IPv6 Still Hotly Debated

inkslinger77 writes "A significant stumbling block to IPv6 adoption may be IPv4 loyalists who are keen to keep the old protocol in preference to the 'new improved' version, according to a Computerworld Australia article. The article covers the views of Cisco's senior technical leader for IPv6 technologies, Tony Hain and Geoff Huston, a senior Internet research scientist from Asia Pacific Network Information Centre (Apnic)." From the article: "Go to your favourite venture capitalist and say 'I want to be an ISP'. By the time he stops laughing and [finds you want to run] IPv6 - the discussion gets terminated. No one wants to hear this. IPv6 is well ahead of adoption in this market so everyone is deferring. No one is running IPv6, because there is no business case for it ... if we really wanted to leave a legacy to our children we'd review the crap we have today which is pretty ghastly ..."

Three Items: Vista, Home Autmation, and Search.

[CDPatten]

Windows Vista will make IPv6 the protocol of choice. You can bind IPv4 and IPv6 in different orders on the NIC and it will enable great support for the protocol. They are even talking about having it running as part of the default install.

MS is developing Vista to enable programmers to push Home Automation. One thing they are doing is adding in that area is the functionality for IP's to securely be handled like a plug and play device. This isn't for printers on a network; it's for all the appliances in your house. IPv4 just doesn't work well for home automation. Also another sign is the majority of GE prototypes all are geared towards IPv6 not IPv4.

The regional specs that come with IPv6 are also huge things for MSN, Google, and Yahoo. It will allow your search (and Ads for that matter) results for a "pizza place" to give you the ones in your area without any additional info.

Vista will start the ball rolling, and the other two items will make the transition come very quickly. Security is also nice, and will help stop allot of traditional hacking, but the end user doesn't get excited about that. They will get excited about the other stuff though.

Two years from now we will start to see IPv6 becoming very common.

Re:Me too

[eric76]

You realize IPv6 has more IP's then there are atoms in the universe, right?

Just think of all these worms scanning blocks of IP addresses somewhat randomly for vulnerable machines. It's a target rich environment.

Now imagine that we were using IPv6 instead. With a random approach to scanning, many of those worms would take years before they happened to locate an actual computer.

Of course, those writing the worms would have to switch to non-random techniques. But someone who is reasonably careful (i.e. didn't use Internet Exploder and Outhouse Express), they could have a system wide open to exploitation without it ever being exploited.

The Real Truth

[Nom+du+Keyboard]

The real truth is that IPv4 addresses currently have value due to scarcity. An IPv4 address range has a tangible value that can be sold, rented, leased, or hoarded. With essentially unlimited IPv6 addresses the value of IPv4 address space loses virtually all of its value, static IP addresses shouldn't command any premium anymore, and the barrier for entry of new ISP's is diminished. Certainly the current power structure likes things just as they are.

"We happen to work in an industry that survives on complexity, address scarcity and insecurity," Geoff Huston, senior Internet research scientist at Apnic, said. "This is where the margins come from, and we are not innovators in this industry any more. We've learnt that optimism doesn't create a business case. All those people disappeared along with the dotcom boom," he said.

That is a stupid statement. It would be more accurate to say either "limps along" or "thrives" instead of "survives" in this context. The steam engine industry undoubtedly felt the same way about the internal combustion engine when it was first proposed.

Of course, Ipv6 isn't enough. It's not enough until every atom in the Universe can have it's own unique IP address, after which we can discuss the strings that create them.

Oh, so many comments....

[slappyjack]

IPv6 vs. NAT
These are two distinctly different things. Nat takes one public IP address and translates it to many private IP addresses. THese are not two competing technologies, and you can use NAT with an IPv6 address. In reality, there isnt a debate here. Its a weak argument for those that want to keep things whe way they are.

IPv4 addresses an a commodity
Greedy Fuckers. Pure and simple. The basic interenet and all its various little noodly bits were created but university and governmetn organizations and then just loosed on the planet essentially for free. Yes, you had to buy some hardware to use it, but the shit works without you having to pay for a damn thing but your connection.

I have nothing against the idea of capitalism where you get paid for something you create, but hoarding a commodity that is out there for the collective good as a whole is just shitty. In very few cases is there a justification for the belief that "I must make ALL of the MONEY and IT MUST HAPPEN RIGHT NOW and YOU CANNOT HAVE ANY."

As an added bonus, this sort of behavior helps keep the "have nots" in the "have not" category, which just generally pisses them off unnecessarialy.

needing a publically available address
No, obviously we all do not have to have public IP addresses - not yet, anyway. Saying you don't now or never will shows a pretty big lack of foresight. You don't KNOW that there wont be an application that needs publically available addresses to work well andd that NAT just won't cut it. Why don't you know? Becuase someone will eventually come up with sommehting new, and it'll be good and important. People always do, eventually.

I realize that if you really wanted to have everything you own connected to the internet you could just use NAT and then if you wanted to talk to your refridgerator you sould just use "the fridge port" but its adding a level of complexity that could possibly get in the way of something on down the line.

This would slow down address scanning worms, neh?
if a worm's gotta look at giant chunks of addresses to find other victims, wouldnt this just slow down their epread a little?

then again, what the fuck do i know?

Re:Backwards compatible? Er... yeah.

[Jearil]

I'd like to reiterate what the parent says about v4 compatible v6 addresses. I've had to study RFC2373 (http://www.faqs.org/rfcs/rfc2373.html) and the people who designed IPv6 didn't do it without consideration of the current system and how a transition would go. In fact, a lot of effort went into making it possible to transition to a larger address system while using both systems at the same time.

It's actually similar to how the x86 archetecture has advanced. When we moved up to 32-bit CPUs, in order to access the upper bits, new registers were created to address those upper bits while the lower ones stayed. An older 16-bit program would merely only use the lower bits, ignoring the upper ones since it wasn't designed to use them.

IPv6 allows for the last 32 bits to be used as an IPv4 address. You can even write out an IPv4 compatible IPv6 address using a combiniation of both hex and dotted decimal. eg: 0:0:0:0:0:FFFF:129.144.52.38 which in IPv6 can be compressed to ::FFFF:129.144.52.38 and which an IPv4 device would see it as merely 129.144.52.38. The idea being, when transferring over, only devices that actually need IPv4 compatibility would have an IPv6/IPv4 address. Quick example using NAT technology:

Say I have an office with 500 devices that need net connections. Now I also have a remote office with another 200 devices. These devices all like to connect to each other.. with various servers and services on each that make using NAT translation a PITA, but also buying 700 IPv4 addresses is mighty expensive. Now most of these devices are for internal use.. (I'll get to that). Now we do have 5 web servers that need to be accessed by people outside of the company (sales servers with web pages to sell stuff or show off our company). We give all 700 devices IPv6 addresses so that they can access each other over the internet. We give those 5 that need to be seen by everyone IPv6 addresses that have IPv4 mappings so that everyone can see them. We can get a few IPv6 addresses with IPv4 mappings to act as a NAT-like access point for internal devices to get to external IPv4 places for say viewing web pages or the like from internal machines.

But now one has to think.. why would we need 700 externally accessable devices? Isn't that a security nightmare? Managing all of them so that they don't get hit by a worm or such could really suck... but why do those devices have to be computers? What about VoIP phones or something similar?

I currently manage a VoIP setup that I implimented and support myself, and let me tell you.. NATs SUCK for VoIP. SIP hates it.. works half the time and the other half no go. If two devices are behind NATs, plain and simple they cannot talk to each other. If they have external addresses on most phones you can just dial straight to the IP address of another VoIP phone without even needing an intermediate server.. which can be handy at times.

It's just a minor example and I'm sure it can be picked apart and made to work on IPv4 (I've been doing such). But the time/cost savings of IPv6 along with just the mirade of possibilities it brings shouldn't be thrown aside because it would be "too hard" or "too expensive". The cost isn't as high as a lot of people think.. most are just afraid because they don't know anything about IPv6 and what you can do with it in reguards to IPv4. And of course no one knows, because no one is going to train in an area that has no use currently, which will remain that way until people educate themselves in it.

Re:"IPv4 loyalists"

[jd]

Define "no reason".

• Security: IPv6 mandates IPSec (which encrypts ALL streams, ALL of the time, so contextual information can't be used for cracking as it can with SSH or SSL streams, which are generally only used for specific segments of a transaction).
• Authentication: X.509 within IPSec and the use of Extended Authentication protocols in IPv6 guarantee that all endpoints are who they say they are.
• Fragmented Packets: Firewalls don't handle fragmented packets well, as there is no header to check for later fragments. Fragmenting and re-assembly also adds latency. IPv6 defines per-connection MTUs, guaranteeing ALL packets are the largest supported between any two endpoints without fragmentation.
• Latency: IPv6 headers don't have as many entries and are heirarchical, which makes routing much faster and much simpler. The lack of fragmentation and the presence of auto-MTU also helps.
• Multicasting: IPv6 mandates multicasting and has a decent range of addresses for it.
• Anycasting: IPv6 mandates service location and resource location abilities, which means no more hunting for printers, routers, DNS servers, SMTP servers, POP/IMAP servers...
• Autoconfiguration: IPv6 uses autoconfiguration for routing and addressing as a standard, in a manner (almost) guaranteed to be free of conflicts and absolutely guaranteed to be fully scalable.
• Mobility: IPv6 mandates the ability for nodes or even entire networks to be totally mobile (ie: switch upstream routers without losing connectivity or existing connections) with upstream optimization of routing.
• Advanced Headers: IPv6 allows an arbritary number of extended headers to be attached to packets, with controlled responses for unknown extended headers.
• High Availability: IPv4's High Availability mechanisms require a lot of fancy manoevering, because the MAC address (used by switches) and the IP address (used by remote systems) are dissociated and ALL parties to a type of data have to agree on the failover for it to work. Hotswapping is extremely difficult and even hot standby is hard enough to be uncommon. IPv6 strongly couples MAC and IP addresses, both for autoconfiguration and mobility, allowing instantaneous, lossless failover with very minimal complexity or overhead and no patent problem.
• Tunneling: There is no agreed method of tunneling in IPv4 and the de-facto method (GRE) is detested by many network admins. IPv6-over-IPv6 is to be a universal standard.
• Clusters: Infiniband cooperates well with IPv6, making it possible for nodes within a cluster to directly access IP-based resources. Infiniband requires capabilities that are not guaranteed present in IPv4 stacks or IPv4 networks (such as multicasting) which means Infiniband cannot reliably treat IPv4 networks as extensions.
• Reachability: IPv6 can reach all IPv4 nodes, with only trivial conversion to make allowance for the different header structure and the lack of intelligence in IPv4 networks, so any client-only machine or network could be converted tomorrow without anyone noticing. Small numbers of IPv6 machines can be exposed to IPv4, making it possible to have DMZ servers on an IPv6 network visible to IPv4, so any server could be converted tomorrow without anyone noticing. The backbone could be left as long as you like. Because IPv6-over-IPv4 is also defined, if both servers and clients are IPv6 then the backbone could be ignored forever without significant impact.

All told, I'm not convinced that there are that many people who genuinely have "no reason" to shift to the new system. All I am convinced of, so far, is that there are plenty of people who have absolutely no reasons at all but plenty of excuses. Let's look at something, here. Say Comcast converted its entire cable network to IPv6, would you care or even notice? Probably not. Their routers hide their network from your computers, so your computers wouldn't see the difference. It would be