Vista Not Playing Well With IPv6

netbuzz writes in to note that some early adopters of Microsoft Vista are reporting problems with Vista's implementation of IPv6. An example:"'We are seeing a number of applications that are IP-based that do not like the addressing scheme of IPv6,' says one user. 'We will send a print job to an IP-based printer, and the print job becomes corrupted. We're seeing this with Window's Vista machines. When IPv6 is installed, this happens without fail. As soon as we remove IPv6, all of our printer functions return to normal.'"

Simple solution.

[jshriverWVU]

Disable IPV6. It's my understanding, a principle way to better secure any network is to disable as many things as possible. If you're not using it, remove it.

Re:Simple solution.

[someone300]

What if you're trying to migrate to IPv6 but still have "classic" IPv4 devices on the network?

Anyway, why is this screwing anything up? My understanding on Linux/OSX is that enabling IPv6 doesn't change anything about the way IPv4 applications function, despite using a different addressing sceme. Why would this be any different for Vista? This is indicative of a layering problem...

Re:Simple solution.

[Bert64]

It is, not only disable but also remove. On unix this is easy, because everything typically comes as seperate packages which are easily uninstalled.
Windows however, makes it difficult if not impossible to remove many things which are often not required at all.

Re:Simple solution.

[tkdtaylor]

I've enabled IPv6 on my XP boxes without any problems at all, it actually resulted in faster loading times.
If Vista is anything like XP it's actually quite easy, just go to your network connections open the properties for the LAN connection and install the IPv6 (Microsoft TCP/IP version 6) Protocol.
Removing it is even easier, from the properties of the LAN connection just select it and click Uninstall.

Re:Simple solution.

[Fweeky]

On *ix, most "IPv4" apps should also support IPv6, and normally try using that first if it's available. It's fairly easy to see how some crappy printer drivers could have this behavior hacked into them and screw up because nobody tested it. Maybe they're freeing memory after an attempt and sending garbage to the printer when falling back to IPv4, or something similarly silly.

Re:Simple solution.

[Nexx]

Right. Can you do me a favour and "easily remove" kernel modules from any OS please. Meanwhile, removing the IPv6 stack from Windows is trivial -- just a few clicks of the mouse, and you're there.

I'm not a Windows apologist by any stretch of the imagination, but this blatant misinformation needs to be corrected.

Re:Simple solution.

[haapi]

The entire IP stack of Vista/Longhorn has been reimplemented. IPv6 is kind of an "add-on" to the networking code in XP, but in Vista, IPv4 and IPv6 are implemented in a unified stack.

Just sayin', the behavior is going to be different, and having some bugs to shake out is really no surprise.

Re:Simple solution.

[tkdtaylor]

IPv6 FAQ

Q. How do I disable IPv6 in Windows Vista and Windows Server 2008?

A. Unlike Windows XP and Windows Server 2003, IPv6 in Windows Vista and Windows Server 2008 cannot be uninstalled. However, you can disable IPv6 in Windows Vista and Windows Server 2008 by doing one of the following:

- In the Network Connections folder, obtain properties on all of your connections and adapters and clear the check box next to the Internet Protocol version 6 (TCP/IPv6) component in the list under This connection uses the following items.

This method disables IPv6 on your LAN interfaces and connections, but does not disable IPv6 on tunnel interfaces or the IPv6 loopback interface.

- Add the following registry value (DWORD type) set to 0xFF:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip6\Parameters\DisabledComponents

This method disables IPv6 on all your LAN interfaces, connections, and tunnel interfaces but does not disable the IPv6 loopback interface. You must restart the computer for this registry value to take effect.

For additional information about the DisabledComponents registry value, see Configuring IPv6 with Windows Vista.

If you disable IPv6, you will not be able to use Windows Meeting Space or any application that relies on the Windows Peer-to-Peer Networking platform or the Teredo transition technology.

Re:Simple solution.

[3vi1]

Heh... Removing (proper) IPv6 on Linux requires kernel re-compile and if you try on Ubuntu to remove something like Avahi (which 99%+ of people do not need and which _can_ cause a lot of problems with DNS) then you'll see that it would "remove" almost the whole of your system through dependencies.

Or, if you're not an idiot, you just add "blacklist ipv6" to /etc/modprobe.d/blacklist.

Re:Simple solution.

[Movi]

Umm, yes! On linux its as easy as:
rm /lib/modules/'uname -a'/kernel/build/somemodule.ko ; depmod -a on Mac OS X its
rm -r /System/Library/Extensions/YourKext.kext; rm /System/Library/Extensions.*; See?

Re:Simple solution.

[Bert64]

That disables it, but doesnt remove it.
You can easily remove the ipv6.ko file and it's gone completely... It wouldnt be hard for distributions to split the kernel modules up into several packages.

Re:Simple solution.

[Bert64]

Removing ipv6 support requires deleting the ipv6 module (assuming your kernel has ipv6 compiled as a module, which most distributions do), although it is also possible to remove it by recompiling the kernel.
As for the avahi dependencies, this is an issue with the way ubuntu is packaged rather than an issue with linux as a whole, and stems from other packages which *use* features from avahi being compiled and linked against it.
My gentoo systems don't have avahi installed at all, infact i had to go and check what avahi was.

Re:Simple solution.

[Bert64]

Windows: A few clicks of the mouse to *disable* ipv6...
Linux: A single command to *remove* ipv6 (rm /lib/modules/`uname -r`/net/ipv6/ipv6.ko)

Re:Simple solution.

[Wyzard]

If you don't want to use IPv6, disabling it by blacklisting the module is all you need to do. Why would you need to go as far as deleting the .ko file?

Re:Simple solution.

"Or, if you're not an idiot, you just add "blacklist ipv6" to /etc/modprobe.d/blacklist."

This line pretty much sums up Slashdot, doesn't it?

Re:Simple solution.

[Nexx]

Actually, you can completely remove all network stacks if you wish. Yes, remove.

Re:Simple solution.

[Nexx]

I was not clear, and for that, I apologise. In many Linux distributions I've encountered, many unnecessary modules are compiled in, and not as modules. My challenge was "easily remove compiled-in modules".

BTW - your command-line has an error. It should be:
rm /lib/modules/`uname -r`/[type]/[name] :)

Re:Simple solution.

[mypalmike]

I have IPv6 enabled on my Ubuntu box, but I'm not running on an IPv6 network. For the most part, I haven't noticed any issues. However, when I set up tftpd on the box, I was initially unable to connect to it. It took quite a while to track down the problem to IPv6 being enabled. The solution, which did not require disabling IPv6 across the board (though that would work too), was to add a flag in the inetd configuration to specify that it was an IPv4 service.

So, it's not completely transparent in Linux either.

Re:Simple solution.

[Bert64]

Because if its not being used, it shouldnt be installed.

Re:Simple solution.

[Schraegstrichpunkt]

When was that?

Debian etch doesn't even come with hard disk driver modules compiled in anymore. Instead, it generates a small ramdisk image containing the modules your particular machine needs to mount the root filesystem. The bootloader then loads that ramdisk, and a script on the ramdisk loads the modules, mounts the root filesystem, and then starts init. My understanding is that other distros do something similar.

The nice thing about this approach is that it makes it fairly easy to do very weird stuff like mounting your root filesystem from an encrypted LVM volume group that you access over an OpenVPN tunnel connected to a USB ethernet interface.

... or to remove IPv6.

Re:Simple solution.

[Wyzard]

99% of Mac users don't "need" Bonjour either, but it's convenient to have anyway. Avahi is another implementation of the same thing.

Since Avahi only resolves names in the ".local" zone, what are the "lot of problems with DNS" you're referring to?

Re:Simple solution.

[ceeam]

Did it. A lot of dependencies failed then. My sound card(!) stopped working, for example. Turned it back on and AOK. OTOH when I built the kernel without it I had no problem (so far).

Re:Simple solution.

[Wyzard]

It's a ~300k file that sits harmlessly on disk when not in use. It's not some big piece of infrastructure that's wasting resources even when disabled.

Operating systems contain lots of features that are always or usually installed even when they're not being used. Things like USB support, even on older systems that don't have USB ports, and RS-232 support even on newer systems that lack serial ports. CD burning support, even if the machine doesn't have a burner. Support for MP3/Vorbis/WMA audio even if you don't use all of those formats. The idea of "uninstall it if you're not using it" makes sense with big applications, but not little things like these.

How would you completely remove (not just disable) IPv6 support from Windows Vista, btw?

Re:Simple solution.

[lumber_13]

Umm, yes! On linux its as easy as: rm /lib/modules/'uname -a'/kernel/build/somemodule.ko ; depmod -a on Mac OS X its rm -r /System/Library/Extensions/YourKext.kext; rm /System/Library/Extensions.*; See?

on vista it is netsh interface ipv6 delete interface interfaceID if you want to do it through commandline.

Re:Simple solution.

How would you completely remove (not just disable) IPv6 support from Windows Vista, btw?

I know it wouldn't work but the ideal way is to go to the command line and type : Format c:

Re:Simple solution.

[3vi1]

Because if its not being used, it shouldnt be installed.

It's thinking like that which makes OEM Windows recovery CDs completely useless once you upgrade a motherboard or harddrive.

For the love of god, don't delete the IPv6 files to get back just a few meg of space. One day, you might want to lug your box over to a friends LAN and find that you actually need it.

Re:Simple solution.

[forkazoo]

It's thinking like that which makes OEM Windows recovery CDs completely useless once you upgrade a motherboard or harddrive.

For the love of god, don't delete the IPv6 files to get back just a few meg of space. One day, you might want to lug your box over to a friends LAN and find that you actually need it.

To be fair, not everybody is installing Linux onto a desktop system with a ton of storage. I've recently been doing some research on building set top boxes with Linux, and the whole system would probably be done in something like 64 MB of flash. On a system like that, slimming things down really is quite reasonable.

Of course, on a system like that, I'd be doing a custom kernel build, so I'd just not build stuff I didn't need, rather then needing to delete it after install. :)

Re:Simple solution.

[CrossChris]

The entire IP stack of Vista/Longhorn has been reimplemented.

No it hasn't. It's the same old stolen (and later accredited) BSD code that Windows has always used. There's nobody left at Redmond that understands the ancient code, and it remains buried in the twisted, unmaintainable mess that is Vista.

Vista's just spaghetti code with a DRM sauce.

Re:Simple solution.

[3vi1]

Did it. A lot of dependencies failed then. My sound card(!) stopped working, for example. Turned it back on and AOK. OTOH when I built the kernel without it I had no problem (so far).

I have to think your testing was somehow tainted by some other problem. At the very least, your results are atypical.

I've blacklisted the IPv6 driver on several different distro's on a variety of hardware and never seen a single side-effect. From Mandriva on my arcade cabinet to Kubuntu running on a PS3... and systems with multiple sound cards... they've never even hiccupped after blacklisting the module.

Re:Simple solution.

[Salsaman]

Even simpler than that now in Linux:

modprobe -r somemodule

Re:Simple solution.

[cheater512]

Possibly a Ubuntu thing. On Gentoo it works fine over both v4 and v6 out of the box.

Re:Simple solution.

[cheater512]

How would you completely remove (not just disable) IPv6 support from Windows Vista, btw? With a very large hammer?

Re:Simple solution.

I love it when people who have never worked at Microsoft and never seen their source code somehow magically know exactly how it's written.

Your arguments carry a lot more weight when they're actually backed with facts.

Re:Simple solution.

[Tim+C]

I recently had to install Oracle Application Server on a SuSe 9 box. One required step was to apply a patch to correct an issue related to IPv6 entries in /etc/hosts. (The patch modifed the hosts file, not the Oracle binaries)

Re:Simple solution.

[Tony+Hoyle]

If you have IPv6 interfaces, gethostbyname() will look for IPv6 addresses first. This makes DNS lookups slower for real users.

bzzt. gethostbyname() is ipv4 only. Only getaddrinfo() and friends are multi-protocol, but even they will only ask for AAAA records if you ask them to.

This is why so many apps have to be rewritten to support ipv6, and why there's still no ipv6 squid (an app like that needs major surgery to handle a new addressing scheme).

Re:Simple solution.

[asamad]

or

change

alias net-pf-10 ipv6

to
alias net-pf-10 off

in modprobe.conf

just turn ipv6 off

Re:Simple solution.

[someone300]

IPv6 is a completely different protocol that nobody uses. It should be turned off by default.

This is the point.. nobody uses it.. IPv4 will run out soon. People will need to start using IPv6 soon unless we want to have ISP-based NAT which is painful to even think of. I've used such a system before, it's horrendous. Vista, as I understand it, uses Teredo so that people without true IPv6 can access IPv6 addresses by tunneling to Teredo servers using IPv4.

IPv6 is not compatible with IPv4

I know that. I never suggested it was, and the reason I just said a different addressing scheme was because the article suggested that was what applications were having problems with. I said it was a layering problem, since for IPv6 to interfere with IPv4 was strange, considering they are siblings on the network layer, and shouldn't be dependent on each other in any way.

However, to suggest making IPv4 applications IPv6 *compatible* is extremely difficult is a bit overboard. IPv4 applications can be made IPv6 compatible fairly simply, especially when it's just a network client or basic network server application and is well designed and modular. I've done it before, by the way. It's mostly a case of using a different API with roughly equivelant functions. For databases, migrate to 128-bit addresses and use a 6to4 address, or use an alternative table for IPv6 and IPv4 and reference the ID of the record in those tables. The main problem being that a load of applications assumed that IPv4 would exist forever and just placed raw IPv4-specific network calls throughout their application, rather than using a generic connection oriented API or whatever in general.

If you've got a very network intensive application, designing a network API, or are forwarding packets left right and centre or doing stuff like NAT break-outs and broadcasting without an API like bonjour or Avahi, then yes, it will be more difficult, but most of those apps and libs have been ported and you can do open("192.168.0.5") just as easily as open("2001::33a2:64c:0:3ee8:4d8f:78f6"). Even if it's a pure network app, it's not hellish to migrate. Plus, IPv6 has less hacks than IPv4 like breaing from NATs etc. that generally make applications far more difficult to write.

The hardware is the big issue here. Being that chips have been specifically engineered to work with IPv4 and it's still quite difficult to set up an upgrade route for hardware. On the plus side, once we've got IPv6, we probably won't go much further, given that it provides billions (literally) of IP addresses to every living person on Earth. Maybe once we discover extra-terrestrial planets or migrate to mars or something we'll change again. I think though, that networking produts should be more extensible, even though it's difficult. That and optimising applications for IPv6 can be difficult, just as it can be with IPv4.

Don't get me wrong. I'm not saying IPv6 is perfect and IPv4 is shit, but we do need to migrate to it eventually; we will run out of IPv4 addresses at some point, NAT is horrible anyway, and the third world are becoming more economically advanced as we speak.

Re:Simple solution.

[WilliamSChips]

In that case, you don't want a binary-based distro, because things like that will happen with a binary-based distro. Use Gentoo and you can compile out IPv6 support just fine. Binary packages require things that aren't going to be used to be installed.

Re:Simple solution.

[mrsbrisby]

bzzt. gethostbyname() is ipv4 only. Only getaddrinfo() and friends are multi-protocol, but even they will only ask for AAAA records if you ask them to.

Put options inet6 in /etc/resolv.conf and trace your favorite programs.

Next time, leave out the sound effects: It makes you look like an idiot.

This is why so many apps have to be rewritten to support ipv6, and why there's still no ipv6 squid (an app like that needs major surgery to handle a new addressing scheme).

Apps need to be rewritten because ipv6 is a completely different network protocol. The same difficulties are run into porting to Appletalk or IPX, and the IETF is either completely oblivious to this, or is simply dishonest.

Re:Simple solution.

[mrsbrisby]

However, to suggest making IPv4 applications IPv6 *compatible* is extremely difficult is a bit overboard.

No, it's certainly more sane to ask tens of thousands of programmers to rewrite code, hundreds of thousands of network administrators to reconfigure millions of otherwise working systems, and convince tens of millions of users join a new network with nothing on it.

Really, IPV6 was invented by impractical morons. If they wanted to solve problems, they could mandate SRV for all new protocols- quit assigning port numbers. They could popularize UPNP and/or STUN. They could add cookies to ICMP messages so they could be tunneled easier.

On the plus side, once we've got IPv6, we probably won't go much further, given that it provides billions (literally) of IP addresses to every living person on Earth.

The same could be said about IPX. It is already here, better tested, and better understood than IPV6, and nobody would be duped into thinking we were talking about anything except completely replacing the Internet.

Even if it's a pure network app, it's not hellish to migrate. Plus, IPv6 has less hacks than IPv4 like breaing from NATs etc. that generally make applications far more difficult to write.

You're wrong. IPV6 address parsing is extremely complicated, and the fact that its space is so large means that people who used sparse bitmaps for storage need to completely rewrite their data structures. This usually means programs will run slower and be harder to debug.

The main problem being that a load of applications assumed that IPv4 would exist forever and just placed raw IPv4-specific network calls throughout their application, rather than using a generic connection oriented API or whatever in general.

That's because there still isn't a generic connection oriented API. It's 2007, and UNIX still doesn't have a dial() function. You'd think that if the IPV6 people were serious about solving problems, they'd start with some low hanging fruit.

The hardware is the big issue here. Being that chips have been specifically engineered to work with IPv4.

That's a load of crap. Hardware is not the big issue. The problem is a social one: How do you convince people to completely replace the internet with something that is not the internet? The IETF has been ducking that question for over 10 years and I don't suspect they'll answer it any time soon. There are sites on the Internet that publish MX records, when are they going to go away?

Migration is 100% of the problem. We could've been migrating to IPX: it has greater deployment than IPV6 does. If IPV6 doesn't offer anything to solve the migration problem then it simply doesn't offer anything at all .

Re:Simple solution.

[PastaLover]

That would be /etc/modprobe.d/aliases on a newer distribution.

Microsoft's IPv6 stack

[QuantumG]

The future of security issues.

Re:Microsoft's IPv6 stack

[silgaun]

Quick, put a patent on the fix. That will show them.

Re:Microsoft's IPv6 stack

[jacksonj04]

Microsoft's IPv6 stack is extremely secure, more so than the Linux one. It achieves this by simply not talking to anything.

Re:Microsoft's IPv6 stack

[neomunk]

With Vista they tossed out the TCP/IP stack that they had allegedly stolen from one of the BSDs (don't remember which) and used (with modifications) from Win95 (or was it 3.11 for Workgroups?) all the way up to XP and 2003 server, right?

They call that 'virgin', heh.

Re:Microsoft's IPv6 stack

[leonmergen]

With Vista they tossed out the TCP/IP stack that they had allegedly stolen from one of the BSDs (don't remember which) and used (with modifications) from Win95 (or was it 3.11 for Workgroups?) all the way up to XP and 2003 server, right?

I'm sorry, but 'stolen' ? Isn't the BSD license like, 'do whatever you want want with it, we don't care (much)' ? How does this make Microsoft a thief of a BSD TCP implementation, and what would require them to contribute their changes back to the public ? Is Apple stealing from FreeBSD, too ?

Re:Microsoft's IPv6 stack

[jandrese]

I thought the TCP/IP stack was fairly unique to Windows, which is why the API to use it was slightly different (just enough that a POSIX app would mysteriously fail to work). The commandline network applications (Telnet, FTP, etc...) were taken from BSD, but the BSD license allows that. The downside is that they took the absolute oldest versions of those applications they could find, skipping the years of improvements available for them.

Re:Microsoft's IPv6 stack

[neomunk]

It depends. Does Apple credit BSD where appropriate, or just pass it off as their own 'innovation'?

And there is where it matters, because you forgot the 'give credit where credit is due' part of the BSD license.
It's sharing when you follow the terms of the license, it's stealing when you don't.

Re:Microsoft's IPv6 stack

[r_jensen11]

Eg: Echo "Hello World" results in "Dear aunt, let's set so double the killer delete select all"

Re:Microsoft's IPv6 stack

[8-bitDesigner]

I don't know what Apple systems you're looking at, but when I boot my MacBook in single user mode, it pops up "Copyright UC Berkley board of Regents", so does that count as attribution? Now, if I were at said MacBook, I'm pretty sure I could bring up a similar statement for each and every BSD utility that comes in the default install.

No offense, mate, but this seems like a bit of a weak crack at Apple. While they are using a fair bit of the core BSD stuff, Apple has also developed, in-house, some nifty things like Launchd (replacement for cron, init, and other core boot utils) which are released under the Apache 2.0 license.

Re:Microsoft's IPv6 stack

[neomunk]

Wasn't a crack at Apple at all, it was pointing out that using people's stuff while giving credit (like Apple does) and using people's stuff and pretending it's your design (like another company that I was talking about a couple posts ago) are two different things. The first is perfectly fine, the second not so much.

While You're In There

[Mateo_LeFou]

Disable this whole "internet" thing altogether. It's been full of security problems for Windows ever since someone dreamed it up.

Re:While You're In There

[Mr2cents]

I do that on the one windows box I have left: before I reboot, I unplug the network cable. It saves me an anti-virus license :-).

Re:While You're In There

[Haydre]

Thanks a lot, Al Gore.

Re:While You're In There

[Ucklak]

Sneaker net. Nothing like it.

Kids today have it easy. You tell them sneaker net and they say HUH?

Re:While You're In There

[cmacb]

Why I used to have to carry data on a box full of floppies seven times a day between my office machine and home machine. On foot, and it was uphill, BOTH WAYS!

And I STILL got viruses!

Re:While You're In There

Mock Not He Who Hath Ridden The Mighty Moon Worm!

Re:While You're In There

[An+ominous+Cow+art]

Hey, back in high school, I *did* walk to school every day uphill both ways in the snow with a box of 5.25" floppies.

(of course it was also downhill in both directions, too)

Re:While You're In There

[bigdavesmith]

Luxury.

Back in my day, we had to carry reels of tape through a lake, uphill both ways, and when we finally got home with the tape, our dad would beat us to death with a punch card.

Now you try telling that to the kids today, and they won't believe you.

Re:While You're In There

You don't know when you have it easy!

When I were a nipper I used to carry stone tablets weighing 5 tonnes, over sharp gravel in't bare feet for five miles. Then I had to swim through boiling lava for 10 miles before eventually climbing a cliff face in howling winds just to reach my school. Once there my teacher would beat me severely all because I was out of breath.

Tell kids that today and they wouldn't believe you.

Re:While You're In There

[utopianfiat]

I mean, I recently installed windows (for one reason and one reason only: WoW.), but don't have problems with spyware or viruses:
The fact of the matter is anti-virus software prevents viruses, worms, and trojans- well, against those they have signatures for. Spyware not covered. Viruses- actual viruses have been relatively non-existent of late, mostly because the malicious, anarchistic nature is no longer profitable. It's a lot better to steal information than destroy it, since everyone has backups and will be online in maybe two hours after resetting their infrastructure. It's also easier to DDoS a system than to "zomg delete everything11!!1", so worms have a distinct advantage over virii.
Worms and Trojans are relatively hard to get unless you're really dumb and browsing porn all the time. Seriously, there are places to browse for porn that will not install spyware or trojans (4chan /s/, etc.), and worms are basically a nullified threat as soon as the signature's released.
All except for spyware, malicious code is generally targeted at corporate environments these days- consumers are largely unaffected by anything but spyware and adware, which can be prevented by simply getting adblock plus for firefox and staying away from porn sites.

Re:While You're In There

[badspyro]

I used to have windows for a similar reason, until I got Cedaga

Now my pc works amazingly well! (until my graphics card falls out of its slot - damn screw less case)

Re:While You're In There

[yahooadam]

Disable Networking on windows altogether, i mean, what if someone put a virus on your intranet, then your buggered ;)

Does IPv4 work any better in vista, i mean networking in windows as a whole is a complete joke, on XP i often end up with the network stack just locking up, requiring a reboot for no apparent reason
And on vista, it seems to randomly decide whether or not its actually going to work, and what computers it will detect on your network

Re:While You're In There

[dosquatch]

Bah, whine, whine, bitch, complain. You don't know how easy you had it! Do you have any idea how hard it was to muster the energy to whoop your arse for being a pansy after carrying the school up that cliff brick by brick every morning? You don't know how good you had it.

Sincerely,
Your Teacher

Re:While You're In There

[jftitan]

Back in the day, I didn't even exist...

Now beat that! They won't believe me even if I tried to prove it.

Re:While You're In There

[Redlazer]

Really?

Man, you must be doing something wrong.

The last time I had a problem with windows networking, Vista or XP, was trying to connect to a Windows 98 machine, or a Linux machine, or an Apple machine.

Its also worth noting that IPv6 is loaded on default in an effort to promote the protocol. More significantly, i fail to see how an IPv6 protocol would have any possible affect on a printer which does not use IPv6. Since Vista uses both simultaneously, if it isnt broadcasting a v6 address, it uses a v4 address instead.

-Red

Re:While You're In There

[diskis]

Well, most home routers don't use IPv6 either. Still Vista can get a IPv4 IP-adress for itself, and get a IPv6 nameserver adress.
I work in software support. If a customer calls in with Vista and network trouble, we disable IPv6. Solves maybe 2/3 of the problems.

Re:While You're In There

[Tony+Hoyle]

The problem is some home routers have shitty dns relays that barf if they get an AAAA query. Disabling ipv6 gets rid of that for IE, temporarily... I suspect over time more apps will make such queries as they get changed to support ipv6, so they'll just call back in a few months.

If a vista machine isn't on a network broadcasting RA it'll only have a link local v6 address anyway so it can't in itself cause any problem.

Re:While You're In There

[asamad]

You need to use the time tested method os re install to fix that !

Re:While You're In There

[diskis]

It's not on the application level. The ipconfig output shows an IPv4 for the localhost and router, and a IPv6 for the nameservers. The router routes perfectly any IPv4 address, and thus you can surf the net if you bother using IP-adresses instead of hostnames. Now when Vista tries to resolve an name it fails as the home router haves no idea where to route the IPv6 packet destined for the nameserver.

I do not know where Vista gets that IPv6 nameserver address. Usually it's an local, sometimes something completely random. I've even seen a invalid IPv6 address. A '%' in the middle of the address. If that is not a bug, I don't know what is.

Machines with XP and linux etc. gets the correct IPv4 adress and works fine.

Oh My God

[alta]

I'm usually all for people doing anything it takes to make a buck, as long as it's legal. But this should not be legal. This is extortion and is bad for the general public. If this works, it's going to take longer for fixes to appear because of legal issues, and the vendor will have to decide if it's even worth it. I'm floored.

Re:Oh My God

[alta]

doh, this attached the wrong story. My Fault, got click happy.

Re:Oh My God

[RandoX]

I think you responded to the wrong story, but you're amazingly on topic anyway.

Re:Oh My God

100% agreed. MS should not get away this. Maybe we can get a class action going against this "IPv6" playing not well. Ugh.

That problem is fixed in

[Colin+Smith]

MS Vista 2.0. Now only £99.99

Re:That problem is fixed in

[kinglink]

Vista unlike OSX has yet to institute upgrade buying. Granted it's probably coming knowing Microsoft's history and they have enough other problems, we don't need to fake up apple's business practices for Microsoft.

Re:That problem is fixed in

[Stormwatch]

Vista unlike OSX has yet to institute upgrade buying. Granted it's probably coming knowing Microsoft's history and they have enough other problems, we don't need to fake up apple's business practices for Microsoft.

The way Apple counts upgrades is a bit different. See, going from Windows XP to Vista is a very radical change, like moving from "classic" MacOS to OSX. But upgrading OSX from 10.2 to 10.3 is still a pretty serious change, like going from Windows 95 to 98. So it's not like you're paying for a security pack!

Re:That problem is fixed in

[Overly+Critical+Guy]

See, going from Windows XP to Vista is a very radical change, like moving from "classic" MacOS to OSX.

No, it's not. Vista comes from Windows Server 2003's codebase, and 2003 came from XP. It's the same old Win32 code running on an updated NT foundation. Mac OS Classic and OS X, however, are two completely different operating systems. OS X derives from OpenStep and CoreFoundation, while OS Classic comes from the old System software dating back to 1984.

Obligatory

[D-Cypell]

"2^32 unique addresses ought to be enough for anybody."

Re:Obligatory

[TransEurope]

The really cool thing with that is, there are so many adresses that networms cannot jump to machines via the usage of random ip adresses and you cannot scan entire subnets anymore. It's like to try fishing in an ocean with a gun. Maybe you'll never hit any crature in the big water.

Re:Obligatory

[gEvil+(beta)]

"2^32 unique addresses ought to be enough for anybody."

It is enough for anybody. The problem is that it's not enough for everybody.

Re:Obligatory

And 2^96 subnets should be enough to give _everyone_ such an address space. :-)

Re:Obligatory

[amcdiarmid]

That should read:

"2^32 addresses should be enough for EVERYBODY."

Re:Obligatory

[Sancho]

I suspect that this just means that worms will have to be smarter, gathering information on IP addresses to attack based upon connections, logs, etc. People using BitTorrent will provide a huge number of targets. Compromise a webserver, and you've got the addresses of anyone who visits the site. Read through e-mail headers, and you'll get some more.

Bots have no trouble finding e-mail addresses to spam. I imagine that in the face of near infinite IP addresses, they'll find some way to continue their attacks.

Also, the IPv6 address space corresponding to the current IPv4 address space will probably always be scanned.

Re:Obligatory

[MrNonchalant]

"It is enough for anybody. The problem is that it's not enough for everybody."

Or more precisely, for everybody and everything. The internet of things is commonly cited as a reason for IPv6.

Re:Obligatory

[lawpoop]

OK, worms can't jump to random ips, but are IPV6 addresses going to be assigned randomly, or in serial blocks? Won't service providers only get a range of ips? Then doesn't the worm only have to randomly select ips that are likely to be in the netblock of its host?

Re:Obligatory

[jandrese]

Yeah, there are ways to find IP addresses, but it will defiantly be harder than it is today.

Re:Obligatory

Also, the IPv6 address space corresponding to the current IPv4 address space will probably always be scanned.

Though this is a popular myth, no such corresponding space exists. IPv4 is not routable on IPv6, which is probably the biggest reason why much of the internet isn't entirely running on IPv6 already.

Re:Obligatory

[Tony+Hoyle]

I already have trojan scans of ipv6 address space & they're hitting valid addresses with about 95% accuracy. Don't know how they're getting the info (probably sniffing packets from owned machines) but any idea that more IPs means less bots is just security through obscurity and is just plain rubbish.

(otoh the vista machine here has no problem with anything to do with ipv6 - this article is just incorrect.. the poster is blaming vista/ipv6 for shitty printer drivers).

Re:Obligatory

[Nigel+Stepp]

Many (most?) of the assigned ipv6 addresses will be based on the MAC of the interface connecting to the ipv6 internet. 64 bits of subnet mask, then 64 bits of host (48 bits are the MAC, plus bit extra).

Privacy addresses (which avoid broadcasting your MAC everywhere) actually *are* actually randomly assigned.

Then there are ULA addresses and so on. Very few ipv6 addresses will be contiguous.

Re:Obligatory

[imroy]

The 128-bit addresses of IPv6 are broken into two 64-bit parts - network prefix and host. A network thus has 16 billion billion addresses. Put another way, you could fit all 4 billion of the 32-bit IPv4 addresses into each IPv6 network and still have (on average) 4 billion unused addresses between each host. Even your largest corporation or institute would have at most a few thousand hosts in its network. If you could scan 1k addresses a second, it would take on average 584k years to hit *one* address in a 1k host network.

But the host part of IPv6 addresses are usually derived from the MAC address of the interface (see RFC 2464). The first three bytes of the 48-bit MAC address is assigned to vendors, assuming a "universally administered address" and not a "locally administered" one. Assuming you knew a network had equipment from a particular vendor, that still leaves 40 bits to scan, still larger than the current internet. With the same 1k host network (all with the same MAC address vendor prefix) and scanning 1k hosts a second (very fast), it would still take on average 12.7 days to find one host.

Your worm is not going to spread very quickly, and that's in ideal conditions. Your average organisation is likely to have NIC's from several vendors. There's also RFC 3041 which defines ways to randomise the host part of the address. In short, scanning will likely disappear with IPv6.

Also IPv4

[VincenzoRomano]

I suspect that also IPv4 is having problems.

Who is surprised?

Anyone? Raise your hand...

Seriously, anyone using Vista in a vital machine before SP2 is out needs their head examnined!

Re:Who is surprised?

[TheVelvetFlamebait]

And in other news, millions of people book for an appointment at their nearest psychologist, because someone anonymously posted the parent post, and someone else modded it informative.

MS' Teredo (IPv6) blog

[packetmon]

MS has a blog for this sort of thing. Sean Siler promised to answer questions and provide help on issues pertaining to this via an email list I'm on. http://blogs.technet.com/ipv6/ ... Anyhow, those parties with IPv6 issues, I bet ya a HUGE portion of them are using NAT...

Re:MS' Teredo (IPv6) blog

Sylar! I knew he was behind it!

Re:MS' Teredo (IPv6) blog

Can't be. The butler killed him with a leadpipe in the library.

I am NOT surprised, given that...

[CodeShark]

Early attempts by M$ to implement networking foundered badly until they cozied up to Novell for a short stint -- a deal an insider told me was scuttled when Novell code was found on M$ machines without a signed agreement.

It may just be my long memory seeing repetitive mistakes by the software giant, but it seems like ALL of M$ network implementations seem to suffer in the early going until they manage to buy cheat or steal for good code to solve their own implementation messes...

Thoughts anyone?

Re:I am NOT surprised, given that...

[Trigun]

We could get rid of the zealots if we could dispel the truth behind their message.

+2 insightful, +1 informative, +2 zealot.

Re:I am NOT surprised, given that...

It's IP6...

Even OpenBSD, the most security-minded folks around, recently found a hole in their IP6 implementation. Why? IP6 simply isn't used that widely and so hasn't been tested in a lot of situations. Do you use IP6? I don't. Neither do my parents, neighbors, co-workers, and the vast majority of my colleagues I know working for other companies. It simply isn't that widespread.

I'll expect to find quite a few IP6 bugs in most OS's until it becomes much more common.

Re:I am NOT surprised, given that...

[man_of_mr_e]

I find that thought very suspect, for a lot of reasons.

The biggest is that Microsoft wasn't the only one involved in the early networking. IBM was as well. LanMan was a joint effort, and I find it highly unlikely that IBM would need Novell's assistance to make networking work correctly.

dot.Excuses ..

[rs232]

"We recognize that not all applications and drivers were up to date by launch and that there have been some compatibility issues as a result,"

"But we also know that Windows Vista is the highest-quality, most secure and most broadly supported operating system we've ever released."

Hameroff adds that Microsoft is running an IPv6 network and "to my knowledge has not experienced these types of issues"

Re:dot.Excuses ..

[QuietLagoon]

"But we also know that Windows Vista is the highest-quality, most secure and most broadly supported operating system we've ever released."

But mediocre is just not good enough anymore.

Re:dot.Excuses ..

Posting AC, for obvious reasons.

Hameroff adds that Microsoft is running an IPv6 network and "to my knowledge has not experienced these types of issues"

Not on the corporate network for the masses, they're not.

From my network status: "IPv6 Connectivity: Limited"

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix redmond.corp.microsoft.com
Link-local IPv6 Address 1234::5678:9abc:def0:1234%5

(output tidied for Slashdot's junk filter, too) Anonymized IP addresses, too, obviously.

Re:dot.Excuses ..

Also posting AC, from Microsoft- yes, we run IPv6 alongside IPv4 internally, yes, we print to network printers, yes, with Vista. Seems to work well regardless of whether the box is running pure IPv6, mixed (which prefers IPv6), or IPv4.

To be blunt, TFA doesn't provide enough information to root-cause this issue- it could be an app issue, could be a printer issue, could be an IP implementation issue anywhere between point A and point B... it could be a lot of stuff.

It's one thing to complain, and it's another thing entirely to do so in a way that's useful. There's a lot of the former going on here, not so much of the latter.

Re:dot.Excuses ..

[hoopshank]

Hameroff adds that Microsoft is running an IPv6 network and "to my knowledge has not experienced these types of issues"

Someone really ought to tell him.....

So...

[Lisandro]

When IPv6 is installed, this happens without fail. As soon as we remove IPv6, all of our printer functions return to normal.

It fails without fail? ;)

Re:So...

[numbski]

This is Microsoft. What other OS would allow these sorts of exceptions? Sheesh. Doesn't anyone do a try/catch loop anymore?

my $result = dosomething();
if($result eq 'FAIL'){
    return('Hey moron, you fail it!');
}
return($result);
 
monad> myl33tscript
FAIL

:D

Re:So...

[Tony+Hoyle]

So someone has shitty printer drivers (let me guess.. HP right??) and suddently it's vista's fault.

I bet they'd get exactly the same if they installed ipv6 under xp too.

Very funny, but...

[tygerstripes]

Okay, once the M$-bashing has died down, can someone have a think about the subtle implications of this? IPv6 adoption is going to be heavily stunted by this inadequacy if it isn't fixed pretty pronto - and even if it is fixed, with the other problems v6 is having, will anyone actually try trusting it? Not for some time, I suspect.

Vista adoption is going to increase - it's a sad fact, and I can't see anyone denying it. Therefore IPv6 is going to experience stunted uptake from this blow.

The one benefit I can see is that anybody who really does see worthwhile benefits in adopting IPv6 will say "bugger M$, there are hundreds of Open Source solutions that support this without issue out of the box". Maybe this could have a positive impact on OSS uptake in the long-term.

Re:Very funny, but...

[EveryNickIsTaken]

IPv6 adoption is going to be heavily stunted by this inadequacy if it isn't fixed pretty pronto IPv6 hasn't been adopted en masse for years. Why would the release of Vista suddenly give reason for people to switch? There's clearly been resistance to the switch, and Vista has absolutely nothing to do with it.

Re:Very funny, but...

[Nexx]

No, the GP is saying with this bug, there's even more resistance. He's not saying Vista will suddenly spur interest; he's saying this bug will quash what little interest there was will be smaller.

Re:Very funny, but...

[sasdrtx]

Bashing? I'm pleased that somebody's finally found a benefit of Vista (albeit a small one -- it's not like IPv6 has any traction anyway).

Re:Very funny, but...

[gEvil+(beta)]

This is just paving the way for the release of MS-IP. "See, IPv6 doesn't work. But hey, we have a solution that does work(tm)!"

Re:Very funny, but...

[Sancho]

For one thing, IPv6 is on and enabled by default in Vista. This means that, as more and more people downgrade to Vista, more and more people will be IPv6-ready by default. This is a partial solution to the chicken-egg problem of migrating to a new Internet standard. In a couple of years, ISPs need not be afraid of migrating to IPv6 since Vista will be fairly prevalent. Their support centers won't have to deal with thousands of calls from people trying to get XP to play nice with IPv6.

Re:Very funny, but...

[RightSaidFred99]

Unfortunately for you, anectdotal, half assed claims that "Vista doesn't handle IPv6!" don't mean anything to anyone but you and the rest of the bandwagon jumpers around here. Has there been any conclusive documentation that Vista, the OS, has issues dealing with IPv6?

Re:Very funny, but...

[Slashcrap]

IPv6 adoption is going to be heavily stunted by this inadequacy if it isn't fixed pretty pronto - and even if it is fixed, with the other problems v6 is having, will anyone actually try trusting it? Not for some time, I suspect.

I have no great love for IPv6, but judging by the lack of technical content in your post, I'm fairly certain that what you were thinking when you wrote about the problems & inadequacies of IPv6 was something along the lines of "IPv6 doesn't support NAT or Firewalls - it's teh insecure!!!11!".

Is my assumption correct? If so, you ARE retarded. Please don't post in any more networking related stories until you have learned enough about networking to avoid blindly parroting the half baked and uninformed opinions of other retards.

The one benefit I can see is that anybody who really does see worthwhile benefits in adopting IPv6 will say "bugger M$, there are hundreds of Open Source solutions that support this without issue out of the box". Maybe this could have a positive impact on OSS uptake in the long-term.

Oh, that's right! It's only MS that haven't got a perfect IPv6 implementation. Everyone else rocks. I do apologise for calling you retarded. You are in fact a retarded, karma-whoring, content free post troll.

I do give you extra points for starting with a criticism of all the MS bashing and then finishing with MS bashing. I bet even you didn't think that would get past the mods.

Re:Very funny, but...

[Tony+Hoyle]

They're not ipv6 ready no matter how many vista deployments there are.

You have to use the new sockets/winsock functions to be ipv6 enabled for a start.. and most apps aren't (including things like Active Directory, which is a biggie.).

I've got a vista installation here.. it's running a whole heap of stuff.. the total list of listening ports from ipv6 capable apps is: 135,445 (SMB.. pity the domain controllers can't respond.. heh.). 3389 (TS), 5357 (No idea). Compared to a list of ipv4 listening ports about 3 pages long. All of those would need to be converted.

You have to use ipv6 capable routers. Almost none are. The only one I'm aware of ipv6 out of the box is the cisco 800 series. None of the netgear/linksys/etc routers are able to route it.

You have to find an ipv6 capable ISP. They're as rare as hens teeth. Or a tunnel broker - those are getting rarer by the day as they were mostly experimental services that are shutting down. Or you could try 192.88.99.1 - if your ISP routes it (many don't) and if it routes to anything nearby (it's not uncommon for it to be 200-300ms away which makes your latency suck hard).

If someone can provide a business case for ipv6 (never heard one yet) then still it's years off. I'm thinking at this point it'll be superceded by something else that's more ipv4 compatible.

Re:Very funny, but...

[Tony+Hoyle]

Actually he has a point, in a way. Firewalls don't in general support ipv6, and until that happens (and it is easy to setup eg. cisco routers support an ipv6 firewall but you have to get down and dirty with the ios command line to even know it's there) then corporate adoption of ipv6 will be precisely zero.

ipv6 NAT is around but is a bitch to setup.. similarly that needs to be easier.

Re:Very funny, but...

Because out of the dozens of roadblocks to widespread IPv6 deployment, one big one was: Windows XP didn't (and doesn't) include IPv6 by default.

With that roadblock out of the way, IPv6 deployment becomes a little easier.

Re:Very funny, but...

[WgT2]

I hope it turns out well for the OSS side of things.

In other news: I used to despise Microsoft. But, this kind of thing just makes me pity them; they just can't get it right. Oh, how I would hate to have to work for them. I'd be so frustrated and embarrassed.

They need a better implementation

[multipartmixed]

I think they should scoop the one out of BSD UNIX.

Hell, it worked for them pretty good LAST time..

Re:They need a better implementation

Maybe that's part of the problem. There have some problems in the BSD implementation of IPv6.

Re:They need a better implementation

[sakasune]

Bah, doesn't matter. BSD is dead. Netcraft confirmed it.
*ducks*

Bug?

At least IPv6 can't get patented!

Re:Bug?

[HappyHead]

At least IPv6 can't get patented!

No, but fixing the problem in it's implementation can be. Then of course, MS can just sit on the bug without fixing it like they used to, but now they'd have a scapegoat to point at as for why. "We can't fix it because the patent troll is demanding more than we want to pay. You'll have to wait for the next OS release for that feature to be changed."

Fist of death...

[iknownuttin]

..."to my knowledge has not experienced these types of issues"...

And..."We have no record of [insert issue]"

"Sorry for the inconvenience."

There is currently an investigation into the matter."

"The person involved is suspended (usually with pay in Gov)pending the outcome of this investigation."

Blah blah blah!They all boil down to ,"We're going to say nothing really, until all of you forget about it or get distracted by the next Paris Hilton/Brittany Spears/American Idol/etc... headline. And in the meantime, we get away with it!"

Some kids are just social outcasts

[OverlordsShadow]

Why can't Vista just get along with all the other kids. Can't hardware, software, and protocols just all get along? Vista is beating up on the memory kids and thinks its a big tough shit against other Os's. I think someone in the playground needs to go over to Vista and say 'Hey asshole, calm it down or I'll be taking your lunch money next!' Moral: Kids and computers never play nice/fair.

Re:Some kids are just social outcasts

[walt-sjc]

MS's business model DEPENDS on them not working well with others. Both the US and EU tried to get them to play nice, and both have failed for various reasons (mostly political.) This should not be news to anyone at this point. It's a fact that MS fans don't care about and detractors gnash their teeth over.

Re: open source solutions

[CodeShark]

Thing is, the whole IPv6 standard is IMHO fairly well done. But implementation hiding details is what MS does best.

While I agree wholeheartedly with the hope that OSS solutions would gain strength from the IPv6 problems, for much of the business world, M$ is the dominant force -- so like you said -- a bad implementation is a body blow to IPv6's adoption. Too bad Redmond will never learn the Open Source lesson that more eyes find more problems in the early adoption v.9 releases, instead of after-market bad press. Nor will they likely learn that trying to corrupt or co-opt a standard is less profitable in the long run than taking the time to open up the code and more likely insure engineering success right off the bat

*gasp*

[spaxxor]

say it ain't so... say it ain't so... vista, noooooooo

Re:*gasp*

[phrostie]

the real reason they want to make the IP deals and use Linux code.

they'll call it Service pack 2.

It's a feature!

[Rob+T+Firefly]

'We will send a print job to an IP-based printer, and the print job becomes corrupted.

Ah-ha! You've discovered the undocumented, but terribly useful, user-papercut-protection device!

Re:It's a feature!

[Shinmizu]

Ah-ha! You've discovered the undocumented, but terribly useful, user-papercut-protection device! It doesn't work that well. I mean, sure it pops up that stupid "Are you sure you wish to receive a papercut?" message box, but people have become so numb to those that everyone just chooses "OK." Even in those rare cases that they don't actually want a papercut.

Re:It's a feature!

[sconeu]

No, it's the DRM. It's an unprotected data path to the printer, so the images are degraded!

Blame Vista, or applications?

[Vellmont]

I've got Vista, an IP based printer, and even IPV6 via a tunnel broker. I've had no problems with printing or any other network applications.

So I have to wonder, is this really an issue with Vista's IPV6, is it an issue with the driver writers, or is it a minor issue with Vista's implementation of the layer that supports IP printers?

The article seems to indicate "we turned off IPV6 and then it started working". Well that tells us a little, but it's hardly time to start blaming the IPV6 stack. There's quite a few different components that could be responsible. I had problems with Firefox on Ubuntu on my network, and was able to track it down to a faulty implementation of DNS on my DSL modem only under IPV6.

Re:Blame Vista, or applications?

[Wierdy1024]

Has anyone thought of the possibility this is an IP ethernet printer, and it's firmware just isn't coded to tell the difference between IPv4 and IPv6 packets. Maybe alternatively, the printer, which has early alpha IPv6 support is trying to comunicate in IPv6, and fails due to a bug in the printer.

Both these things would be triggered by switching on the IPv6 in vista, but neither are any problem with vista (or even the PC).

Re:Blame Vista, or applications?

Uh, what? That doesn't lead to the conclusion that Microsoft sucks...

Re:Blame Vista, or applications?

[Vellmont]

Has anyone thought of the possibility this is an IP ethernet printer, and it's firmware just isn't coded to tell the difference between IPv4 and IPv6 packets.

I thought of that exact possibility after I made my original post. It's a definite possibility, and from the little we know matches the data better than "Vista's IPV6 stack is broken". Personally I think putting out a big article saying "IPV6 on Vista is broken" before you really know anything is totally irresponsible.

Re:Blame Vista, or applications?

[Flossymike]

At the moment in a support role, a fairly common resolution to an unstable or none existant internet connection is disabling IPv6. This seems to on a wide variety of hardware, both of the PC and the modems/routers they are connected to.

Hopefully They Fix It Before...

[NeverVotedBush]

We run out of IPV4 addresses.

Sigh. While it is entertaining to watch Vista get hammered over and over for security and bugs, it is kind of sad to know that so many are blindly buying it since they feel saddled to the Microsoft rut.

I wonder if all the issues and bad press with Vista is at least partly behind their flurry of licensing activity with various Linux distributions.

At any rate, licensing or no, I love Linux. The more I use it and learn about it, the more I am so glad I made the jump a few years ago. It's logical, open, and really a lot easier to understand than Windows ever was.

Correction...

Anyone? Raise your hand...

Seriously, anyone using Vista in a vital machine needs their head examnined!


There, fixed that for you.

SPI-enabled router

[palewook]

SPI blows up vista. UPnP can too. Netbios can choke out vista slowly. and dont even get started on VPN.

Pretty sad considering...

[drinkypoo]

...that they had IPv6 working in Win2k and WinXP. But you had to administer it from the command line, and they wanted to integrate things, so they combined their stacks. They wrote a new stack, and at least in the release candidate it had buffer overflow exploits, including the LAND attack, remote code execution, you name it. So obviously it was written by a dumbfuck - Microsoft already had and fixed these holes in earlier operating systems, starting as early as Windows 95.

Those who forget history are condemned to repeat it. (So if you forgot that Microsoft is just fucking lame in every way, you are doomed to continue to be fucked by them and their crap software.)

Re:Pretty sad considering...

[UnknowingFool]

I think the problem here was that MS always re-invents the wheel trying to force vendor-lockin. Rather than rely on proven (and open) methods, they want everyone to use their software so they write code in a way that is only compatible with themselves. Unfortunately here, their code needed to be overhauled because Vista is very different in terms of permission and security than the XP codebase. Rather than implement IPv6 like everyone else they have re-invent it again to ensure that it is Vista compatible. Of course with a codebase that is reportedly 60-70 million lines of code, not all parts of Vista were passed to good programmers. MS probably assigned the good programmers to parts that it considered absolutely essential. IPv6 was probably assigned to a lesser programmer. This reminds of what Steve Jobs said recently: "I wish developing great products was as easy as writing a check. If that were the case, then Microsoft would have great products. "

Re:Pretty sad considering...

[KingMotley]

There is no proven (and open) IPv6 stack. The one in linux has had numerous bugs reported so far.

Re:Pretty sad considering...

[gbjbaanb]

and even the BSD one has a buffer overflow in it. Perhaps you consider the BSD devs 'dumbfucks' too?

don't the idiots at MS test anything?

[mr_death]

It can't get any more basic than this -- send a file to a printer. What genius at MS decided not to test this, or decided that the problem isn't a critical bug? Guess it's more important to say "we have a new ip stack!" for marketing purposes, regardless of how well it works.

If Mom can't get IPv6 to work in Vista, what do you think the real adoption rate of IPv6 will be? MS needs to put their collective heads out of their asses and fix this right bloody now.

Re:don't the idiots at MS test anything?

[El+Lobo]

They DO test a lot, but it's imposible to not have bugs especially with such a new beast like IPv6. Linuzzzz itself have a million of reported bugs with IPv6, which, again is not strange due to the relative new protocol.

http://bugs.sun.com/bugdatabase/view_bug.do?bug_id =6402758

http://www.uwsg.iu.edu/hypermail/linux/net/0205.3/ 0002.html

http://lists.ntp.isc.org/pipermail/questions/2007- April/013854.html

etc...

The problem often is in the OS itself, but sometimes the applications and drivers are the problem. So why is this news? Well, judge by yourself.

Re:don't the idiots at MS test anything?

[makomk]

"Linuzzz", eh? Also, of the three bugs you've linked to, one is an app doing something really weird (using multicast packets on the loopback adapter), one is 5 years old and doesn't actually appear to be a bug, and I'm not sure about the third (apparently, neither were the kernel developers - there's an option to get the behaviour the poster expected.)

Microsoft's Simple Solution

[fistfullast33l]

Trouble printing? Let me show you Microsoft's potential knowledgebase article:

1. Buy this.

2. And one of these.

3. ???

4. Profit!

You can't always blame the user

1. Stupidity is a requirement for a career in IT management
   
2. Many companies outsource their IT
   
3. For many, newer and shinier means better - it says so on TV
   

Another correction...

Anyone? Raise your hand...

Seriously, anyone using Vista in a vital machine needs their head EXTERMINATED!
</Dalek>

Order of magnitude more orders of magnitude

[The+Monster]

"2^32 unique addresses ought to be enough for anybody."

Well, there really aren't that many unique addresses available for machines, thanks to the fact that every subnet requires two addresses for the subnet itself and the broadcast address (never did understand why those couldn't have been the same address), but the article puts it this way?

Pv6 supports a 128-bit addressing scheme, which lets it support an order-of-magnitude more devices that are directly connected to the Internet than its predecessor, IPv4.

order of magnitude

: a range of magnitude extending from some value to ten times that value

For every ~3.3 bits added to a binary number, it supports an order of magnitude more addresses. Leaving completely aside the upper half of the address (since devices are supposed to be mobile, and should therefore have a unique 64-bit host address), the added 32 bits add nearly TEN orders of magnitude, or an order of magnitude more orders of magnitude.

Note to authors: If you don't understand what words mean, don't use them.

Re:Order of magnitude more orders of magnitude

Note to authors: If you don't understand what words mean, don't use them.

What if you don't know that you don't understand them?

Re:Order of magnitude more orders of magnitude

[bluephone]

"Note to authors: If you don't understand what words mean, don't use them."

That's ironic.

Re:Order of magnitude more orders of magnitude

It's an order of magnitude in base 4,294,967,296.

Re:Order of magnitude more orders of magnitude

[Workaphobia]

Bleh, it's like using the word "exponentially" to describe "growing faster than I can comprehend". It would be nice if everyone had enough perspective to be able to judge the approxomate size and importance of things, including those that aren't necessarily tangible. But that's not going to happen any time soon.

Cue xkcd comic discussing this the next day.

I think

[Disharmony2012]

they should just use BSD code. It's worked in the past!

Absolutely Unacceptable

[CranberryKing]

Everyone expects bugs in a new OS release, but.. I realize that most people treat IPv6 like global warming. We all know we HAVE TO adopt it but are (as harmoniously as possible) ALL putting it off until we have no choice. When we finally do 'flip the switch' over to IPv6 there will be LOTS of vista installs all over the net that didn't get the update for their corrupt network stack. If it breaks printers, you know there are other problems yet to be discovered.

MS: If you are going to monopolize the desktop market, have some sense of responsibility! As much as we hate it, the world depends on your products. Why don't you just build a windows-esque front end for a bsd based system on your next OS already? No one will give a shit and consumers will finally get the product they deserve and paid for.

sorry for the rant. I'm back on the coffee.

Re:Absolutely Unacceptable

[Tony+Hoyle]

It may never be adopted at all. It's been going for 20 years now.. and total ipv6 usage? Well let's look at the router stats of a large ipv6 tunnel broker: http://www.sixxs.net/misc/traffic/

Their most popular pop (bebru01) averaged 4mbps each way. That means their most busy ipv6 interlink could be hosted by someone with a cable modem.

My own humble network has more throughput than that - for *one house* let alone an entire country.

Re: Absolutely Unacceptable

[Dolda2000]

but.. I realize that most people treat IPv6 like global warming. We all know we HAVE TO adopt it but are (as harmoniously as possible) ALL putting it off until we have no choice.

I sure don't treat it like global warming. I set up IPv6 on my network (with 6to4 global routing) quite some time ago, and it has been heaven all since I did the same with the networks of a couple of friends with whose computers I often interact, not to mention the fact that my university also runs IPv6 on most of its network. I'm able to directly communicate between any pair of computers without having to deal with NAT and port forwarding and what not. That's actually one reason I have been looking forward to the world adopting Vista -- if everyone gets an IPv6 implementation, then maybe ISPs will start rolling out native support as well.

Someone else who doesn't treat IPv6 like global warming is China. Say what you will about China and its policy towards the Internet, but they are planning a large scale IPv6 rollout (since they have like one IPv4 address per ten citizens or so). Maybe when the only way to communicate with China is over IPv6, the rest of the world might get their collective asses off the ground as well.

Re:And this is news because?

[vtcodger]

***And this is news because?***

I dunno. How about, it's news because it indicates that Microsoft's product testing is less than industrial strength?

Oh, is that all?

[AdmV0rl0n]

Vista crashes our main network switches here. We did not have a requirement for Vista, so we've banished it until we do an upgrade on firmware project, which will be done on a if/when required by the business (HP pro curve switches).

We found this on Beta and tried to talk to MS, after being passed from piller to post and jerked round (we frankly have real work to get on with) we gave up. We tested with the full release, and, well, until we have time its just barred from the business.

Re:Oh, is that all?

So, the firmware for your network switch can't handle whatever's thrown at it (good or bad, from Vista, or anything else)? Seems like you need to make the firmware upgrade a higher priority; I don't think I'd sleep well knowing that random stuff can take down my network.

Re:Oh, is that all?

[AdmV0rl0n]

Vista is not random. Vista is special. :)

(No, we use a lot of OS's on the network, none have caused this. Its not like Vista has to do anything, its likely plug in network lead and *boom* the main switches crash and loop)

Anyway, its on our to do list. New firmware means we have to put a switch to one side and test the firmware before we could use it live. Its not a 5 minute job and we have no need for vista in the business.

Re:Oh, is that all?

[lutz7755]

>its likely plug in network lead and *boom* the main switches crash and loop I would upgrade or replace your switches at the earliest possibility. A switch should never be affected by an end-user device. If it gets malformed packets, it should drop them. Everything on a switch should be done in hardware, so I don't understand how this could even happen. Are you sure these aren't routers? Either way, I'd take a look at your HP switches, and not point the finger at Vista. What you're describing should never happen.

Re:Oh, is that all?

[supertsaar]

Dude, that sounds like browser-master elections to me. When I worked at a major big corporation when W2K came out that hit us a few times. A user with a brand-new spanking laptop with W2K on it would plug in, get IP and then would win the browsermaster elections (we only had NT servers back then). Then they'd switch off and nobody would be able to connect to anything on WINS anymore.... But perhaps this is something else entirely. But we sure had fun with those browsermaster elections :)

Re:Oh, is that all?

[AdmV0rl0n]

For reasons I can't go into, the switches we are stuck with. But what I will say is we have BSD, Linux, Solaris, Other versions of Windows, Mac's, and no end of other kit on the network, and nothing has ever crashed or caused them to crash.

Having tested several versions of Vista, and seeing the same issue, we will keep Vista off the network. The business has no requirement for Vista (and the business is being wound down, fixing for Vista is a none requirement from a business standpoint), XP/Linux will remain as the clients close of business.

Re:Oh, is that all?

Pointing a finger at Vista for a bug in your router is akin to burying your head in the sand. Turn on an IPv6 stack on any of those other machines and watch your router crash and burn...

Re:Oh, is that all?

[AdmV0rl0n]

I said switch.

J4865A ProCurve Switch 4108gl

And, we don't use IP6, k, just good old IP Version 4.

Microsoft's new motto:

[Spy+der+Mann]

Embrace, Extend, and Explode! :D

Re: open source solutions

While I agree wholeheartedly with the hope that OSS solutions would gain strength from the IPv6 problems, for much of the business world, M$ is the dominant force -- so like you said -- a bad implementation is a body blow to IPv6's adoption. Too bad Redmond will never learn the Open Source lesson that more eyes find more problems in the early adoption v.9 releases, instead of after-market bad press.

seriously? I'm not trying to be mean here... but have you ever heard of Beta? as in Vista Beta? there were a couple of 'em you know... Gobs of people installed it and provided Microsoft with so much feedback they were overwhelmed initially. You don't need to be OSS to have a decent Beta program that gets your code out into the real world where it can be beat on.

As for IPv6... it's been around forever and no one cares. It hasn't been adopted because it's a hassle and very few people have been forced to. We just did a major network reorganization at our relatively small company - it took an entire weekend and the ensuing issues took about two weeks to fully clean up. Did we go IPv6? no. Why? Because we didn't have to. Because it was one more thing to screw crap up and we didn't want to deal with it. I haven't met too many admins who enjoy setting up stuff that's only going to cause them more problems when they don't even need it in the first place.

The same fanboys that are saying no one is adopting Vista because it sucks fail to understand the real reason - people aren't adopting it because it takes a helluva lot of time to test and roll out a new OS across your entire company. Why are people still running Win 98? 'cause it's better? no, it's a piece of crap compared to Win2k. They're running it because it's easier to leave it on there than it is to upgrade.

Get off the "Microsoft is ruining everything" train and realize that some things don't happen because people are lazy - not because "Microsoft is killing everything". Crappy IPv6 support when Vista has only been installed on a tiny percentage of corporate machines doesn't mean anything. By the time Vista represents a decent market share, it will have been fixed.

this is what happens

[DragonTHC]

this is what happens when you have a company trying to write solid, stable net code for an operating system that isn't solid or stable.

Microsoft's TCP/IP stack is untested, unproven, and untrusted.

any IT manager who puts the vista stack on his network should be fired for being a tool.

you have to ask, what's wrong with the BSD stack that's been working great for 20 years?
obviously microsoft screwed it up in every version of windows that used it.

The same implementation running under Linux just runs better, providing better throughput with less cpu overhead.

Vista Performance Tip

[The+MAZZTer]

If you have IPv6 enabled (which is the default) on a network which does not support it, all connections are noticeably slower in establishing. Disable IPv6 to get a great speed boost!

Re:And this is news because?

And what the fuck is "industrial strength testing"? Is it expensive? Why isn't everybody doing it everywhere?

Re: thought being suspect

[CodeShark]

Yes but the Novell insider I am referring to was on the team that wrote much of the code that stabilized Netware's data layer in the early going (prior to Netware 4 but I don't want to be more specific than that-- which was also the exact code which turned up elsewhere on M$ machines prior to a deal being concluded but that M$ insisted had been "deleted from all of the offending machines."

At the time I was installing networks and a few months after the conversation I am mentioning, , M$ networking stabilized at the same data layer under Windows NT in a way that was exactly compatible at the data layer level with the Novell implementation. Hmmmmm....

OH NOES!!!!111oneoneone

[Real1tyCzech]

You mean using a network protocol that is not compatible with existing equipment and infrastructure might actually cause problems???

*GASP*

OH! The Horror!!! /sarcasm

You shouldn't be allowed anywhere near a computer.

Get.

A.

Clue.

We at MS...

We at MS are absolutely sure that we implemented ipv6 according to the rules of the 8 layers of the ISO-model. Can't think what went wrong really ?!

Re:We at MS...

[Slashcrap]

We at MS are absolutely sure that we implemented ipv6 according to the rules of the 8 layers of the ISO-model. Can't think what went wrong really ?!

I think you'll find that pesky (l)users and incompetent network admins are generally accepted to make up the 8th layer of the OSI model.

For example :

Tech A: Customer X has just blocked ALL ICMP traffic on their internal LAN for "Security reasons".
Tech B: It's not the first time we've had a Layer 8 problem at that site.

M$ and the future.

[twitter]

IPv6 adoption is going to be heavily stunted by this inadequacy if it isn't fixed pretty pronto

What makes you think people are going to use Vista? There's no evidence of that to date. Vista has other larger issues than IPv6 that keep people away from it.

Everyone knows that GNU/Linux or OSX is the upgrade path from XP.

Re:M$ and the future.

[Thundersnatch]

What makes you think people are going to use Vista? There's no evidence of that to date. Vista has other larger issues than IPv6 that keep people away from it.

Twenty million licenses sold already is "no evidence"? That's more than all the active Linux and MacOS machines out there in just a few months.

I have Vista on my laptop, and it is quite an improvement over XP. The very few rough edges I've encounetered have been with support of oddball hardware, like my Sprint Wireless Broadband card, which didn't have good Vista drivers until recently.

There is a huge pain in the ass with corporate licensing and activation that will be a real barrier to business migrating existing machines to Vista, though. Most likely they will just wait and acquire pre-activated Vista with new hardware. Microsoft really kicked themselves in the balls with activation for enterprise customers, it is just horribly broken. We have not had one machine activate properly, and a phone call to the automated activation system is always needed as a result. Completely unwordkable for a company our size, and we only have a few hundreds of machines. So our ten guinnea pig machines will be the only Vista we run until the next hardware refresh.

Re:M$ and the future.

[ConceptJunkie]

Microsoft really kicked themselves in the balls

I'm just glad it wasn't me for a change. I don't really hate Microsoft, but it sure seems like they hate me.

Re:M$ and the future.

[johnw]

Twenty million licenses sold already is "no evidence"? That's more than all the active Linux and MacOS machines out there in just a few months. You think there are fewer than 20 million Linux boxes in use? Where on earth did you get that idea?

Re:M$ and the future.

[Thundersnatch]

This study shows there are already 5 times as many Vista workstations in use versus Linux workstations. Assuming Microsoft has sold ~20M copies through May, that means there are far fewer than 20M linux workstations in active use. Unless you assume that more than 4/5 Vista installs is pirated.

Note my original statement should have been qualified to compare Vista with Linux workstations, and not all "Linux machines". Comparing the population of a workstation OS to a server install base doesn't make much sense.

Hou have it backwards

It's not that Vista doesn't play well with ipv6, it's that ipv6 doesn't play well with Vista. Those clowns at the IETF must not have reverse engineered Microsoft's protocols correctly ( again ).

Hey, no thanks for the spoiler!

[jfengel]

I was just about to guess "rm /lib/modules/`uname -r`/net/ipv6/ipv6.ko".

Re:And this is news because?

[Achromatic1978]

I must have missed all the kernel releases that broke things from video to tunneling to so on and so forth. Where was the many eyes approach of Open Source then? Hah. Speaks volumes.

In other words, no software solution at an OS level is able to catch every bug. Not Windows, not Linux.

Micro$oft SOP Extract...

[alien-alien]

Standard Operating Procedure: To usurp a world standard and boost Microsoft sales:

(1) Deliver a "world standard" implementation
(2) ???
(3) Offer Microsoft-only extensions with subsequent "patch" (for efficiency of course)
(4) Developers use the extensions
(5) Standard subverted!!
(6) Profit

Implementation Notes:
step (2) may be completely omitted for already well established and widely adopted standards (e.g. C, C++)
step (2) has recently been proposed as "Break something important"

How do you know that you don't know, you know?

[The+Monster]

What if you don't know that you don't understand them?

Then you'd better have an editor to tell you you're an idiot.

yeah, but...

[phayes]

Windows network code had major issues all the time until Win2K where they abandoned their buggy homegrown IP stack and adapted BSDs IP stack. Even if they stole Novell's code, it wasn't enough.

Re:yeah, but...

[man_of_mr_e]

Actually, no. Windows used the BSD based stack (licensed from spider software, who in turn paid UC Berkeley for a license, so it wasn't stolen) up until Windows 2000, then it rewrote the stack from scratch, according to this article:

http://www.kuro5hin.org/?op=displaystory;sid=2001/ 6/19/05641/7357

Re:yeah, but...

[phayes]

Your URL mostly deals with the origins of the NT IP stack which it says was BSD STREAMS based & rewritten to use winsock. While later in the article it implies that the new stack is not BSD based it is referring to the first port & not the newer stack, the origin of which it does not detail.

Is the Win2K IP stack BSD based? In the words of Bill Gates, "It depends on what the definition of the word 'is' is". Until I see an article from an identified person saying "We wrote the stack & it is not BSD based", I'm not inclined to change my opinion.

Re:yeah, but...

[man_of_mr_e]

I'm not sure why you think the article is by someone unidentified. It was written by Adam Barr, one of the networking guys at Microsoft involved with the TCP/IP stack up until 2000, then he left Microsoft and wrote a book called "Proudly serving my corporate masters" about working for Microsoft, he was then later rehired a few years later and is still working there as far as I can tell.

Key phrases you may have missed:

"So, a short time after this, work was begun on a new version of TCP/IP, written entirely by Microsoft. "

That's not an implication, that's an outright statement, made by someone that is authoritative.

here's another:

"Eventually the new, from scratch TCP/IP stack was done and shipped with NT 3.5 (the second version, despite the number) in late 1994. The same stack was also included with Windows 95. "

Again, not an implication, an outright statement.

He does say, at the time, that since he no longer worked for Microsoft, he couldn't guarantee there was currently no BSD code in there, but it's quite clear that as of when he quit, there wasn't anything substantial that could be classified as having a BSD origin.

But all that is really beside the point, as first you claimed that Microsoft wrote their first stack for NT and that it sucked and they had to replace it with a BSD stack in windows 2000. None of that is true. The BSD stack sucked (largely because it was STREAMS based) and was replaced with rewritten code.

Re:yeah, but...

[phayes]

- I missed the attribution by adam barr & thought it was yet another anon post
- I'd heard differently from 3 separate people who worked for MS years back
- MS's credibility is pretty strained due to their bad practices with OSS

Well, learn something new every day

512

Curiosity from an ignorant...
Why not go up to 511 instead of 255?

it's a feature

[Cr0t]

vista: accept or deny?

General problem with IPv6

[sid0]

Seems more like a general problem with IPv6 than with Vista. I remember once trying to use Fx with Ubuntu on a NAT based network, and each HTTP request took at least 3 seconds. I turned off IPv6 and all was well. I did the same with Vista as soon as I installed it. Honestly, it's just a checkbox!

We are going to see more such incompatibilities in the future. For now, though, /.ers can enjoy their lame Vista bashfest.

Re:General problem with IPv6

[Tony+Hoyle]

That's broken DNS - your DNS isn't providing (lack of, since almost no public websites have them) AAAA records in a timely fashion.

Re: thought being suspect

so they 'stole' some Netware code for their netware driver. What's that got to do with TCP/IP, and who the hell uses the Netware stack anymore?

Vienna vil fix it

[realdodgeman]

This might just be another trick to get people over to the next generation of MS-OS. Vienna is scheduled to arrive in 2009, perfect for "Get all the advantages of better networking with IPv6, perfectly integrated in Windows Vienna!"... Then just cut some crapware of Vista, implement WinFS and get a new rip-off GUI (beryl?) and they might stay in their near-monopoly position for another two-three years.

Real Numbers: Vista is a flop.

[twitter]

This study shows there are already 5 times as many Vista workstations in use versus Linux workstations. Microsoft has sold ~20M copies through May

Citing a web survey is bad, but you got it wrong too. Your little link showed 2.18% for "other" and 3.74% for Vista, which is neither a five times advantage nor anything to crow about, but it's bullshit. There are more than a billion web users, so your little market share study has been gamed or there are 40e6 Vista users - twice the wild M$ estimates based on channel stuffing.

The only reliable numbers so far come from memory sales. Vista is not selling.

Most people's personal observations agree. I've seen exactly one install of Vista but my I see more GNU/Linux and plenty of Mac at LSU. That single install was quickly replaced with Fedora. It's kind of like Zune - you don't see it because it's not really there.

Re:Real Numbers: Vista is a flop.

[Thundersnatch]

Yes, your indeirect measure of RAM is certainly more relaible than one based on visitors to 40,000 LiveStats customer sites.

Here's a hint: one billion internet USERS != 1 billion WORKSTATIONS. The majority of internet users share a PC, wither with family or and an Internet Cafe.

Vista is not selling AS FAST AS MEMORY MAKERS EXPECTED, but it is by no means not selling. I see Vista laptops galore on the Chicago commuter trains, far more than OSX or Linux machines. In fact, my Ubuntu laptop is the only Linux laptop I've ever seen in a public place (IT conferences being an exception).

Your sample is probably a bit skewed if you're coming from an academinc environment. I was pretty shocked 10 years ago when I came out of college eleven years ago realized nobody used the Macs or Solaris worksations with which I was so familiar in the real world.

I dare to ask, "who the hell cares"?

[5n3ak3rp1mp]

OK, I've been a programmer for some time now, and most of that time I've heard of IPv6, and seen some interfaces to configuring it (OS X), even if it's not "on" per se... but WHAT the heck problem was it supposed to originally solve, again? And perhaps because it's not solving any pressing problems (from what I can tell), implementations of it are not getting the attention they dubiously deserve? Is NAT not going to keep us from eventually running out of IPv4 addresses, or some other workaround that sort of namespaces different subnets of the Internet?

Will it really be important some day for every physical item in my possession to have a unique address and an RFID tag?

Do sysadmins at big corporations really WANT every one of their machines to have an address that is uniquely addressable from anywhere on the Internet? Will this help to solve issues such as VPN'ing behind a firewall, etc.?

An honest question.

Re:I dare to ask, "who the hell cares"?

[Nigel+Stepp]

but WHAT the heck problem was it supposed to originally solve, again? This is a sore point with ipv6 people, since many of the problems it intends to solve is doesn't solve so well, like security. But it does at least solve the address space problem.

Is NAT not going to keep us from eventually running out of IPv4 addresses, or some other workaround that sort of namespaces different subnets of the Internet? NAT is an ugly hack already. If we try to extend it, it's not going to get prettier :). NAT also causes problems for applications and general connectivity. I like to run my own mail server. If I'm doing NAT and I want to have a mail server inside the NAT'd network (I use a public address though), I can poke a hole with a port forward. What do you think will happen if the ISP is giving me a NAT'd address instead? Widescale NAT means no servers for anyone, or makes having a server of some kind very difficult.

Do sysadmins at big corporations really WANT every one of their machines to have an address that is uniquely addressable from anywhere on the Internet? Will this help to solve issues such as VPN'ing behind a firewall, etc.? IPv6 will definitely help here. Also, try merging two corporate networks that use the same private (NAT, rfc1918, whatever) address space. Eek.

Re:I dare to ask, "who the hell cares"?

[Tony+Hoyle]

Given that they're still giving away IP addresses freely (my ISP threw in 16 even though I only wanted 8, 'just in case') I don't think there's much push for it. NAT has basically made one IP per household (so the old bugaboo of IP enabled toasters eating all the space has gone away).

As of Jan 2007 about 35% of the total ipv4 address space is still unallocated (source: http://www.ripe.net/ripe/maillists/archives/ipv6-w g/2007/msg00001.html)

The US alone holds 57% of the allocated space so there's *huge* scope for releasing more space - the rest of the world seems to have no problems with its much smaller usage.

Re:I dare to ask, "who the hell cares"?

[Tony+Hoyle]

NAT is an ugly hack already. If we try to extend it, it's not going to get prettier :). NAT also causes problems for applications and general connectivity. I like to run my own mail server. If I'm doing NAT and I want to have a mail server inside the NAT'd network (I use a public address though), I can poke a hole with a port forward. What do you think will happen if the ISP is giving me a NAT'd address instead? Widescale NAT means no servers for anyone, or makes having a server of some kind very difficult.

I often hear that.. what's so ugly? NAT only causes problems for applications that would have a devil of a job getting through a firewall anyway - if a stateful firewall can handle it it can NAT it. If it can't, well ipv6 or even static ipv4 isn't going to help it... the app is broken by design.

Of course in the server case you want public IPs but you're far from the majority - joe sixpack just wants to browse the web and pick up email. He couldn't care less whether his IP was public or not. We're a long way from that though - ipv4 shortage just isn't that acute yet.

IPv6 will definitely help here. Also, try merging two corporate networks that use the same private (NAT, rfc1918, whatever) address space. Eek.

Change a line or two in dhcp server. Wait 24 hours (do this over the weekend). Job done.

Alternatively, if the admin didn't use dhcp... fire admin, hire new one, get him to do it.

Re:I dare to ask, "who the hell cares"?

[Nigel+Stepp]

the rest of the world seems to have no problems with its much smaller usage. This part is false. China and Japan are actively adopting ipv6 right now since they are feeling squeezed by their current ipv4 allocation.

By the way, as far as current ipv4 space goes, allocation exhaustion is predicted to be March 2009.

Re:I dare to ask, "who the hell cares"?

[Nigel+Stepp]

I often hear that.. what's so ugly? NAT only causes problems for applications that would have a devil of a job getting through a firewall anyway - if a stateful firewall can handle it it can NAT it. But can you address it?

IPv6 will definitely help here. Also, try merging two corporate networks that use the same private (NAT, rfc1918, whatever) address space. Eek.

Change a line or two in dhcp server. Wait 24 hours (do this over the weekend). Job done.

Alternatively, if the admin didn't use dhcp... fire admin, hire new one, get him to do it. I wish it was that simple. Some things like routers, switches, etc. need to have static internal ips.

Re:I dare to ask, "who the hell cares"?

[Tony+Hoyle]

The 2009 figure is pulled out of someone's ass. Have you seen their prediction graph? It assumes massive increase in ipv4 usage.. I mean - you're talking about us suddenly eating 35% of the IPV4 address space in *two years*. Sorry, That's bullshit.
Usage is actually dropping slightly as more space is returned to the free pool than is allocated.

Re:I dare to ask, "who the hell cares"?

[Tony+Hoyle]

I wish it was that simple. Some things like routers, switches, etc. need to have static internal ips.

OK fire your admin.

DHCP != Dynamic.

Re:I dare to ask, "who the hell cares"?

[Tony+Hoyle]

But can you address it?

Do you need to?

For 99% of cases, no. Servers generally need IPs (port forwarding is ugly, although sometimes necessary even when you have the address space) but nothing else does... and how many public facing servers does an average company have?

Re:I dare to ask, "who the hell cares"?

[mplex]

Excuse me, IPv4 usage is dropping? Name the last time someone returned a /8 back to the 'pool.' I think you mean the rate of allocation depletion is slowing, but even the rate is now rising again. Growth of the internet has fluctuated, but the internet has never shrunk in size.

Re:I dare to ask, "who the hell cares"?

[imroy]

Of course in the server case you want public IPs but you're far from the majority - joe sixpack just wants to browse the web and pick up email. He couldn't care less whether his IP was public or not.

Web and email may be fine with NAT. But public addressability is not just a problem for "servers". What about VOIP? That's impossible if all of an ISP's ADSL or Cable modems are already NAT'd on a private address space before getting to the customer.

Let's clear a few things up (ok, a rant)

[Nigel+Stepp]

This will probably be redundant by the time I end up posting, but then again, maybe not.

It seems like there are a few things that are causing confusion. Also, I want to rant about ipv6 adoption.

First of all, this looks like it's probably the printer's (or printer driver's) fault and not Microsoft's.

Second, about ipv6 in general...

It hurts me a bit to see people saying "Just disable ipv6 whenever you install vista." I think MS is doing a great thing by enabling ipv6 by default. If the instructions to support desk people, or some "best practice" becomes to disable ipv6 right away, ipv6 will take *another* 10 years to enter the mainstream.

This is pretty bad considering that ipv4 addresses are running out in the next 5 years.

It is exactly these kind of firmware/driver bugs (not having ipv6 support in a network appliance should now be considered a bug) that need to be flushed out before the internet is thrust into ipv6 adoption when the address space runs out.

IPv6 *does* solve problems, and it *will* be the primary mode of accessing the internet for consumers. Shaking out bugs by actually using ipv6 is necessary.

So, MS should *not* be berated because of this. This particular instance is not their fault, and they're doing the right thing by putting ipv6 up front in vista.

Lastly, I'd like to say that deploying ipv6 in the home is actually ridiculously easy. I have a tunnel through hurricane electric. Stateless autoconfig, which happens with ipv6 by default, assigns addresses without a dhcp server, and allows things to run right away.

IPv6 and OS support is not the problem. Application and network hardware vendors *have* to get with the program and start to support ipv6 in a very real way.

Re:Let's clear a few things up (ok, a rant)

[Tony+Hoyle]

Firstly ipv4 addresses are *not* running out in the next 5 years. Last year ipv4 usage *dropped* and there's still huge wastage within companies like DEC and IBM (they got a few million each) that can be sorted.

Maybe 10 years, maybe 15.. maybe never. Not 5 years.

Secondly, you need a dhcp server with ipv6 anyway. You need to give other information than the ip addresses - dns addresses, router addresses, domain names, wins servers, ntp servers, tftp servers, etc. dhcp isn't going anywhere. All stateless autoconfig gives you is an ipv6 address that's (reasonably) stable so you can reach the box easier.

Re:Let's clear a few things up (ok, a rant)

[knorthern+knight]

> It hurts me a bit to see people saying "Just disable ipv6 whenever you install vista."
> I think MS is doing a great thing by enabling ipv6 by default. If the instructions to
> support desk people, or some "best practice" becomes to disable ipv6 right away, ipv6
> will take *another* 10 years to enter the mainstream.

    You almost sound like an enemy of IPV6... if the only way to get IPV6 implemented is by ramming it down people's throats, that says a lot of not very nice things about IPV6.

> This is pretty bad considering that ipv4 addresses are running out in the next 5 years.

    You just contradicted yourself there. Is it 5 years or is it 10 years?

> It is exactly these kind of firmware/driver bugs (not having ipv6 support in a network
> appliance should now be considered a bug) that need to be flushed out before the
> internet is thrust into ipv6 adoption when the address space runs out.

    Ex-bleeping-scuse me... I am not a paid beta-tester. My employer (a Canadian federal gov't agancy) has a mandate to serve the public, not to shake out bugs in various IPV6-related software. With Windows, it's always been BCP ("Best Current Practice") to hold off adopting new versions corporate-wide, until Service Pack 1. IPV6 will see a similar pattern. The definition of "pioneer" is "the guy with arrows sticking out his back". I'm not saying I'll never adopt IPV6; I'm saying I'll let someone else get the arrows in their back.

What about the printer vendor's IPv6 stack???

Soooo, they got corrupted printjobs, huh?

Did they even consider that it may have been the receiving printer's end that has the problem with its own IPv6 stack?

'cause them printer manufacturers, they be real expert wizards of all things IPv6, ya know?

OK Smarty Pants, What's TWO orders of magntitude?

OK Smarty Pants, What's TWO orders of magntitude? Is it 20 times? 100 times? Both? Neither?

It's a logarithmic scale.

[The+Monster]

The number of orders of magnitude difference between two values A and B is:

N = log(A) - log(B)

where a negative number is stated as "A is N orders of magnitude smaller than B". So two orders of magnitude means a 100:1 ratio. Arguably, anything between 10^1.5 and 10^2.5 times B (31.6-316) could be described thus, since the main use of the phrase "order of magnitude" has traditionally been to express that not even one significant digit of data is known, but the exponent is known... to within a significant digit?

Re:Real Numbers: Vista is a flop.

[Thundersnatch]

By the way, you also should look a little more closely at the *chart* below the graph in the study I linked to. Linux is mentioned specifically, rather than just "other". "Linux"+"Unknown" = 0.75% market share at most. Vista has 3.74%, or 4.99 times the market share of Linux.

And that assumes all "Unknown" boxes are Linux, which is most definitely not the case. At least some are FreeBSD, Cable Boxes, random mobile phones, and those crazy airport pay-per-minute terminals.

Vista working very well with IPv6

[David+Holder]

I thought you might be interested in some points I've made in a comment to the above article at Network News (see http://www.networkworld.com/community/?q=node/1598 8#comment-66945). I've quoted it in full below:

At Erion we have been using IPv6 for many years. This includes using Vista with IPv6 since the early betas of Vista. We have had very few problems. Non of the problems we have experienced have been related to faults in the IPv6 stack.

The article doesn't provide enough detail to be able to analyse the alleged problems with Vista and IPv6. However, I suspect that they are not really problems with Vista or IPv6. As another comment has observed the author is 24 orders-of-magnitude out in the difference between the number of IPv4 addresses and the number of IPv6 addresses. This does not instill confidence in the accuracy of the rest of the article.

Regarding the printer problems, it is extremely unlikely that these are caused by IPv6. As any IT administrator knows there are many reasons why printing can go wrong. If the corruption was caused by IPv6 then it wouldn't just affect printing, it would affect all other network services too.

The ICMP issue described in the article does not make sense. ICMPv6 is IPv6's version of ICMP. It carries out the functions that ICMP carries out in IPv4 plus many new functions only found in IPv6. Applications interface to ICMP (and IP) using the socket API. The way in which applications use the socket API is largely the same for IPv4 and IPv6. Not only this but the socket API is almost identical across all operating systems supporting IPv6, not just Vista. This means that ICMP errors are exposed to applications through the socket API. It is hard to understand what the author means here.

I hope my comments above make it clear why I suspect that the conclusions drawn in the article are wrong.

At Erion we have a lot of experience of implementing IPv6. We have found that IPv6 is reliable and stable across many platforms. Indeed, it is in widespread use around the world. We have found that problems with IPv6 are more often to do with misconfiguration of naming services, routing and transition mechanisms than anything to do with IPv6 itself. We always recommend that anyone interested in implementing IPv6 undertakes IPv6 training. For further information see http://www.ipv6training.com/ and http://www.ipv6consultancy.com./ On the subject of IPv6 and Vista I gave a recent presentation at SambaXP on this subject. You can find that at http://www.ipv6consultancy.com/ipv6blog/?p=8.

Personally, I am very pleased that Vista and Windows Server 2008 (Longhorn) support IPv6 as their default stack. We have many clients who are keen to implement IPv6 but have held back due to the limitations in IPv6 support in Windows operating systems. I suspect that the release of Windows Server 2008 will increase the usage of IPv6 in two very different ways. Firstly, organisations who are not interested in IPv6 will implement it as a side-effect of implementing Windows Server 2008. Secondly, organisations who are keen to use IPv6 but have been held back by the lack of IPv6 support in AD will be able to move ahead with IPv6 AD support in Windows Server 2008.

Re: thought being suspect

[man_of_mr_e]

You're not making any sense here. The real history is that when Microsoft released Windows NT, Novell *REFUSED* to write a client for it. Microsoft was forced to write their own client for interoperability. It wasn't until later that Novell decided to try and play nice, but their client was so intrusive, replacing core DLL's that it made things an unstable mess.

The netware client on NT eventually got better, but it took a long time. I would not call that "stable".