Slashdot Mirror
IPv6 Adoption Up 300 Percent Over 2 Years
Mark.J - ISPreview writes "The Number Resource Organization, which is made up of the five Regional Internet Registries, has revealed that the rate of new entrants into the IPv6 routing system has increased by 300% over the past two years. The news is important because IPv4 addresses (e.g. 123.23.56.98), which are assigned to your computer periodically, are running out. IPv6 addressing (e.g. 2ffe:1800:3525:3:200:f8ff:fe21:67cf) was invented as a longer and more secure replacement." IPv6 is still gaining ground slowly, particularly in the US.
And the rate of downloads of Ubuntu 8.10 is up infinity percent in the past two years.
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
you mean it went from 1 person to 3 people?
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Why is that lying?
Give me Classic Slashdot or give me death!
God, I'm tired of it being repeated that IPV4 addresses are running out. Everybody who's not a journalist should know that it's not true.
And everyone who's a network admin knows that it is.
Nat+uPNP is perfectly capable and 100% backwords compatible.
Great, so I can re-write every application to support a half-assed workaround like NAT. I'd much rather have each host bugging the crap out of the router to forward a specific port, please! than to just get the migration over with and be done with it. If you think that NAT+uPNP is a replacement for IPv6, then you need to find a hobby more suited to your skill level.
Dewey, what part of this looks like authorities should be involved?
Nat+uPNP is perfectly capable and 100% backwords compatible.
NAT is a hack, and uPNP is not universally supported -- not in the routers themselves, and not in every program you might want t ob accessible.
Besides which, there are a limited number of ports, and you're still preventing people from picking a standard port and leaving it open, to connect to it later -- for instance, if my ISP NATs me, how do I ssh or vpn back home? Let alone run a webserver out of my house..
That's not even getting into all the millions of unused IP's being held by the early internet companies.
True, but consider that IPv6 would prevent anything like that from happening again.
Start with $1 per year per ip to EVERYONE who owns an IP's and you'll see the "IP Shortage" vanish overnight.
I'd also very likely see my own public-facing IP go away, and more and more ISPs NAT-ing all their customers -- who are then doubly-NATed behind their routers -- which is then a gigantic pain in the ass to deal with, versus simply upgrading to ipv6.
I'd also likely see my hosting costs go up a bit.
All to manage this artificial scarcity, and push it back for awhile -- which could be so easily dealt with by simply upgrading to ipv6, and giving an IP address to every device on the planet -- and, as a nice side effect, making it possible for me to assign a public-facing IP address and DNS entry for every toaster in my house.
Don't thank God, thank a doctor!
The news is important because IPv4 addresses (e.g. 123.23.56.98), which are assigned to your computer periodically, are running out. IPv6 addressing (e.g. 2ffe:1800:3525:3:200:f8ff:fe21:67cf) was invented as a longer and more secure replacement.
Look! IPv4 addresses just have numbers and dots. IPv6 addresses have numbers AND letters . . . and colons (TWO stacked dots)!
No question, which one is better, and tastes better, and lasts longer, and is less filling.
I'd like the IPv6 prefix dead:beef, please and thank, you.
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
God, I'm tired of it being repeated that IPV4 addresses are running out. Everybody who's not a journalist should know that it's not true.
There's no reason every person on earth needs an IP. Nat+uPNP is perfectly capable and 100% backwords compatible.
That really isn't entirely true.
NAT and uPnP may work well for your average home user... But it causes some headaches in larger networks. And if you've got a pile of servers that need to be globally accessible - like webservers - you don't really have an alternative to multiple IP addresses.
That's not even getting into all the millions of unused IP's being held by the early internet companies.
This is certainly true. There are several huge blocks of IP addresses sitting unused. Freeing these up would go a long way towards keeping IPv4 alive. At least for a while...
IP's just need to be charged for on a early basis. Start with $1 per year per ip to EVERYONE who owns an IP's and you'll see the "IP Shortage" vanish overnight.
It might very well vanish overnight... But it'll return eventually. The fact of the matter is that we keep coming up with new reasons to route information over the Internet. And all these new devices and gadgets require an IP address.
One of the cities that we support recently bought a new chiller for their ice rink. Their old one was just managed in-house. You had to be standing in front of the device to do much of anything. And if it was malfunctioning they had to send someone out to eyeball the machine. Their new one has a network jack and can be monitored remotely through a web interface. So we had to get them bandwidth and a static IP address so they could keep an eye on things even when nobody was physically at the civic center.
Sure, there are some absolutely stupid and frivolous things we're doing these days. Folks don't need to be able to surf the Internet from their microwave oven. But it is getting to the point where we expect to be able to gather information from just about everything, and view it just about everywhere. Folks expect to be able to hit Google or Wikipedia from their cell phones. Lots of industrial equipment can be managed remotely. I know I routinely troubleshoot issues remotely.
To a certain degree we can hide these devices behind NAT... I can have a dozen web-enabled appliances in my house and just use different ports forwarded through a single NAT'ed IP address to access them. But what about devices that don't necessarily sit behind a router? What about my web-enabled phone?
And what happens when the ISPs start running out of addresses? Are they going to install giant NAT routers themselves? Are we going to wind up with several layers of NAT?
"Work is the curse of the drinking classes." -Oscar Wilde
Any chance Slashdot could get IPv6 connectivity?
Progress in this direction is "stuff that matters", after all...
http://www.potaroo.net/tools/ipv4/index.html
Most machines don't need an externally accessible IP.
Unless they want to use something as exotic and unpopular as BitTorrent, you might be right.
Dewey, what part of this looks like authorities should be involved?
First off, anybody who thinks that NAT is a long term solution to the IP address shortage is fooling themselves. NAT is a stopgap solution that has a scant handful of years left in it (some estimates say as little as 3-4 years). IPv6 is the only long term solution we have at the moment.
The biggest thing holding me back from switching is that my ISP doesn't seem to care one whiff about switching. The only way I have available to get on is to set up a tunnel, which seems to defeat the entire purpose of IPv6. I don't want to run IPv6 just for the sake of saying that I run IPv6, I want to run it so I can have an address for every device and finally get rid of the annoying NAT solutions.
I read the internet for the articles.
Most machines don't need an externally accessible IP.
Which has nothing to do with the IPv4 vs IPv6 debate. Regardless of which stack you use, you are never forced to have externally accessible IP addresses. This is what firewalls, routers, and reserved, non-routable addresses are for.
Incompatibility with bittorrent is often regarded as a feature by corporations.
Lots of them.
Any kind of webserver. Try running two of them on the same IP address.
Of the above, especially websites using SSL. Can't have more than one per IP address.
FTP is a horrible pain when NAT is involved.
Many video conference applications.
Programs like instant messengers with file transfer.
BitTorrent and any form of P2P in general.
IPsec in transport mode
Many games. Two players trying to play online doesn't work at all with some games, no matter how much you fiddle with NAT.
Remote desktop. When troubleshooting, I can't just ask the person I'm helping to install VNC, because then I'd have to explain to them how open the port.
I'm sure the list can get a good deal longer, but this seems enough.
And everyone who's a network admin knows that it is.
You're right, 100%, and I fully support IPv6 adoption end to end, because I know managing port assignments is a pain in the ass for non-UPnP compatible apps, and the problems that NAT has created. Even more absurd is the solutions to those problems (e.g. Skype-style) that are more like hacks than fixes.
NAT has created a very lazy fix to the problem of network security and filtering. If you're behind NAT, you're not addressable unless UPnP or an explicit port forward does it for you, and that's extremely convenient.
In a situation where every single computer in a network is internet addressable (something not always desired in business, which is probably the reason IPv6 adoption is so slow), you have to implement a very strict firewall to block and filter unsolicited traffic to those machines. If you're NATing them, as long as your network is physically secure, you don't have a problem.
This puts a lot less stress on network security than there should be in a business environment, and much less attention to what should or shouldn't be allowed through a local firewall, let alone a site firewall.
I'll stop ranting, but the point is that NAT has created an artificial deficit of proper network security, and I fear that when IPv6 becomes ubiquitous, NAT will linger on as a replacement for real security. The skills required to secure a fully addressable network of machines simply aren't needed in the majority of current environments because making every host in a network internet addressable today is simply not an option.
Boot Windows, Linux, and ESX over the network for free.
1. start with 1 throwaway silly joke
1
2. multiply that by the Humorlessness constant
1 * H
3. add 300% overhead cost of a mediocre informative rating
1 * H * 300%
4. factor by the coefficient of who gives a shit
F(1 * H * 300%)W
and you are left with 3 users of IPv6
so there
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Or intelligently design protocols to assume that not everyone has a direct IP back to them? In the early days of online gaming, one had to forward easily a half-dozen ports (UDP, and maybe 3 ports TCP) to play online. These days, it's normally 1 UDP and 1 TCP port, if that.
IPv6 won't change any of the issues seen with NAT. At best, you'll have a firewall blocking incoming connections to all but a single IP (the system providing the gateway and firewall), so you'll juat have huge spaces of IPv6 addresses that are unreachable anyways. So your toilet might have a real live IPv6 address, but it's not reachable outside the local network anyhow. Heck, that gateway may very well perform NAT on IPv6. To assume all the issues with NAT, firewalls, etc, go away magically by using IPv6 is naive - they're still going to be around. At the minimum, there's going to be firewalls up, and apps will still have to request people poke holes in it somehow. Most likely, nothing will change.
Despite having all these addresses available to them, most ISPs will probably just offer the user 1 or 2 IP addresses (though, an IPv4 and IPv6 address), and charge them an extra $5/month for another one. Or maybe they'll get a clue and give them a pile of addresses, to which the user will probably just stick a router in and use 1 address. And might as well stick all the machines behind it in the private address range anyhow.
IPv6 is important because we're running out of addresses (or some countries already have). But unless the protocol mandates things like evil bits and other junk, people are still going to put up firewalls, NAT-based routers, etc, and we're really just going to end up in the same situation we're in now. Everyone talks grand of "even your toilet can be connected", then it just takes someone to say "well, if it is, I don't want people to hack into it". IPv6 won't save us from buggy exploitable services, spam, OSes with poor default security, etc. The only thing it may save us from is that portscanning blocks of IPs got significantly harder, but botnets are good for that sort of thing. Heck, even exploits have seemed to work around the fact that a good chunk of people are behind a firewall.
In the end, we want peer to peer connectivity. That's what the Internet was designed for. We currently use a clumsy group of non-transparent hacks that "mostly work" to work around the fact that we can't give every device a predictable IP when it leaves the factory. IPv6 is a clean architecture that scales, that works predictably, that works now, and that allows peer to peer connectivity between IPv6 nodes transparently.
The only reason why people aren't switching to it now is because everyone's still hung up on hacks to get IPv4 to work acceptably. If the router manufacturers followed Apple's lead and incorporated IPv6, including 6to4, into all new routers, most people would switch to v6 without even knowing it. We'd suddenly have an ecosystem where everything would "just work" - buy an Internet-enabled widget from the shop, plug it into any Ethernet port on your network, and it'd work, no configuration required, regardless of what it's supposed to do.
To get there, we have to stop doing what we're doing.
You are not alone. This is not normal. None of this is normal.
It's just there a lot more to go until the end~
Hey, I did say technically.
The Kruger Dunning explains most post on
There's no reason every person on earth needs an IP.
There's no reason everyone needs their own phone number, either. In the old days, several houses shared the same phone number. Calls were distinguished by different rings. They got along just fine with that.
Does it make you happy you're so strange?
Many people do not want IPv6 because getting set up for it will be expensive and time consuming.
Except it's not.
Remembering or just typing an IP will be much more of a bitch.
I haven't typed my IP since I added it to DNS.
And some people don't want machines to have publicly accessible IPs.
Then don't open the firewall.
I for one don't want my fucking toaster or condoms
I think (hope!) you didn't mean it that way.
to have IP addresses.
Then don't plug them into the LAN.
Dewey, what part of this looks like authorities should be involved?
1) the fact that NAT exists means we ran out a long time ago
/8s and stuff is not a permanent solution, denying that IPv6 is needed due to the application of a growing list of band-aids is obnoxious to listen to.
2) NAT is not a proper solution. It crosses the Network and Transport layer boundary to provide a hack solution to a Network layer issue. Having something like NAT prevents anything besides UDP or TCP from being used behind a NAT, since NAT relies on port mapping between UDP and NAT
3) What makes people think uPNP is a good idea? Wouldn't it be better to just have *real end-to-end connectivity* like was actually intended and used to be the case?
4) As the world of networked devices and content providers increases as fast as it always has been or faster there will be a growing need for content providers (servers) that cannot be behind a NAT while still hoping to use well-known ports for services
5) NAT does not scale. State tracking tens of thousands of connections? Since state needs to be tracked, load balancing something like NAT is just yet another hack on top of a hack.
I would love to hear someone explain how using NAT is a feasible solution permanently. Reclaiming unused sub-allocations from legacy
The problem with IPv4 isn't really that we're running out of addresses, although that could become an issue in the near future. No, the problem is routing. Reallocating the remaining IPv4 addresses would mean abandoning any presence toward maintaining hierarchical subnets. High-level routers would need to know where to send packets based on not just the /8 or /16 prefix, but perhaps /24 -- or worse. That's potentially millions of additional records in every router, when we're already having trouble with an explosion of routing-table entries. IPv6, on the other hand, has enough bits in just the upper (network) portion of the address (/64) to permit purely hierarchical routing to the ISP level, which means that the routing tables become far simpler. There's no need for each router to know about dozens -- perhaps hundreds, or thousands -- of minuscule disjoint subnets serviced by each ISP.
The other advantages of IPv6, such as improved security and access to a routable /48 subnet for each local network, are merely bonuses. The routing issues alone are sufficient justification to migrate.
"The state is that great fiction by which everyone tries to live at the expense of everyone else." - Bastiat