Slashdot Mirror
U.S. Government to Adopt IPv6 in 2008
IO ERROR writes "The U.S. Government is set to transition to IPv6 in June 2008, according to Government Computer News: 'In the newest additions to the IPv6 Transition Guidance, the CIO Council's Architecture and Infrastructure Committee has provided a list of best practices and transition elements that agencies should use as they work to meet the deadline. The latest additions, (MS Word) released in May, are a compilation of existing recommendations and best practices gathered from the Defense Department, which has been testing and preparing for the transition for years, the private sector, and the Internet research and development community.'"
That word document has 37 pages, 12,946 words, 74,666 characters, and 564 paragraphs. I think there's enough detail.
Wouldn't IPv6 basicly be deployed when 51%> adopt it? If the commercial world doesn't accept it then the goverment will be on it's own and that won't fly too well.
There's no place like ::1
hello dear sirs my name is jamesh i are india (bihar) can u guide me install red had linux 9?
I'm curious as to whether there are any reliable stats out there about the availability of IPv4 address space and how it has changed over time. The widespread adoption of hide-mode NAT has allowed companies, universities and the like to move thousands of computers out of the public address space, freeing up large blocks of public address goodness. Cripes when I think about what I got away with in university, hooking my desktop up to the local LAN, getting a public and ........
CommentBot 0.7a running with args "-module irritate,disagree -target random"
As the CIO Council and Office of Management and Budget help map out the June 2008 transition to IP Version 6, perhaps the biggest challenge is that they're entering unfamiliar territory.
In the newest additions to the IPv6 Transition Guidance, the council's Architecture and Infrastructure Committee has provided a list of best practices and transition elements that agencies should use as they work to meet the deadline.
So the government has a year-and-a-half to meet this deadline? Forgive the cynicism, but given that they have a loose set of guidelines and so many systems that would need conversion, I think they're being a tad optimistic. Kudos for trying this, but I won't be surprised when it takes until 2010.
GetOuttaMySpace - The Anti-Social Network
I haven't had the time yet to read over the specs and try to figure out what the downsides and hassles for the rest of us will be with IPv6, but I'm sure there are slashdotters out there who have taken the time to figure out where the problems and issues are.
If those of you out there who understand those issues could make a few posts here I would greatly appreciate it.
Thank you.
This is a big step forward for IPv6 adoption, but I think the next major step will be by the cable companies. They want every set-top-box or cable TV to have two way communication and be fully addressable. Where else would they get the address space needed for that? IPv6 solves a lot of the problems they have with addressing that may devices. That will probably be the first way IPv6 gets into most of our homes.
Digitac
Anyone not having access to an IPv6 network, say because you are behind a NAT, and are wanting to try out IPv6, because it is in your blood to do so, I recommend giving Miredo a go. If I suggest this one over other solutions, is because of the number of platforms supported (including, Linux, Windows, MacOS X, BSD). There is Freenet6, but it won't work from behind my NAT with MacOS X.
Jumpstart the tartan drive.
If this transition goes anywhere near as well as that time the US Government resolved to convert the US to the metric system in the 1970s, then... well, we'll all have a lot more time to play solitaire.
Slashdot Burying Stories About Slashdot Media Owned
Why not? Nixon put a man on the moon, then was caught breaking into democratic headquarters.
try { do() || do_not(); } catch (JediException err) { yoda(err); }
needs the extra addressing space for all of the servers used for domestic internet spying...to stop them thur ter'ists!
I don't know what IPv6 is but I'm assuming because it is on Slashdot and it involves the government I should be against it.
So they slid it out. Wasn't it originally mandated to have already happened? I wonder how many times they are going to continue sliding it before it actually happens.
The real problem is unfunded mandates. Great mandate, but without money behind it, it ain't gonna go anywhere.
Slashdot.. where people join together in deliberate ignorance.
Now if only someone would slap around ComCast and get them using IPv6 natively.. or all USA ISPs for that matter.. There is zero choice for native IPv6 where I live unless I want to colo @ Hurricane Electric :(
-=[ place
How about having a scheme like the following: If I have, say, the single address 111.222.333.444 (it's not a valid IP address, I know), and have more than one thing I want to plug in, I just append another dot and create a new sublevel. I get 111.222.333.444.1, 111.222.333.444.2, etc. There is no limit to it.
The downside I can think of is that it will probably be slightly more work (and thus slower) for the machines on the net that reads the address on packets to send them in the right direction (I believe they often do it in hardware). But I think it could be worth it, don't you?
Swedish plasma phys. PhD student; MSc EE; knows maths, programming, electronics; finance interest; seeks opportunities
The good news: long term, I think IPv6 is desirable. Thus, I like seeing a large organization pave the way. Let them get the kinks out. Let them find out what all goes wrong. Let them blaze the trail so we can ride on their coattails. Let them incur the big expense.
The bad news: Wait a minute. "Them?" Oh shit, it's the US government. I'm a US citizen. Argh, that's my expense. D'oh!
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Did anyone look at the deffinition of IPv6 capable for the requirement? As far as I understand it by 2008 an agecny must be able to pass ONE IPv6 packet to their ISP. There is no requirement of the ISP being able to handle it or for their internal network to be running IPv6. Can anyone refute this?
It's the new, boosted, PATRIOT Act: Intellectual Property version 6
Swedish plasma phys. PhD student; MSc EE; knows maths, programming, electronics; finance interest; seeks opportunities
You think that's bad. This article mentions getting info to transition to it from the US DoD....and this /. article is the first time I've heard anything about the DoD pushing to transition to IPv6!!!!
Heck...we're rebuilding systems from scratch in some cases post Katrina, and yet nothing is mentioned to us about trying to do anything with IPv6.
Light travels faster than sound. This is why some people appear bright until you hear them speak.........
No thanks. I'd rather have cheap high speed internet than have to worry about the increased bills due to switching the entire system over at once. That would be extremely expensive. Not to mention they'd piss off a bunch of home users who would have to replace all their equipment (routers and such) with IPV6 hardware. There's probably a lot of people still running OSes that don't support IPV6.
Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
I hope it goes more efficiently than our switch to the metric system.
I remember when the government mandated the switchover from TCP/IP to ISO protocols. The acronym for that was GOSIP.
Computer industry vendors spent serious money preparing for the August 1990 adoption deadline.
They had to implement the ISO protocols or risk not being able to sell their systems to the government (always a major customer).
The revised date for adoption is never.
The worst part about doing government contracts was dealing with all the folks that say:
"We can't design this around TCP/IP, the government is mandating ISO."
"We can't solve problems by using the same kind of thinking we used when we created them." -- Albert Einstein
yes, the US Gov't has lots of IPv4 addresses, but the number available to everyone else is shrinking rapidly. By switching to IPv6, every man, woman, child, dog, piece of field ammunition, toast, individually wrapped piece of butter, and toy car will have an IP address. Sometimes, rarely, but sometimes, the Government works for the people. :P
Non impediti ratione cogitationus.
I suppose it's a little bit comparing apples and oranges, but if seeing how long it's taken them to force everyone to the HD TV format is any indication ... I'll place my be on 2018 or so.
I guess someone upstairs finally figured out that it's easy to track people on the net when they don't move. If everyone has their own addresses, no need to ask the isp what it is anymore, huh?
At the same time, dodging servers and going directly to your friends with encrypted comms will get easier too?
You are checking your backups, aren't you?
I am suggesting a _new_ way here, not that we all suddenly append more digits to existing addresses and continue to call it IPv4.
As for "32-bit value" vs. "four 8-bit values", I must say I wouldn't see the difference. For instance, of which type is this one: 01101001001001101010101110000010
Swedish plasma phys. PhD student; MSc EE; knows maths, programming, electronics; finance interest; seeks opportunities
My favorite part is when I heard about IPv6 in college, they had calculated that there would be enough addresses for 10 IPv6 devices for every square foot of the planet!
Then again, iPod, laptop, watch, spy bowtie, cell based processor in ring to add to an ad-hoc processing farm, robotic legs that access the net for the latest dance moves... whew that's only 6. Then again, what about the guys who live above me!
Which firewalls can currently be used to filter, log, and block ipv6 traffic?
IPV6 definitely has been around for many years now, but none of the windows firewalls I've downloaded seemed to have any kind of configurations for logging or filtering ipv6. Sure that's 2 years away, but unless I overlooked a firewall (there are so many for windows) or they use some kind of open source package that probabbly has ipv6 firewall capability already. i have to wonder how they're going to keep secure.
https://www.gnu.org/philosophy/free-sw.html
And get ourselves out of the worse-than-tenth-in-the-world pit.
I think IPv6 is a great, but I personally believe it's too early for the government to switch over. They should really wait until this technology is widely used and tested and would definitely give Microsoft another 4-5 years to iron out at least 90% of the bugs caused by addition of IPv6 before I would even think of putting a Windows box on a IPv6 network.
Can you imagine government running Windows on an IPv6 network? Pretty scary...
I suspect this will be about as successful as the DOD's old policy of only doing development in Ada. Let the waiver requests begin!
The Army reading list
Swedish plasma phys. PhD student; MSc EE; knows maths, programming, electronics; finance interest; seeks opportunities
Is these people don't seem to understand the befits of a PDF...
As for "32-bit value" vs. "four 8-bit values", I must say I wouldn't see the difference.
There is no difference! A 32-bit value yields 2^32 possibilities (4294967296) and 4 8-bit values yields (2^8)^4 possibilities (also 4294967296). Whatever way they are transmitted in the IP packet is irrelevent... an address 192.168.0.1 can be represented as 0x0100A8C0 in a 32-bit value or 0xC0 0xA8 0x00 0x01 in 4 8-bit values...
I am suggesting a _new_ way here
You are essentially trying to solve the same problem that IPv6 already solves... the limit on the number of hosts that the protocol will support. Hate to say it, but all that brain power has gone to waste mulling over this one...
# man tar
Yes, that was my first thought too. After all, if all the systems need to be replaced, then that would be a great time to slip in DRM and various backdoors, now wouldn't it ?
Forget magic. Any technology distinguishable from divine power is insufficiently advanced.
Not to mention they'd piss off a bunch of home users who would have to replace all their equipment (routers and such) with IPV6 hardware. There's probably a lot of people still running OSes that don't support IPV6.
Where did DavyGrvy mention turning off IPv4? They work together, you know. Do even Slashdotters not understand that adding IPv6 to a network does nothing to reduce IPv4 connectivity? It's win-win.
IPv6 tunnels over IPv4. IPv4 tunnels over IPv6. Machines running IPv4 can talk to machines running IPv6. Machines running IPv6 can talk to machines running IPv4.
IPv6 still has issues, to be sure, but interoperability with IPv4 isn't one of them.
Socialism: a lie told by totalitarians and believed by fools.
Thank you very fucking much. That brought my high from seeing this news down pretty damn quick.
Technoli
How many Comcast customers even know what IPv6 is, much less want to use it? That explains why they don't care. Hell, I don't care and I do know what it is. The great myth of the IP address shortage is about as scary as Y2K.
If one would want some empirical perspective on how much impact this has on the world in general... the U.S. government adopted a best-practices and recommendation for computer contracts in the late 80s requiring all systems be POSIX compliant. While you can make the technical argument NT/XP is POSIX (.1), it's hardly a nudge in the direction technology decidedly went (i.e., Windows became dominant anyway).
I remember back in '73 when the US announced that we were transitioning to the metric system.
I hope this time it works better.
Since ipindex.net is down and now parked domain, flumps.org has a mirror at http://www.flumps.org/ip/. It may be a little out of date, but it's still interesting to look and see who has which type of network.
Per Square Mile, a blog about density
Interest in IpV6 has stagnated since 2001.
y =ipv6_meme_flatlined_for_five
If the U.S. Government is about to push a major IpV6 initiative, there could be some money to be made here.
http://www.realmeme.com/roller/page/realmeme?entr
A simple question, to show the state of the internet in general with regards to IPv6:
Can you get Slashdot over a pure IPv6 connection? That is to say, send an IPv6 datagram, with an IPv6 header, all the way from some computer at some location on the Internet backbone, and have an IPv6 datagram, with an IPv6 header, arrive in the network stack of http://slashdot.org?
Bridging from IPv6 to IPv4, so that an IPv4 packet arrives at the server is not allowed.
Now, tell me again: are we ready for IPv6?
www.eFax.com are spammers
Oh, that would be a really _broken_ implementation.
Half the software in the world that is aware of addresses treat an ip address as an int. Anyone who sticks an address in a database sticks in in a four byte field. Just transitioning to a fixed 16-byte address is more painful than the whole Y2K mess in my experience.
In any case, you can't work with a string of unbounded length in any meaningful way anywhere that performance matters. How big do you make your buffers? The IPv6 address space is big enough (something like a million addresses per square centimeter of the Earth's surface?) unless we choose a particularly stupid way to carve it up. We shouldn't need to expand it further.
The legions upon legions of buffer overflow exploits that would follow a string-based IP address standard would be colorful, however.
Socialism: a lie told by totalitarians and believed by fools.
Are you volunteering? I'm sure they could send you there right now... can't ensure you'll make it there alive and stay alive very long.
"22 astronauts were born in Ohio. What is it about your state that makes people want to flee the Earth?" Stephen Colbert
Given how many problems with IPv4 this new revision solves and that a thorough look was taken at the protocol in its entirety, of all things, I'm surprised *geeks* usually just try to find reasons to not like it. Sure, admins may need to retrain, and there'll be infrastructure costs, but since when did geeks stop looking at positive evolution as being bigger than these things?
There's also always a lot of FUD spread around this matter, and one can find it even in this topic, for example IPv6 increasing routing complexity. IPv6 uses hierarchical address ranges *and* is modularized so there's not just less complexity, but even less *traffic* to route unless using more advanced features of IPv6. After the transition, IPv6 is better for your routers.
NAT's also seem to be a common enough argument against IPv6 that someone should have written a damn "Why NAT's won't solve address space issues" FAQ to uninformed people already. There is something similar enough for that though.
Anyway, instead of just ranting, here's a document about some of the changes IPv6 makes. Maybe especially this part is educative to some.
Beware: In C++, your friends can see your privates!
If Comcast want to provide any sort of filtering, which may be required for authentication/accounting as well as protection/control, they'll need DOCSIS 3.0 (which is supposed to support IPv6). Which requires new headend equipment, new modems, and new provisioning systems. Of course, you get other good things with DOCSIS 3.0, like >= 100Mbps symmetric bandwidth. But since that requires extra RF tuners in the modems, it's not something that can be done with a firmware upgrade.
It may be possible to firmware upgrade existing DOCSIS 1.1/2.0 modems to just support the enhanced IPv6 features of DOCSIS 3.0---I really have no idea at this stage.
They could always support 6in4 tunnels, which would be a good interim step, but that is hardly something that will work seamlessly for the average naive user.
Then there is the IPv6 support that will need to be added to all the cable/DSL routers. An opportunity to sell more kit I suppose...
Protoplasm. Quiet Protoplasm. I like quiet protoplasm.
See this mailing list message, which points to this PDF presentation.
Google, if you're reading this (of course you are), you could do the same too. In the UK? Get your 2^64 addresses here.
Cue all the "we like things as they are" people moaning about how large the addresses are, and how they don't want their fridge to have an IP address, and how great NAT is.
Get your own free personal location tracker
>The latest additions, (MS Word) released in May,
I, for one, am annoyed (again) at the posting of a propretary file format by the government. Have they YET to hear of PDF or ODF? Wish I could even see what the "cio.gov" site is supposed to be, but it is slashdotted into the next year and falling apart (appears to be running under some obsure MS-Windows 2000/IIS thing).
Double-or-nothing that it's after all TV broadcasters drop the present "Standard Definition." 4:1 that it's when Duke Nukem Forever comes out (they will be bundled - I don't know how, but they will be)
No they do not coexist. IPv4 clients can live in a IPv6 networks, but IPv6 clients will never work properly in a IPv4 network, they IPv6 routers and servers.
If your applications can't figure out within a millisecond that you have no IPv6 routes, something's wrong, and it's not IPv6.
How is it “win-win”? It costs money and effort for every administrator of a computer on a public IPv4 address to also acquire and enable a public IPv6 address. What exactly is their reward for spending time setting up useless IPv6 addresses their perfectly functional IPv4 machines?
Do you realize that all this added cost and complexity could have been avoided if the IPv6 designers had simply designed the IPv6 address space as an extension to the IPv4 address space, rather than an alternative to the IPv4 address space? Interoperability with IPv4 is the single largest issue preventing adoption of IPv6. Please see The IPv6 mess for much more detail.We're going to less than 1 i.p. address per human to 50 octillion i.p. addresses per human.
Since it will no longer be practical to ban by i.p. addresses other measures will be required.
Perhaps some investment of difficulty per granting of anonymous account equivalent to the old i.p. addresses can be imagined by someone brighter than myself. (My best idea so far is the silly notion to have the account granter watch the new account doing something strenuous over videophone.)
Given example like Wikipedia trying to ban 1 persistent disinformation defacer being impossible due to AOL i.p. rotation, this obsolesence of i.p. banning may come as a good thing. Can somebody imagine something like an anonymous free certificate scheme for pseudo-identities? Maybe $10 donation to charity gets you 1 "passport" account..
If you need text styles to communicate then you don't have a message.
Apparently this IPv6 stuff is considered so valuable, Carlyle group and others have invested 10s of million in captial to start up a company called "Command Information" www.commandinformation.com to work solely on IPv6 deployment, applications, and training. Carlyle guys are smart and waaaaaaaay conservative so they must see a good opportunity here.
"As for the future, your task is not to foresee it, but to enable it." - Antoine de Saint-Exupery
Private networkspace will only go so far, and NAT solutions are great for running clients behind firewalls but not ISPs.
Non impediti ratione cogitationus.
Citing Bernstein's page is a handy way to show what the crazy people think. ;) He's wrong, of course, though he can write a stable mail server.
Just set up your servers with single stack IPv4/6 and listen on the v6 port, and you're done (or listen on the same port on a dual-stack implementation if you liek doing things the hard way). Clients can connect on the v4 port without ever knowing that they've been tunelled through v6. Or, clients can connect IPv4 to their ISP, get tunnelled in v6 at that point, and no one has to care. It's a nice smooth transition. No reason to ever remove the IPv4 adresses for existing machines.
There's no reason not to at least try to put your server applications on IPv6 today. Mostof them, will crash, of course, since they want an IP address to be an int, but that's an application problem not an interoperability problem. We already knew that most code sucks.
Socialism: a lie told by totalitarians and believed by fools.
If you don't have IPv6 connectivity, then don't set a default route. Applications using IPv6 first (as they should) will instantly fall back.
If the Linux distributions you tried indeed suck in that way, they are broken. Maybe try a BSD whose IPv6 stacks are mature, enabled by default and whose base applications all understand IPv6 out-of-the-box. No need to enable or fiddle with anything. If you have IPv6 connectivity, enable your tunnel or native PPPoE connection, set a default route and off you go.
Of course it runs NetBSD. BTC: 1NT7QvbetmANwaMzhpVL6
Are you saying Y2K wasn't scary ? I'm sure there are lots of people in the US who haven't yet finished all the sugar and pasta they bought back then...
Granted it was needlessly scary, but to a lot of uninformed people it was quite scary all the same.
May contain traces of nut.
Made from the freshest electrons.
No, I'm not “done.” I still need to
or else IPv6 clients won't be able to connect to my server.
Besides, you missed Bernstein's point. If you're asking me to configure extra options, you've already lost. His solution to the address crunch is better that the current IPv6 specification because he has come up with a way to make the transition to 16-byte addresses happen automatically as part of regular software/hardware upgrades, with no extra configuration.
What are you trying to argue? That an automatic transition would be a bad thing? That an automatic transition has higher costs associated with it than a nonautomatic transition? I suggest you reread The IPv6 mess carefully.
The IPv6 mess explains why a fundamental mistake on the part of the IPv6 designers has had giganitc effects on the cost of making an IPv6 Internet work in practice.
Couple of points...
Internet2 (the network that connects most Universities in the U.S. and peers with other research networks) has been IPv6 for YEARS.
I REALLY wish the Azureus and utorrent people would build IPv6 capability into their clients. Many IPv6 equipment has not had the traffic to stress test the software. v6 bittorrent capability on I2 would generate LOTS of traffic so v6 vendors can see how their equipment handles it.
There is a couple of clients (not major ones) that report having v6 in them, but most people don't use them.
Without a pressing need, an organization will not deploy it. It's as simple as that. DOD has specific needs that IPv6 will help them address.
Comcast is a good example of how IPv6 will be deployed. As needed, only when needed (there is another message here with a PDF from comcast at nanog). Organizations in the Far east have a need because they have plans to stick an address on every cell phone, and device within china, Japan, Korea, ect. The ammount of space AVAILABLE for them to grab is inadequate for these purposes.
At the moment I just can't think of anything that would really move v6 adoption forward (in the States)
This avoids the messiness of manually configuring routers and allows entire networks to be mobile. The prefix doubles as both address and routing instructions.
IPv6 follows the philosophy of one address per interface. This can be a physical interface, a virtual interface, whatever. Doesn't matter. The machine does not have an actual address, only the interface does. (Although this is technically true on IPv4, it gets very fuzzy at times, with such concepts as 'hostnames' that are associated with an IP address. With IPv6, an effort has been made to avoid this confusion, although they could probably have done better.)
This association of a port, rather than a machine, with a number is how multipath and peering can be supported on a discovered network. There is absolutely nothing to prevent an IPv6 router from having multiple upstream connections - it will simply have multiple prefixes, one for each. A peered network is simply one where the usual router discovery and prefix collection takes place, but the prefix is not propagated past that network interface.
There is generally no reason to be concerned with MAC addresses on the IPv6 network. IPv6 uses IPSec - generally end-router to end-router, so no person between those two points can see the MAC address (or IP address) of either source or destination. It's in the encrypted payload and is only visible on the LANs at the far end. There's nothing to stop you from creating virtual devices, of course, with the physical network device IPSec'ed to the router, carrying the virtual network. Then, even at the remote end, what they will see is the virtual MAC and virtual IP. The physical address would never get past the first segment.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
http://outcampaign.org/
Just think about it: if the military starts using it there will be vast opportunities to sell us new "stuff" (technical term :-). As soon as vendors realise that you will suddenly find that support for "legacy" will expire - you know the drill. And if the US goes that route, many nations will have to follow to remain 'integrated'..
:-).
As for the military - not everything can be upgraded so someone will be making a fortune out of the 'legacy' kit as well.
Just follow the money and the answer becomes easy.
BTW, it's not really news. I have been costing IPv6 conversions a good 2 years ago as it was easy to predict - I'm glad to see we estimated the year dead on
Insert
True, it won't be "pure IPv6"; but who (besides purists) gives a hoot? Saying that you can't NAT in IPv6 is equivalant to saying you can't multitask in IPv6. If you believe that we can't NAT 3 computers, where...
a) - Mom is listening to streaming internet radio on her computer
b) - Dad is madly typing in messages on Slashdot
c) - Geeky son is downloading latest linux updates
Then how would we handle the situation where I'm listening to streaming internet radio, whilst madly typing in messages on Slashdot, and I have linux updates downloading in the background?
If we can do one, we can do the other. Another use for NAT is that you can have a NATting router with 1 external IPv6 address, and multiple LAN-side IPv4 addresses. This means that when IPv6 comes out, you don't throw out all your PCs and all their software. You simply hook them all up to a 4-to-6 NAT-gateway. The outside world sees one IPv6 address with someone multitasking like crazy, and behind the NAT-gateway you've got 3 people running "old-fashioned" IPv4 software+hardware.
The best analogy would be a set-top box that converts Digital TV to old-fashioned NTSC, and allows you to keep on using your old TV set even after the Digital TV switchover.
In both cases, as the customer eventually gets around to buying new equipment (computer or TV) they can get rid of the translation device when it's not required.
I'm not repeating myself
I'm an X window user; I'm an ex-Windows user
...otherwise known as IP v11. Exploding drummers and all.
Politics is the art of looking for trouble, finding it everywhere, diagnosing it incorrectly and applying the wrong fix.
You don't have to turn off IPv4 when you turn on IPv6. On a well designed OS, your applications can just liusten on the IPv6 port and the OS amkes the magic happen. The IPv4 client doesn't know that the application is IPv6, and the application doesn't know that the client is IPv4.
The tunneling wuld only be interesting when you want to drop IPv4 from your networking infrastructure and only route IPv6, which is clearly not something you'd want to do any time soon.
Socialism: a lie told by totalitarians and believed by fools.
I always understood that the IPv6 implementation of multicast is better and that migrating to v6 will finally make it possible to use it over the internet. This just has to enable a whole lot of new (multimedia) applications!
Or will mutlicast still be a pain?
And this is a problem why? If it's not practical to run a simple script and give every machine an IPv6 address one day (because of change control or other external restrictions), leave existing machines alone until you need to service them for other reasons. When you do touch a machine for some other change, add the script that gives it its IPv6 address. In a year or two, round up the few servers that still need IPv6 address and complete the circle.
There's no need to turn IPv4 off any time soon, but the transition is easy enough if you get all your servers to support both v4 and v6 for a few years while the client upgrades slowly happen.
Bernstein thinks that there's no point in having IPv6 until *everything* has IPv6. That's just false (but then he loves to make extreme statements). When the average home user can reach an IPv6 address without knowing what "IPv6" means, his "magic moment" will happen. It doesn't require *all* machine to support IPv6, it just requires *enough* machines that IPv6 becomes the defacto standard. If Microsoft enables IPv6 by default in Vista this will be the case in 3-5 years, depeding on adoption.
Socialism: a lie told by totalitarians and believed by fools.
Converting to and convincing the world to adopt IPv6 is probably most advantagious to the NSA, especially with IPv6 being outright beligerant about having any form of NAT (network address translation - the 192.168.x.x and 10.x.x.x domains designated for LANs) over IPv6 (though it's been done). IPsec's Authentication Header is actually designed to not work through NAT, which is why it is often ignored or re-encoded at the router. The idea of IPv6 is everyone gets a unique, identifiable address no matter where you are or how you connect. When you use the built in security transmission, you can guarantee transmissions from sender A were sent by sender A when sending encrypted data because the address in the header itself cannot be modified from start node to end node. If the routing is changed at all (like under NAT), the Authentication Header becomes invalid.
Basically, IPv4 with NAT is the NSA's worst nightmare - you've got these hidden pocket networks that you can't trace down to an individual machine. With open wireless nodes, that means a terrorist could walk into a cafe and send a message to their cell and unless the NSA arrives when the message is being sent, they have no way of tracing it back to the sender once the sender disconnects.
OTOH, IPv6 as designed is a nightmare from a privacy standpoint and has huge potential for abuse. I for one don't trust my own government because they have completely tossed away civil liberties in their witch hunt for terrorists. Back in the '70s I remember the whole communism is everywhere paranoia, and I suspect that was even worse in the '50s with McCarthyism. The thing is, I remember in the '70s if you checked out certain books from the library (e.g. Hitler's Mein Kampf), the FBI immediately put a 'watch' on you (the freedom of information act revealed this practice). Do you want that level of paranoia returning? I think it already has. I suspect if you may visit an Al Qaida web site by link from a news site you're immediately investigated by the NSA as a suspected terrorist by an automated system. This is the same group that wanted to evaluate every phone conversation by every American by an automated system, so I don't think it's even vaguely beneath them. If anything, I'm probably under-paranoid because I don't feel I have anything to hide, though I don't want them snooping under old rocks (you brought [smoke] BOMB PLANS you found on a BBS to school when you were 13?!? definitely gonna grow up to be a terrorist).
PS. I'm pretty sure "octillion" is not a real number. Please stop making stuff up and use the proper terminology like I do.
You're surely wrong... and lazy. This is the second result on google for octillion.
And it's nothing new. I could've told you that decades ago.