Slashdot Mirror
How Things Will Change Under IPv6
Da Massive writes "IPv6 Forum leader Latif Ladid provides an insight into the workings of IPv6. He also talks about how peer-to-peer file serving as we know it today will be redundant with the newer protocol." From the article: "Q: What is the most significant benefit that IPv6 offers the world? A: Global connectivity. Currently we have less than 50 percent world-wide Internet penetration, and we have used most of the address space. If you look at the Western world, we have more than 50 percent penetration. In total we have close to a billion people connected to the Internet. So it is a false perception that we have full Internet penetration. We have six billion people on the planet. When the Internet protocol was designed back in 1980 there were 4.3 billion address spaces; it was already insufficient for the population. By 2050 we will be nearly 10 billion people. But there are not only people. There are things. Billions and billions of devices that will service these people."
If you just want a broker that is quick to get started with, go to btexact and sign up. For those "permanent" set ups, go to (you will get a tunnel initially, but have to save uptime enough to get a subnet and such).
d en.info is.
So, what can it be used for? Well, at the moment I do not really use it to browse the web, but I use it for reverse dns on irc (efnet, freenode and most other ircnets have ipv6 enabled servers). In other words, I can have a range of customized hosts (very handy since many friends have shell accounts here) on irc, like @doomtech.net or cust-523452.nix.net.ru. The first one is my own domain, but the second is from afraid freedns. Afraid has a huge range of public domains, which you can add AAAA and PTR records for.
After thinking up a host, please go to spamcalc, if you don't have the brains yourself to see if your host is dns spam or not. A host like doomtech.net is not dns spam, but something like i.am.god.and.i.live.in.the.cave.with.osama.bin.la
Sixxs and btexact have pretty exact instructions on how to set this up on a range of operating systems. With the aiccu client from sixxs, the tunnel should work behind most NAT setups as well.
Dvorak on Doomtech
While it is nice to say we don't have enough IP address to cover everyone now, be realistic. Not everyone will need one. There are a lot of people like me who will have lots and lots of them with all the toys I accumulate. However, there is also going to be a lot of people who won't.
While we will need more in the future saying we have to have more IPs because we have more people is not necessarily correct. Whereas NAT is being used a lot in corporate networks it is also being used in the home as well. I know, this doesn't solve everything. However, I can say right now there is a generation of people (my parents) who do not know what an IP is, nor do they care. Including them in the big list saying we need IPs for them is a fallacy--they will never use it or want it. And how about babies? Unless you are tagging them with remote tracking chips when they are born chances are they don't need one. Moreover, right now there are entire places in the third world which do not have systematic running water or electricity. Including them in this count is ridiculous as well. They need a lot more basic needs before they all need individual cell phones running IPv6.
Quality Hosting e3 Servers
Just think of the number of systems that rely on IPv4 right now: networks, routers, cell phones, etc. There really isn't a lot of room left at the current rate of expansion. But let's face, that's how we get: complacent. The current system is working -- why bother with a new one? I believe the Romans got that way toward the end...
I read the article and it was insightful, but I didn't have a lot of background on IPv6, so I searched for some background and found this on the details and this on implementing it in Linux.
From the article: The Internet was not designed like this. It was designed to enable peer-to-peer and VoIP. In the meantime, through NAT, telecomms companies are offering VoIP but they want to bill you for it, but the Internet was not designed with any billing mechanism. When you connect to the Internet you pay anyway, so why should you pay for more services? This is the big debate. The Internet was not designed for telecomms companies, it was designed for everyone to share expensive CPU power. When you share expensive resources you can do anything.
I agree. Paying for sevrices is basically just icing on the cake for telecoms.
GetOuttaMySpace - The Anti-Social Network
This is freaking ridiculous. And there is a simple solution.
The ONLY machines that need actual IP addresses are servers and gateways.
PERIOD.
Everyone else can be NATted.
The simple solution is to NAT everyone and everything that isn't a server or a gateway to other machines. Instead of a typical University gobbling up class-Cs or even class-Bs like candy, they'd require a single class-C at most. Every other machine on campus would be NATted. AOL could have a single class-C, since its users aren't technologically literate enough to want actual "real" IPs. ISPs with a mix of non-technical and technical users (such as Earthlink) would need more, so they could sell "real" IPs to those who'd use them. ISPs which cater to geeks (such as Speakeasy) would need still more.
In such a world, we'd see a complete reversal of current trends; huge national ISPs whose user populations are mostly non-geeks would need only a scant few IP addresses, and smaller "boutique" ISPs whose users are mostly geeks would need more than AOL or MSN.
And we WOULDN'T run out of IPs this way.
I've heard the hype about every coffee percolator, Coke machine and pencil sharpener having its own IP address. That's nice. But not necessary. This whole "crisis" with us running out of IPs can easily be averted with a change in IP distribution policies.
With spending like this, exactly what are "conservatives" conserving?
With sixxs, you get a /48-subnet, which should be sufficient for your quadrillion machines. The address I have looks something like this: 2001:770:11e::1, which is a short for 2001:0770:011e:0000:0000:0000:0000:0001. Luckily those zeroes can be shorted to just ::, which makes these addresses pretty easy to remember, actually. You can also have a bit fun, if you wish, by having e.g. 2001:770:11e:FFFF:DEAD:BEEF:DEAD:BABE :)
If you are bored some day, give the tunnel stuff a try, instead of sitting in your underwear drinking cola and multitasking irc and quake4.
Dvorak on Doomtech
Even though we do have a lot of people on the planet; I seem to recall that the population on the planet actually declined in the last 10 years.
Where the heck did you get that information? We've added 750 million people in the last 10 years.
Take a look here http://www.census.gov/ipc/www/worldpop.html/
1995 5,694,418,460
2005 6,451,058,790
ich muß mehr Kuhglocke haben
No need - your IPv6-enabled DSL/cable modem will contain a Router Advertisement Daemon that takes care off all that for you.
The point is that P2P is harder in IPv4 than in IPv6 since you have to deal with NAT. In IPv6, you could communicate directly with somebody without going through NAT and therefore that part of the communication would be trivial. No fancy stuff would be required to account for NAT between the two peers. You'd still need an application to do the communication, but it would be pretty trivial.
half of them will not be directly hooked into the interweb. Many of those are intended to be that way, since you want your layers of security, and that's why we have however many thousands of addresses in the range 10.0.0.[0-256];
Repeat after me for the 34253456345324th time: NAT is not a security measure. NAT is not a security measure. NAT is not..
Of course it runs NetBSD. BTC: 1NT7QvbetmANwaMzhpVL6
It wouldn't really be routable. There would be no way figure out which way to send the packets for a given "address." For istance, under IP4, any router that sees a packet going to any machine with an address starting with 129.22 (one of the few blocks I know off the top of my head) knows that the packet should be pushed out a pipe that heads in the general direction of Cleveland. In fact, most routers probably work off even broder rules, with (just making this up, now), all address starting with 129.17-129.32 should be pushed out towards OAR net, then OARnet would do more focused routing in house.
With "people address", there are three problems. First, no way to generalize routing rules. Secondly, there is the fact that all your stuff might not be in the same place. Most of it is at your house, but some of it is at the vacation home. Finally, there is the problem that people, unlike IP4 address, tend to move arround alot, geographically speaking. Usually, if you move from New York to LA, you get a different IP, even if you use the same national ISP. Under your scheme, the whole internet would have to be told to redirect your trafic. Yick.
#include <signature.h>
The IPv6 mess (according to D J Bernstein).
London's finest organic fairtrade coffee
A public IP with everything other the VoIP and (for example) BitTorrent blocked is much more useful, and no less secure than NAT.
I am TheRaven on Soylent News
however many thousands of addresses in the range 10.0.0.[0-256]
Sorry, but I have to completely discount technical analysis and discussion from anyone who writes 2^24 as "however many thousands" when discussing a technical subject in a technical forum. Nothing personal, mind you, but it demonstrates either (a) a lack of basic math skills which are essential, even reflexive, to anyone really knowledgeable in this space or (b) a lack of attention to detail. In either case, your analysis is of much less value given that there are people around who actually do understand the topic.
What Linux distribution doesn't have an IPv6 stack built in these days?
And for that matter, Windows users don't have to wait for Longhorn either. Windows XP has an IPv6 stack built in too: How to install IPv6
\\'
The ONLY machines that need actual IP addresses are servers and gateways. PERIOD. Everyone else can be NATted.
Sigh.
The problem with this statement is that it presumes all content comes from central servers. But that's not what the Internet was designed to be, and forcing it into that model will severly retard, and in many cases simply destroy, all future innovation.
The Internet was designed as an endpoint-to-endpoint communications medium. The intelligence is at the edges, every device on the network has equal access to every other device, none are "special". In practice, of course, 72.14.207.99 (one of Google's servers) *is* special, recieving many more connections than most other addresses, but that's an emergent phenomenon, not one that's designed in. It's only special because lots of other devices *choose* to talk to it. One day they could all choose to begin sending their search requests to some sort of massive, distributed, peer-to-peer search engine (I don't think so, I think it makes sense to centralize search, but perhaps there's a really powerful distributed indexing and search algorithm that no one has yet discovered).
There's huge power, flexibility and opportunity in that model. We do a lot of things using the Internet now, in 2005, but it's still in its infancy. We have no idea what other kinds of communications technologies will arise or what sorts of things people might come up with to do with this medium ten, twenty, fifty years from now. That means it is critically important for the future of technology and innovation that we preserve the ultra-flexible model that the really bright guys at DARPA came up with.
End-to-end delivery. Intelligent endpoints. Dynamic, multi-path routing. No central control. Those are the characteristics that turned the Internet from a lab-based curiosity to such a worldwide phenomenon that we seriously talk about how it will one day touch every human being on the planet. Think about it. The Internet looks poised to become the *single* communications medium used for all electronic communications, be it text, audio, video. What is it that made this such a powerful medium? End-to-end. PERIOD.
Let's not throw it away before we even find out what we can really do with it.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
> Most of the technological hurdles in connectivity have been overcome
Multihoming is not fixed yet, and basically cannot be fixed within IPv6 (hierarchical address space and multihoming don't like each other). The current hack to fix this is give out addresses from all ISPs you want to connect to and have the _endpoints_ negotiate which address to use (proposal is called SHIM6, google for it). So basically, the network engineer needs root/administrator access to all endpoints in the network to do his/her work.
Now, should I drop one of my peers (and lose my redundancy) just to use IPv6, or just keep my IPv4 addresses until the end of time?
--Blerik
Awww... c'mon, that's classic family guy comedy!
If carrots got you drunk, rabbits would be fucked up. - Comedian Mitch Hedberg R.I.P. 03/30/68-2/24/05
There are 11 types of people. Those who understand binary, those who don't and those who are sick of this lame joke.
Because two nodes on an IPV6 network wouldn't be stuck behind closed NAT firewalls and not able to communicate directly. Currently, if you're using Yahoo IM and want to send someone a picture, you have to relay it through Yahoo's servers, which causes a bottleneck because thousands of other people are doing the same and everything bottlenecks through Yahoo. With IPV6, both ends could have a public (possibly static) IP address, so person A could connect directly to person B and bypass the traffic jam at the server. It gets worse on something like eDonkey where if both ends are NAT'ed the transfer CANNOT happen.
As for removing the need for Skype, it wouldn't, but it would change. A Skype server would just need to know IP addresses so if person A wants to talk to person B, the Skype server just tells A "B is at 0:1:2:3:4:5" and A can then connect to B directly, instead of relaying through god-only-knows how many intermediates who may or may not be compromised or malicious. However, if you were setting up your own PBX with a static IP (And IPv6 has enough addresses that you could), then you wouldn't need a central authority (Skype server) to do the matchmaking.
Yes you'll still be firewalled, but the firewall will be at the end point, not in the middle somewhere that you have no control over (As in my case). The firewall rules would just change to a FORWARD rule instead of a "direct this port to this IP" rule.
IPV6 is about decentralizing, while NAT is essentially centralized (At the NAT server). If something can't change ports (Some VPNs, old protocols, not smart enough, etc), then you can't have more than one person behind the NAT using said protocol. NAT also causes problems because to the machine on the public-side of the NAT, only sees the address of the NAT gateway, not the address of the machine actually making the request. The implications of that are left up to the reader.
... And so it comes to this.
You haven't grasped the number of addresses IPv6 will make avaliable.
65535?
Think bigger:
IPv6 is intended to address the concern of IPv4 address exhaustion. There are too few IP addresses available for the future demand of device connectivity (especially cell phones and mobile devices). IPv4 supports 4.2 billion (2564 4.294 × 109) addresses, which is inadequate for giving even one address to every living person, much less support the burgeoning market for connective devices. IPv6 addresses this problem by supporting 340 undecillion (655368 3.4 × 1038) addresses. For scale, this would allow an average of about 430 quintillion (4.3 × 1020) unique addresses per square inch, or 670 quadrillion (6.7 × 1017) per square millimeter, of the Earth's surface. In other terms, assuming a population of about 6.5 billion humans, there are enough IPv6 addresses such that every atom of every person on Earth could be assigned 7 unique addresses with enough to spare (assuming 7 × 10^27 atoms per human).
Source: http://en.wikipedia.org/wiki/IPv6
So, think more like 4.9 x 10^28 address _per person_ (not per connection).
That's a little more than 65536.
WhiteWolf666 an exBush supporter. All you new-school,compassionate,save the children Republicans can rot in hell
It's clearly NOT the NAT that's providing you security here, but simple matters of routing.
So as the parent post said, NAT is not security. Routing and firewalling can provide some security, but not the NAT itself.
And the ISP's are asking where the profit in doing it is? There are a lot of downfalls to providers Multicast being the big one along with a whole lot of training. I do love all the people that think all of a sudden there toasters can have real IP's and NAT will go away, nothing in IPv6 says they have to give you more than one IP without paying more for it just like today.
No sir I dont like it.
I already do that, but my ISP still won't switch. :-(
Need a Python, C++, Unix, Linux develop
Skype is popular because it can function even when both ends of the conversation are going through a NAT. NATs are inherently evil (no, they don't offer more protection than a simple ingress filter on any "real" router) and break the end-to-end principle. With IPv6, you will not get just 1 IP address like in IPv4, but a shitload (currently the thinking is a /48, which is over 65000 subnets, each subnet containing roughly 4 billion * 4 billion addresses, but thinking is changing towards /56's, only 256 subnets, still an impressive number of addresses).
What this will do it 2 things:
1- allow for more machines to do any particular service. (multiple VoIP devices, multiple webservers, no extra configuration to restore ICQ file transfers, easy webcamming)
2- reduce worm problems (because most addresses are not used, simply scanning address ranges will not be successful, limiting worm propagation by several orders of magnitude)
So, no, it doesn't remove the need for servers per se, but most applications that set up peer to peer connections these days need some other machine to bypass the NAT problem. With IPv6, NAT is no longer needed (although there will be idiots that think it makes things more secure and demand it for IPv6 as well. I'm praying it won't catch on)
CC