How Things Will Change Under IPv6

Da Massive writes "IPv6 Forum leader Latif Ladid provides an insight into the workings of IPv6. He also talks about how peer-to-peer file serving as we know it today will be redundant with the newer protocol." From the article: "Q: What is the most significant benefit that IPv6 offers the world? A: Global connectivity. Currently we have less than 50 percent world-wide Internet penetration, and we have used most of the address space. If you look at the Western world, we have more than 50 percent penetration. In total we have close to a billion people connected to the Internet. So it is a false perception that we have full Internet penetration. We have six billion people on the planet. When the Internet protocol was designed back in 1980 there were 4.3 billion address spaces; it was already insufficient for the population. By 2050 we will be nearly 10 billion people. But there are not only people. There are things. Billions and billions of devices that will service these people."

But when?

How long will a complete transition to IPV6 take? Many many years IMO, if it ever happens at all. None of the firms I know of or work with have even started looking into migrating yet. Hell they are'nt even talking about it.

Re:But when?

[jimbolauski]

I'm personaly hoping that we run out I can't wait see the time share IP address and IP addresses on ebay.

Re:But when?

[aonaran]

"How long will a complete transition to IPV6 take? Many many years IMO, if it ever happens at all. None of the firms I know of or work with have even started looking into migrating yet. Hell they are'nt even talking about it."

This is the thing that bothers me, it looks like y2k all over again. No body thinks it's a problem until there's a last minute scramble to get the issue resolved.

The only difference is this time around there's no clearly defined cutoff date and when the transition happens it'll probably be spread out over months or years as people start to clue in that they are missing half the internet.

Most of the technological hurdles in connectivity have been overcome, even home users can upgrade their linksys routers in 5 minutes or so to take advantage of IPv6 but for some reason ISPs are holding back and because of that businesses are holding back. Everyone is waiting for somone else to make the first move.

Re:But when?

[jacksonj04]

Start with yourself. Install an IPv6 stack and start using IPv6 servers (Such as for IRC) wherever possible. The 6-to-4 routing can be dealt with on your end (Usually without you needing to change anything awkward) and through one of many open 4-to-6 bridges on the other end. Eventually your IP will notice more and more IPv6 traffic traversing their network using 6-to-4.

Start turning businesses on internal networks and when it is realised that IPv6 is in fact far nicer, because you're not playing hell trying to set DNS servers and allocate IPs, they will demand more from their ISP.

Longhorn has an IPv6 stack built in, find your favourite Linux distro and demand an IPv6 stack in that.

Re:But when?

[Undertaker43017]

The problem is mostly social. You now have millions of people on the Internet that barely understand what it is, and while from a technical persons point of view IPv6 is "no big deal", from this groups point of view this is a "big scary", and something they wouldn't think of doing on their own. So I suspect the majority of ISP's have realized this and are not ready for the customer service nightmare that changing would cause. Sure you can upgrade your Linksys to handle IPv6, but how many people even know the device CAN be upgraded at all, let alone know how to do it...

Re:But when?

[Scott+Wunsch]

Longhorn has an IPv6 stack built in, find your favourite Linux distro and demand an IPv6 stack in that.

What Linux distribution doesn't have an IPv6 stack built in these days?

And for that matter, Windows users don't have to wait for Longhorn either. Windows XP has an IPv6 stack built in too: How to install IPv6

Re:But when?

[ysachlandil]

> Most of the technological hurdles in connectivity have been overcome

Multihoming is not fixed yet, and basically cannot be fixed within IPv6 (hierarchical address space and multihoming don't like each other). The current hack to fix this is give out addresses from all ISPs you want to connect to and have the _endpoints_ negotiate which address to use (proposal is called SHIM6, google for it). So basically, the network engineer needs root/administrator access to all endpoints in the network to do his/her work.

Now, should I drop one of my peers (and lose my redundancy) just to use IPv6, or just keep my IPv4 addresses until the end of time?

--Blerik

Re:But when?

[jrockway]

Doesn't qmail need a non-DJB patch to use IPv6? I enjoy Bernstein's writing, but in this case, he is doing a whole lot of talking and not a whole lot of acting.

Personally, my entire home network is IPv6. If people don't want to use IPv6, that's fine with me. My ISP charges me $10/month for static IPs, but with IPv6, I got 2^64 of them for free. 2^64!!! That's 2^32 more than all the IPv4 addresses in existence.

I think it's easy to see why people don't want IPv6. Without artificial scarcity, they can't gouge you for IP addresses.

Re:But when?

[puke76]

I think you miss his point. You run IPv6 on your internal network. Great. But every time you talk to someone outside that network, you'll be using IPv4. Who is going to be the first one to switch to the IPv6 internet? No-one. Everyone needs to change at once. And I think that's why many say it's just not going to happen. Why don't you start using an external IPv6 address and get back to me.

Re:But when?

[megarich]

but for some reason ISPs are holding back and because of that businesses are holding back. Everyone is waiting for somone else to make the first move.

I feel the ISP's have to be the ones who make the first move. A not so great example but gives an idea of how I'm viewing this is an official language of a country. Since I'm from the states I'm going to use English as my example. Most people here naturally speak english. Sure you have others here or there who knows other languages but they can't communicate by in large with the rest of the country without knowing english(thus its a GREAT benefit to know english). Now if there was a movement by a good portion of the poplulaton to move to spanish, what benefit would other people have moving to spanish if the key people(in this case the gov) still back english and will not change?

That's how I look at the whole situation, until the key players, namely the ISP's, are willing to change to ipv6 there is no advantages of small/medium size businesses to switch over because everyone else is still talking in terms of ipv4.

Re:But when?

[jrockway]

My internal machines don't need to talk to anyone that uses IPv4.

Admittedly, I do use a web proxy that fetches IPv4 websites for these machines, but I did that anyway. Having IPv6 lets me ssh to my machines without having to ssh to my firewall first. Convenient. And ready for the future.

People can sit here and whine about how nobody's moving to IPv6, but the fact of the matter is that it's super simple to do, and once you have, you're done. If everyone does this, there will be no "great transition". It will just be done. And that's it.

Not nearly as exciting as everyone wants it to be, is it...

Re:But when?

[FireFury03]

But every time you talk to someone outside that network, you'll be using IPv4. Who is going to be the first one to switch to the IPv6 internet? No-one. Everyone needs to change at once. And I think that's why many say it's just not going to happen. Why don't you start using an external IPv6 address and get back to me.

I'm afraid you're talking crap - I use IPv6 on my internal network *and* over the Internet, it coexists quite happilly with IPv4. Enabling IPv6 support on a system does _not_ require leaving the IPv4 network. If you have both protocols enabled then IPv6 will be preferred when it is available on both ends (since the DNS lookup you make to find the remote server's address will return both A and AAAA records) but if one end doesn't do IPv6 then the IPv4 address will be used.

The problem here is an economic one, not a technological one:
1. Why should the content provider invest in rolling out IPv6 addresses to their servers (there is an administration cost in running an additional protocol) when 100% of their clients have IPv4 addresses (the number with IPv6 addresses is not important here if it is significantly less than 100%)
2. Why should the ISPs invest in rolling out IPv6 networks if 100% of the content on the internet is accessible over IPv4?
3. Why should the consumer grade DSL router manufacturers bother to include native IPv6 support in their hardware if the ISPs aren't going to support it?

Most of the end-users neither know nor care about IPv6, but if the ISPs provided native IPv6 connectivity, the customers' DSL routers provided IPv6 support and their OSes shipped with IPv6 enabled by default (Fedora Core does this, as does OSX... sadly XP doesn't) then the customer wouldn't need to care about it because it would just automagically work - IPv6 does autoconfiguration our of the box.

So whilest there are economic reasons why businesses won't be inclined to change without everyone else changing, there is no technical reason why anyone can't support IPv6 without everyone else changing.

Re:But when?

[hopeless+case]

Thanks for posting DJB's piece, it was an interesting read.

I don't see why everyone needs to change (if by that you mean 'get connected to the IPv6 network without losing your connection to the IPv4 network') at once, however. As long as useful services are provided over the IPv6 network that can't be provided over the IPv4 network, people will start changing over. As long as connecting to the IPv6 network doesn't mean you loose the ability to talk over the IPv4 network, and it doesn't, there is no penalty for connecting to IPv6 (except for the initial hassle of upgrading).

Seeing as how Windows XP and Linux both currently ship with mature IPv6 implementations, connecting to the IPv6 network is largely a matter of setting up a 6 on 4 tunnel to a tunnel broker. In other words, a configuration exercise, not an upgrade exercise.

Why should anyone do that, you ask? To access a new service that requires it. Plenty of people who are not computer savvy and who wanted to get VOIP service from Vonage stuck a VOIP router in their home network and the router configured itself.

All that is needed to get us closer to the magic moment are compelling applications. Suppose, for example, that people start doing home security monitoring by using IPv6 addressed window and door sensors. To subscribe to such a service they send you a router that you stick in your home LAN, right next to your vonage VOIP router if you have one, and the router automatically connects to a tunnel broker and sets up a 6 on 4 tunnel to connect your sensors to the IPv6 network.

As more and more people start using such services, the traffic traversing the IPv6 network starts growing. Initially this traffic will mostly tunnel through the IPv4 network but as it grows, ISPs will have a reason to offer direct IPv6 service (to lower the bandwidth required to carry all the 6 on 4 headers to just that required to carry the 6 headers by themselves).

I think the IPv6 community did a great job in thinking through the of transition scenarios and providing all sorts of tunneling mechanisms to allow IPv4 and IPv6 to exist side by side.

I am not sure why DJB thinks those transition mechanisms are not enough.

Re:But when?

[Omnifarious]

I already do that, but my ISP still won't switch. :-(

Welcome Overlords

[j_kenpo]

"There are things. Billions and billions of devices that will service these people"

I for one welcome our new.... thingy overlords...

Re:Welcome Overlords

[Doctor+Memory]

Not sure I want to be "serviced" by a device....

untrue

So it is a false perception that we have full Internet penetration.

This is completely untrue! There is lots of full penetration on the internet.

"Billions and billions"

[FirienFirien]

On the comment "Billions and billions of devices that will serve these people", it seems to be unmentioned that (random estimate, not researched in any way) half of them will not be directly hooked into the interweb. Many of those are intended to be that way, since you want your layers of security, and that's why we have however many thousands of addresses in the range 10.0.0.[0-256]; technically they're using the same IP, but it doesn't matter because that IP is kept internally, and not in contact with the web.

IPv4 does not have enough numbers to give every single device its own unique IP. On the flip side... if we were locked into the system, it would still be workable.

Re:"Billions and billions"

[OakDragon]

It always amuses me that people use the total population of the earth to explain why we need X number of whatever. Do the billion or so babies need an IP address? What about the billion+ sustenance farmers?

OTH, there is a fair point that it's not about people, it's about devices..

Re:"Billions and billions"

[mindstrm]

Private addresses + NAT is not a security measure, although it looks like one.
The same issues can be addressed without the need for NAT and private addressing.

The main reason private addressing is used is because getting public address space is a hassle... whether people realize it or not.
Just imagine.. if you could just have a million public IP addresses that worked, why wouldn't you use them?

Re:"Billions and billions"

[TCM]

half of them will not be directly hooked into the interweb. Many of those are intended to be that way, since you want your layers of security, and that's why we have however many thousands of addresses in the range 10.0.0.[0-256];

Repeat after me for the 34253456345324th time: NAT is not a security measure. NAT is not a security measure. NAT is not..

Re:"Billions and billions"

however many thousands of addresses in the range 10.0.0.[0-256]

Sorry, but I have to completely discount technical analysis and discussion from anyone who writes 2^24 as "however many thousands" when discussing a technical subject in a technical forum. Nothing personal, mind you, but it demonstrates either (a) a lack of basic math skills which are essential, even reflexive, to anyone really knowledgeable in this space or (b) a lack of attention to detail. In either case, your analysis is of much less value given that there are people around who actually do understand the topic.

Re:"Billions and billions"

[Thomas+Charron]

NAT is a *layer* of security, but not security itself.

Ok, NAT itself isn't. HOWEVER. MOST people relate NAT with a firewall performing NAT. Which is a level of security.

Nitpicking that a NAT machine is not a security measure fails to take into consideration that most people, NAT assumes some sort of firewalling taking place between the networks.

Re:"Billions and billions"

[drinkypoo]

WTF? My ISP is not doing NAT. I have a different routable address dynamically assigned every time I connect. I am doing NAT, thus I am trusting that I will not be owned. My border gateway (linux box) does not accept packets for non-routable networks on the external interface; nor does it accept packets for services I am not running.

You may well have an argument, but I can't tell from the above comment.

Re:"Billions and billions"

[just_another_sean]

Please tell me for the 34253456345324th time... Why? (link is fine, I like to read.)

Re:"Billions and billions"

[fnj]

Repeat after me for the 34253456345324th time: NAT is not a security measure. NAT is not a security measure. NAT is not..

You can repeat some mindless drivel endlessly, but that does not make it so. All the small users like me who have Netgear or Linksys NAT routers have thereby a very significant measure of security. With the default setup with no port forwarding, no WAN packet containing ANY destination address in the header is going to get routed to the LAN side except as part of a connection established FROM THE LAN SIDE, except by stumbling into an established translation state sequence, which is exceedingly unlikely.

Cool it with the misdirection. It is POSSIBLE to use NAT and still permit inbound routing, but only a statistically insignificant proportion of NAT users would do so.

Re:"Billions and billions"

[keithmoore]

All the small users like me who have Netgear or Linksys NAT routers have thereby a very significant measure of security.

Not clear. There are so many ways to compromise a Windows box that NAT is pretty much irrelevant. If you're not running Windows then the potential threats are greatly reduced anyway. And there are ongoing efforts to define ways by which apps can ask the NAT to forward traffic to them without explicit configuration.

Marketers love to promote the delusion that they can sell you a magic box that will provide security without harming your ability to run apps. Whether or not the box implements NAT, it's a delusion just the same.

Re:"Billions and billions"

[volkris]

It's clearly NOT the NAT that's providing you security here, but simple matters of routing.

So as the parent post said, NAT is not security. Routing and firewalling can provide some security, but not the NAT itself.

Re:service?

[madaxe42]

Like this : here

What About Private Address Space?

It seems that when discussing "the sky is falling" ipv4 schemes, no one ever takes into account private networks. In most cases, especially in the Western world, all devices are not directly connected to the internet. Private address space, when used according to specification, will eliminate the need for costly conversions to a new standard.

IPv6, in some ways, is not a good thing, and my vote is to continue using the current addressing system, albeit in a more conservative manner.

Re:What About Private Address Space?

[WindBourne]

With IPv6, you still have private address space, if you want, so your reasoning for staying is faulty. The problem is that there is no ip space as more ppl want ip's than are available. Quite honestly, we need to move to IPv6.

Re:What About Private Address Space?

[kotj.mf]

Private address space, when used according to specification, will eliminate the need for costly conversions to a new standard.

Actually, it'll eliminate the need for costly conversions to a new standard for a period of time, after which we'll all need to upgrade anyway, when it'll be even more costly.

Ladid's main point seems to be that NAT-proponents take this kind of short-term, client/server-centric view. There's nothing wrong with client/server, but it's a significant hinderance for independent development of things like VoIP, where peer-to-peer makes far more sense.

Basically, it's not just that we're running out of address space; it's also that treating NAT like anything other than a (relatively) short-term fix ultimately hinders the development of new uses for the internets.

Re:What About Private Address Space?

[bigtrike]

Connecting those devices indirectly to the internet requires NAT or some other kludge. While it works to a degree, it has a lot of shortcomings and is not a viable long term solution.

Re:What About Private Address Space?

[TheRaven64]

Rubbish. NAT is not a security measure. If you have port {whatever this week's virus uses} forwarded, you are just as vulnerable as if you don't use NAT. Similarly, if you have a public IP and a firewall between you and the Internet which doesn't allow anything through on that port, you are secure.

A public IP with everything other the VoIP and (for example) BitTorrent blocked is much more useful, and no less secure than NAT.

Re:What About Private Address Space?

[mrogers]

IPv6 won't solve the address scarcity problem, because nobody wants a public IPv6 address that isn't reachable from the IPv4 network (who wants to turn away customers?). This won't start to change until almost everyone has switched to IPv6. Therefore the non-IPv4-compatible parts of the IPv6 address space are only useful for private networks and point-to-point links, where address scarcity is not a problem.

NAT, on the other hand, is already solving the address scarcity problem. It isn't necessary for every IP-enabled toaster to have a globally unique address - it isn't even necessary for every home computer to have a globally unique address! People who only use the internet for web and email can happily sit behind symmetric NAT without even noticing (many of them already are). People who use P2P need full-cone NAT, but assuming an average of 128 connections per user at peak times, you can fit about 500 users behind a single address even with full-cone NAT.

IPv6 has some good features, but solving address scarcity isn't one of them.

Oh, penetration

[jfengel]

Q: Besides the obvious thing about address space, what other advantages does it have?

A: Penetration! Because we don't have everybody connected yet!

Q: And how does IPv6 increase penetration? Does it build wires to people's houses or make provide satellite dishes to third-world countries?

A: No, but it does make sure we have enough addresses once they have some money to buy the actual hardware stuff!

Look, I know that eventually we're going to have to transition off IPv4 because of the address space issues, and that we might as well start now, but articles like this make it more like a marketing stunt to sell new hardware RIGHT NOW.

Re:Oh, penetration

[leonbev]

Exactly... No one in their right mind would want to give the appliances of their home network a public IP address. The last thing I want to worry about is having my microwave or refrigerator being hacked and wrecking my food because I haven't installed the latest security patch to whatever embedded OS they're running.

Re:Billions and billions of devices...

Oh come on, that's just thtupid.

IPv6 Changes

[mrtroy]

What people dont seem to realize is that IPv6 is not only about adding more addresses.

They also improve the packet structure (by doing things like removing the fragmentation flag)

And we should be looking at making wireless roaming easier (consider forwarding mechanisms when changing WAP's)

But more addresses is a key benefit. And there is no real harm, just the cost of transition which can be minimized due to the backwards compatibility provided through tunneling, etc. So if everyone just starts installing IPv6 hardware, everything is happy. Why is this issue being rehashed?

Re:IPv6 Changes

[Crazy+Man+on+Fire]

The point is that P2P is harder in IPv4 than in IPv6 since you have to deal with NAT. In IPv6, you could communicate directly with somebody without going through NAT and therefore that part of the communication would be trivial. No fancy stuff would be required to account for NAT between the two peers. You'd still need an application to do the communication, but it would be pretty trivial.

Re:IPv6 Changes

[silas_moeckel]

And the ISP's are asking where the profit in doing it is? There are a lot of downfalls to providers Multicast being the big one along with a whole lot of training. I do love all the people that think all of a sudden there toasters can have real IP's and NAT will go away, nothing in IPv6 says they have to give you more than one IP without paying more for it just like today.

Why don't we start today? Tunnels!

[Nichotin]

If you just want a broker that is quick to get started with, go to btexact and sign up. For those "permanent" set ups, go to (you will get a tunnel initially, but have to save uptime enough to get a subnet and such).

So, what can it be used for? Well, at the moment I do not really use it to browse the web, but I use it for reverse dns on irc (efnet, freenode and most other ircnets have ipv6 enabled servers). In other words, I can have a range of customized hosts (very handy since many friends have shell accounts here) on irc, like @doomtech.net or cust-523452.nix.net.ru. The first one is my own domain, but the second is from afraid freedns. Afraid has a huge range of public domains, which you can add AAAA and PTR records for.
After thinking up a host, please go to spamcalc, if you don't have the brains yourself to see if your host is dns spam or not. A host like doomtech.net is not dns spam, but something like i.am.god.and.i.live.in.the.cave.with.osama.bin.lad en.info is.

Sixxs and btexact have pretty exact instructions on how to set this up on a range of operating systems. With the aiccu client from sixxs, the tunnel should work behind most NAT setups as well.

But not everyone will need IP addresses

[WebHostingGuy]

While it is nice to say we don't have enough IP address to cover everyone now, be realistic. Not everyone will need one. There are a lot of people like me who will have lots and lots of them with all the toys I accumulate. However, there is also going to be a lot of people who won't.

While we will need more in the future saying we have to have more IPs because we have more people is not necessarily correct. Whereas NAT is being used a lot in corporate networks it is also being used in the home as well. I know, this doesn't solve everything. However, I can say right now there is a generation of people (my parents) who do not know what an IP is, nor do they care. Including them in the big list saying we need IPs for them is a fallacy--they will never use it or want it. And how about babies? Unless you are tagging them with remote tracking chips when they are born chances are they don't need one. Moreover, right now there are entire places in the third world which do not have systematic running water or electricity. Including them in this count is ridiculous as well. They need a lot more basic needs before they all need individual cell phones running IPv6.

Re:Why not give PEOPLE addresses?

[bhirsch]

How about if your domain name is blahblah.com, then your web server could be www.blahblah.com? It gets better: Your mail server could be mail.blahblah.com. And yes, your coffe pot could be coffeepot1.blahblah.com.

Re:Why not give PEOPLE addresses?

[MosesJones]

Errr you did read the bit that said that IPv4 can't support the number of people on the planet already? Also you do know that all you are talking about is a secondary addressing approach (network 1 : 1.2.1.2, sub-network : 2.3.3.3) which is already possible on IPv4, but requires an agreed standard for the secondary networking approach.

Oddly secondary networks have been considered during all of this, but it was easier to update the primary network addresses rather than formalising NATs which had other issues.

Why is NAT so bad?

[mightypenguin]

I understand that NAT is considered a hack, but isn't the fact that a device's real address is hidden a security feature for the user? Wouldn't it be that much harder for malicious users to track my internet usage? This would be especially true if I had a mobile device, since moving from one NAT system to another would make following my movements remotely more difficult. So I'd think NAT would be considered a privacy boon. The article doesn't really address this effectively. Also, since most mobile devices have limited bandwidth, I'd think that having a constantly changing IP address, or hiding behind a NAT would mean that DOS attacks against them would be more difficult. If most big mobile device ISPs like the blackberry and sidekick folks offered NAT based access in the future, I'd think that we'd be relatively safe from IPv4 address exhaustion. So stating the main reason for IPv6 being address exhaustion I think is crap. It IS very useful for other reasons though, and I think those reasons warrant it being switched to.

Re:Why is NAT so bad?

[smbarbour]

NAT is the one of the best "hack" that has ever been made for networks. I don't want to have every computer publicly accessible. Is there NAT on IPv6? How many addresses are available for v6? Using NAT, the maximum number of connected devices (sorry for not having the figures in front of me) on IPv4 = Total # of public addresses x Total # of addresses in a class A private network (10.x.x.x).
 
According to my calculations, using Class A private NAT with each address in a Class A public network comes to: 281,474,943,156,225 available nodes. That's over 281 trillion for the utilization of 1 class A IPv4 network. There are plenty of addresses if we use them properly.

Re:Why is NAT so bad?

I understand that NAT is considered a hack, but isn't the fact that a device's real address is hidden a security feature for the user?

Nope. Your real (read public) address is visible. Your fake (read private) address is hidden. NAT is not a security mechanism, and in fact causes security issues because of a false sense of security. Next.

Wouldn't it be that much harder for malicious users to track my internet usage?

Nope. It's just as difficult for malicious users. It's more difficult for "valid" users (sys admins, etc.). Next.

So stating the main reason for IPv6 being address exhaustion I think is crap. It IS very useful for other reasons though, and I think those reasons warrant it being switched to.

Agreed. The root problem isn't really the address exhaustion, it is address allocation. It wasn't handled very well, and now we're running out. (NAT does buy us some time.) Unfortunately we can't go back and reallocate everything nicely now...

Oh wait, we can. IPv6 fixes the issue with a brute force approach, increasing the number of available addresses by a large factor. This will work for now, but isn't elegant. If the IPv6 addresses aren't allocated well, we'll have the exact same issue crop up again. And much sooner than anyone currently believes, of course.

I'm going to simply things dramatically, but assuming a flat 128-bit addressing scheme, we could have up to 3.4028236692093846346337460743177e+38 addresses, or about 56.7 octillion addresses for each person on the planet. A bit much, I should think.

Now, IPv6 isn't flat, it's true, but 80-bit (anyone remember IPX?) would be more than sufficient, even when considering allocation losses. IPv6 does have some useful features, but its addressing scheme is not one of them.

When we actually run out of numbers ....

[bizitch]

The closer we actually get to REALLY running out of IPV4 numbers - the more IPV6 will become adopted

This is known as "Market Forces" - this is a foreign concept to many but it is the reality of this situation.

When NAT becomes insuffiecient to handle the demand - IPV6 will be ready to roll. Then every man, woman, child, insect and grain of sand will have its own PUBLIC address which we can then begin to exploit - YAY!

Good ideas always make slow progress

[Billosaur]

Just think of the number of systems that rely on IPv4 right now: networks, routers, cell phones, etc. There really isn't a lot of room left at the current rate of expansion. But let's face, that's how we get: complacent. The current system is working -- why bother with a new one? I believe the Romans got that way toward the end...

I read the article and it was insightful, but I didn't have a lot of background on IPv6, so I searched for some background and found this on the details and this on implementing it in Linux.

From the article: The Internet was not designed like this. It was designed to enable peer-to-peer and VoIP. In the meantime, through NAT, telecomms companies are offering VoIP but they want to bill you for it, but the Internet was not designed with any billing mechanism. When you connect to the Internet you pay anyway, so why should you pay for more services? This is the big debate. The Internet was not designed for telecomms companies, it was designed for everyone to share expensive CPU power. When you share expensive resources you can do anything.

I agree. Paying for sevrices is basically just icing on the cake for telecoms.

Re:Why not give PEOPLE addresses?

[dslauson]

Not a terrible idea, but it assumes that end users are going to be able to figure out how to configure static IP addresses for all their devices, which is a pretty big assumption.

Plus, who would be in charge of assigning them? Would that mean that I have to register for an IP like I do for a domain name? Who's handing them out, the DMV? The Social Security office? The UN?

Also, it seems like it would be easy for hackers to mimic other people's IP address. Seems like maintenence nightmare.

I don't get it

[nmg196]

Why does IPv6 make P2P any easier to implement?

Why does it remove the need for servers?

Why does it mean that we "won't need providers such as Skype anymore because we'll be able to do it all ourselves"?

I don't see how IPv6 lets you do ANY of these things. You'll still be firewalled, you'll still need servers and software vendors like Skype. In fact the only thing about IPv6 that would seem to me to help P2P is that slighly more people might end up not being NATed but that won't affect anything much.

Does this person actually know what they're talking about or are they from marketing?

Re:I don't get it

[it0]

I always understood that ipv6 has the ability to send 1 packet to mupltiple persons at once. So for example if you use bittorrent, and there are 7 people connected then you only have to send out 1 packet to reach to 6 people in stead of 6 packets with ipv4.

The rest I don't know

Re:I don't get it

[Anakron]

Why does IPv6 make P2P any easier to implement?

It allows you to make direct connections from any computer to any other computer connected to the Internet. The way it was supposed to be. I'm guessing most peer to peer applications contain a lot of code that is designed to work around NAT.

Why does it remove the need for servers?

It doesn't. Not servers in the sense we normally think of them

Why does it mean that we "won't need providers such as Skype anymore because we'll be able to do it all ourselves"?

I believe what he is referring to is the fact that Skype tries to set up a connection between two users who are both behind NAT boxes by using another computer that is not NATed. That part wouldn't be necessary. We'd still need the Skype software, though.

you'll still need [...] software vendors like Skype

Right. It's just that Skype wouldn't need to use the kinds of ugly kludges they do now to get around NATed users.

In fact the only thing about IPv6 that would seem to me to help P2P is that slighly more people might end up not being NATed

The hope is that nearly no one will have to be NATed. Please don't start that security story again. NAT is NOT about security. NAT boxes usually also perform firewall duty (and usually not very well). That's it

but that won't affect anything much

I disagree. I think it will help a great deal. Network administrators and creators of network-aware applications spend a great deal of time trying to make sure that NATed users won't see much of a difference (and it needs to be reinvented for every application). If they no longer need to spend time trying to work around such a broken concept, we can hope to see real innovation.

Re:I don't get it

[kwalker]

Because two nodes on an IPV6 network wouldn't be stuck behind closed NAT firewalls and not able to communicate directly. Currently, if you're using Yahoo IM and want to send someone a picture, you have to relay it through Yahoo's servers, which causes a bottleneck because thousands of other people are doing the same and everything bottlenecks through Yahoo. With IPV6, both ends could have a public (possibly static) IP address, so person A could connect directly to person B and bypass the traffic jam at the server. It gets worse on something like eDonkey where if both ends are NAT'ed the transfer CANNOT happen.

As for removing the need for Skype, it wouldn't, but it would change. A Skype server would just need to know IP addresses so if person A wants to talk to person B, the Skype server just tells A "B is at 0:1:2:3:4:5" and A can then connect to B directly, instead of relaying through god-only-knows how many intermediates who may or may not be compromised or malicious. However, if you were setting up your own PBX with a static IP (And IPv6 has enough addresses that you could), then you wouldn't need a central authority (Skype server) to do the matchmaking.

Yes you'll still be firewalled, but the firewall will be at the end point, not in the middle somewhere that you have no control over (As in my case). The firewall rules would just change to a FORWARD rule instead of a "direct this port to this IP" rule.

IPV6 is about decentralizing, while NAT is essentially centralized (At the NAT server). If something can't change ports (Some VPNs, old protocols, not smart enough, etc), then you can't have more than one person behind the NAT using said protocol. NAT also causes problems because to the machine on the public-side of the NAT, only sees the address of the NAT gateway, not the address of the machine actually making the request. The implications of that are left up to the reader.

Re:I don't get it

[WhiteWolf666]

You haven't grasped the number of addresses IPv6 will make avaliable.

65535?

Think bigger:
IPv6 is intended to address the concern of IPv4 address exhaustion. There are too few IP addresses available for the future demand of device connectivity (especially cell phones and mobile devices). IPv4 supports 4.2 billion (2564 4.294 × 109) addresses, which is inadequate for giving even one address to every living person, much less support the burgeoning market for connective devices. IPv6 addresses this problem by supporting 340 undecillion (655368 3.4 × 1038) addresses. For scale, this would allow an average of about 430 quintillion (4.3 × 1020) unique addresses per square inch, or 670 quadrillion (6.7 × 1017) per square millimeter, of the Earth's surface. In other terms, assuming a population of about 6.5 billion humans, there are enough IPv6 addresses such that every atom of every person on Earth could be assigned 7 unique addresses with enough to spare (assuming 7 × 10^27 atoms per human).
Source: http://en.wikipedia.org/wiki/IPv6

So, think more like 4.9 x 10^28 address _per person_ (not per connection).

That's a little more than 65536.

Re:I don't get it

[chuckychesthair]

Skype is popular because it can function even when both ends of the conversation are going through a NAT. NATs are inherently evil (no, they don't offer more protection than a simple ingress filter on any "real" router) and break the end-to-end principle. With IPv6, you will not get just 1 IP address like in IPv4, but a shitload (currently the thinking is a /48, which is over 65000 subnets, each subnet containing roughly 4 billion * 4 billion addresses, but thinking is changing towards /56's, only 256 subnets, still an impressive number of addresses).

What this will do it 2 things:

1- allow for more machines to do any particular service. (multiple VoIP devices, multiple webservers, no extra configuration to restore ICQ file transfers, easy webcamming)

2- reduce worm problems (because most addresses are not used, simply scanning address ranges will not be successful, limiting worm propagation by several orders of magnitude)

So, no, it doesn't remove the need for servers per se, but most applications that set up peer to peer connections these days need some other machine to bypass the NAT problem. With IPv6, NAT is no longer needed (although there will be idiots that think it makes things more secure and demand it for IPv6 as well. I'm praying it won't catch on)

CC

Oops, I almost forgot!

[Nichotin]

With sixxs, you get a /48-subnet, which should be sufficient for your quadrillion machines. The address I have looks something like this: 2001:770:11e::1, which is a short for 2001:0770:011e:0000:0000:0000:0000:0001. Luckily those zeroes can be shorted to just ::, which makes these addresses pretty easy to remember, actually. You can also have a bit fun, if you wish, by having e.g. 2001:770:11e:FFFF:DEAD:BEEF:DEAD:BABE :)

If you are bored some day, give the tunnel stuff a try, instead of sitting in your underwear drinking cola and multitasking irc and quake4.

Re:service?

[Soybean47]

Oh, you know what they're talking about. Billions and billions of devices to "service" you. Ever increasing "penetration." What, you think this guy is wrong aobut the future of the internet? ;)

IPV6

[Zlib+pt]

In other news, a door in germany refuses to open because some script kiddie got it's IP address and crashed the door. Officials are trying their best to open the door but they suspect the door has to be rebooted.

Are this going to be the news from the future?

Re:Population

[Carbonite]

Even though we do have a lot of people on the planet; I seem to recall that the population on the planet actually declined in the last 10 years.

Where the heck did you get that information? We've added 750 million people in the last 10 years.

Take a look here http://www.census.gov/ipc/www/worldpop.html/

1995 5,694,418,460
2005 6,451,058,790

Why IPv6 Is Coming

[Tony]

To all o' you people asking, "What does it give me?"

It gives you nothing. You're already on the internet.

IPv6 is going to give India and China and other high-populous countries connectivity. As it is, they don't have enough IPv4 addresses even to *nat* their country, let alone to provide real services with which NATing interferes.

And that's why you and I have very little say about the adoption of IPv6. It's gonna happen, and it's gonna happen soon (say, the next 5 years, tops). Pretty soon, those of us who remember IPv4 are going to be like 3-digit /. users-- old, out-of-date, and constantly reminiscing about the old days.

Maybe I'm just a Sick Twisted Freak

[krgallagher]

When I read "But there are not only people. There are things. Billions and billions of devices that will service these people." I immediately invisioned billions of internet enabled sex toys.

Re:Mismanagement of the IPv4 address space

[kotj.mf]

What if the "average" user wants to host their own content, without worrying about some external entity having control over it?

That was the original point of the Internet - not to differentiate between content/service "providers" and "consumers," but to enable redundant p2p information sharing.

Re:Why not give PEOPLE addresses?

[rekoil]

No need - your IPv6-enabled DSL/cable modem will contain a Router Advertisement Daemon that takes care off all that for you.

Re:Why not give PEOPLE addresses?

[Mercano]

It wouldn't really be routable. There would be no way figure out which way to send the packets for a given "address." For istance, under IP4, any router that sees a packet going to any machine with an address starting with 129.22 (one of the few blocks I know off the top of my head) knows that the packet should be pushed out a pipe that heads in the general direction of Cleveland. In fact, most routers probably work off even broder rules, with (just making this up, now), all address starting with 129.17-129.32 should be pushed out towards OAR net, then OARnet would do more focused routing in house.

With "people address", there are three problems. First, no way to generalize routing rules. Secondly, there is the fact that all your stuff might not be in the same place. Most of it is at your house, but some of it is at the vacation home. Finally, there is the problem that people, unlike IP4 address, tend to move arround alot, geographically speaking. Usually, if you move from New York to LA, you get a different IP, even if you use the same national ISP. Under your scheme, the whole internet would have to be told to redirect your trafic. Yick.

Address space not the biggest feature

[jgold03]

Address space isn't why we should gloss over IPv6. Yeah, its nice that we can get rid of NAT, but the bigger deal is virtual circuits. IPv4 can't handle streaming data, keeping us from high-broadband technologies like TV-over-IP. IPv6 was designed to optimize routers for doing high-broadband transfers. That should be the biggest selling point of IPv6.

Re:Mismanagement of the IPv4 address space

[markov_chain]

In the original vision of the Internet everything is supposed to be a server, so we're back at square one.

Creating a system where one has to opt in to have a routable IP is treading on a slippery slope. Soon after, you might need a special permit to have a server, and before you know it we're back to gatekeepers and the telephone network.

Why shouldn't non-geeks have routable IPs? How many future Shawn Fannings, DVD Jons, or Linus Torvalds' would we lose through such restriction? The Internet should stay as connected as possible, so that the innovation and creativity at the ends stays unencumbered and free. Just think about how long it took telephone companies to implement call-waiting, *69, etc. Also check out the End-to-end Arguments in System Design, it's a classic.

Big Brother?

[thealsir]

Implanting an RFID chip in everybody with a unique address makes it a very easy way of tracking people...and explains why IPv6 is being pushed so hard even though it is unnecessary. Sure, NAT will handle boatloads of expansion to come, but it offers a layer of anonymity to computers behind the NAT...security through obscurity...how many 192.168.x.x addresses are out there? This way, a unique IP can be given to each computer, more unique even than MAC addresses. And it can be reached around the world. If Those Above get their way through, I see computers eventually having hardcoded IP addresses. And RFID implants with a unique IP address for everybody.

Re:Mismanagement of the IPv4 address space

[kotj.mf]

Oh, and before you try to convince me that "average" users don't want to host their own content, please consider the popularity of Kazaa, Blogger, Flickr, del.icio.us, Podcasting, Myspace, and the world ending when mp3.com went tits up. There are plenty of non-geeks who want to create and share information on the net, and they're currently mostly limited to using a somebody else's machine to do it for them, because the barrier to being a "server" is so high.

Billions and billions

[gasmonso]

"Billions and billions of devices that will service these people."

Ah yes, in the immortal words of Carl Sagan

gasmonso http://religiousfreaks.com/

Re:Mismanagement of the IPv4 address space

[mark-t]

"Period"?

Uh... no.

How about anyone that is running software that requires a peer to peer connection (and I'm not just talking about filesharing software)? And it's further worth pointing out that the only people that require such connectivity are not just the techie geekoid people. Running VoIP through NAT, for example, is a bitch and a half, and often not even possible if the end user does not have administrative rights on the NAT.

Your argument does touch on a very good reason why NAT would not be entirely obsolete even upon the move to IPv6, however.

(Also, by playing around with IPv6 extension headers and a gateway that adds or strips headers to a packet, it's theoretically possible to do routing right _THROUGH_ a NAT on IPv6).

So really, it seems that the only argument against IPv6 migration is just that people are lazy and cheap and don't want to do it right now because it'd actually require some effort.

I am surpised that Broadband ISP have jumped.

[LWATCDR]

Think about it. Almost every broadband ISP offers a "home network" package where they charge you extra for extra computers on the connection. However everyone else on the planet is selling easy to use broadband routers to do it on the cheap. If every device gets an IPv6 address then you can bill them very easily for all those extra computers on that DSL line.

Re:Why not give PEOPLE addresses?

[mediocubano]

but when some kiddie wants your IP to hack into your system you'll have to give him something other than "127.x.y.z". You'll have to make up a much longer number.

Why NAT is so bad

[TallMatthew]

If you've ever tried to implement an IPSEC VPN with numerous endusers that have DSL/CableModem gateways that default to 192.168.1.x, you'll know why NAT is so bad, particularly if you're using that address space internally already. Granted, there are workarounds to this.

That's dicey, but what's even more dicey is trying to interconnect corporate networks that use the same private address space. Companies that run virtual trading floors, for example, offer private line connections. You end up with multiple IP subnet conflicts and it's an incredible headache. That having been said, there are workarounds to that, too.

When NAT became popular way back when, I was part of a few really painful reIPing projects. The reason we went to NAT was because there was no way to get portable IP space and our ISP was being a complete dick, jacking their prices and refusing to run BGP with us. Moving to NAT meant portability and portability meant our ISP couldn't dick us. If I was to move away from NAT and put v6 addresses in my corp network, that's what I'd worry about more than anything.

Re:Why not give PEOPLE addresses?

[onwardknave]

As noted by the recent spate of cellphone-targeting malware....if you don't have the latest coffeepot firewall, someone could make you wake up to decaf! The horrrrror!

In fact, I would think of the metric issue

[WindBourne]

Back in the 70's, President Carter was going to move us to the Metric system. Road signs were being converted to mph/metric, goods were dual marked, etc. The idea was to make the conversion in 1981. Then reagan came in and stopped it. America was nearly ready, but it was stopped. Now, we are just about the only nation that does not do metric. That means that special labeling is done just for us. That also means, our goods are more expensive. Sadly, at this point, we have raised several whole generations without as much metric as we had in the 60's, and 70's. When we decide to finally change, it will be expensive and hard. reagan's choice was very short-sighted.

Right now, is the time to switch. In the future, it will only be more expensive esp. as small devices get IPs. They will also have to be switched. Finally, a new wave of software development could take place with IPv6, that is more difficult to do with IPv4. Not siwtching is very short-sighted.

Re:In fact, I would think of the metric issue

[kotj.mf]

Bingo. This isn't like some company deciding to forgo upgrading MS Office every two years. This is like deciding to run Cat3 in your house, instead of 5e or 6, because you've currently only got a 100Mbit hub.

Re:In fact, I would think of the metric issue

[cpeterso]

Does your wife still work at Jollibee?

Most important change

[Phronesis]

Under IPv6 the internet will surf you.

Consumer Driven

[el_womble]

Of course companies and academics don't want IPv6 they already have the only real advantage it provides - per machine addressing. Why would they invest money to get something they already have?

IPv6 benefits individuals. It benefits P2P, VoIP, photo sharing, blogging and email (yes email - you don't need a third party server if you have a permanent web presence). Yes you can have all of that with IPv4, but its held together with hacks like NAT, port forwarding and man-in-the-middle servers. That's fine, if like me, you hold a degree in computer science and arn't put off by the nuances of network security, berkley ports and subnet masks but if you're a noob who just wants to share their Christmas pictures with friends and family its a pretty steep learning curve.

I'm a pretty typical nerd. My home network has 4 computers that regularly connect to the internet. Of those, 2 offer services such as SSH, bittorent, email and my testing web server. After christmas that will probably extend to a new XBox360 and a PSP (admittedly passive net users). Next Christmas it might be my mobile. The Christmas after that my espresso machine will probably be consulting a distributed database to see what is the best way of brewing Co-op's Fairtrade Java.

You can buy a computer the size of a pack of gum with a complete Linux operating system and enough horse power to run a web server for ~$200. That's too expensive to be ubiquitous but in 2-3 years time that figure will be in the region of $20 and it will be a WiFi network. It's going to happen.

IPv4 forces our devices to be passive because configuring a NAT Router and Firewall is hard for Joe Public. IPv4 means that we have to poll to get system updates. IPv4 means that I can't just ask my fridge what its contents are without configuring a seperate box. IPv4 means that I'm happy when a third party agrees to handle my communications - I actually ask them to listen in and they 'promise' not to read my mail or listen to my conversations. IPv4 means that when I get an email from my girlfriend at 195.95.195.94 I have no method of authenticating that.

IPv6 means that I buy bandwidth and nothing else. I don't get 100MB of web hosting, or a whopping 5 emails addresses, I get to use my over powered desktop machine with 200GB of 'web space' and as many email addresses as I please. IPv6 means that I can start to build a web of trust, so that I can start to authenticate the messages I receive against a web of my peers - not a single verisign certificate. IPv6 means that consumer electoronics can be connected to my data pipe and that the manufacturer can be responible for its up keep - including firewalls and virus protection.

In short IPv6 allows people to own a bit of the internet and say it's theirs rather than renting an inch and getting kicked off that inch every 4 hours.

You don't understant the Internet

[swillden]

The ONLY machines that need actual IP addresses are servers and gateways. PERIOD. Everyone else can be NATted.

Sigh.

The problem with this statement is that it presumes all content comes from central servers. But that's not what the Internet was designed to be, and forcing it into that model will severly retard, and in many cases simply destroy, all future innovation.

The Internet was designed as an endpoint-to-endpoint communications medium. The intelligence is at the edges, every device on the network has equal access to every other device, none are "special". In practice, of course, 72.14.207.99 (one of Google's servers) *is* special, recieving many more connections than most other addresses, but that's an emergent phenomenon, not one that's designed in. It's only special because lots of other devices *choose* to talk to it. One day they could all choose to begin sending their search requests to some sort of massive, distributed, peer-to-peer search engine (I don't think so, I think it makes sense to centralize search, but perhaps there's a really powerful distributed indexing and search algorithm that no one has yet discovered).

There's huge power, flexibility and opportunity in that model. We do a lot of things using the Internet now, in 2005, but it's still in its infancy. We have no idea what other kinds of communications technologies will arise or what sorts of things people might come up with to do with this medium ten, twenty, fifty years from now. That means it is critically important for the future of technology and innovation that we preserve the ultra-flexible model that the really bright guys at DARPA came up with.

End-to-end delivery. Intelligent endpoints. Dynamic, multi-path routing. No central control. Those are the characteristics that turned the Internet from a lab-based curiosity to such a worldwide phenomenon that we seriously talk about how it will one day touch every human being on the planet. Think about it. The Internet looks poised to become the *single* communications medium used for all electronic communications, be it text, audio, video. What is it that made this such a powerful medium? End-to-end. PERIOD.

Let's not throw it away before we even find out what we can really do with it.

Re:Haha...

[NIN1385]

Awww... c'mon, that's classic family guy comedy!

Re:Why not give PEOPLE addresses?

[drakaan]

Quick test: if you have a web server running on each of your dozens of machines (all on port 80...no bucking the standard), can I connect to each of them using http?

No? Why not? Why can't you just get more IPv4 addresses so that I can connect to each of them?

The advent of NAT has solved the main problems that ISPs have had with giving their customers addresses to use for connecting to "content providers", but it has pretty much eliminated the original "every node is a peer" architecture of the internet.

Sure, if you're an ISP that works for you, but if you're some random guy that wants it to be easy to connect two (currently natted) devices together without involving a third device as a go-between, it's not such a good solution.

It's easy not to get it, just because we're all so used to having to do things the way we have been forced to. The epiphany comes when you realize how much more flexible the system is when NAT is not involved.

Re:Billions and billions of devices...

[necro81]

Billions and billions of devices...

Ah, if only Carl Sagan were alive to hear that comment!

Re:Why not give PEOPLE addresses?

[indifferent+children]

Which thanks to recent health studies, can now be prosecuted as Attempted Murder.

Nonsense

[dpilot]

IPV6 could well be DOA, because it solves the wrong problem.

IPV6 solves the problems of the Internet, as originally conceived - egalitarian and end-to-end.

Nobody in power wants that any more. I'm sure that those in power would mostly prefer that the Internet would just go back and hide under the rock it came from, but they DO like the benefits it gives to THEM. If IPV6 goes forward, it'll only be because it has enough momentum as the "logical successor," and because TPTB can't propose what they'd really like.

If IPV6 were being designed TODAY:
It would have DRM built-in for the ??AA, as well as router-based monitors and controls for peer-to-peer networking.
It would have built-in provisions for wiretapping, even at the opportunistic VPN level, for government TLAs.
It would have content and traffic filtering provisions, for China and the Religious Right.

Of course IPV6 really runs counter to all of these "design criteria."

It doesn't matter

[keithmoore]

The notion of a complete transition is fairly meaningless. We're going to be using IPv4 for the web, email, and dedicated appliances like printers that are hard to upgrade, almost indefinitely. However for those applications the limitations of IPv4 addressing aren't such a big deal as there are fairly acceptable workarounds. IPv6 enables many more hosts to participate in peer-to-peer interactions than before, and this opens up potential for many new kinds of protocols and networked applications.

As for deployment - Some large ISPs are already selling IPv6 access to commercial customers. Consumer ISPs will be the last to see IPv6 because consumers will be the last to understand why it is useful. But this isn't such a big problem either, as anyone with a static IPv4 address can use IPv6 right now using 6to4 or an IPv6 tunnel broker. Bottom line - if you want to use IPv6 with an application today, there's a way to do it using existing networks and services. What we're waiting for is new applications that make use of IPv6 to do things that they couldn't do with IPv4 (maybe because they couldn't access enough devices that way). I think we'll see IPv6 used to control traffic lights, monitor security cameras, etc. before we see it widely used to transport web and email.

I use IPv6 every day between home and work. It's what lets me have multiple individually addressible machines at home with a residential DSL connection. My work network now supports IPv6, but my home ISP doesn't. 6to4 solves the problem handily.

Re:Why not give PEOPLE addresses?

[kabocox]

With "people address", there are three problems. First, no way to generalize routing rules. Secondly, there is the fact that all your stuff might not be in the same place. Most of it is at your house, but some of it is at the vacation home. Finally, there is the problem that people, unlike IP4 address, tend to move arround alot, geographically speaking. Usually, if you move from New York to LA, you get a different IP, even if you use the same national ISP. Under your scheme, the whole internet would have to be told to redirect your trafic. Yick.

You've missed the tin foil hat consipary theory. Assigning an IP address to all newly minted currency along with some RFID and GPS. Instantly, the MAN and your neighbor could ping all your money! The IRS would know exactly how much cash that you have stuffed under your bed!

Re:Why not give PEOPLE addresses?

[drakaan]

I'm confused about your example. You say

Yes, it is quite easy with named virtual hosts and reverse proxies, and the usual NAT firewall.

...and then you give an example of something that demonstrates specifically that I cannot connect to those web servers...I have to connect to a proxy.

So, your answer is "no, you can't do that without a third machine as a go-between".

I'm not talking about removing firewalls...access control is a necessity in any network that's open to the public (I think I even mentioned having a firewall in what you responded to). What I'm talking about is the perversions that NAT forces us through.

Suppose we were talking about a different protocol...should we have no choice but to use proxies for any given protocol just because we want to connect to it on more than one machine in a given network?

Again...NAT solves the problems that ISP's have. It ensures that they can continue on without making significant changes, and lets their customers make outbound connections pretty easily, most of the time. It does so by removing the ability of any machine on a given network to be a peer simultaneously with other wanna-be peers if they're behind a NAT device.

NAT is an artful hack, and it has spawned many other artful hacks (virtualhosts, name-based and otherwise, being examples), but why would you want to make things complicated and restrictive when they can be simpler and open?

There comes a time when you're just arguing to argue. I know, believe me (been there, done that). Drop me a note when you've had your own moment of clarity.

A story

[MightyMartian]

"Tell me, Grandpa, what was it like in the days of IPv4?" young Suzy asked as she played with the IP wireless transmitters in her golden locks of hair.

"Well Suzy," Grandpa said, his mind on the distant past, "back then we only had 32 bit addressing, and much of it was provisioned out to various regional entities, with large corporate interests sitting on whole chunks of the space. We had these things called NAT routers."

"Sounds scary, Grandpa." Suzy shivered.

"It was." Grandpa replied. "The first NAT routers could only support FTP and IRC, and folks using some chat programs could barely get their software to work at all. Still NAT did okay, for a while."

"Then what happened Grandpa?" Suzy asked, enthralled.

"Well, as I recall, the first problems came when handheld wireless devices became more common. They had to sit behind various other networks, without direct connectivity. Proprietary solutions abounded, and connectivity was in the hands of large corporate communications giants. Everyone knew that IPv4 had been in trouble for many years, but some folks said 'NAT's all we need' while others didn't think there was a crisis at all, and even if there was one coming, it was nothing to worry about."

"But there was, wasn't there Grandpa?" Suzy knew the best part of the story was coming.

"Very much so." Grandpa said after a moment. "You see, even with NAT and various other networks between the IPv4 network and the average person's devices, the Internet was growing too fast. The limited supply of IP addresses as beginning to slow the expansion of the Internet. Finally, with the great IP Famine of '18, we had no choice. IPv6 was rolled out. Some folks were mad, because they had put their heads in the sand and refused to recognize the problem had been coming for a while. It costs those people lots of money, and some either had to put up with being stuck behind NAT routers and losing out on new functionality or simply going out of business."

Suzy laughed. "They were very silly people, Grandpa!"

Grandpa nodded. "Yes, they were, but most of us survived. Now it's time to go. Don't forget your data glasses and your book tablet. The last flight to Tokyo leaves in an hour, and I promised I'd get you home before dinner."

Re:Why not give PEOPLE addresses?

[Sharkeys-Day]

If you're arguing that they're equivalent, or something like that.

I am, actually. You should have quoted my next sentence, which explains that they are all the same (i.e. invisible) to the end user, who doesn't even want to know about IPv4 or IPv6 addresses. "google.com" gets him where he wants to go, and everything else is implementation details.

And as a home user, it may be a bit annoying to me too, but it is still just implementation details. Set it up once, and I'm done. Now I actually have to build that website...

Most corporations don't suffer from the dearth of IP addresses that the rest of us do, and my goal is not to get around security that's in place on purpose.

Actually, 99.99% of of corporations do suffer from the same lack of IP addresses. But NAT and firewalls have solved that problem for them, and most are actually happy for the extra guarantee that their internal traffic cannot be accidently routed over the network at large.

You keep bringing up the work-arounds that are already in place, and while I agree that they work all right for the way we use the net right now, making them go away could open the door to new ideas, new functionality, and a whole new experience for everyone.

That may be true. But vague hopes are not going to convince anyone to switch to IPv6.

You cannot ignore the needs of large corporations, because IPv6 will not be widely adopted until they get on board. The bigger address space is not convincing them, because they are going to keep their firewalls whether they NAT or not, so the proxy is not going away. They need another, better benefit before they will adopt IPv6.

I'm not arguing that more addresses are bad, or that we should NOT adopt IPv6. I'm simply asking for another reason, any other reason, why we SHOULD adopt IPv6.