Slashdot Mirror
Proposed IPv6 Cutover By 2011-01-01
IO ERROR writes "An internet-draft published this month calls for an IPv6 transition plan which would require all Internet-facing servers to have IPv6 connectivity on or before January 1, 2011. 'Engineer and author John Curran proposes that migration to IPv6 happen in three stages. The first stage, which would happen between now and the end of 2008, would be a preparatory stage in which organizations would start to run IPv6 servers, though these servers would not be considered by outside parties as production servers. The second stage, which would take place in 2009 and 2010, would require organizations to offer IPv6 for Internet-facing servers, which could be used as production servers by outside parties. Finally, in the third stage, starting in 2011, IPv6 must be in use by public-facing servers.' Then IPv4 can go away."
who is this guy and why does he control what happens with my internets?
Remind me again what authority the IETF actually has?
Oh yeah, none. They create specs, then people half-implement them, and nothing changes.
Just like the change to digital TV. It might be a better broadcast system, but without the government forcing people to change, it wouldn't have happened otherwise. IPv6 just doesn't offer anything sufficiently valuable over IPv4, so people won't bother to change.
I knew IPv6 addresses were 128 bits long, but I didn't realize that 64 of those are used for local addressing.
I mean, I can understand that this is done so MAC addresses can be mapped into it, but come on... all of IPv4 is 32-bits. Do we really need 64-bits for local addressing?
GLaDOS for President 2016! "Well here we are again. It's always such a pleasure." -- GLaDOS, 2011
The larger address does allow for autoconfiguration. Apparently DHCP is not doing a good job at it.
This is a great plan for switching over to IPv6. It's full of things that everyone MUST do. It's just missing one thing: if everyone ignores the plan and does nothing instead, how is it going to be enforced?
Aight, I put on my robe and wizard hat.
(I had to make an exception to the rule in my sig for that one!)
-Peter
You would think scheduling a big upgrade for the middle of the holiday season would be asking for trouble.
What's wrong with saying "the second weekend in February" or some similarly random date? It's a weekend so it won't interfere with business, but unlike new years day it won't mess with employees' personal lives too much.
There's a reason businesses and governments don't start their financial/tax years on the first of January, after all.
"Goodness me, how unlike the FBI to abuse the trust of the American public." -- The Onion
One of the things holding back the deployment of IPv6 is the fact that IPv6 PI still isn't sorted. There has been some movement of late, but it's still not sorted. (PI = provider indepentent address space, PA = provider allocated)
Without PI, you can't do multihoming, unless you're a Ripe member (so you're multihoming on PA space). Lots of companies will only use IPv4 PI address blocks (so they're not tied to one provider), so won't try IPv6 until they can get a PI block. At work, we'd love to do IPv6 in production, but because we can't get an IPv6 PI block, we can't.
Until all the ripe regions roll out IPv6 PI, lots of companies that want to do production IPv6 just won't. It needs fixing
This post will enter the public domain 70 years after my death, unless Disney buys another extension.
What's so hard to understand? Yes, you're web server faces the public. I, however, have several web servers at my organization that are NOT accessible to the public. If I want to keep them that way behind my firewall, I'd be free to do so under this plan.
Not all machines with IP addresses are public facing (cf. http://en.wikipedia.org/wiki/Private_network).
-- Don't Tase me, bro!
Sorry, but 4 years to get every internet connected system running IPv6?! Sure it sounds great, but for a lot of folks this is going to require entirely new hardware as well as software. The budget will keep getting cut until the last minute and then they'll try to cut it all over at once. I hate to think of all the hardware that will get scrapped because the manufacturer doesn't support IPv6 without a hardware upgrade.
Then there are the folks that will find out a week before the cutover date for some reason. And the folks that no one tells at all.
There is still an ungodly amount of custom software out there that won't support IPv6 at all. Business critical applications with little or no vendor support.
I don't think we're going to be able to do a clean cutover to IPv6 until most hardware/software vendors start shipping systems that require both IPv4 and IPv6 configuration to complete installation. I figure about 10 years if they start shipping today. And then we'll still have to deal with that 20 year old software that is required to provision telephone numbers but only runs on 486 hardware.
A couple of 30-somethings embark on the ultimate roadtrip
I'm sure Switzerland's ISP's are neutral on IPv6.
This has been a hot topic on a number of lists. Some observations:
1. Neither John Curran nor the IETF has the the authority to bring this about, thus the use of the word "must" is misleading. Even if the regional internet registries supported this with policy that placed additional IPv4 addresses out of reach of those who did not deploy IPv6, far less than half of the content providers would be impacted within the proposed timeframe. Indeed, relatively few content providers come back for more addresses. Its mostly the transit providers which connect the end users who have a growing need for IP addresses.
2. The natural course of IPv4 depletion is more likely to drive conservation of IPv4 addresses than it is to drive IPv6 adoption. Business will tend towards this path because the incremental cost of conservation is small and the benefits are immediate while the cost of IPv6 deployment is large and the benefits are remote. Conservation might sound like a good thing but its actually very dangerous. It implies injecting many additional routes into the "default-free zone," which for complex technical reasons would decrease the overall stability of the Internet.
3. Existing policy at the regional registries serves to obstruct the deployment of IPv6. For example, in the Americas at ARIN, there is an additional $500 fee to receive IPv6 addresses in addition to whatever fees you pay for IPv4 addresses. That's a nuissance. More critical is the wide swath of legacy multihomed content providers who because they are too small don't qualify for IPv6 addresses from ARIN. Those folks can't get the so-called "provider-independent" addresses they need to connect via IPv6 in a technically comperable way to how they connect with IPv4.
Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion.
I love how the guy uses the word 'must' and 'Internet' in the same sentence!
Score:-1, Funny
The idea is that IPv6 addresses are a 2-part address. The first 64-bit part is the classification and routing. The second 64-bit part is the unique space, although literally that does not need to be. The idea is to eliminate error and complexity prone steps to map unique link layer addresses into globally routable addresses. Sure, this could have been done with a lot fewer addresses and still have enough for even the very largest networks. But then you'd have to ensure that no 2 hosts could end up with conflicting addresses. The gateway router could certainly do that, but if it gets rebooted, all the addresses might have to be changed because the map gets reset. By using link layer addresses, once the globally routable prefix is known, the host/interface addresses can remain constant even if the router is rebooted. One of the goals of IPv6 is more automatic configuration.
now we need to go OSS in diesel cars
Again? Did you just wait for a possibility to post the same junk again, three years later?
No "Network Anonymiser Translation" this time, but an ethnic slur, great.
"Hannibal's plans never work right. They just work." Amy/A-Team
Does the IETF even realize the scope of this project? Ignore everything else and just look at every ISP in the world....all of them....the big ones and the mom-and-pop shops.
Now every single one of them must have routing gear (and all the associated monitoring equipment) capable of IPv6, and the ability to manage the massive address space. I know ISPs right now that can barely handle their IPv4 infrastructure that has been in place for a decade. Now you are asking them, in the space of a few years to throw out their existing infrastructure and move completely to IPv6? That's rich.....
If the ISPs don't convert (or can't quickly convert) then no one else will.
-ted
Also, don't fall into the all too common trap of looking at how large 2 to 128 is and thinking that ipv6 really provides that many unique addresses. You have to look at how the bits are used, the number of useable Internet addressable devices is much smaller. Perhaps even around the size you may be thinking we need. A new addressing system can provide some nice new features. Imagine the benifit of having a portable IP addres that is yours no matter what network you connect to or where in the world you move. Kind of like having a real truly portable telephone number. As all communication merges into IP address this will be both handy and important.
None of this should be taken to imply that I support the absurd cut over schedule in this thread. But there are some nice things designed in ipv6 and it will be a positive thing if the convesrion is done right, not switched over in a mad rush.
I'm an American. I love this country and the freedoms that we used to have.
Wow, that was incredibly well spotted. How on earth did you remember that? I think you've got a photographic memory for trollish posts. :)
"64 bits ought to be enough for anybody!"
- Bill Gateways
I name myself as an example. I consider myself relatively knowledgable about IPv4 in general. Subnetting, supernetting how-nat-works the cisco-vs-the-world layout of a datagram and all the required things to know when you work as a network enginner.
But please humor my candor here for a moment, I have no clue how IPv6 works. At all. I know what an IPv6 address looks like, and that's about it. I also have a vague superficial concept of what is a 6to4 gateway.
But I have no idea how it is scoped, how it is routed, how it is laid out, or basically anything.
The short answer is "buy a book", of course. Which I will do. Even take a class if necessary. Training is good, right? But has anyone thought of the implications in the enterprise? I have a few clients right now where I don't see their network admins understanding that change immediately. I know, bad admins, change them, or train them... But still.
It vaguely worries me in a strange way. Like you know, as a child, seeing a small frog cross the road and being actually fascinated by what might happen, yet still uncomfortable at that idea.
I'm just rambling. I guess my point that this is a massive technology change, and I'm just vaguely afraid of either not being able to keep up, or seeing people around not keeping up at all.
So, right now seems like a good time to start reading up on it.
- Home computer
- Work computer
- Laptop (private or work)
- Cellphone(s)
- Net connected appliances (TiVo, net music players, IP phones, home surveillance, alarms)
Each ideally needs its own address, and it's not hard to see how 4 bln addresses will be used up.
Solve it with NAT, you say. Sure - but actual interactivity is in higher and higher demand. Both my MythTV box and my laptop in most locations are NAT'ed. Save for my tinkering with NAT routing which is only for geeks, I can't get to my Myth box from the outside.
Another problem is the solution to the above problem - VPN. At my former job (a web consulting agancy) we were routinely given VPN access to clientsites. They were all setup with IPs in the range 192.168.X.nnn. We had no collisions of X, but we were a small firm, and it will happen.I remember hearing the same argument against using FAT32. Although your point is quite valid, I think the world will recover, and quickly.I'm no expert, but didn't the world stop using minimum MTU for anything larger that that a while ago? If an MTU is size 1500 instead, the overhead is a whopping 1.3%, or downloading an extra 51 mb on your full, uncompressed 50gb bluray movie.
Yeah, it's not free of drawbacks, but progress seldom is.
The biggest problem with IPv4 is that the way addresses were distributed totally screwed over Asian countries. There are single Universities in the US that have more assigned IP addresses than pretty much the entire Asian continent! There are places in China that now sit behind six layers of NAT.
Asia will lead, and anyone who wants to communicate with them will be forced to follow.
Hmm...
Is there some crucial service under government control (like DNS root servers or something) that could be switched to IPv6-only in such a way that other systems would have to be configured to cope with both IPv4 and IPv6, thus making a later total switch to IPv6 less painful?
It's related to the birthday paradox. This is not really a paradox, but is counter to intuitive thinking. It states that in a group of 23 randomly chosen people, there is a 50% chance that two will have the same birthday. While you only need 23 different days in the year for everyone in the group to have a different birthday, you need a lot more if the days are chosen at random. For stateless autoconfiguration you need n parties (where n is the maximum number you might want to put on a single network) to be able to pick unique numbers. The simplest way of doing that is to take an existing globally unique number; the MAC address. You could use a hash of some other unique information, but the smaller you make the hash, the greater the chance of collision.
I am TheRaven on Soylent News
"...niggers..."
Political correctness: The peculiar idea that one can pick up a turd by its clean end.
It's urban dialect. Nothing to get excited about (nothing to write to dictionary manufacturers and insist it be included, either.)
From the consumer standpoint, a cable/DSL modem or router with IPV4 in the house / business to IPV6 out on the net will keep most of the pain (other than a financial hit) away until or unless IPV6 is actually needed on the local side of the hardware; the router can handle the details, such as they are.
As for the address space, the argument about number of addresses per square meter of the earth seems quite shortsighted. How many addresses per unit space are used when you add every square meter of the surface of every planet and moon? How many when you add the asteroids? How many when you add every cubic meter of open space inside the solar system? For that matter, what's the IP of a probe sent to Arcturus, as opposed to those sent to Sirius?
Might as well get it over with now. It isn't like we can't speed up the infrastructure, anyway. Especially in the US; we could actually use a little pressure to get things moving somewhat more reasonably.
I've fallen off your lawn, and I can't get up.
At the risk of feeding the troll, I wanted to try to clear up some misconceptions.
1. Cisco routers suck at IPv6.
Anything reasonably current doesn't route IPv6 in software. Yes, there's legacy stuff out there that will have to be dealt with, but there are solutions to those legacy hardware deployments that aren't terribly arduous. But it does mean people need to get started dealing with this *NOW* rather than later.
2. There are too many addresses.
Uhm...so don't use them all. I'm not sure what sort of objection this is. "Oh, we can't do that because that solution will give us more resources than we need." Oh the horrors of not having to worry about running out of addresses, I'm not sure I can deal with that problem
3. IPv6 addresses are too large.
The ISP that I used to work for advertises 7 or 8 routes into the IPv4 default-free zone. With a move to IPv6, they could easily, without breaking a sweat, move to only advertising a single route. So, an IPv6 route would have to consume more than 8 *times* the memory that an IPv4 address does for it to be a loss for the routes that said ISP would advertise. Many enterprises advertise many many more routes than that in IPv4 and could drop down to a single (or very few) IPv6 routes. Yes, the memory footprint of each individual route in routers would be bigger, but the number of them will be significantly smaller, meaning overall router memory consumption will drop.
4. The IPv6 header is too large.
Ooh, 3.4% (and that's worst case)...I'm not sure the world can handle those sorts of inefficiencies. Yes, IPv6's larger header will drop data throughput efficiencies ever so slightly. That's better than the 100% drop in efficiency you'll have when you can't get an IPv4 address at all.
If they're a halfway clueful ISP, yes, you'll get more than one IPv6 address at your home. And, no, hopefully there will not be NAT in IPv6 world (someone will probably do it, but its stupid, "Just Say No to NAT"). NAT is evil crap, it breaks things for no real benefit (other than IP address conservation, which isn't needed in IPv6 world). NAT doesn't provide any security, stateful packet inspection and firewalling provides security (NAT provides the illusion of security because stateful inspection and firewalling is required for dynamic NAT to work). Mangling IP address only breaks things, it doesn't actually provide you any protection. If you don't believe me, set your NAT device "DMZ host" to your PC and watch your PC get pwned in a matter of minutes just as if it were not behind the NAT device. Mangling the IP addresses doesn't protect you from anything, it just breaks protocols that need to signal IP address endpoints such as VoIP, IM file transfers, and the like.
NAT is evil, it needs to die.
So, what you're saying is, 512k is enough for anyone?
Nah, nothing is enough for anyone.
Jumpstart the tartan drive.
( ) technical (x) legislative ( ) market-based ( ) vigilante
approach to introducing IPv6. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
(x) We'll be stuck with it
(x) Users of the internet will not put up with it
(x) Microsoft will not put up with it
( ) The police will not put up with it
(x) Requires immediate total cooperation from everybody at once
(x) Many internet users cannot afford to lose business or alienate potential employers
(x) The general public doesn't care about IPv6
( ) Anyone could anonymously destroy anyone else's career or business
Specifically, your plan fails to account for
( ) Laws expressly prohibiting it
(x) Lack of centrally controlling authority for the internet
( ) Open relays in foreign countries
( ) Asshats
(x) Jurisdictional problems
(x) Unpopularity of new protocols
( ) Public reluctance to accept weird new forms of money
(x) Huge existing hardware investment in IPv4
( ) Susceptibility of protocols like IPv4 to attack
(x) Willingness of users to install OS patches
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
( ) Joe jobs and/or identity theft
(x) Technically illiterate politicians
(x) Extreme stupidity on the part of internet users
( ) Dishonesty on the part of spammers themselves
(x) Bandwidth costs that are affected by ISPs having to switch to a new protocol
( ) Windows
and the following philosophical objections may also apply:
( ) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
( ) Any scheme based on opt-out is unacceptable
(x) IP protocol should not be the subject of legislation
(x) Cutoff dates suck
( ) We should be able to talk about Viagra without being censored
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
(x) Managing dual v4 and v6 addresses is inconvenient
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough
Furthermore, this is what I think about you:
(x) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!
Looks like these truths are not so self-evident after all...
In the resources-on-your-equipment sense, the size of the tables matter and yes, you are correct. In the money-has-to-be-paid-for-equipment sense, the size of the tables in software is irrelevant. Many ISPs don't have "modern routers", particularly smaller ones, as your national/international providers have the scale and money to have regular and scheduled hardware upgrades. Cisco gets a lot of shit, but a large amount of their equipment just lasts and lasts. And if you're an ISP trying to cut corners, weeeeelllll...you might not have upgraded to the latest hardware.
Consider also that this is not just routers, but anything with a public IP, such as firewalls and a lot of enterprise-level firewalls just do not have IPv6 capabilities yet. Not like, hey, the handling is Teh Suxx0rs, but it's Just Not There. Juniper's security products don't do it; hell until a recent-ish version of the FW+VPN OS was released, an IPv6 packet could reboot a VPN connection. Nor do Fortigate or CheckPoint handle IPv6. Cisco's SSL VPN does shit to the packets and to make a long story short, is just not ready to deal with IPv6. AFAIK, ISC's DHCPv6 is still kind of rough (although admittedly I don't follow it very closely on the list, it gets mentioned now and again and the impression I get is that they're working very hard on it. Which means it isn't ready yet.) This matters a great deal to ISPs who would be the ones handing out IPv6 to your average user; an unbelieveable amount of them use ISC's DHCP software.
FreeBSD for the impatient.
Why do these articles only end up being commented about IPv6 improved address space?
IPv6 offers lots of tasty features because they took the opportunity to fix a lot of quirks in the IPv4 protocol while they were at it, and that offers real world advantages.
Things like host autoconfiguration and ad hoc networking, end-to-end IPSec support in the standard, larger datagram support for efficiency in fast networks.
Beware: In C++, your friends can see your privates!
My ISP only allows me one dynamic address... I use a NAT router (with their blessing) and have several machines at honme. With IPV6, is there still NAT routing?
/64 IPv6 network (if you make each network a /64 then IPv6 autoconfiguration works, which makes everyone's life easier). In general, NAT is a Bad Thing since it breaks peer to peer applications such as VoIP and often required that the device doing NAT have specific knowledge of the layer 5 protocols you're using.
You can do NAT but it is strongly discouraged (it's basically reserved for situations where you need to move machines between networks, rather than sharing of a single address between multiple devices). Your ISP _should_ give you at least a
Of course, if they try and give you a single IPv6 address instead of a sanely sized prefix then you should go find an ISP who has clue and doesn't jsut try to rip you off.
Oh, and NAT firewalling? what about NAT firewalling?
There's no such thing as NAT firewalling. There is firewalling (which may or may not be stateful) and there is NAT (which requires stateful connection tracking). The existance of one does not imply the existance or requirement of the other. And yes, you can still do stateful packet inspection for IPv6.
http://blog.nexusuk.org
the overhead is a whopping 1.3%, or downloading an extra 51 mb on your full, uncompressed 50gb bluray movie.
!) The bluray *image* may not be compressed, but the bluray *movie* is compressed to fit in 50GB
2) 1.3% of 50GB = 50000MB is somewhere around 500MB, not 50MB - you're off by a zero
Live today, because you never know what tomorrow brings
This is my main problem with IPv6. I've seen some excellent replies as to why this isn't really an issue on various technical grounds, including your reply. However it's not the technical issues that concern me.
Allow me to rephrase the objection:
3a. IPv6 addresses are too large for people.
I deal with IP addresses all the time. Few days go by where I'm not typing one into a computer for one reason or another, or reading one out over a phone to somebody. "Your internet seems to be down? It could be a DNS issue. Try typing this IP address into your browser and tell me if you get anything." IPv4 address are simple and easy to remember. They are like phone numbers. They are easy to relate to others, and I have most of my commonly used ones memorised. I can copy one from paper to a computer usually at a glance, two glances at most.
But when I see an IPv6 address, my eyes glaze over. It's alphabet soup. No way in hell do I want to be dealing with those things on a day-to-day basis
No it doesn't, and no it won't. Right now, only the relatively rich can afford more than a handful of public addresses, so only they can afford to host the services they want (where "services" includes things like "being able to sync your smartphone's calendar with the office Exchange server", not just customer-centric applications). Also, it's all but impossible to do things like direct peer-to-peer VOIP between two random hosts behind NATted routers; you have to have a broker somewhere in the middle to know how to get to each end and to negotiate the connections.
This isn't going to get better. The NAT hack was able to keep things limping along for a few extra years, but we're living on borrowed time. You will be migrating off IPV6, and likely sooner rather than later. The only question is how you want to meet it: will you embrace the new system, or will you have to be dragged kicking and screaming?
Dewey, what part of this looks like authorities should be involved?
I'm being completely serious.
NAT (ie, the mangling of IP addresses) doesn't give you any security whatsoever. Putting your box in the DMZ isn't bypassing the NAT, its just setting up a different type of NAT.
The security that you get behind your NAT device is because the device necessarily has stateful packet inspection and filtering engine...because dynamic NAT doesn't work without it...its the stateful inspection and filtering that gives you the security, not the NAT/mangling of the IP addresses.
You could stick a stateful inspection and filtering device that denies inbound connections by default in your laptop travel bag and have exactly the same level of security, without breaking useful applications like NetMeeting (admittedly dated), and other useful applications that connect directly client to client.
Why does every technical standards organization plan intensive, complicated and pervasive changes for midnight January 1st, when:
1. There will be no technical support available from vendors until they return from holiday, perhaps days later?
2. No one will be available to test, evaluate and identify distributed service outages, again for days.
3. The poor, maligned and disrespected IT staffs will have to miss the New Year's Eve parties, probably their best/only chance to hit up their drunken office colleagues and have a chance of success. Please, won't anyone think of the geek?
-- Gary Goldberg KA3ZYW 301/249-6501 AIM:OgGreeb Digital Marketing Inc., Bowie, MD
I think an AC already mentioned a solution -- DNS spoofing. Correct me if I'm greatly oversimplifying the problem, but aside from setting the gateway and DNS addresses, it's rare for somebody's personal computer to connect to other entities on the internet directly via IP address. A lookup is generally performed on the host and domain names to get the IP address. If the PC is configured to use the magic $20 box as the DNS and the magic box is configured to the IPv6 DNS, the box is perfectly capable of allocating an IPv4 address that maps to the actual IPv6 address for the target entity, and then passing the IPv4 address back to the Win98 machine. Subsequent attempts to access the IPv4 address will result in a lookup and translation done by the magic box. This is kind of like the reverse of NAT, but with a whole lot more IP addresses to deal with. The only trick is making sure that the DNS cache on your Win98 computer expires before the mapping entries in that $20 box. For those that choose to hang on to the old computers, it's probably not much of an issue. I'm sure that the number of different entities that they connect to on the internet are limited. If there is a problem, well, that's just yet another reason to reboot. And of course the magic box can come with some tiny little program on CD that sets HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curr
GreyPoopon
--
Why is it I can write insightful comments but can't come up with a clever signature?
The rest of the points in that post were similarly bogus. NAT sucks because it breaks the end-to-end IP model (which also breaks IPSec). It also requires the network to handle connections and maintain state. IPv6 also uses multicast for ARP resolution instead of broadcast, which means your NIC doesn't have to deal with a packet every time someone else on your subnet wants to contact a machine that isn't in their cache.
Just junk food for thought...
Sure, its secure, but its not secure because of the IP address mangling. Its secure because the NAT device is looking at every packet, keeping track of what conversations are going on and deciding which to forward (and mangle) based on the state that its keeping.
The problem with your argument is that you qualify it with "not in the DMZ". Putting it "in the DMZ" (which isn't a real DMZ anyway) is still NAT, and your protection just went *poof*. NAT (ie, just mangling IP addresses) doesn't provide any protection. Having stateful inspection of every packet and deciding which ones to forward on is what provides protection. This means that a stateful inspection firewall is capable of providing exactly, completely, 100% the same level of security; oh, and do so without breaking any protocol that tries to use the Internet as a real communications network rather than some simplistic I-make-a-request-and-get-a-response-back pseudo-communications network.
The internet will only be "slowed down" by 3.4% if everyone uses the minimum packet size. This is unlikely, and a network won't exactly be slowed down by this amount unless it is 100% saturated 100% of the time.
Everyone needs their own IP address. You must be one of those people who think the internet is just a gateway to the web and email. The truth is the internet can be used for much more. How about two way communications instead of just "surfing the WebTV(TM) innernet tubes." It only works if everyone has their own IP address, preferably static so they don't have to play with things like dyndns. The current state of floating IPs and NAT and no servers allowed by ISPs sucks goat guy balls. When will we have the true promise of the internet?
You know, I have been using IPv6 in some way for about 9 years now, starting back with the stack for NT from MS Research and FreeBSD with KAME. There was a lot, and there is still more, to learn, and what sucks for early adopters (and huge advocates) of IPv6 like me is having to swim upstream against the current of "we have plenty of IPv6 space", "we have NAT", "IPv6 sucks", etc. It sure does get old. If you naysayers would put half the effort you spend bitching on /. into urging your ISP or your IT organization (or both!) to become IPv6-aware, we could see some real progress.
/8 20 years ago, so let's cut this huge address space by less than half and use a /64 for the host. Ridiculous! If past lessons had been learned and remembered, we wouldn't see this kind of early waste, and IPv6 could well last a couple hundred years, or longer, addressing all parts of this solar system and perhaps beyond.
While I am a huge advocate of IPv6 adoption, I don't agree with the wasteful manner with which the networks are being allocated. It is as if the architects got flashed by the MIB and can't remember anything about the relatively easy acquisition of a IPv4
There is a lot going on in Asia/Pacific (AP) with IPv6, and emerging countries will be far better off since they are just building out infrastructure from scratch and can be dual-stack capable from the start (akin to cellular networks versus thousands of miles of copper). Here in the US, the price for being so technologically advanced early on and having spent (I loathe to refer to networking gear purchases as "investments") so much capital on gear to-date means that hard business cases need to be made to justify to the bean-counters that IPv6 is worth the effort. Couple that with the usual short-sighted executive management in most companies and you will be hard-pressed to get funding for IPv6 ventures. Fortunately, the word is getting out to even the executives that IPv6 is not just a rumor and projects are starting to gain momentum, but I fear that for most in the US it will be a never-ending game of catch-up.
Optimistically I forge on...
Mike O, KT2T
You still need to check for a collision, and you'll always need to do so. Because the probability of randomly choosing an in-use IP will always be nonzero. ... On the other hand, there's no anonymity by IP by selecting random IP addresses anyway, because if you own a pool of addresses then they link back to you, otherwise you're essentially using them on loan from an ISP who does, in which case logs may exist.
Anonymity ends at the whim of your ISP, the IP addressing involved doesn't affect that.
Another is that fortunately many of the businesses that would want multi-homing for servers are putting them in colo space rather than on their premises, so they're ok with using provider-allocated space, and it's only the colo provider that has to advertise multiple routes. Another is the policy issue that ARIN will normally not sell you PI space smaller than some size (is it
Shim6 is supposed to fix this problem, but IMHO it's an ugly ugly hack that won't succeed.
The other popular reason for getting PI space is to make it easier to renumber if you change ISPs. Unlike multihoming, this is a problem that can be made to go away by fiat. It made more sense back in the 1980s, before DHCP and DNS support became relatively universal. Renumbering servers and VPN tunnel appliances is still a bit annoying, but usually not bad, and you don't really need to renumber client machines any more, you just expire their DHCP leases if they're non-laptops, or unplug their LAN connections if they are. (Yeah, I know, it's not really quite that simple, but it's still fixable, especially because the parts that are hardest to fix are usually behind firewalls or NAT so you don't care.)
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks