Slashdot Mirror
Four Root DNS Servers Go IPv6 On February 4th
I Don't Believe in Imaginary Property writes "On February 4th, IANA will add AAAA records for the IPv6 addresses of the four root servers. With this transition, it will finally be possible for two internet hosts to communicate without using IPv4 at all. Certain obsolete software may face compatibility problems due to the change, but those issues are addressed in an ICANN report (pdf)."
The main problem isn't obsolete software, but hardware. Changing routers to some that support IPv6 isn't done over night. And even if you do, and get IPv6 assigned, it doesn't help unless your provider also supports IPv6 -- else you might as well be tunelling the old way anyhow.
Regards,
--
*Art
They don't do dynamic IP addresses because they don't have enough addresses. They do it for stopping you from running a server on your home computer. Sure you can still run a server, but it's harder to run one when your IP address keeps changing.
Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
With this transition, it will finally be possible for two internet hosts to communicate without using IPv4 at all
Well, I guess that IPv6 transition is coming along nicely.
HAR HAR HAR.
Yeah, when slashdot drops it's IPv4 address, then I'll believe in this IPv6 nonsense.
IPv6
Sorry, thats not a valid IPv6 unicast address. The unicast block is 2000::/3 so 2000: - 3FFF. ;)
Also IPv6 addresses can be compressed if they contain contiguous 0's.
ie) 2610:0078:00ad:0001:0000:0000:0000:0001 -> 2610:78:ad:1::1.
Worry not though, this is what DNS is for... Humans need not memorize IP addresses.
Deprecated. Alone with ip6.int, bit fields for reverse look-ups, and site local addresses. Nice ideas that didn't work out in practice.
What is so difficult about adding a default rule to your firewall that blocks all incoming connections to your subnet and then adding rules specifically for the devices and services that do require incoming connections?
;)
ie) deny ip from any to 2610:78:ad::/48
With NAT you are eliminating the possibility of incoming connections, with IPv6 you can deny connections all you want but can allow incoming connections where required or desired. Sure you can setup a port forwarding rule to allow a service for a given machine, but what happens when you need the same service to go to more than one host? You know need to accommodate for that by changing the incoming port on your real IP.
Not to mention all the issues raised by protocols that embed IP's that are not routable within the protocol themselves (take the SIP protocol for example). Work-arounds need to be put in place for many protocols on an individual basis in a NAT'd environment. This is a pain in the ass that would be highly unnecessary in a post IPv4 world.
If you're so fond of the kludge that is NAT, nobody is stopping you from using NAT with IPv6 in combination with a non-routable unique-local prefix (fc00::/7).
Dragging your feet on adoption of a superior technology that works for every situation in favor of a broken setup that happens to meet YOUR rather limited requirements is delaying progress for the rest of us.
Generally speaking the consumer world isn't ready for IPv6 yet anyway (Too many Windows machines with limited IPv6 capabilities)... but I still get annoyed with all the anti-IPv6 commentary by those that have not fully investigated the specifics.
Just the personal pet peeve that is looking forward to moving behind the network design of choice for the 1980's.
You do know that DHCP can assign a fixed IP don't you?
"Get IP address automatically" has nothing to do with dynamic / fixed assignment.
There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
Everyone, lets all hold hands and repeat now:
Firewalling and NAT are different things...
Firewalling and NAT are different things...
Firewalling and NAT are different things...
There is nothing interesting going on at my blog
You appear to have misspelled your answer: the correct answer is "Real soon now. Not really."
Google has no IPv6 address to connect to. Nor have most other major net sites. IPv4 is still the only way to connect to almost all of the internet.
Chris Mattern
Here's the RFC header, straight from the IETF's website
Network Working Group Request for Comments: 2874 Category: Standards TrackAnd its current status is "experimental" so unless there's something not-so-technical deciding A6's fate, then you've made a mistake to call it deprecated.
Unless of course the IETF doesn't have this categorized right...
I bunch of people said the same thing but I don't want to reply to all of them.
From the customers standpoint, the different doesn't really matter except as an inbound DNS address, however managing static IPs via DHCP is still complicated because you can't easily move machines around subnets as the leaves of your network change in terms of device concentration and data load.
You pay more for a static IP address because once you have it, they have to adjust the network around you.
(FWIW, I built out a number of large telco dial-up infrastructures as well as hosting environments in the last 15 years, so while I'm sure the reasons vary by company, I can say with certainty that this is the reason for an increase in price... the actual amount will be obviously adjusted for the market based on maximizing profit, but this is the core reason for it)
What exactly is simpler in your viewpoint about IPv4? I'd like to see just one single pointer from you. Remember, just because you lack understanding of a technology doesn't mean it is more complex. In fact, in many ways IPv6 is simpler to deploy and maintain than IPv4. How many people that have deployed a network fudge up a subnet mask? With the large address space of IPv6 it is no longer necessary to deal with subnet masks, every subnet is 64 bits. Isn't that easier then having subnets of length somewhere between 8 and 30 bits and requiring the administrator to calculate the required number of hosts and the subnet masks to go along with that? What happens when a large network that does require end to end connectivity (think hosting provider network or the like here) provisions their network for 254 hosts and later outgrows this limitation? They need to re-number. Is re-numbering your network every time it grows to exceed an arbitrary limitation imposed by an obsolete standard "simple?" Thats only a couple examples.
Also, what part the word firewall makes you think that the firewall has to run on the host that you are trying to protect? I agree 100% that would not be ideal. Your gateway in IPv6 would still handle all the firewalling needs of your subnet. It is still a single point of administration at the edge of your network, nothing changes here!
You could turn my argument around, but you'd be dead wrong. How many people wonder why transfers over IM networks are so painfully slow or don't work at all? With both endpoints being behind NAT the IM clients need to each establish a connection to a third outside host to relay the transfer for them. How many people wonder why their SIP phone doesn't work properly in their hotel room. How many people wonder why a given game won't work behind their NAT. The examples are damn near countless. A lot of things happen behind the scenes to alleviate these issues to an extent but these are all added complexities. Here I thought your goal was to simplify things.
Have a look some day at how many protocols and standards exist, each to find yet another way around the limitations of NAT for a particular service or protocol (STUN, UPNP, NAT-PMP, etc, etc).
The thing is, there is nothing in the IPv6 spec that breaks functionality that you are used to today. There are however a great many things that are simply impractical with IPv4 unless you are one of the lucky few that has a sufficiently sized chunk of globally routable IP space.
Perhaps when you've administered a network larger then your personal home network you'll have a better grasp of what some of these issues entail.
Not even close. Those bottom bits are used for the completely optional autoconfiguration feature. You're equally welcome to hand-configure hosts or use DHCP6 to assign network::1, network::2, network::3 and so on without regard to MAC.
Dewey, what part of this looks like authorities should be involved?