Slashdot Mirror
IPv6 Essentials
Carla Schroder writes "IPv6 is halfway here, so network administrators need to learn their way around it whether they want to or not. Adoption has been slower in the United States because we possess the lion's share of IPv4 addresses, but even so, someday IPv4 is going away for good. And, there is more to it than just increasing the pool of available addresses. IPv6 has enough improvements over IPv4 to make it worth the change even if we weren't running out of IPV4 addresses, such as built-in IPSec, simplified routing and administration, and scalability that IPv4 simply can't support. We're moving into gigabyte and multi-gigabyte backbones, and high-demand real-time services like voice-over-IP and streaming audio and video that require sophisticated QoS (quality of service) and bandwidth prioritization. IPv6 can handle these, IPv4 can't." Read on for the rest of Carla's review.
IPv6 Essentials, 2nd Edition
author
Silvia Hagen
pages
436
publisher
O'Reilly Media, Inc.
rating
10
reviewer
Carla Schroder
ISBN
0-596-10058-2
summary
practical, in-depth guide to implementing and administering IPv6
IPv6 Essentials, 2nd edition, by Silvia Hagen, released in May 2006, is a well-written, clear, up-to-date guide to understanding IPv6 in-depth. This is a real accomplishment, because computer networking protocols are completely abstract, and translating all of these abstractions into understandable language is a noteworthy feat. The book explains how it all works to a very practical depth, so that the reader will be well-prepared to begin implementation.
What it does not cover is the specifics of configuring network devices, such as routers, switches, and interface cards, and this is not a flaw, because those things are platform- and vendor-dependent. Having a solid understanding of the protocol itself is more important, and something that is sadly lacking even in today's IPv4 world. The Internet would be a better place if more network admins would take the time to learn IP fundamentals.
Ms. Hagen does a nice job of covering the following topics: Strengths and advantages, such as auto-configuration, and good-bye to NAT, The structure of the protocol itself, including header format, Improved security, Real genuine QoS, Simplified routing, Co-existence with IPv4, Painless mobile networking, and Addressing. Addressing is one of the scariest parts. When you're used to slinging around something like 192.168.1.100 with ease, coming eye-to-eye with something like this, 3ffe:ffff:1001:0000:2300:6eff:fe04:d9ff, is a bit disconcerting.
But fear not, for Ms. Hagen dissects IPv6 addresses clearly and in detail, showing that they have a logical, consistent, understandable structure. For example, the first quad (3ffe) tells you that this is a 6bone.net address, so it is already obsolete because the 6bone closed down in June 2006. Other prefixes tell you if it is a private address, link-local, site-local, and so on. The book lays this all out in tables, and explains what each one is for.
How would you like to retire your DHCP servers permanently? No problem. IPv6 auto-configures hosts all by itself, or you may exercise as much control as you like. Ms. Hagen explains the various options- link-local, site-local, stateful, stateless, neighbor discovery, and so forth, and what you can do with them. For example, with IPv6 you can whip up an ad-hoc LAN with hardly any effort, and without needing special servers or client software.
Security is built-in to IPv6, instead of bolted-on as it is for IPv4. However, IPSec (IP Security) is still largely untested and unproven on a number of levels, so the book discusses both the pros and cons.
The book covers the problems, hassles, and compromises that come with using NAT (network address translation). We're used to it now, but sometime down the road we're going to look back and think "Wow, that was one big fat pain. Good thing it's gone."
The chapter on Mobile IPv6 is almost worth the price of the book by itself. IPv6 supports both wired and wireless mobile users in an elegant, hassle-free way. Say good-bye to setting up multiple profiles, or hassling with scripts. Roaming users can keep the same IP as they travel — across different networks, wired to wireless- anywhere they go. This little bit of magic occurs because IPv6 assigns them multiple IPs. One is the home address, which is permanent. A second address is the care-of address, which changes as the user moves around. Of course there is a lot more to it that just having multiple addresses, and like everything else in this book, Ms. Hagen explains how it works clearly and understandably.
The book is abundantly illustrated in the usual quality O'Reilly fashion, and the illustrations are invaluable for understanding the material.
We're at the stage where IPv6 support is pretty much universal- you can count on both network hardware and software supporting it. So the network administrator only needs to focus on learning the ins and outs of implementation. I recommend IPv6 Essentials as an essential reference, and a great starting point for mastering IPv6.
You can purchase IPv6 Essentials, 2nd Edition from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
IPv6 Essentials, 2nd edition, by Silvia Hagen, released in May 2006, is a well-written, clear, up-to-date guide to understanding IPv6 in-depth. This is a real accomplishment, because computer networking protocols are completely abstract, and translating all of these abstractions into understandable language is a noteworthy feat. The book explains how it all works to a very practical depth, so that the reader will be well-prepared to begin implementation.
What it does not cover is the specifics of configuring network devices, such as routers, switches, and interface cards, and this is not a flaw, because those things are platform- and vendor-dependent. Having a solid understanding of the protocol itself is more important, and something that is sadly lacking even in today's IPv4 world. The Internet would be a better place if more network admins would take the time to learn IP fundamentals.
Ms. Hagen does a nice job of covering the following topics: Strengths and advantages, such as auto-configuration, and good-bye to NAT, The structure of the protocol itself, including header format, Improved security, Real genuine QoS, Simplified routing, Co-existence with IPv4, Painless mobile networking, and Addressing. Addressing is one of the scariest parts. When you're used to slinging around something like 192.168.1.100 with ease, coming eye-to-eye with something like this, 3ffe:ffff:1001:0000:2300:6eff:fe04:d9ff, is a bit disconcerting.
But fear not, for Ms. Hagen dissects IPv6 addresses clearly and in detail, showing that they have a logical, consistent, understandable structure. For example, the first quad (3ffe) tells you that this is a 6bone.net address, so it is already obsolete because the 6bone closed down in June 2006. Other prefixes tell you if it is a private address, link-local, site-local, and so on. The book lays this all out in tables, and explains what each one is for.
How would you like to retire your DHCP servers permanently? No problem. IPv6 auto-configures hosts all by itself, or you may exercise as much control as you like. Ms. Hagen explains the various options- link-local, site-local, stateful, stateless, neighbor discovery, and so forth, and what you can do with them. For example, with IPv6 you can whip up an ad-hoc LAN with hardly any effort, and without needing special servers or client software.
Security is built-in to IPv6, instead of bolted-on as it is for IPv4. However, IPSec (IP Security) is still largely untested and unproven on a number of levels, so the book discusses both the pros and cons.
The book covers the problems, hassles, and compromises that come with using NAT (network address translation). We're used to it now, but sometime down the road we're going to look back and think "Wow, that was one big fat pain. Good thing it's gone."
The chapter on Mobile IPv6 is almost worth the price of the book by itself. IPv6 supports both wired and wireless mobile users in an elegant, hassle-free way. Say good-bye to setting up multiple profiles, or hassling with scripts. Roaming users can keep the same IP as they travel — across different networks, wired to wireless- anywhere they go. This little bit of magic occurs because IPv6 assigns them multiple IPs. One is the home address, which is permanent. A second address is the care-of address, which changes as the user moves around. Of course there is a lot more to it that just having multiple addresses, and like everything else in this book, Ms. Hagen explains how it works clearly and understandably.
The book is abundantly illustrated in the usual quality O'Reilly fashion, and the illustrations are invaluable for understanding the material.
We're at the stage where IPv6 support is pretty much universal- you can count on both network hardware and software supporting it. So the network administrator only needs to focus on learning the ins and outs of implementation. I recommend IPv6 Essentials as an essential reference, and a great starting point for mastering IPv6.
You can purchase IPv6 Essentials, 2nd Edition from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
So, does that mean we're using IPv5 now?
Author of Enyo: Up and Running from O'Reilly Media
IPv4 is still going strong.
Everytime I see QoS mentioned I get a little feeling that we are being had. Based on the needs of customers, VOIP and streaming video should be prioritized ahead of non-time-sensative packets. Yet you know ISP's actually prioritize in reverse. They actually put hardware in place that throttles VOIP and Streaming Video traffic. I wish I could give ISP's a good figurative slap on the back of the head!
The review links to B & N, but I see that Amazon has it cheaper through their third-party sellers. One wonders why Slashdot keeps linking to B & N if it's always more expensive than other options.
isn't it gigabit and multi-gigabit backbones?
gigabytes and gigabit are two completely different things
Gekido's Lair
Am I the only one that cringes whenever you see the word "genuine".
I guess it's another word that has lost it's intended meaning.
thank you m$.
Obama's legacy: (N)othing (S)ecure (A)nywhere and (T)error (S)imulation (A)dministration
And someday Britney will learn to sing and parent, and all rappers will go sign up as sunday-school superintendents.
In the meantime, the folks at the end of the ISP wires will have to spend kilo to megabucks on hardware and software upgrades, not to mention training themsleves, and training the users. Think of the millions of linksys home routers and wireless access points that will haev to be tossed out or reflashed! THink of all the books with xxx.xxx.xxx.xxx ip addresses that will be obsoleted! Lots of frustrated human-hours, even if the IP6 world will run as smoothly as the book suggests.
"When the package says 'Real Chocolity Goodness', what's that mean? No chocolate."
-George Carlin (paraphrased)
what are the most obvious benefits of ipv6? will it offer improvements on stuff like latency? is that even related to the protocol? is it even a protocol?!
"IPv6 is halfway here,"
Will it be here before or after viable fusion? What about DNF?
...Or could the problem of supposedly running out of addresses be 'addressed' (sorry) simply by adding another octet to IPv4? If I've done my math right, this would result in a 40-bit address instead of 32.
Example: 192.168.1.2.3
Or is the goal to try and push IPv6 simply because it's "better?"
I will say that V6 certainly seems to have its advantages, but I've tried (and failed) to learn its structure based on reading Lord only knows how many existing FAQs and white papers.
As far as the time frame goes: I'm self-hosted, meaning my ISP gives me a data pipe and six static addresses, and I do the rest (including DNS). When the day comes that said ISP calls me up to tell me "Hey, we're changing over to IPv6 at the end of the month (or year, or whatever), so you need to be ready for it," THEN I will start worrying about how to implement it.
Until then, V4 and NAT are working perfectly well for me, thanks.
Keep the peace(es).
Bruce Lane, KC7GR,
Blue Feather Technologies
Not in my daughter's lifetime. And she's 2.
Back in the day, the 8080 architecture had 16-bit addresses, which limited you to 64 KB of memory. The 8086 used segement registers to allow 16-bit registers to address up to 1 MB of memory. But data structures were still limited to 64 KB unless you were willing to slow down your access time by a factor of four or more, and sharing data between code running in different segments required even more jumping through hoops. NAT allows more devices than IPv4 can address to communicate with central servers that aren't running NAT, but setting up P2P between systems that are both using NAT is damn near impossible.
Good-bye, IPv4, and good riddance.
Nothing for 6-digit uids?
Duke Nukem Forever promises to support IPv6!
Yes, IPv6 is better. Security, QoS, transparent roaming, autoconfiguration, etc, etc. Its not just more numbers. And IPv6 can interoperate with IPv4. All the sites on the internet would still be accessible to you if you were using an IPv6 ISP instead of an IPv4 ISP. Nobody needs to stop using the internet, we just need to transition over to a new protocol ON THE INTERNET. Its like saying paved roads were stupid because everyone was already using dirt roads and all the stores were on dirt roads, so it would be impossible to convince people to move off of the existing roads, and onto the paved ones where nothing was. Nobody is making new roads, just paving the existing ones dumbass.
The summary cites QoS as a motivating feature to adopt IPv6, and this is not a good thing. The very nature of the Internet (as an end to end best effort network) makes it impossible to guarantee any sort of service. As such, the only usage of prioritization is unfairly biasing some network resources at the expense of others. This is a direct affront on network neutrality.
The only place packet prioritization and traffic shaping should take place is on private networks, where QoS can be guaranteed. Services such as VOIP and IPTV would ideally be offered over these ISP local networks at an additional cost. This is not to say that VOIP over the Internet impossible, but it should not have an unfair advantage over other Internet traffic.
The only place where things break down is in the last mile, where ISPs are selling bandwidth that does not exist. In this case, something has to give, and so they must implement unfair prioritization schemes. The obvious solution is to honestly advertise minimum guaranteed rates instead. This makes it possible to prioritize a customers own traffic as the customer wishes without affecting others. (For example, if you want VOIP prioritized to the ISP local VOIP network.)
Of course, such a scheme would still allow different speed grades, and excess capacity to be utilized. It can not be emphasized enough though that prioritization has no place on the Internet itself.
Save yourself $7.65 by buying the book here: IPv6 Essentials. And if you use the "secret" A9.com discount, you can save an extra 1.57%!
"IPv6 has enough improvements over IPv4 to make it worth the change even if we weren't running out of IPV4 addresses, such as built-in IPSec"
Why do I need IPSec on my home network? So I can give my embedded systems that extra encryption overhead? No thanks.
Stop spreading fud about tubes. Obviously IPv6 is faster because of bigger trucks.
The OMB mandated all US Government agencies be on IPv6 by June of 2008. So I think it's much closer than many realize. And while few things in government meet deadlines, you can be sure this will be seen through. Just think of the joy of paying your taxes to the IRS over IPv6 in 2009 :0
We will not switch to IPv6 until the spam problem is neutralized to a great degree. RBLs are the most effective method of stopping spam now. IPv6 would set anti-spam efforts back to the beginning almost. The larger amount of IP space would make stopping spamming exponentially more problemmatic. I urge other ISPs and networks to REJECT ipV6 until the industry cleans its own house, stops zombie PCs and spammers. Then and ONLY THEN should we consider ipV6.
No increased address space on the net until the rogue activity is controlled!!
I think back 8 years or so ago during the boom years, there was some apprehension about "running out" of IPv4 addresses, which I think drove a lot of the desire for IPv6.
I think it probably solves other weaknesses in IPv4 -- spoofing and some other cracker-ish issues that are difficult to mitigate against in IPv4.
I think, though, that it's a little like alternative fuels -- we know they're good for us, but nobody wants to bother with them until we have to.
...as long as Comcast & the telcos charge extra for additional IP addresses. And IPv6 won't stop them. NAT will still be used by people to avoid getting ripped off.
Until we have something that everyone wants and ONLY works with IPv6, we're not going to switch. That "thing" might be here today, but it seems we're all unaware what it is.
Sure, there may be things that are better, but I can do all of the things IPv6 can do with IPv4 and a slew of extra services that I'm already familar with (VLAN or service-based QoS, NAT, DNS, DHCP, etc).
I for one REALLY want IPv6 to get here, but the people who make my software and pay for my equipment won't change until they need to.
Grammer Nazis - I mod you "troll" unless you actually add something on-topic. Yes, I know I have mispellings in my sig.
IPv6 is halfway here
In other words, it's not here. Just as always.
so network administrators need to learn their way around it whether they want to or not.
I'm a system and network admin and I haven't needed to learn my way "around" it. Unless by that you mean, to "turn it off whenever possible". Which I do. Just upgraded some FreeBSD machines and made sure all the IPv6 stuff wasn't built.
Adoption has been slower in the United States because we possess the lion's share of IPv4 addresses, but even so, someday IPv4 is going away for good.
No, adoption is slower because IT SOLVES NO PROBLEM. Do you know how many customers we've had ask about IPv6? Exactly one. Because he read a post on slashdot like this one and wanted to know "if it was something he needed to know about". Guess what answer he got?
IPv6 has enough improvements over IPv4 to make it worth the change even if we weren't running out of IPV4 addresses
No, there is only one reason to switch to IPv6: if the sites you want to reach aren't on IPv4 any more. I assume since you are posting to slashdot (IPv4) you agree with me. (By "switch" I mean STOP using IPv4 completely. Otherwise you haven't "switched").
I'm going to treat IPv6 the same way I always have: as a sort of intellectual curiosity, and not something that affects my day-to-day internet use or professional responsibilities.
RBLs are the most effective method of stopping spam now.
No. RBL's are the most COMMON method of stopping spam. And I'd argue they're far from effective, unless you don't consider it a problem that it's fairly easy for you to wind up blocking a significant amount of legitimate traffic by using one.
EFFECTIVE tools are things like checking if the sending IP is reverse DNS'able. Checking if it resolves to the hostname it's presenting in the HELO. Checking if the sender exists as an MX record on a viable domain, and perhaps attempting to connect to it toverify this. Checking for SPF records, and whether the sender is "allowed" to send mail for the domain in question.
Just looking the sender up and a list and giving a yes/no based on it is a really poor way to stop spam.
I had half started to believe all the hype about IP address shortages... until one of my clients purchased a T1 from AT&T. AT&T gave them 32 addresses without even asking how many they needed. They need two of them. If AT&T can blindly fork over 32 publicly routable IPs for a small business running a 1.5MB T1 connection, I think the "shortage" is just a bunch of hype.
Not that IPv6 isn't needed or that it sucks or whatever, but who else gets a feeling that by the time IPv4 is entirely out (9x%), IPv6 will be obsolete?
Actually, the ipv4 to v6 change would be a freeking *EXCELLENT* time to dump SMTP for something better, like Bernstein's Internet Mail 2000.
The spam problem is probably solveable, but not with SMTP.
shameless plug for dd-wrt open source firmware... (its got IPv6 support built in)
sig goes here!
There's another IPv6 book coming up soon (published by Springer) called "IPv6 in practice - A Unixer's guide to the next generation internet". More details at the authors page.
Yes, and the US will adopt metric any day now too.
Why would IPv6 be any different? The ip address is simply a bigger number - 128 bits instead of 32. The ability to lookup is slightly more difficult, but not particularly so and your text based lookups are significantly slower anyway.
On the other hand, if everything has its own IP address (instead of NAT), and a much faster routing and DNS system, then you will have better tools to tell whether an email came from the server it claims to. If it doesn't, then you can guarantee its a trojaned machine sending spams with forged headers. You won't need RBLs then.
It's quite simple, really. You start with 6to4 or Toredo (which, in case you aren't aware, is IPv6-over-IPv4, and you can run it now), and you gradually start pushing the IPv4 gateways closer and closer to the core of the Internet, until the address shortage is alleviated.
http://outcampaign.org/
Do you know that you can change your MAC address when you want it? You could use the same mechanism to your advantage instead, changing it constantly and make it look as if there was an entire server room on that connection.
Sorry to break it for you, but your opinion doesn't matter a damn. What matters is: Do the government and big companies want it? If so, they'll drag the rest of people with them. If the government requires it, ISPs will provide it. If companies implement it, then their sysadmins will go setup their and their friends' home networks with it.
Actually, no, it'll help a lot.
It looks like lately spamming botnets are getting popular. It's easy enough, infect lots of computers, then use them to relay spam working around the blacklists. At least something will get through, and given enough boxes, a LOT will get through.
By MASSIVELY increasing address space, IPv6 will make brute force scanning completely impractical. Currently a single box with a good connection can test every IPv4 address in a short time (measured in hours IIRC), IPv6 will make that impossible.
That means it won't be possible to randomly infect computers anymore, attackers will have gather address lists somewhere and target specific addresses. And that's going to make it a lot easier to find the point of origin and neutralize it.
Not only that, but with IPv6 there's no need for NAT or dynamic address assignation anymore, which means that an ISP just gives out everybody a subnet and forgets about it. Now bans can be a lot more precise as you can definitively ban a single computer, then escalate to banning the whole connection.
Just to clear up a few misnomers:
The whole of the IPv4 address space is included in the IPv6 space.
It is possible to translate between IPv4 and IPv6.
IPsec is not mandatory, therefore the processing overhead is optional.
cheers,
Aehgts.
"If we knew what it was we were doing, it would not be called research, would it?" - Albert Einstein
You can also obtain the book from eMule:
S .%20Hagen%20-%20O'Reilly%20-%202006.chm|4659387|F2 8EE1365A18BC9B0A947B53440E2B1B|/
ed2k://|file|IPv6%20Essentials,%202nd%20Ed%20-%20
(remove spaces from url)
I started a section on my wiki site to help me learn about IPv6. I'm going to be using it to help with some Ubuntu deployment. There is also a signifcant amount of information related to use in Windows, and if you get a DD-WRT-capable router ($45 for a Buffalo on Newegg), you can have IPv6 in your home.
Life is irony, and nothing ever goes as planned.
It's been a while since I've bothered to look at IPv6 -- so, did folks ever work out the multi-homing issues with IPv6, so that companies (like, say the current favorite, Google,) could have multiple simultaneous connections with multiple backbone providers?
(This seemed problematic for a while due to the hierarchial nature of the IPv6 address space forcing a tree-like structure into the routing and preventing the possiblities of having links between branches.)
MAC addresses don't go outside of the broadcast domain, dimwit.
Top 7 FUD reasons to migrate to IPV6:
1) "We're running out of IPv4 address space!"
- People, even if every possible human house hold item requires an IP in the next 5 years, NAT in IPv4 will handle this just fine. Same goes for corporations. We've been running out of IP space for 10+ years now... but have we ran out? Nope, tonnes & tonnes left!
2) "IPV6 supports IPSEC natively"
- Yeah, so what? We've had IPSEC VPNs on IPv4 for like a decade now.
3) "IPV6 supports QoS!'
- Ummm... VoIP & video w/QoS has been working just fine since at least 2002 with IPv4. TOS & DSCP Ethernet header options have been around for ages before then.
4) "But IPV6 supports GPRS for modern mobile networks"
- Newsflash: Most mobile networks are still running IPv4 just fine and will continue to do so.
5) "But the US DOD is migrating to IPv6 now!"
- Yeah, maybe it's because they need to implement security through obscurity... seeing as barely anyone understands IPv6"
6) "What about most of Korea being on IPv6?"
- What about it? North America 'started' the Internet, so we have more IPv4 public address space than late adopters like South Korea.
7) "IPv6 does Multicasting natively"
- Er... Have you actually looked at how complex Multicasting is in a private network? Now imagine trying to implement that on the Internet with 128 bit HEX addresses that come with our lovely IPv6. Plus like everything else, Multicasting is working just fine with IPv4.
People, a migration to IPv6 for most Enterprises is a hella complex & expensive nightmare. Until there's actual BUSINESS needs to do so, it's really just make(alot_of)-work projects. So far every conceivable advatange of IPv6 has been resolved by 3rd party IPv4 protocols (i.e. DHCP, IPSEC, QoS, etc); plus there's analytical studies out there that claim migration to IPv6 may have a significance performance impact on your expensive WAN links due to packet header sizes being dramatically bigger. Some estimate as much as 50% WAN link speed increase requirements for the same amount of payload (considering 64 byte average payload per packet).
Wake me up when we ACTUALLY run out of IPv4 address space...
Adeptus
No trees were killed in the making of this post; however, many trillions of electrons were horribly inconvenienced.
But I like my NAT! It helps keep me safe... since nothing outside of my network can initiate a connection to an internal machine. Will we still be able to use it? Why do people assume it's such a PITA?
I have developed a truly marvelous proof of this comment, which this signature is too narrow to contain.
Why? Simply: MAC addresses are only 48-bit, or 64-bit if everyone were to switch over EUI-64. IPv6's 128-bit size is a lot larger. There are 281474976710656 MAC addresses, 18446744073709551616 EUI-64 addresses, and 3.4e38 IPv6 addresses.
So, IPv6 is approximately 1208925819614629174706176 times larger than the MAC address space.
If you need help visualing this, here are the address space sizes padded with 0s in a monospace font. A space has been added in the middle to prevent
GLaDOS for President 2016! "Well here we are again. It's always such a pleasure." -- GLaDOS, 2011
I had half started to believe all the hype about IP address shortages... until one of my clients purchased a T1 from AT&T. AT&T gave them 32 addresses without even asking how many they needed. They need two of them. If AT&T can blindly fork over 32 publicly routable IPs for a small business running a 1.5MB T1 connection, I think the "shortage" is just a bunch of hype.
Uh, yes, well, AT&T has at least 2 class A blocks to themselves, or over 32 million IP addresses. About 1 of every 125 (potential) IP addresses on the internet is an AT&T address. No wonder they're giving them out like candy.
The problem isn't that 256^4 isn't enough space (though that is becoming an issue). The problem is that they're broken up into chunks so companies like AT&T have more than they'll ever need, and other people who need them can't get them.
You may as well say "I had half started to believe all the hype about famines, until I saw fat people getting supersized meals at McDonald's for 50 cents". The hunger problem is not that there isn't enough food, but that it isn't evenly distributed.
OK, fine. Where are you going to stick the extra octet? The only legal place to put it is in the IPv4 options. A proposal that did just that, IPv7, was actually floated. IIRC, it was dubbed "toasternet" because the proposal got "toasted". Interestingly enough, I was able to experimentally route "toasted" IPv4 packets, and hit about half of the web sites I tested. I had no way to verify end-to-end transmission, but sometimes my SYNs worked and sometimes they didn't. AFAIK, The existing infrastructure does one of two things: 1. ignore the options and route the packet normally. 2. Drop the packet, because admins set up the network to drop packets with such options as "suspicious".
FWIW, I think IPv7 was a fine proposal, and I have no idea why it got "toasted". People would have had to augment their existing IPv4 stacks. All IPv4 address owners would have immediately gotten a /32 in your proposal (a /32 now has 256 IPs). The options field could hold even more data, making a /32 into 64k IP-addresses. Perhaps the internet authorities didn't like the idea of simply multiplying everybody's address allocation. Google around for "toasternet" and IPv7 if you're really curious. I'm sure the full story is out there somewhere.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
Bernstein's IM 2000 doesn't work the way people expect mail to work, and so I'll say it will NEVER be widely used.
The fact that the sender needs a machine to always be accessible for the receiver to fetch it from, if you have 2000 possible senders does that mean the receiver has to poll 2000 different servers regularly?
If the receiver just has one IM2000 server to poll, and the senders with transient machines upload their mails to that server then that start to look like SMTP and POP3 doesn't it? And with the same problems all over again.
The amount of work implementing something practical that looks like IM2000, would be about the same as requiring everyone to use crypto/signed messages and stick to plain old SMTP/POP3/IMAP.
djb is a smart guy. But he has not shown how IM 2000 can work and be practical, and actually be a significant advantage.
NAT does not hide your unique identity, in fact some cable ISPs sniff your traffic to see if you are using multiple machines behind NAT so they can charge you more. And your MAC address only goes as far as your local broadcast network. It never goes beyond any router, anywhere, ever. So, you would be just as well off with a regular old firewall doing normal routing.
IPv6 is not here and I will keep doing my part in ensuring that it will not be here for as long as humanly possible.
/. gets all types I guess! If you think you have privacy because of NAT, or that your MAC gets broadcasted to any point beyond the last Ethernet segment in your internal network (or perhaps at most to the DSLAM if using PPoE, but based on your comments I doubt you know what these words mean), then it's a damn good thing you don't actually have any say in the roll out of IPv6! Because it obvious you have NO CLUE how networks operate. Don't worry, those of us who do will wrap it up in a nice little package for you and take more of your money...
And I really do like my NAT - its a great way to hide my unique identity from all those servers out there. Can't say that for having to expose my MAC address and thus uniquely identify my host to all and sundry. Here goes privacy.
Wow,
IPv6 is out there, in use everyday. You can already connect to all sorts of sites on the Net using IPv6. It will eventually replace IPv4, it's just going to take a loooong time. And the two will continue to co-exist for some time. You must be unaware of the protocol changes that took place on the Net in the early 80's, when everyone switched over to IPv4. You do notice that IPv4 is v4 and NOT v1, don't you? That kind of implies there have been earlier versions. Does it not therefore make sense that we would continue to extend this technology to future proof it? IPv6 is not a "technological dead-end" and it is obvious you are not even qualified to make such evaluations.
but as long as people like me work quietly together towards the common goal, we can keep IPv6 where it belongs - in the gutter.
Keep dreaming. Those of us who actualy deploy large networks for a living don't hear you. You can kick and scream about not liking IPv6 all you want. but when those of us who run ISPs (or at least help keep them running) start moving customers over to IPv6 you will have little choice...
We will not switch to IPv6 until the spam problem is neutralized to a great degree. RBLs are the most effective method of stopping spam now. IPv6 would set anti-spam efforts back to the beginning almost.
That's a fairly lame arguement against not adopting IPv6. First of all, RBLs are only so useful, and are not going to be what kills off spam. New technologies such as SPF are the more logical approach to that problem. The RBLs aren't exactly trust worthy, with many false positives, and spammers constantly moving to new hosting facilities or infecting new ranges of zombie boxes. Where as SPF is inherintly trust worthy, either a valid SPF record exists or it does not, if it does it was posted by the valid owner of the domain name. And since IPv6 makes address spoofing more difficult it actually improves the reliability of address based filtering such as RBLs and SPF. Moving to IPv6 isn't going to set anti-spam efforts back.
I am surprised at the number of people posting comments such as yours, railing against the adoption of IPv6. I just don't understand it. The Internet was alwasy about change and improvement, it's a running expeirement really, always has been. This is the next logical step in improving the network. I would expect techies to be excited about the future improvements to the network! Perhaps some people really are just scared of change... regardless of if it is for the better...
Actually I think your gunshot metaphor isn't making the point you think it is.
Let's say there are two people, Joe and Bob. Joe has a sucking chest wound. Bob has a bad stomach bug from some questionable Chinese food. They both want to go to the hospital, and there are two methods of getting there: the high-priority route, which involves calling 911 and getting taken there in an ambulance to a special door, and directly in to see the doctor; then there's a low priority route where you take a car, stand around in line with the rest of the walking wounded, etc.
There's nothing preventing Bob from calling 911; assuming they have the ambulance to spare, the EMTs will still pick him up and drag his ass to the hospital. Why doesn't he? Because it's really freaking expensive, that's why. Nobody takes that route if they can possibly avoid it, because if you get caught doing it when you weren't actually in trouble, you get the bill. The guy with the sucking chest wound doesn't give a damn about how much it's going to cost, so he's going to be calling 911 regardless. Thus the prioritization is done by the users, and there's a strong disincentive to abuse it. (There are other disincentives too besides cost, but I'm simplifying here.)
Taking this back to the matter at hand, the solution is really just to make people pay for the level of prioritization they want to have, on the packets they want to put it on. For most people, this probably means paying extra for their VOIP packets to go "real time," but not for their WoW packets to get the same treatment. But hey, if you want to pay for your WoW/porn/bittorrent to get flagged as "needs real time" and "needs high throughput" or whatever else, you're more than welcome to if you can put your quarter on the bar. That seems fair to me: everybody who pays the same, gets the same service. If we both pay for nothing but bulk-packet, 'best effort' delivery with no prioritization, then neither of us should get it. If you pay more, you should get more.
The only issue with this is making sure that ISPs don't use the monopoly power they currently hold to price gouge: the price for packet prioritization should be determined by something akin to the actual cost to deliver "one more packet" with the higher priority versus the lower, not the maximum that someone is willing to pay for it. (That's the difference between the competitive-market price for a good and the monopoly-market price; micro-econ 101 if I remember correctly.) If we can make the market competitive and thus not allow it to turn into screw-the-consumer day at the cableco and telco office, that's probably the most fair outcome.
Any system which depends on the end users to be trustworthy is inherently flawed. The internet is riddled with the corpses of protocols and systems that depended on the good nature or trustworthiness of end-users not to abuse them (*cough* Usenet *cough*); it would be a giant and indefensible mistake to create such a situation with that in hindsight. Any system that is being designed today should take on premise that its users will, if given the opportunity, attempt to manipulate the system to their own advantage at the expense of others, as far as they are allowed to do so without a strong and direct disincentive.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
QoS is needed exactly for things like voip and iptv. IPv6 having QoS doesn't mean internet traffic needs to be prioritized, it means that they can run internet traffic, voip traffic, iptv or other streaming video traffic all over the same lines, each with different priorities, inside their network. Exactly what you describe with ISPs providing these extra services is exactly where IPv6 excels. That's the whole point.
Are you sure you understand IM2000?
... maybe somewhat like SMTP, but it would have a maximum size of maybe 200 bytes. Then the recipient knows exactly where to pull the whole message from -- IF it passes the blacklist check.
You would not need to poll any possible server that might send something to you. A small "token" message is sent
The sender stores the mail until retrieved, and there should be a good realtime blacklist system. When a spammer attempts to send a payload, it is blacklisted before the vast majority of the victims get it.
Seems like a sound concept to me, the only major disadvantage being the change involved. But communication is changing anyway. A lot of people already realize that SMTP isn't totally reliable. A lot of people are using IM or MySpace instead of regular email.
Slashdot, please see my sig.
Bloody luddites running this site.
Get your own free personal location tracker
This is a really rough idea, but I'll lob it out for some thought (and release all future IP claims)... I might even be similar to IM2000, which I haven't read about
How about evolving email to a P2P application where the email never passes through any ISP's computer... and transfer the email over an encrypted channel. Using a central directory something similar to DNS, if you wanted to send an email to john.doe@isp123.com, you would query to get back the IP address of the computer (or maybe something more clever to hide the recipient from the sender).. that is handling email for him. The sender would have to identify itself for approval to permit the recipient to manage which senders they wish to receive email from and under what conditions... having a simple reliable method to determine how long the sender has been registered would greatly limit hit-and-run spammers.
This is not a server at isp123.com (although it could be a proxy or intermediary for corporate mail or computers not normally online)... an IP address and encryption key is returned.... the sender connects to the IP address, an encryption key exchange takes place - once the mutual key exchange and authentication takes place, the email is sent by the sender. If the recipient's computer is offline or ignores the connection request, the sender adds it to its polling queue and tries later.
The value added by SMTP was back in the old days when bandwidth was expensive, email was often delayed to be sent via UUCP overnight, international circuits were hugely expensive and small, and most client computers (and many email servers) could not be assumed to be online 24/7. Those guiding principles are no longer true.
There is significant evidence that IMs and SMS messaging are largely displacing what people used to use email for - especially in the under 25 group. Email might be a problem that doesn't need a solution.
Final 2006 "Proof of Global Warming" US Hurricane Count -> 0
Actually, your MAC address, which is a globally unique identifier, forms half of your IPV6 address unless you do something unusual to avoid that. So it is a very valid privacy concern.
The AOL search data episode showed how easy it is to unmask anonymity when all you have is a bunch of URLs coming from the same unique anonymous identifier. IPV6 increases the risk of this kind of aggregation of supposedly anonymous activity.
When IPV6 is here, Choicepoint will probably pay for your MAC address. And everyone else will pay Choicepoint to know who the "anonymous" person is visiting their website.
As a bonus, NSA will find it easier to know exactly who is using the free public wifi at the library.
> * NAT is a kludge. Alot of services (VoiP, Filesharing, IM-Filetransfers) will just work smoother without, and the customers will probably like that.
"Services" require "servers", i.e. machines listening to the net and willing to accept unsolicited connections from any IP address on the net. Do your *REALLY* want Joe Sixpack running ftp, http, IM, etc. servers under Windows?
I run linux. Linux is a lot more secure than Windows, and I'm a lot more computer-literate than Joe Sixpack. Having said that, I still insist on hiding both of my machines behind a NAT-ing router. It's one more layer of defense-in-depth. No matter how good linux may be, I don't want to tempt fate by letting the Russian mob pound away at my machine 24x7. A hardware firewall is more secure, and also cuts down on the crap in my firewall logs.
> * Uniquely addressable gadgets. Your cell phone and your PIM could have their own addresses and you could access them from anywhere.
And the Russian mob can also access them from anywhere. Just what I want/need... !NOT.
I'm not repeating myself
I'm an X window user; I'm an ex-Windows user
> We will not switch to IPv6 until the spam problem is neutralized to a great degree.
Totally irrelevant, but your choice.
> RBLs are the most effective method of stopping spam now.
*BZZT* wrong. RBLs would have been a good idea if there was a way to maintain them actively. Experience shows that none of them are maintaned in any useful way (leaving inactive addresses blacklisted for years in some cases), giving false positives at an alarming rate. Greylisting does work with only trivial to insignificant numbers of false positives (all of them RFC violations and stupid configuration errors), and if you're addicted to blacklists, there are greytrap-based lists available which are purged of anything older than 24 hours.
Moving to IPv6 will not change any of this. Getting rid of the unwashed masses of unmaintained, moron-operated machines with Microsoft products might help ease the spam load, and moving to IPv6 exclusively might actually help achieve that.
-- That grumpy BSD guy - http://bsdly.blogspot.com/
When the US FCC first allocated UHF TV channels (all the way to 83; wow) there were UHF-coverter boxes sold that switched the UHF frequency down to Channel 3 or 4. People didn't have to throw out their VHF-only TV sets. As older sets wore out and were replaced by UHF-capable TV sets, the converter boxes faded away in electronic history.
There'll be a similar scenario when digital TV (ATSC) replaces analogue (NTSC) TV. For a few years, there'll be converter boxes that'll let your old-fashioned NTSC TV set show digital channels... albeit at a lower resolution.
When IPV6 becomes necessary (one of these days), there'll be a market for a multi-port router box that lets you plug ethernet from 4 IPV4 machines into the back, and does IPV6 on the internet-facing side. This will allow home users to continue using their current hardware and software. And they will continue to enjoy the security benefits of NAT. As time goes on and older hardware wears out, hardware and software will come in that is IPV6-capable. The transition will be smooth and one day people will remember IPV4 as a historical curiosity, just like some of us oldsters remember Gopher.
Having said that, I will still use a NAT-ing router (even if it's IPV6-to-IPV6), so that the Russian mob won't be pounding away on my machine 24x7.
I'm not repeating myself
I'm an X window user; I'm an ex-Windows user
I'm still sceptical about IPv6. There's been too much optimism and too many false starts -
r y=ipv6_meme_update
http://www.realmeme.com/roller/page/realmeme/?ent
As previous posters have said earlier, IPv6 will not be adopted fully by consumers until Joe Public can walk into dixons or PC world and buy a router that will do IPV6.
:)
Not to mention these other types of device, which will have to be replaced or flashed, and this will have to be AFFORDABLE to both consumer, and supplier/provider:
* Certain types of cable modems
* Cable set top boxes (how else will you do your video on demand streaming over an ipv6 network?)
* Certain types of ADSL Modems
* Games consoles (wouldnt this be a great place to use that QoS?)
* Mobile phones
* Ubiquitous computing (An IP6 enabled T-Shirt, coming soon to a slashdot near you)
The list is probably even larger than this
http://www.inspircd.org - Modular C++ IRC Daemon
I'd love to use IPv6, but reading djb's take on ipv6 really makes me wonder if we're ever going to get there. I don't know what the current situation is, but from reading djb's comments it looks like if I deploy servers on IPv6 only, then I'd have a network that would be completely separated from IPv4!
Claiming to be pedantic on Slashdot is asking for trouble
Actually Earthlink has a cool patched linksys image with ipv6, with the same web interface as the original one, plus with a ipv6 page for easy configuration.
I recommend it for anyone with a linksys and who are ready to check it out.
Rgds
Daxomatic
I think the point about IPv4 is that for the people it works for right now there isn't much wrong with it: QoS isn't much of an issue, Security can be dealt with, configuration isn't too hard.
But it isn't necessarily that way for everyone. China and many developing nations don't have enough IP space. IPv4 configuration IS unnecessarily hard- why can't I just physically plug two machines together and have them work? Security is fiddly to configure. NAT adds an additional layer of complexity to everything (e.g. UPnP in home routers, magic VoIP tunneling stuff, peer to peer protocols) and adds a layer of accidental security at best. Of course there are solutions which work around all these problems but if we were starting with a clean slate and a choice between IPv4 and IPv6 the choice would be clear.
So for everyone who has good working IPv4 networks: great. For many others, IPv6 will be (or become) a good alternative. It can come in to play piece by piece- home networks all running IPv6 because noone configured IPv4 services and the ISP supported IPv6 so everything just worked (which could be a reason for ISPs to use IPv6: simpler service configuration). Carriers that use an IPv6 address space on mobile devices because the roaming support makes things easier- leading to large, although disjoint, networks of IPv6 devices. Countries (like China) who use IPv6 internally because, frankly, IPv4 address space issues mean they have to NAT everything out of the country anyway and they get to be on the leading edge of technology development selling back to places like the U.S. rather than buying.
IPv6 doesn't have to happen soon. It just needs to have stable network stacks in lots of places (which is what is happening with Windows, Linux, MacOS as well as Cisco, Nortel and so on) and it can become a natural alternative in a range of situations. The interconnection between IPv4 and IPv6 networks is ugly but is do-able and no worse than the current horror that is NAT.
I don't see the IPv6 transition happening in a wide spread manner any time soon. But I do think it will happen.
IPv6 is not required to do QoS, and I really wish people would stop trying to associate the two - IPv4 has had QoS (via the 3-bit IP Precedence field and the 6-bit DiffServ codepoint that has superseded it) for decades, and virtually every router has QoS support. Both IPv4 and IPv6 have identical 6-bit DiffServ fields, termed the TOS byte in IPv4 and the Traffic Class in IPv6.
This is a bit like IPSec, which works fine on IPv4 even though it was designed alongside IPv6 (maybe that's why it was initially so NAT-hostile...)
The only unique IPv6 feature for QoS is the flow label, which is intended for easy classification of 'flows' such as a session on a specific source & destination port combination - however, this is really only useful with RSVP QoS, which doesn't scale well and requires application changes, and has therefore never taken off. (I worked on QoS technology and policy management for quite a while from the late 90s.)
The hard part of delivering QoS is the political/commercial agreement, and after that, agreeing on what the QoS levels should be. Telcos already run IP networks for use by business IP VPNs (MPLS not IPSec) this way, so they have a lot of experience.
IPv6 is a great technology but its main benefits are around router and host autoconfiguration, and never having to worry about IP address scarcity again.
I've written a small report on IPv6 for a university course. It was intended to give a general overview of IPv6. Here's a link if anyone's interested: http://szyman.magres.net/mydocs/net/ipv6/IPv6_and_ Transition_Techniques.pdf
Next they're going to expect us to adopt the metric system or some such wackiness.
I'm a fiscal conservative, it's a pity we don't have a political party anymore
The internet, an agreement between parties to speak a common language when communicating, has immense value because it leaves the prioritization and customization of services to the retailers (i.e. enduser ISP's, content providers, distributors, etc.) which facilitates choice through diversity/competition and therefore quality and optimal pricing.
Trying to make the internet do some things better than others, as World of Ends so eloquently puts it, obviously comes at the cost of doing some things worse than others.
...For the multiple explanations. I now understand why simply adding another octet wouldn't gain much of value.
Keep the peace(es).
Bruce Lane, KC7GR,
Blue Feather Technologies
I see that you have posted my IP address 192.168.1.100 in the story above. Further attempts to post this address (or my alternate address 127.0.0.1) will be met with severe penalties
AC
Like the metric standard, the rest of the world will adopt IPV6 while the US says, "hey, now we have all these 'extra' IPV4 space the rest of the world doesn't need! Let's stay on IPV4!"
Just like the Amercian english measurement klingons to keep the bloody awful NATs and uPNP for 50 more years.
AFAIK the original proposal never mentioned sending of a small message.
;).
Even with such a notification based IM2000 style system, for many practical reasons the actual sender is unlikely to be the one holding the mails. The mail would have to be stored on an ISP/3rd party mail repository, or on one of the thousands of zombie machines "owned" by spammers
Thus you will have the problem of who gets to submit mail to the ISP's mail repository.
Wow now it looks like the same problem as SMTP doesn't it?
And I believe most of the solutions are applicable to both SMTP and IM2000. Just nobody seems to want those solutions - CAs, everyone with certificates, crypto. And many people may not like the idea of some central authority effectively deciding whether you can successfully send mail or not.
Worse, in initial stages you will have to have IM2000 to SMTP gateways and vice versa. So the IM2000 users will still get spam from SMTP sources...
I think I understand IM2000 pretty well and have some idea of how the real world works too.
I wonder whether the IM2000 proponents actually do.
I think they should think things through properly, rather than come up with half baked ideas.
And back to the topic: the problem with IPv6 is it isn't backward compatible with IPv4. If it was backward compatible, the switch to IPv6 would have been much faster.
> Wow now it looks like the same problem as SMTP doesn't it?
To a lesser extent, I think.
IM2000 would only work with one or more centralized blacklists, and that can also be done with SMTP. Couple differences:
1. in IM2000 the mail would normally not be transferred from the source ISP until it was requested for viewing. (Of course, some users would likely batch download mail.) So spam would not need to waste so much bandwidth if the receiver recognized it as such before downloading it.
2. Say a spam is sent to a million people. In IM2000, a blacklist might kick in after a few dozen poeple transferred it. That would save the other hundreds of thousands from having to even see it.
So I think it's still better, if not perfect.
Dude, you obviously have no idea what the fuck ou're talking about. Don't generalize about RBLs because some of them are managed by asshats.
RBLs are the only effective way thus far to actually cost spammers money. Don't talk about stuff you don't know anything about. I mess with this stuff for a living. I design and build systems and deal with large quantities of mail and mail servers. RBLs save shitloads of money and resources. Keep your ignorance to yourself.
Brute force scanning is irrelevant.
Right now, IP space in which spammers can operate is getting limited. This is what is driving them to engage in worm and botnets... their illegal activity is going to get them all shut down eventually if the authorities start doing their job.
If ipV6 opens up, then spamming will increase EXPONENTIALLY. You guys have to trust me on this. There's always a bunch of moron pundits embracing new technology that will "change everything" and it's fucking bullshit. Content-based filtering costs companies money -- the very same companies that spammers steal bandwidth from. RBLs put a stop to this. ipV6 will completely negate the massive amount of work that's been done in this area and there is NO alterntative.
Every major ISP. EVERY MAJOR ISP is now using RBLs, from AOL to Cox to you-name-it. They don't advertise it because they use it in combination with content-based filtering, but you can bet the IP source of mail has more to do with the spam ranking than anything else.
Also, with the limited IP space, it's easier to stop worm propagation because broadband DUL space is blacklisted. There should be no SMTP traffic originating from end user IPs... so if you see it, 99.99% of the time it's the sign of a zombie pc. If you open up more IP space, it'll be a thousand-thousand times harder to deal with and nail down.
I am right about this. I was right about every other goofy-ass anti-spam measure from CAN-SPAM on down. I'm not trying to be arrogant. I know what I'm talking about here. Increase IP space will create a nightmare for administrators and networks. It's not needed. There are other, better solutions. ipV6 can wait until the spam problem is under control.
You don't understand about RBLs. Read up on them, and then you'll understand why ipV6 will completely break the backbone of the existing spam filtering network.
Right now 2-10% of the actual spam travelling on the net gets through filters. If we go to ipV6, that number will probably jump up to 70% because the location from which mail is received has a lot to do with how systems determine what is and isn't spam. This is based on a "blacklist" of known IP blocks that shouldn't be sending e-mail. If this pool size increases exponentially, as is proposed with ipV6, then it will be exponentially harder to maintain such a list of "rogue IP space" and spammers will have their biggest obstacle ever removed.
In short, ipV6 is every spammer's fucking orgasmic dream come true.
1) is related to 2, otherwise how would you know it is spam.
;).
As for 2) please explain how the blacklist part is going to "magically" work after just a few dozen people transfer it.
Questions:
i) Who decides it is spam? How?
ii) What happens after it is marked as spam?
iii) Why/How would it work better than the current methods already used with SMTP, POP3 etc systems?
Already many ISPs are tagging email as spam in the headers, and users can just configure their mail clients to handle such mails differently, if they trust the ISP's spam filters.
And like I said, the ISP's mail server would be just like an IM2000 mail repository.
Show how with IM2000 I would be receiving orders of magnitudes less spam. If it's say just 30% less, it's really not worth the bother. Work on improved spam detection methods would be better, and having a diversity of such methods makes it harder for spammers (like genetic diversity in the face of parasites and disease).
For bonus points, show how during the transition period from SMTP to IM2000, IM2000 users will be receiving significantly less spam (assuming of course they successfully receive the same amount of nonspam as they normally would - rather than the IM2000 system causing them to not receive legitimate mail). If it's just because they changed their email address, then people already do that regularly to reduce spam
> i) Who decides it is spam? How?
Probably by users clicking on "this is spam" in their mail program. Yeah that can be abused, but it shouldn't be taken seriously until quite a lot of users do that for any given message or mail server.
> ii) What happens after it is marked as spam?
It should remove all the tokens for users who haven't seen it yet.
> iii) Why/How would it work better than the current methods already used with SMTP, POP3 etc systems?
I think all this translates to significantly less bandwidth usage for any spam that does show up.
> Already many ISPs are tagging email as spam in the headers, and users can just configure their mail clients to handle such mails differently, if they trust the ISP's spam filters.
But still the full body of the spam message has to travel the whole way on the network. IM2000 should cut into that.
Maybe you're right that it can be solved better with crypto. All I know is that SMTP as is, having the assumption that the Internet can be trusted, is broken and needs serious work.
Yawn. You're right, yet you provide absolutely zero explanation why. I have provided mine. Where's your?
Not so. You don't understand the difference between comparing 32 bit numbers (ie IPv4 addresses) and 128 bit numbers (IPv6 addresses). There is an insignificant difference. The time taken to convert the IPv4 dotted decimal value to the 32-bit value takes longer than any comparison of any 128-bit value.
With the length of the blocklists, if they're sorted into order, then the lookups will be as fast as the current systems, regardless of how many addresses get added to them.
IPv6 has an added advantage of better categorising IPs from a particular country, so you can block all traffic from, say, China much more efficiently than with IPv4.
Furthermore, once we go IPv6 everyone will have their own IP address, no more hidden NAT systems and so forth, so the person sending spam will be easily identifiable. This means that those hosts on dynamic IPs will be able to be filtered correctly - currently, you block an IP, you end up blocking everyone else at that ISP as they use that shared IP. With IPv6 the ISP will know instantly who has the trojaned machine and will (hopefully) shut it down.
These last 2 things mean that RBLs will be smaller in future, not larger as they can be more accurately targetted at rogue ISPs and countries who refuse to deal with spam and other internet malware.
So, all in all, you have nothing to worry about when using IPv6. The only issue will be with systems that need to be updated to handle IPv6 addresses, but I imagine all software spam filters will have releases out the moment someone uses them on the new network.
I take your points about other areas that depend on IP addresses. The problem with multi-homing in IPv4 and IPv6 is that it makes it hard to scale the network - in fact, core routing tables started growing exponentially again in 2004 on the IPv4 Internet due to multi-homing (ref: http://en.wikipedia.org/wiki/Border_Gateway_Protoc ol). There is an IETF working group called Multi6 on IPv6 multi-homing for this reason, see http://www.ietf.org/html.charters/multi6-charter.h tml - not sure if their approach will simplify things for multi-homed sites but they are aiming to reduce core routing table growth.