Slashdot Mirror
Linux Foundation Says All Major Distros Are IPv6 Compliant
ruphus13 points out news from the Linux Foundation, which announced that all major Linux distributions meet certification requirements for the US Department of Defense's IPv6 mandates. The announcement credits work done by the IPv6 Workgroup, whose members include IBM, HP, Nokia-Siemens, Novell and Red Hat. Quoting:
"Linux has had relatively robust IPv6 support since 2005, but further work was needed for the open source platform to achieve full compliance with DoD standards. The Linux Foundation's IPv6 workgroup analyzed the DoD certification requirements and identified key areas where Linux's IPv6 stack needed adjustments in order to guarantee compliance. They collaboratively filled in the gaps and have succeeded in bringing the shared technology into alignment with the DoD's standards."
Many embedded linux devices are IPV6 compliant. Even my AXIS webcam can talk ipv6.
Unfortunately, my ISP, RoadRunner is stuck in dark ages.
is it something i as an end user of some linux distro or other ipv6 supporting OS can make use of, some option i can toggle in some options somewhere to improve something, or is it all just something in the backbone for admins and people with servers to worry about? i want to know what ipv6 means to your average jo
Only 5 years later than MS and Apple, not bad really
. . . when you see IPv6.
Until your ISP starts offering it, don't worry about it.
Everything that is worth buying has been IPv6 compliant for years.
The only thing that is missing for IPv6, is well, how about an IPv6 net, to the end user.
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
The BSDs had full support for IPv6 long before M$
It's in the pipes for a decade, and will probably be deployed after the dust settles over the 2nd coming.
And for the majority of users, for whom ipv6 is at best useless and at worst an annoyance, blacklist the ipv6 module. E.g. in Debian / Ubuntu add the line
blacklist ipv6
to /etc/modprobe.d/blacklist
While you're at it, you might also want to blacklist pcspkr (get rid of annoying console beeps), lp, parport and parport_pc (parallel port printer) and joydev (unless you have a joystick of course).
Source: http://www.mit.edu/hacker/part4.html
So why the fuck hasn't it been adopted yet?
------
Anyway, does anyone have any sources as to know the other "big" OS's (MS Windows, Mac OS, the BSD's etc.) were able to speak IPv6 (if they are able to at all?)?
Also, I've tried to find information about whether FreeDOS can do IPv6, but couldn't. Could anyone help there?
-----
Finally, the beauty of FLOSS.
I wank in the shower.
Wasn't it those standards that left huge doors open to the Russian, and perhaps Chinese military, buying machines all of the same type, same OS, and so on?
IPv6 for Linux: yip, yip, yahoo! But much like the Nobel Peace Prize, it'll take a while until it earns back my respect.
I am Captain Obvious and I approve this FA.
@neonux
Now that I know Linux joins the ranks of IPv6 compliant OSs, I just need an ISP that supports IPv6. The problem is, in North America at least, is that there are still few to no ISPs providing IPv6 addresses. Instead I have to resort to tunnel providers (some listed here). What we need is a list of major internet service providers in North America and an indication of their IPv6 readiness and what they excuse is for not starting the migration.
In order to get ISPs moving we could each mail the one we use and ask them when the plan to offer IPv6 addresses.
Some 'cool stuff' using IPv6: https://www.sixxs.net/misc/coolstuff/
Jumpstart the tartan drive.
and I am a General Disagree and I totally disagree with you
I believe NetBSD was an early with its IPv6-support. But you can't tell from the NetBSD users. Try going into an NetBSD IRC channel, and mention you want to set up IPv6.
You will be met by fear. And long speeches about how we'll never need anything but IPv4 - which may or may not be true. But IPv4 was not made with real-time VoIP in mind. IPv6 was.
I am General Failure, reading your hard disk.
echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
I am Colonel Panic, halting ur systemz.
Ignore this signature. By order.
"Unfortunately, my ISP, RoadRunner is stuck in dark ages."
It's a bummer when your toilet can't get it's own IP address.
Shai Schticks:"You don't make peace with friends, you make peace with enemies"
In reality IPv6 is about infrastructure, so if it is all done right then your average Joe shouldn't see much of an impact. In most cases the average user leaves their setting in automatic mode, so as long as the OS and corresponding application are already IPv6 aware then they won't notice until they need to use a numerical address. If they have a home router, then they may find that they need to buy a new one as the manufacturer is only releasing IPv6 aware firmware for routers manufactured after a certain date.
There are still plenty of issues before everything is working right on both the client and server front. Issues still in place:
- network hardware not IPv6 compliant (the only compliant home router for the moment is the Apple Airport)
- network administrators oblivious to IPv6
- ISPs not preparing for IPv6
- libraries for popular computer programming languages not IPv6 ready. Take Perl libwww for example.
- people saying that no one else is doing anything, so they won't do anything either - the classic sheep mentality
I would like to see stuff like Zeroconf (aka Bonjour, Avahi) become common place on all OSs (this include Windows), or at least if these routers could add the names of computers in their DHCP table (including themselves) in their DNS directory, so typing in numerical IP addresses should not be necessary.
Jumpstart the tartan drive.
Corporal Punishment is sending Major Pain to ur Private Parts.
echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
I am Tzar Soviet Russia and my Private Parts inflict Major Pain to YOU!
That's Private Perks. Private Oliver Perks.
Ignore this signature. By order.
I am Colonel Mustard and I am waiting in the study with a candlestick.
I'm not not licking toads.
then maybe we should wait for Cert and Ballmer to pre-announce the packaging of IP version 7 with Windows version 7.
Like usual, when a real development effort has to be made, "major distro" *buntu seems to be somehow missing.
The Linux Foundation's IPv6 workgroup analyzed the DoD certification requirements and identified key areas where Linux's IPv6 stack needed adjustments in order to guarantee compliance. They collaboratively filled in the gaps and have succeeded in bringing the shared technology into alignment with the DoD's standards."
So this statement of compliance is as of which mainline kernel revs (2.4 and/or 2.6) or which distro versions?
Now, just make a certain highly corrupt organization charge less then several years revenue for a IPv6 address block.
Wait, you though just because there are 2^64 blocks they aren't trying to make 2^128 dollars off of them?
It's about the money, your ISP cannot possibly afford an address allocation, so you're not getting IPv6.
- Adam L. Beberg - The Cosm Project - http://www.mithral.com/
ISP may try to make $5 /m per ipv6 so people will still NAT then.
ISP may try to make $5 /m per ipv6 so people will still NAT then.
That would be disaster and a good reason for reprimanding them. IPv6 has been designed so that NATs will not be required. NATs are a major pain in networking applications.
Jumpstart the tartan drive.
ipv6.google.com has been running for quite a while (bouncing logo and all) and I use it as much as possible just to boost the stats on it, but really, slashdot is a perfect candidate to help boost adoption. It's pretty easy to get on ipv6 through a tunnel to someone like sixxs.net these days, especially for the likes of a slashdot reader.
Come on already! Naysayers be damned!
http://www.gnu.org/fun/jokes/ed.msg.html
Well, you can see the routes your computer knows about by running ip -6 route. The routes that the Vista machines are advertising should be listed there.
So, say I have a rogue route like this:
I should be able to run:
I don't know what to do if it keeps reappearing, though.
Not very bloody likely. What you're likely to see is ISP's charging per DHCP6 lease, with maybe a little bit extra (but probably not) if you want a prefix delegation for your router.
Your ISP has a huge incentive to give you a routable prefix for your network: they want to be able to sell you application services that depend on their ability to communicate with nodes on your network that you put there for them to manage or query.
jhw
'cos it aint a shop and I can't buy photos from it.
Excel? The product is so crap it excels only at being overused.
Word? What is that, some sort of Ney York Homie slang?
etc.
but IPv6 isn't a better solution than NAT. It's annoyingly long. How's this - since we've got 65000 ports per IP why can't we just give each machine a few ports and advertise stuff that's available using DNS. Sure there's things to work out with that, but it's not difficult to do. IPv4 didn't have to push so hard to be accepted - it took over from NCP pretty much as soon as it was completed. Sure there were less hosts, but it was still a big job. People are only willing to change when something appears better and IPv6 really seems like it's harder to remember IP's that will make my life more difficult when DNS is broken (which will almost certainly happen at some point). What if an automated script breaks both my DNS servers and I need to ssh into them to fix them? Oh too fucking bad, you forgot your ffas:3qrr:r2f223:dada:fdsda cunty number. It really feels like everyone's trying to sell me a lemon with this IPv6 bullshit.
You fail to make any sense.
but IPv6 isn't a better solution than NAT. It's annoyingly long.
Well, I'd think ::1 is shorter than 127.0.0.1 . And my IPv6 address is 2002:d594:e6a3::1, which is only slightly longer than 213.148.230.163.
How's this - since we've got 65000 ports per IP why can't we just give each machine a few ports and advertise stuff that's available using DNS.
Because DNS only uses one of those 65000 - by definition? It sound like you're describing Zeroconf networking, with the additional complication of UPnP port-forwarding. Have you even thought about security concerns?
Sure there's things to work out with that, but it's not difficult to do.
Especially when you don't have to specify all the details of your solution.
IPv4 didn't have to push so hard to be accepted - it took over from NCP pretty much as soon as it was completed. Sure there were less hosts, but it was still a big job.
I don't have specific numbers, but I'd guess the Internet was well below a million hosts in 1983, and mostly (completely?) located in the US. We're now at over 300 million connected devices (not counted NAT'ed devices, 2007 figure), spread out over near 13,000 providers in over 200 countries (2003 figure).
What if an automated script breaks both my DNS servers and I need to ssh into them to fix them? Oh too fucking bad, you forgot your ffas:3qrr:r2f223:dada:fdsda cunty number. It really feels like everyone's trying to sell me a lemon with this IPv6 bullshit.
So, you're self-reliant enough to manage your own DNS servers, but you can't (manually) setup static IPv4 addresses for your servers? No one is telling you to use IPv6 explicitly on your internal network.
Final question: how are you going to ssh into your DNS servers if you're outside of your NAT'ed network, like on a boat? Do you have VPN access for situations like that?
I'm not describing Zeroconf. That works through broadcast, so that will never work on the internet at large, or even on a network with more than one vlan. I'm describing this to minimize ip's in a server network, not a client network. Clients don't need routable IP addresses, because they don't need or want to be servers. If you're a client and you want to be a server, get yourself a proper network.
;; QUESTION SECTION:
;example.net. IN TXT
;; ANSWER SECTION:
Currently through virtual hosting you need an IP address for each SSL certificate used. This is a complete waste of IP's. With the following description, I could take the the thousands of IPs that I use and turn them into 60ish.
You have DNS txt records that describe a service, say http or https. It defines a port for this service.
In the interest of explaining this well:
example.net. 86400 IN TXT "http:380,https:3443"
A browser picks this up and connects to the alternate ports for https and http. Easy and no security concerns.
The server could be configured through a control panel or manually decided. Only one IP should be used on a virtual hosting machine, not the stupid amounts there currently are due to SSL certs. I neglect to see how this is any less secure and frees up, for me at least, about 4000 Routable IPs. That might be a drop in the ocean, but where else could this solution be used?
I know IPv4 needs to go, but IPv6 isn't a great answer. The addressing is too long, it's trying to be too many things at once. When you introduce even a smidge more complexity than you need, things tend to fuck up. You use the most simple option.
Sure there's 300 Million hosts, but there's a shitload more money in the internet now. You'd think that the ISP's would be trying to establish themselves as IPv6 compatible if it were such a great thing. You know like Multimedia compatible back in the day, or IBM compatible. These things sold - IPv6 isn't selling.
You seem to think I'm just complaining because the addressing is long. I'm complaining because the current solution works and the only issue is we don't have enough addresses. You're taking this to jam IPv6 down the throats of people. It's going to make a whole lot of diagnosis a lot more painful.
Also you seem to think I'm running an internal network. No, I run an AS. ASNs are being used up as well. What was the solution there? Oh make them 4 byte instead of 2.
At home my NAT box is a Linux machine. I just SSH into it.
PS: Your suggestion of running an IPv4 address alongside an IPv6 address just plays further to my point.
Clients end up being servers all the time.
But not in the traditional sense. Clients benefit a lot from having a publicly routable ipv6 address.
Many applications are peer to peer. Bittorrent, the xbox, msn for file transfer/webcam, skype. But instead they have to use a host that isn't behind a nat box. Or even do nat punching.
This is called triangle routing, it uses up bandwidth and takes a lot more time to do. Nat punching isn't much better either.
Imagine how much faster I could be matched up with other players if I could be directly routed to their console. Instead of trying a few tricks then failing.
The hosts will make their own address's based on what the router is advertising. But really with zeroconf all you need to know is the hosts name then use hostname.local that's easier then numbers. If your needs are to access that machine remotely then assign it a domain name. Most users won't need that.
ipv6 isn't really that complicated, in a lot of places it's simpler then ipv4 just seems complicated because it's different something people aren't used to.
The dns trick you show is interesting, but really apache solved that problem with virtual hosts. I like the port numbers being standard, instead of spread all over.
I have read over your posts most of your complaints are about "I don't like how big it is." or "I like my nat firewall" Then keep running a statefull firewall and the long ipv6 address is really not that big of an issue.