Slashdot Mirror
IPv6 Adoption Up 300 Percent Over 2 Years
Mark.J - ISPreview writes "The Number Resource Organization, which is made up of the five Regional Internet Registries, has revealed that the rate of new entrants into the IPv6 routing system has increased by 300% over the past two years. The news is important because IPv4 addresses (e.g. 123.23.56.98), which are assigned to your computer periodically, are running out. IPv6 addressing (e.g. 2ffe:1800:3525:3:200:f8ff:fe21:67cf) was invented as a longer and more secure replacement." IPv6 is still gaining ground slowly, particularly in the US.
And the rate of downloads of Ubuntu 8.10 is up infinity percent in the past two years.
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
God, I'm tired of it being repeated that IPV4 addresses are running out. Everybody who's not a journalist should know that it's not true.
There's no reason every person on earth needs an IP. Nat+uPNP is perfectly capable and 100% backwords compatible.
That really isn't entirely true.
NAT and uPnP may work well for your average home user... But it causes some headaches in larger networks. And if you've got a pile of servers that need to be globally accessible - like webservers - you don't really have an alternative to multiple IP addresses.
That's not even getting into all the millions of unused IP's being held by the early internet companies.
This is certainly true. There are several huge blocks of IP addresses sitting unused. Freeing these up would go a long way towards keeping IPv4 alive. At least for a while...
IP's just need to be charged for on a early basis. Start with $1 per year per ip to EVERYONE who owns an IP's and you'll see the "IP Shortage" vanish overnight.
It might very well vanish overnight... But it'll return eventually. The fact of the matter is that we keep coming up with new reasons to route information over the Internet. And all these new devices and gadgets require an IP address.
One of the cities that we support recently bought a new chiller for their ice rink. Their old one was just managed in-house. You had to be standing in front of the device to do much of anything. And if it was malfunctioning they had to send someone out to eyeball the machine. Their new one has a network jack and can be monitored remotely through a web interface. So we had to get them bandwidth and a static IP address so they could keep an eye on things even when nobody was physically at the civic center.
Sure, there are some absolutely stupid and frivolous things we're doing these days. Folks don't need to be able to surf the Internet from their microwave oven. But it is getting to the point where we expect to be able to gather information from just about everything, and view it just about everywhere. Folks expect to be able to hit Google or Wikipedia from their cell phones. Lots of industrial equipment can be managed remotely. I know I routinely troubleshoot issues remotely.
To a certain degree we can hide these devices behind NAT... I can have a dozen web-enabled appliances in my house and just use different ports forwarded through a single NAT'ed IP address to access them. But what about devices that don't necessarily sit behind a router? What about my web-enabled phone?
And what happens when the ISPs start running out of addresses? Are they going to install giant NAT routers themselves? Are we going to wind up with several layers of NAT?
"Work is the curse of the drinking classes." -Oscar Wilde
Any chance Slashdot could get IPv6 connectivity?
Progress in this direction is "stuff that matters", after all...
Most machines don't need an externally accessible IP.
Unless they want to use something as exotic and unpopular as BitTorrent, you might be right.
Dewey, what part of this looks like authorities should be involved?
First off, anybody who thinks that NAT is a long term solution to the IP address shortage is fooling themselves. NAT is a stopgap solution that has a scant handful of years left in it (some estimates say as little as 3-4 years). IPv6 is the only long term solution we have at the moment.
The biggest thing holding me back from switching is that my ISP doesn't seem to care one whiff about switching. The only way I have available to get on is to set up a tunnel, which seems to defeat the entire purpose of IPv6. I don't want to run IPv6 just for the sake of saying that I run IPv6, I want to run it so I can have an address for every device and finally get rid of the annoying NAT solutions.
I read the internet for the articles.
Yes, NAT is wonderful.
Like when I want to play a game online with me, a friend in my house, and people over the internet. Then we're sometimes confronted with that the game wants specifically port 12345 on UDP open, and there's no way to NAT that to two computers at once. There goes at least half an hour of everybody's time, plus another half an hour to convince the less technical players that no, it's not working and it's not going to.
UPNP doesn't solve this problem, and is yet another horrible hack that should never have existed in the first place, along with NAT. Thanks to UPNP any crap you get infected with can request the router to open a port for it to receive instructions. Isn't that wonderfully convenient?
God, I'm tired of it being repeated that IPV4 addresses are running out. Everybody who's not a journalist should know that it's not true.
There's no reason every person on earth needs an IP. Nat+uPNP is perfectly capable and 100% backwords compatible.
I'm so tired of seeing someone post this rubbish every time these articles come out. uPNP is a security issue and many routers either don't support it or smartly have it turned off. NAT is a hak at best and limits the power of users while creating no end of issues for others. Anyone that still believes NAT is a solution compared to IPv6 is uninformed at best.
Unless you see companies giving up massive IPv4 blocks (which isn't happening), we ARE running out of addresses. Period. We have two choices, force blocks to be freed, which is unlikely, or migrate to IPv6. IPv4 has so many issues, only a dope would spend political clout freeing IPv4 when we already have IPv6 which addresses the core issue while fixing so many of IPv4 woes.
Does, "pick your battles", mean anything?
Ugh, I meant to say more before I posted. Anyway, here's the rest:
The main reason I mentioned publicly addressable hosts was that the OP brought it up when he mentioned UPnP in conjunction with NAT. No, you don't need (or want) every host to be directly reachable. When you do, though, a real end-to-end solution like IPv6 is vastly preferable to a slew of machines behind the NAT asking for port allocations.
Dewey, what part of this looks like authorities should be involved?
Nat+uPNP is perfectly capable
Spoken like someone who grew up with NAT being the norm. NAT is terribly broken, and UPNP is even worse. There shouldn't be a need to resort to hack-upon-hack to get networking to work. I long for the day when I only have to worry about routing & firewalling on my network again.
That's not even getting into all the millions of unused IP's being held by the early internet companies.
IP's just need to be charged for on a early basis. Start with $1 per year per ip to EVERYONE who owns an IP's and you'll see the "IP Shortage" vanish overnight.
Great, $1 per IP. 2^32-1 possible IPs... that's only a touch over $4B per year. Who want to bet that Microsoft would eat up all it could, just to have control? Hell, at that price I'd buy a couple hundred just for me. Start talking several thousand dollars per IP per year and you might be on the right track... oh wait, no you're not, because it's an artificial scarcity. (Besides, who would the money for the IP addresses go to? IANA? What would they use it for?)
Do remember how long it took /. to move from a tablefest of tagsoup to a CSS-based design? A good 10 years, give or take.
IPv6?
Try LogMeIn or GoToMyPC, or something similar. I manage nearly 100 remote PCs thru LogMeIn, and only 3 of them have static IPs.
I think you're kind of missing the point of my post.
I use LogMeIn for quite a few things. I've got it installed on my home computer, my work computer, and dozens of client computers. It works very well for me. It's a great solution for folks who can't or won't pay for a static IP address. But LogMeIn doesn't somehow magically negate the need for an IP address.
If you've got bandwidth, you've got an IP address. And more and more devices have bandwidth these days. Which means more and more IP addresses in use. And once you run out of IP addresses it won't much matter whether you need a static or dynamic address, there won't be any available.
"Work is the curse of the drinking classes." -Oscar Wilde
The scheme would not be targeted at people like you. It's targeted at institutions like MIT, Ford and Halliburton. If they each had to start coughing up $24 million per year to hold onto their sparsely used /8 IP blocks, they'd be clamoring to unload them.
I'm wondering how far behind the popular adoption of IPv6, the nay-say'ers admissions that they were wrong will lag.
Progress will never happen. Things will always be the way they are now. There's no reason to change now, and there never will be. Pshaw.
Wake up - the future is arriving faster than you think.
He didn't say "two websites" he said "two webservers".
Rubbish. Border security is not security. You can get exactly the same 'security' as NAT with a trivial firewall on IPv6 that blocks all inbound connections and maintains state tracking for UDP ports. You can set up NAT with a default route so one machine gets all inbound packets destined for the public address and not redirected by an outgoing connection, and you can have firewalling without NAT. The two concepts are orthogonal. What makes you think that consumer-grade IPv6 routers will not default to blocking all ports?
I am TheRaven on Soylent News
In the end, we want peer to peer connectivity. That's what the Internet was designed for. We currently use a clumsy group of non-transparent hacks that "mostly work" to work around the fact that we can't give every device a predictable IP when it leaves the factory. IPv6 is a clean architecture that scales, that works predictably, that works now, and that allows peer to peer connectivity between IPv6 nodes transparently.
The only reason why people aren't switching to it now is because everyone's still hung up on hacks to get IPv4 to work acceptably. If the router manufacturers followed Apple's lead and incorporated IPv6, including 6to4, into all new routers, most people would switch to v6 without even knowing it. We'd suddenly have an ecosystem where everything would "just work" - buy an Internet-enabled widget from the shop, plug it into any Ethernet port on your network, and it'd work, no configuration required, regardless of what it's supposed to do.
To get there, we have to stop doing what we're doing.
You are not alone. This is not normal. None of this is normal.
The main problem with IPv6's slow adoption is that no transition scenario was ever devised. The protocol was spec'd, implemented, debugged and ... that's it. Nobody ever asked the question, who's gonna switch and why?
Currently, if you want to use the Internet, you need to be on IPv4. The only existing transition mechanisms are those which allows an IPv4 host to emulate IPv6 on top of it. And 100% of any other hosts you might be interested in talking to are on IPv4, even if they happen to also be on IPv6. So basically, in the rare cases where you can use IPv6, you can also use IPv4 to do the exact same thing.
So there's no point.
What's missing here (and has been missing since the beginning of IPv6) is a mechanism whereby an IPv6-only host can talk to an IPv4 host. I believe there's something called "nat64" that's being worked on, but it's in preliminary stages.
Here's how it's going to happen: for a veeery long time (10, 20 years), most corporate networks will remain IPv4 only. They have no reason to switch. It's not just network stacks, it's networking equipment, firewall rules, inertia but also stupidity and incompetence. Consider this: right now, there are major websites still incompatible with Explicit Congestion Notification. It's not that they just don't implement it; it's that their networking equipment suffers from a 10+ year old bug that prohibits hosts with ECN enabled to access them. Non-buggy stacks just ignore the bit and let packets through, buggy ones silently drop the packets and cause the connection to hang. This used to be the case on www.cnn.com up until a few months ago, and is still happening on www.afp.com.
Instead, it's mobile networks that will implement IPv6. There is not even enough addresses in a class A (10.0.0.0/24) to even give addresses to all mobiles phones in an European country. It's trivial to implement proxies for HTTP and other common protocols, so that those mobile devices will be able to see CNN.com. But obviously, it would be much better to have a way to NAT those devices onto IPv4.
This puts a lot less stress on network security than there should be in a business environment, and much less attention to what should or shouldn't be allowed through a local firewall, let alone a site firewall.
I disagree. Say your current NAT setup is:
The firewall equivalent is:
The decision making process is identical. You've already decided which ports are which machines should be exposed, and that's the hard part! Once you're past that, the semantics of NAT and a "default deny" firewall are almost identical.
Dewey, what part of this looks like authorities should be involved?
You have two options. You can go via a Tunnel Broker, such as Hurricane Electric, or you can use 6to4.
The advantage of the latter is that it just requires you already have a static IPv4 address, and the routing is relatively efficient. It also minimizes your dependency on third parties: while most TBs give you IPv6 for free, there's no guarantee they'll continue doing so.
The advantage of a tunnel broker is that some ISPs block 6to4. Some people also claim it's more secure, but I don't buy the argument personally for a variety of reasons.
Personally, I'd recommend going for 6to4. It's relatively easy to set up and doesn't involve anything other than the IP allocation you have now. 6to4 gives you 64k /64 IPv6 blocks per static IPv4 address, and it's real connectivity.
You are not alone. This is not normal. None of this is normal.
1) the fact that NAT exists means we ran out a long time ago
/8s and stuff is not a permanent solution, denying that IPv6 is needed due to the application of a growing list of band-aids is obnoxious to listen to.
2) NAT is not a proper solution. It crosses the Network and Transport layer boundary to provide a hack solution to a Network layer issue. Having something like NAT prevents anything besides UDP or TCP from being used behind a NAT, since NAT relies on port mapping between UDP and NAT
3) What makes people think uPNP is a good idea? Wouldn't it be better to just have *real end-to-end connectivity* like was actually intended and used to be the case?
4) As the world of networked devices and content providers increases as fast as it always has been or faster there will be a growing need for content providers (servers) that cannot be behind a NAT while still hoping to use well-known ports for services
5) NAT does not scale. State tracking tens of thousands of connections? Since state needs to be tracked, load balancing something like NAT is just yet another hack on top of a hack.
I would love to hear someone explain how using NAT is a feasible solution permanently. Reclaiming unused sub-allocations from legacy