess. Remember, one of the goals with ipv6 was to minimize routing tables.
Assembling etherkillers for fun an profit
The grandparent was obviously a pre-rolled troll. I mean, come on, it's huge and it's like the first post.
If you dont belive me, just search the tech support online. Then call TAC.. notice how they have REAL 24x7 support all around the world???
2 Ok now you just said you know NOTHING about applications. Do you have any idea how much NAT has held back application development? Yea that right, what about VOIP, video conferencing?? IM shouldnt need a centeral server, clients should be able to contact eachother, my cellphone should have an ip, hell even my car. Mobile ipv6, and the 2^24 ip address will fix this hands down. Belive me stupid thinking like this has stagnated real app development in the last 10 years. Just ask any CORBA application to nat.
3 What kind of routers are you using? Gee get on the clue train, its 2005, and I can get 512MB dimms for 43$ USD! With the advent of 64bit cpus (cisco loves MIPS, which are 64bit) a router with 512 or a couple of gigs isnt un heard of. Not to mention have you seen any papers on how ipv6 is layed out? Its not ipv4 with /17 split horizon nonsense. This isnt ipv4, and its not 1970!
4 What the hell are you worried about 20bytes for? What are you using dialup?? If so please cancel your AOL account, and go back to watching American Idol. Please for the sake of the internet.
So what you're telling me is, that what is needed here is for some articles to be written and a few people to go on news shows and say how life as we know it will cease to exist, that the Y2K/\/\IPv4 bug will eat us alive. We'll be back in the stone age because our Computer/TV/Radio/can opener with embedded chips/\/\/I mean IPv4 addresses can't possibly function.
WTF? Over?
..Just declare it part of the metric system. Or is that the other way round?
Don't trust anyone under thirty.
Intelligent use of NAT can get a lot of users into one IP. 9 out of ten surfers only need outgoing-initialed connections (web surfing, email, instant messaging, IP-based broadcasting and legal music download software).
Most surfers are considerably safer behind NAT anyway, as shielding incoming TCP connections on ports 135-139, 445 and 593 kills 9 out of 10 Windows remote exploits stone cold dead. Deploying technologies like uPNP in the ISP routers can negate the inability to accept incoming packets nmany low-grade server style apps (Messenger, VoIP)
In an ideal world yes, every device could be addressed by its own IP address, but in this world I don't want some cracker port-scanning my fridge and getting a backdoor through a butter overflow exploit.
I don't trust any modern operating system enough to run it without a hardware firewall device, and I always keep that (it's a linux-based consumer router) well-patched up to date and with all remote admin functions disabled and locked down.
As a regular fixer of friends PCs, I would love to see ISPs provide the option of fully-NATted connections. I'd recommend them. It'd save me so much time trawling eBay for bargain routers for my friends.
I have been a user for about 10 years. This ends Feb 2014. The site's been ruined. I'm off. Dice, FU
Not to mention the fact that with IPv6 we are back to a situation where addresses can be assigned hierarchically, and so the routing tables can be quite compact, dealing with a small number of rangers rather than a large number of network addresses.
I am TheRaven on Soylent News
re point 2....my *.mil is a class B servicing around 4k hosts :(
.... You can kiss goodbye tor reliable IPv6 IP Address tracing, that you can do with IPv4.
~The TwoTailedFox posts again....
It's called subscription, noob.
Subscription my ass, AC hit it dead on
Ubuntu: If at first you don't succeed, blindly slap a sudo in front of it
Is there any nat-pt solution for linux?
I don't think anyone wants go through the
pain of double stacks. So to run a ipv6
only network, and connect it with both
v4 and v6, you would need a v6tov4 nat
device (nat-pt). I haven't seen anyone
offering that, at least no linux based solution
(some *bsd might be able to do that, not sure).
If the *NICs were dishing out only /24s then you could do the same thing with 16 megabits of memory per interface. For a typical largish dual homed company that means they need nearly 4 megabytes of ram to hold the current routing state. Now that assume that routers used content addressable ram which they don't.
Dear sir. May I be the first to say: LOL! I wish you a good weekend.
IPv6, to me, was a bit of a disappointment because it lacks two features that I find important:
A) A protocol between the ordinary level2 and IP(level3) (Could be named layer 2.5) that takes care of error-corrections via retransmissions. Not replacing TCP's error-correcting retransmissions, but in addition to those. The reason is that most lost packets are lost packets on a single link because of load issues and such, and not because a whole link falls and breaks a route. In those cases, it is very inefficient to retransmit the whole route, and to add a huge latency-overhead to the packet transmission.
B) Get rid of the silly "port" concept. Ports are just internal-computer addresses, and as such, should simply be part of the address itself. There should be no reason to distinguish between the network address and the host address and thus subnets were created, and that separation no longer exists. Just the same, there should be no reason to distinguish between net/host address an application addresses. Removing the "port" concept and placing it as part of the IP address itself has the following benefits:
I) UDP becomes redundant to IP itself, the whole protocol is about adding the port address and can be discarded.
II) DNS entries can point to applications and not hosts. This would allow www.server.com and www2.server.com to point to different webservers in the same computer. This would allow to discard the "virtual web hosts" feature. It would also allow to support multiple servers of any type (ftp, smtp, etc) on any host, all pointed by dns, without messing with the port supplied to the user.
III) An internal network can route the same application address to any host it chooses, easing the distribution of load. It would also not expose to the external world how applications are served on which hosts.
Anyhow, I look forward to seeing those features in IPv7.
The #1 reason the private sector isn't picking is up is the vast majority of the big isps don't offer it, as long as they remain on ipv4, ipv6 isn't going anywhere fast.
did you forget to take your meds?
Yeah, he probably IS right. It's not as much connected to the article as the IPv6 thing, or more precisely, only to the IPv6 part.
Still, someone typing fast, who knows what he wants to say and has the foresight to spot something he wants to comment on in the mysterious future might pull this off.
I've seen this sort of first thing first-hand. Here's how it goes down:
Consultant: Hey, buddy o'mine in the White House Budget office, lets do lunch.
WhiteHouse: OK
Consultant: You know, if you dont use IPv6, you're obsolete.
WhiteHouse: Really?
Consultant: Yep. You wouldn't want the (Commies|Al-Qaeda|Chinese|French) to be ahead of us, would you?
WhiteHouse: Hell no!
Consultant: Nobody is going to deploy IPv6 w/o a reason. It's hard to do.
WhiteHouse: Hmm, we need to do this, its a matter of Homeland Suck-your-ity. Can you help?
Consultant: Why sure, but you should make sure that only me and a few others are approved for this gig, you wouldn't want any incompatibilities, would you?
WhiteHouse: Damn straight, I think I'll have another Scotch.
Consultant: Go ahead, its on me. *evil cackle*
I want to delete my account but Slashdot doesn't allow it.
Actually, it not... See previous post or you can look on google and find many more where its been used...
DNS request wait time is now only 30 Minutes !!
that their ipv6 installation is working
http://www.whatismyipv6.net/
Will they still be possible? Will this be the end of the script kiddies fun?
_________
The world doesn't just disappear when you close your eyes, does it?
Mod me as flamebait I don't care.
I think a little more respect is due to those who not only bring life into this world. But devote their own life to making that new one the HIGHEST priority in theirs. (I am refering to stay at home moms)
Having a day job that pays a "real" salary doesn't make you a true man or women any more than being a housewife/mother makes a woman less than a women.
If more people thought of their children as the most important thing in their lives instead of additional baggage that needs to be dragged along, we wouldn't have so many screwed up kids in the world. Don't believe me? Go home from your much more prestigious day job some day and tell your kid that your boss and your job are more important than him. Tell your kid his daily protection and teaching is going to come from stangers and thats the best you can do for him. Tell him thats life. Tell him in short that although you helped bring him into this world you have your own plans and you're not going to let him get in the way. Then see what happens.
You can't ignore your kids... They need a role model, they need a reliable and trustworthy teacher. They need consistency and to know that someone gives a damn about them. No one is going to teach your child the things that are important to you except you. The time and attention you give them in their youth pays off a thousand fold in their adulthood.
So even if the comment was in jest I think a bit more respect is due for these women (and any men out there) that make their children the highest priority in their lives.
This was possible in IPv4, but it did not happen.
In the early days there even where theorists that proclaimed that "addresses are not routes" all the time.
I don't think it is going to work in IPv6...
Networking is a service, and I can see that from the point of view of a tech or administrator... from the point of view of the guys that make the tools you USE? It's product... from a developer's standpoint.
That's funny - this exact article was rejected, when I attempted to post it, while it was still "hot", a few days ago ... but, of course, it couldn't have been accepted, coming from Nanog mailing list professional subscribers ;)
If you are a network engineer type, and you want to make some money, this is maybe some very good news. Most government agencies contract out this type of work. And I know there is a severe shortage of good network types out there who can grok ipv6. I am actually glad about this. It is kinda like Y2K all over again.
-- Bryan
I remember the "successful" deployment of the OSI model, after another, similar directive from the government, in the '80s ...
== With enough Will Power, one could move mountains. With enough Brains, one would just leave them where they are ==
Mod parent up! Yeah it's offtopic, but things like this need to be heard everywhere.
Looks like they're finally gonna have to upgrade all those Windows 95 computers.
omfg! people, get a clue!
go with IPV8 already!
sheesh... ipv6 has been dead for years!
you can try www.ipv8.org or do a google search.
oh ocme on ipv6 sucks rocks.
go check out ipv8 already and be done with it
You get a swimming turtle if you are IPv6 connected.
The Internet's nature is peer to peer - 20050301_cs_profs.pdf
What is stopping the implementation of IPv6 are those pesky legacy devices, legacy operating systems (ie Windows) and legacy hardware accelerated routers, and the fact the Internet being as big as it is - it's basically impossible to do a clean switchover, and there ARE problems when combining the two systems - even though you can have both on the same network, they won't be interoperable (=really bad).
Of course IPv6 has been designed to work around these issues as well as possible, but there will be issues eg getting a IPv4 machine to connect to a IPv6 one. And NAT has been the easier-to-implement short-term-solution for home 'puters etc...
I have a really elegant proof for Fermat's last theorem. If this sig was only a bit longer...
I'm old enough to have lived through the GOSIP debacle two decades ago. I see a replay.
GOSIP (Government OSI Profile, and the acronym was used separately by the US and UK) was a requirement to implement the OSI protocol stack by some date in the 1980s. It was a procurement requirement: Every system bought by the feds as of a certain date had to have OSI. Unless it got a waiver.
Some people took this to mean that the government would transition from TCP/IP to OSI by then. And this would lead the world to OSI. And so they invested heavily in OSI. (Remember DEC?) Come to think of it, the way the lead story is written here, you get the same impression, that by 2008 the feds really will be using IPv6.
But that's not what GOSIP meant. It meant that the equipment had to have OSI available, not that the government would actually use it. Having OSI was a checklist item. And eventually it got discarded, because nobody would actually use it; TCP/IP did the job well enough, and some of the early OSI implementations were, to be polite, a pile of crap. But a pile of crap still meets the checklist for an option that won't be used!
IPv6 is somewhat dumber, protocol-wise, than OSI. It has been around for well over a decade, solving non-problems with non-solutions, ignoring problems of the public Internet that developed since then, while promising higher overhead, obsolesence of equipment, difficult management and transtion, and more money for Cisco. So unless you're Cisco, there's no reason to go there. And nobody is going there.
Microsoft will meet the checkoff, as will other vendors, but I predict that in 2009, IPv6 will still see little use, even by the feds. Perhaps if we're lucky somebody will be talking about really fixing the problems in the current protocol stack, rather than going with a hack that was created for internal political reasons at IETF before the Internet was even open to the public.
Before the military purchases anything, it has to be first tested. The main goal of testing is to make sure that the system does what the vendor claims it does. There are entire organizations within the military that do nothing more then test new systems before they are purchased.
When a new system has a computer and is attached to a network, the computer security of that system has to be tested. This includes doing a vulnerability assessment and in some cases, penetration testing.
Unfortunately, there's not much out there that can be used to do a vulnerability assessment or penetration test against an IPv6 system or network. Nmap supports IPv6, but not much else. This presentation does list a number of tools and their status for support of IPv6:
http://www.google.com/url?sa=U&start=2&q=http://ww w.hacksonville.org/presos/ipv6_attack_tools.pdf&e= 10053
Commercial vendors of vulnerability scanners all claim that IPv6 support is on their TODO list.
For maybe the 3rd time in 4+ years, I've seen an article about something the Bush Administration planned to do and thought "Hey! Thats a good idea!"
Hopefully I didn't put any [] around my words.
With decent tenure, the standard severance package is pretty sweet.
you can have my violent video games when you pry them from my cold, dead hands.
Prime UID Club
Oh, yeah - I actually studied the schtooopidttt OSI model at university. Who woulda thunk that a simple three layer protocol would take the world by storm?
Oh well, what the hell...
One thing that I like about NAT, for my home network is that I don't need buy an address range for my own use. By having address ranges reserved for use within a NAT, by specification, I know that they are mine to manage and assign, without having to refer to an external authority.
Of course I don't know enough about IPv6 to say that it doesn't provide an equivalent solution. What I am saying is that I have not seen anything about an alternative yet. If you know anything about an IPv6 equivalent to an internal address range, then I would love to hear about it.
Jumpstart the tartan drive.
From the article: "While we know that IPv6 technologies are deployed throughout the government we do not know specifically which ones, how many there are, or precisely where they are located..
weapons of mass destruction, IPv6 technologies, misappropriated credit card numbers. Funny, the govt has NO TROUBLE finding me to collect taxes.
The US Federal government has a long history of imposing on itself mandates
for new computer technology, mandates that are ignored and never enforced.
They all set a date after which every agency may buy only computer equipment
or software that contains some new not-yet-mainstream technology.
The dates come and go, and agencies continue to buy what works for them.
Examples:
1979: mandated no more RS-232, only RS-449, for modems and computers that
connect to modems. Today: have you ever HEARD of RS-449?
1989: mandated every new computer that communicates with other computers must
use OSI protocols. Today: TCP/IP rules.
2000: mandated end of use of RSA (the PKCS#1 form used in SSL) by August 2001,
and the adoption of a new form of RSA (ANSI X9.31). Today, PKCS#1 rules.
The standards bodies haven't even considered switching.
2005: mandate IPv6 by June 2008. We'll see.
Regardless of the RFCs, some Governments and/or some major ISPs will be able to assign a permanent IPv6 address to each person. And though it will have nothing to do with your actual MAC address, it will work. And if you try to connect to your ISP with a different address, it will be completely blocked by the ISP firewall.
I was looking at my SOHO router's MAC filtering table the other day and I was shocked at just how many addresses I had recorded in there over a 2 year period... I had filled up the 32 address table completely, between things like my PDAs, vbrick, PVR, serveral computers, laptops, web cams, etc. I'm no uber geek, but if I'm already into a /26, I can just imagine what other people are up to. ...and all of this was behind NAT and off of my primary "production" network ( 6 IP address subnet connected via 100mbps fiber).
Now it occurs to me that that only reason I'd actually *SWITCH* to IPv6 is if I could save some money some how. Having everything on a globally reachable IP address would be nice, but I would want portablity between ISPs and essentially anonymous assignment of the address space for life.
Until that happens, I'm taking whatever the cheapest ISP is slagging off on consumers for the next 6 months... and that means IPv4
what will though is the fact no one can connect to an ipv6 address..
Networking is a service, and I can see that from the point of view of a tech or administrator... from the point of view of the guys that make the tools you USE? It's product... from a developer's standpoint.
I'm a developer, and from my point of view, software is a service. I don't know anybody, in any field, who's writing programs that never have any bugs, and do from day 1 everything the users will ever want.
What makes networking a service? I guess the fact that if you turn it off, it's gone. If I stop paying for broadband, next month I won't have broadband.
That's exactly what software is: maintinance is part of the "product". In fact, it's the most important part. When a company has a great proprietary software product, and then goes out of business, the next week you can find CDs in the $5 discount bin. Why? The software did everything it did last week -- but the service is gone.
From the market's point of view, service is 90% (or more) of the price of a product. You can keep saying "I don't believe that!", but it won't make you immune from market forces...
I just read through way too much drivel about IPv6 vs. NAT just now.
:: when dialing, so the above number would be dialed as "233*67*94*199#0*0*0*2". And if I wanted to connect to her webserver, I'd point my browser at "233.67.94.199::0.0.0.3".
:: x.x.x.x :: x.x.x.x)
Here's the way things really should go. There are two possibilities, and they're not mutually exclusive.
1) For mobile devices:
Mobile devices should be addressed by a hardware address. This hardware address shouldn't be tied directly to the device, however, as mobile devices can be broken or lost easily. This is do-able right now with SIM cards. They have a SIM ID that could be used in place of an outdated phone number system. (Let's face it, POTS is ancient and crufty, and so are its numbering systems.) If you drop your cell phone and break it, move the SIM card to the new one.
One thing to watch out for here, though: All cell phones must use the same protocols, and all cell providers must use the same protocols. This ends their convenient lock-in semi-monopolies on their customers. This is a practice that isn't going to end without a fight.
2) Wired devices:
Wired devices should use an assigned address. IPv4-style 4-octet addresses are fine. But the arrangement needs to be a bit more logical. They need to be arranged in a hierarchy. From 0.0.0.2 to 255.255.255.255, every address should be valid. 0.0.0.0 should be reserved as a null address (duh) and 0.0.0.1 should be the localhost address (or "self" or "this" or "me"). Any other address can be a node. Any node can serve as a gateway to a COMPLETE subnet.
So if I want to reach grandma's wired VoIP phone, her number is "233.67.94.199::0.0.0.2". A phone keypad wouldn't have to be changed, as you could use * for . and # for
And there would, with only a two-level hierarchy, be more addresses than IPv6 offers(*). With more levels in that hierarchy, there would be no such thing as an address shortage. And to top it all off, I'm guessing the top-level routing equipment wouldn't have to be substantially changed. It's still just routing from one IPv4 address to another. The gateways would all have to change, though.
Notice another thing about this IPv4^n idea: Hierarchical NAT bypass. Notice how it resembles a C++ (and copycats) scope-resolution operator and how it resolves the scope of the actual device address and how it could easily be extended to multiple levels beyond what I've suggested.
(*)If you don't believe me, do the math:
IPv6:
2^128 = 3.402823669e38
IPv4^2 (IPv4-sqared)
32^32 = 1.461501637e48
IPv4^3 (x.x.x.x
32^32^32 = 1.461501637e1536
With those IPv4^n address spaces, you have to remember that you don't get quite that many addresses, as you lose 0.0.0.0 and 0.0.0.1 from each range and subrange. In IPv4^2, you lose 8-billion-something addresses - 2 main-range addresses plus 2 addresses from each of the 4-billion-something-minus-two subranges. That's a trivial loss in the scope of this scheme, and yet is almost twice as many addresses as we have available right now.
In telecom it is used all the time. I work day in, day out on a 3G network product that uses IPv6, even for its internal communications between sub-units.
If there was more traffic on IPv6 enabled networks like Internet2 we would definitely see more apps written for it (chicken and the egg problem).
What I would really like to see is Azureus written to support Ipv6 without any additional work for the user. I would imagine IPv6 on Internet2 would explode if Azureus had IPv6 support. This would be a good thing because the increased traffic would test v6 code more significantly than now (among other things).
???
The more we hand private sector technology development jobs oversea's, the more and more our technologies will become obsolete, which will assure our own demise.
the only permanence in existence, is the impermanence of existence.
IPv6 was explicitly designed to make routable addresses reasonable, and using it like that seems to be pretty much a basic assumption.
IPv4, with its teeny address space, is not a good analogy.
We live, as we dream -- alone....
While we know that IPv6 technologies are deployed throughout the government we do not know specifically which ones, how many there are, or precisely where they are located..
Sounds like the typical US gov't to me.
this nation, under God, shall have a new birth of freedom. -- Lincoln, Gettysburg Address
Cisco better fix EIGRP quick....it doesn't work with IPV6
I dont know of the DoD, but some organizations will have to simultaneously use ipv6 to push the rest of the net over the hill.
Specifically the carriers (sprint, bell etc), the ISPs and the most popular websites like google should use the protocol.
If certain ISPs provide ipv6-only addresses, that will be a force.
This is best achieved if a government uses ipv4-only tax, but setting a tax on the Internet is a bad precedent anyway. Another idea is ARIN stopping to provide IPv4 addresses, forcing the use of ipv6, while some of the bigger sites simultaneously use it too.
Its a bit like the bringing about of communism, it'll take a forceful revolution, cant do it gradually.
"Give orange me give eat orange me eat orange give me eat orange give me you." -Nim Chimpsky
I think that the only reason the White House is pushing this so hard is that Bush thought they were talking about a TV station.
Do you have any idea what the routing headaches to make that happen would be like?
You must be talking about lifelong IPv6 addresses.
They are not needed to break anonymity.People who want to be anonymous can have big problems now with ISP that only offer permanent IPv4 address (yes they do exist, most of them in western countries, especially europe).
And by the way, offering a permanent IPv4 address is not technically difficult. Firewalling all other IP adresses from using the same link is not difficult either.
The IPv4 address space has been deliberately fragmented by NICs that assigned requested network blocks in numeric order over large areas. /16 block to Australia, the next to Korea, next to Japan, then one to Australia, one to China, one to New Zealand etc etc.
Look how the APNIC assigned one
This could have been done much better even within IPv4 but it was not done and some people even proclaimed it SHOULD not be attempted.
In the early days the phone system used routable addresses. It was possible when there was a single phone company in a country or area, and people with forethought assigned the numbers.
But there it has been abandoned as well...
Interesting screen name. Do I know you?