No Business Case For IPv6, Survey Finds

alphadogg writes "Business incentives are completely lacking today for upgrading to IPv6, the next generation Internet protocol, according to a survey of network operators conducted by the Internet Society (ISOC). In a new report, ISOC says that ISPs, enterprises and network equipment vendors report that there are 'no concrete business drivers for IPv6.' However, survey respondents said customer demand for IPv6 is on the rise and that they are planning or deploying IPv6 because they feel it is the next major development in the evolution of the Internet."

Ever?

[WillKemp]

I'm beginning to find it hard to believe that IPv6 will ever be implemented. It seems to have been on the verge of it for close to a decade now.

Re:Ever?

[unlametheweak]

The problem is that the guys that were working on the big IPv6 transition quit there jobs to work on the Duke Nukem Forever project.

Re:Ever?

[bytesex]

As a person who's involved in an implementation of IPv6, let me say that it's difficult to see it implemented without ubiquitous gigabit networks all around, as well as network equipment (routers) that run on the kind of CPUs we don't nowadays expect such hardware to run on. On the one hand, they've made stuff easier (no more checksums on IP level, addresses that tell you something about themselves); on the other they've made it more difficult (potentially quite a lot of headers before you get to ICMP for example, as well as up to seven addresses that any device must listen to, address sizes that don't fit a natural integer), but the network is also busier: network meta-messages fly around all the time - much more so than with IPv4, its ICMP, IGMP and ARP (ARP times out in 20 minutes; link-layer address mapping in IPv6 expires in less than a minute), and don't forget multicast: it's obligatory and used a lot on IPv6, meaning that routers will be so much more busy synchronizing.

Then again; the time that hardware and linespeed catches up, *will* come. It's just not now, and nobody is in a hurry either. But running IPv6 over lines that do 1 Mbps in practice, however doable; it wouldn't make anyone happy.

Re:Ever?

[mellon]

Um, what the heck are you talking about? The ARP timeout is two minutes, not twenty. Speaking as someone who's also implemented IPv6 and used it pretty extensively, it sounds like you really don't know what you're talking about.

There is a known failure mode with ICMPv6 if you have a 127-bit prefix, but this is well-known, there's a fix for it in the standards, and the workaround is that you just don't ever use 127-bit prefixes. There's no particular benefit to using 127-bit prefixes, so this is kind of a no-brainer.

As for CPU consumption, again, what are you talking about? On the backbone, the proliferation of micro-routes for IPv4 is a *huge* problem. IPv6 route aggregation makes things *faster*, not slower, and consumes less CPU time as well.

If you are working over low bandwidth links, you might want to take a look at 6lowpan, which allows you to statelessly compress headers down to under twelve bytes.

Bottom line, the conclusions you've drawn are, as far as I am aware, complete nonsense. I'm sure you believe what you've said, and it's the result of real things that you saw, but without a bit more back story, I don't think it contributes any useful knowledge to the discussion.

Re:Ever?

[Cyberax]

You can use IPv6 _now_ with 6to4 or Teredo.

It's quite simple, actually. You can start IPv6 on your network in about 1 hour (including stateless autoconfiguration setup).

First, follow this tutorial: http://tldp.org/HOWTO/Linux+IPv6-HOWTO/conf-ipv6-in-ipv4-point-to-point-tunnels.html (I suggest the 'deprecated' method, because it actually works fine :) ).

Then install radvd ( http://www.litech.org/radvd/ ), don't forget to turn on IPv6 routing and you're set!

Being able to SSH directly into every machine on my network is UBER-COOL.

Re:Ever?

[Melkman]

Well, it is already implemented. Maybe not with much US based businesses but AMS-IX saw a ten fold increase in IPv6 traffic this year: http://www.ams-ix.net/mnt/verliernix/img/flow/ipv6/all/ipv6bps_yearly.png

Re:Ever?

[QuoteMstr]

Me, I would have preferred to extend the dotted-quad notation over using the colon-separated hex format usually used for IPv6. Dotted quads look more familiar for network administrators, software developers, and so on. As you noted, IPv6 addresses look strange and scare people. This fear of the unknown is a barrier to adoption. Any unnecessary break with IPv4 hurts IPv6 adoption, and we can't afford that; IPv6 with dotted quads is better than IPv4.

Re:Ever?

[Lord+Ender]

I work for a software company. We are seeing IPv6 labs popping up around our global offices because customers are starting to ask for it in our products. It's showing up on RFPs. It's coming.

And having worked with it for a while, I must say it's a dream compared to v4.

Re:Ever?

[QuoteMstr]

Your post demonstrates my point perfectly: the colon-separated hex notion screws up URL parsing, requiring algorithm changes for everyone, and as you see, lots of people still haven't gotten it right. Dotted-quad notation wouldn't have required nearly as much effort. The new notation was an unnecessary barrier to adoption.

We're talking about Joe Sysop and Joe Programmer, whose opinions regarding IPv6 are far more important than Joe Plumber's. These people see IPv6 as something exotic and frightening, and try to avoid it as long as they can. IPv6 should have been made as similar to IPv4 as possible; instead, the IETF tried to do too much too fast, and now we're paying the price.

Re:Ever?

[mellon]

Ohforgod'ssake. You're going to *type in* raw IPv6 addresses in a URL? I don't *think* so. I do it for debugging, but there's no way I'd ever ask an end user to type one in, and if I did there's no way the end user would do it. Which makes it a non-problem.

Decimal dotted quads are too big, and they wouldn't look like IPv4 dotted quads anyway. For instance, my IP address as a dotted quad is:

32.1.31.56.2.6.0.0.2.23.191.255.254.133.196.90

In hex, it's:

2001:1938:206: :223:dfff:fe85:c45a

You really prefer hex? You really think that's going to look familiar and comfy to a person who can't handle the hex format? Naw, dude - this is really a great way to weed out people who shouldn't be on staff - if they can't handle the hex, there are a lot of other much more important things they also can't handle, in IPv4-land as well as IPv6.

Admittedly, there's always resistance to new stuff by a certain number of people, and that's perfectly understandable and not grounds for firing. But those people will get over it after a bit of hands-on.

Re:Ever?

[Darkk]

Sounds too familiar.... Kinda like the damn analog tv to digital switchover which been planned, discussed and advertised for YEARS!! Then it got delayed....AGAIN!! Cuz those 6 million viewers think analog tv works just fine and don't want to switch to digital and they don't comprehend that fact digital is better using a $50 converter box.

Sheesh. Ah well.. good luck with IPv6. I know it'll be the holy grail for the Internet but right now they don't see the immediate benefit and won't upgrade unless they are forced to.

Re:Ever?

[dasmoo]

Yeah, but over the same time period v4 traffic there increased from 250Gbps to 450gbps. Maybe they just got a bunch of new companies peering with them? Also it's 1Gbps out of 450Gbps. That's the kinda reach v6 currently has.

Re:Ever?

[dryeo]

And how is digital better if on the fringe? Analog decays gracefully, some snow but still watchable. Digital means having a miserable wife as she likes TV when you can watch it, not when there is a blank screen.
IPv6 is the same, great when you don't mind spending a bunch of money to downgrade to the newest thing but crappy if you have old software.

How about governments?

[Jerry+Smith]

I for one would not be surprised to see China and the likes implement IPv6.

Re:How about governments?

[Sir_Lewk]

Doesn't the Chinese govermnet have a total hardon for NAT?

Well,

[TinBromide]

In a world without sharp objects, knives, or sidewalks, there would be no business case for bandaids. IPV6 is a solution to a problem that hasn't asserted itself. How often do you buy cough medicine when you haven't been sick in a while? This goes the same for ipv6. Until ISP's start charging more for ipv4 addresses due to scarcity, nobody is going to switch beyond digital survivalists and people who like to tinker with new technology.

Re:Well,

[mellon]

I guess you don't care about end-to-end connectivity. P2P, VoIP, skype, stuff like that? Obviously not something you want.

As we run out of IP addresses, we will have more NATting of IPv4 networks. This will mean that instead of having a single global IP address with your ISP, you will have an RFC1918 address. The people who have global addresses will be fewer, and so Skype's nat traversal will depend more heavily on them, which they will notice and which will decrease Skype's popularity. Same with p2p.

Consequently, at some point it will be the case that the only applications that are well-supported on the Internet are walled-garden apps run by commercial sites. Innovation will drop off.

It's not a pretty scenario. To me, the main selling point of IPv6 is *not* that we are running out of IP addresses and need more. It's that end-to-end is getting less and less available as the internet grows. Deploy IPv6, and end-to-end comes back. That's why we need IPv6.

Re:Well,

[TinBromide]

Correct, hence the digital survivalists comment. Society isn't falling apart yet, but people are preparing for any real life disaster that can come their way. The problems you stated above aren't happening yet, but the digital survivalists are preparing for any of the above "disasters" to come their way.

Re:Well,

[growse]

NAT doesn't give you anything over a well-configured firewall. And if you run NAT instead of a well-configured firewall, then you're not taking 'security' very seriously.

Re:Well,

[growse]

Well, I'd argue that we want actual well-managed security, instead of just a sense of one. Show me a network admin that's relying on NAT for security, and I'll show you an incompetent network admin.

It will happen

[Daimanta]

With the rate IPv4 adressess are running out it is only a matter of time before we will switch to ipv6. It might be 3 years from now or perhaps even more but when ipv4 becomes scarce(and it will), people and (internet)companies will try and make the switch to ipv6.

Don't get started about the turd that is called NAT, that's a problem posing as a solution.

Re:It will happen

[garett_spencley]

"Don't get started about the turd that is called NAT, that's a problem posing as a solution."

True, but it will always come down to the cheapest solution. Not the most technologically superior.

As for consumer ISPs, I think the day might come when ISPs start to NAT all of their clients, and charge a fee to get a static, external IP.

Some businesses might implement IPV6, especially when Windows fully supports it (if Vista or 7 don't already, I'm honestly ignorant), but as long as finding ways to remain on IPv4 is cheaper and keeps costs down for customers there will never be a reason to switch. Ever.

Re:It will happen

[arkhan_jg]

NAT is the only reason we still have ipv4 - if we hadn't had that nasty hack, we'd have had to move to ipv6 out of necessity some time ago. I'm really looking forward to going back to having every PC with a globally routable IP address, it will make application communication work so much easier, and firewalls can stick to being allow/deny/drop firewalls instead of all this stateful masquerade hack-job stuff on top.

The main sticking point for me is all UK ISPs are IPv4 only. There's not much point running IPv6 internally if you're only going to have to tunnel it or 6to4 it once it leaves your network, though I'm thinking of converting a VLAN or two internally to IPv6 for a systems and applications trial.

Re:It will happen

[Nick+Ives]

Windows has supported IPv6 since XP.

As for ISPs NATing all their customers, I'm not sure if that'd be most cost effective than simply using IPv6. Isn't it the case with NAT that you're limited to a maximum of 65535 concurrent TCP or UDP connections? Someone would have to invent some sort of NAT load balancing system which could break all sorts of stuff.

Re:It will happen

[petermgreen]

IMO there is no question that when IPV4 addresses become scarce ISPs WILL push home users behind nat (with maybe an option to get a public IP address at a price high enough that only geeks pay it) to free up IP addresses for more lucrative customers.

I don't particularlly like NAT either but that doesn't mean it won't win out as the "soloution" to the IPV4 address shortage.

Re:It will happen

[anss123]

Speaking of NAT, how many wireless routers out there support ipv6? That might be the biggest hurdle.

Re:It will happen

[grumbel]

It might be 3 years from now or perhaps even more but when ipv4 becomes scarce(and it will),

IPv4 addresses have been scare for a decade or so, the answer so far was to cripple the net with NAT or simply to raise prices when you want a real static IPv4 address instead of a dynamic one. I don't see that changing anytime soon. The problem is simply that IPv6 doesn't really provide any instant advantage, since hardly anything is available on IPv6 that isn't on IPv4. And the whole 'it will make networking simpler' isn't something the average user will grasp anytime soon, even worse, addding an IPv6 record to a webpage these days will break it for many people, because IPv6 routing is rather broken (i.e. you can get it easily via 6to4, but half the IPv6 webpages will not work with it).

Unless the government steps in and actually requires IPv6 for certain services I don't see anything changing. The most likely cause these days seems to be that China and other emerging markets go IPv6, while western world stays IPv4 for a while to come and then maybe slowly switch over to not end up disconnected to China and Co.

Re:It will happen

[kasperd]

Isn't it the case with NAT that you're limited to a maximum of 65535 concurrent TCP or UDP connections?

No. You can do a lot more connections than that. First of all a TCP connection is identified by two endpoints. If you connect to two different remote addresses, the connections can actually come from the same local port number. That trick only works for TCP. For UDP there could be more than two parties involved, and such tricks would break. Also, you are not limited to a single external IP. An ISP could setup a separate NAT box for every n customers. But customers are going to get a worse internet experience, even if ISPs do spend more money on it. So before ISPs start doing such tricks, they will probably start offering IPv6 addresses in the hope that some users will no longer use IPv4 addresses. But I don't think many systems will refrain from requesting an IPv4 address over DHCP just because they were able to get an IPv6 address. However if ISPs do start deploying NAT boxes on a large scale, they'd better start offering native IPv6 at the same time, because that certainly can offload some of the connections from the NAT boxes. Even though a system may get both an IPv4 and IPv6 address, it isn't necessarily going to use them. Some systems will try IPv6 first, as long as the name resolves.

Re:It will happen

[QuoteMstr]

NAT != firewall

You know this. I know this. But plenty of people don't, and the fact that we're even having an argument about this fact highlights the IETF's profound lack of pragmatism. People want their safety blankets, and ff the IETF hadn't opposed NAT and private networks in IPv6, we'd see much better adoption by now.

We could have tackled the NAT issue at a later time. One of the universal and timeless principles of change is to pick your battles. The IETF decided to fight for adopting IPv6 and eliminating NATs at the same time, and until they gave up on the latter, were badly losing both fights.

Re:It will happen

[QuoteMstr]

You've hit the nail on the head. NAT dovetails very nicely with the "castle mentality" many network administrators have: this is mine, and you can't touch it. It's about control, and there are fewer more tangible symbols of control than your own network numbering scheme. Nobody wants to give up that sense of control by moving to IPv6.

But since 2005, you don't have to: IPv6 now has private address ranges just like IPv4's. Also, NAT has always worked with IPv6.

Since 2005, all four combinations of address spaces can work in principle: IPv4 inside, IPv4 outside, IPv6 outside; IPv4 inside; IPv6 outside, IPv4 inside (with DNS proxying), and obviously, IPv6 inside with IPv6 outside.

Whether this "castle mentality" is appropriate is a different debate. Moving to IPv6 for the public internet is too important to get bogged down in talking about NAT.

Re:It will happen

[oojah]

Take a read of http://www.potaroo.net/tools/ipv4/index.html to see the rate at which ipv4 addresses are being allocated, along with their predictions for the future. There's a lot there, but it's worth reading at least a bit of it :)

A while back, I wondered how their prediction changed over time so started logging it. The results of that are at http://atchoo.org/ipv4/

Re:It will happen

[symbolset]

Businesses know that IPv6 is broken, untested, and unstable in production environments, with hastily written standards that factor little in the way of security.

Which makes it so unlike the rest of the Internet.

Look, if you're looking at IPv4 or IPv6 to provide some security you're doing it wrong.

Re:It will happen

[tlhIngan]

NAT is the only reason we still have ipv4 - if we hadn't had that nasty hack, we'd have had to move to ipv6 out of necessity some time ago. I'm really looking forward to going back to having every PC with a globally routable IP address, it will make application communication work so much easier, and firewalls can stick to being allow/deny/drop firewalls instead of all this stateful masquerade hack-job stuff on top.

A nice pipe dream.

People are used to having 1 or 2 IP addresses handed to them. Most probably only use one - they stick their cablemodem into their NAT router and be done with that. ISPs know this, and you can bet good money that when residential people get IPv6, they may give them a large range of valid IPs, but really, only route 1 or 2 to them, because they know users will only use 1 or 2. And pay for more, if they need it. And the majority of users will do that - they'll take their IPv6 pipe, and stick on a router, and probably do IPv6 NAT.

No, the era of direct-connected machines is long gone - even if the user had a regular normal firewall and a 1:1 mapping of devices to IPs, you're going to have to tell them how to open a port on it so they can play their game again. And it'll probably be more confusing, since they want only one machine to get that traffic.

And yes, going around NAT is annoying, and breaks some applications. However, the interesting thing is how many applications aren't broken. Or have implemented functionality to work around firewalls and NAT. If you go back to just over a decade ago, playing an online game may easily require 10-15 ports open (TCP/UDP) on your firewall. Nowadays, it's down to one, or in some cases, do nothing. The ports I opened on my NAT router were for HTTP, ssh, and BitTorrent, and I still do online gaming (Xbox Live, Playstation Network) fine without UPnP (disabled on router). And yes, people invented STUN to help get through NAT, as well.

About the real benefit of IPv6 is to make viruses and trojans spread slower as they now have to send packets to more hosts, and there will be more holes in the address space, so chances of success will be limited. But the chance of two people plugging in 2 VoIP phones into a random network and have them work always is gone (unless they're Skype phones, which use STUN and a bunch of dirty tricks to get around NAT and firewalls...).

Re:It will happen

[FireFury03]

No company wants their inner network visible to the outside world (which IPv6 requires unless one uses kludges.)

This very much depends on what you consider to be "visible". You can (and should) firewall incoming traffic, which means someone can't actively scan you. Once you've done that, someone can only gain information about your internal network by looking at the traffic generated by your network. If you think NAT protects you from this then you're sorely mistaken - NAT will only hide the source IP address, you can still gain a lot of information by traffic fingerprinting and other methods.

No company wants to use a protocol with zero real world support for encryption unless you go to a higher layer, or tunnel over IPv4.

I'm not sure what you mean by this. Under IPv4, most encryption is done using SSL - IPv6 doesn't change this, SSL still works and is still used. IPv6 also adds IPSEC support (which has since been backported to IPv4, but it originated on IPv6 and works very well there). So in what way does IPv6 have "zero real world support for encryption"? If anything, it has better support than IPv4 because encryption was written into the spec from the start.

No company wants to change their entire IP address range because they change ISPs.

This really shouldn't be a major problem - if you're using autoconfiguration and DNS then the amount of work required to renumber a network is minimal. You can also do a soft migration, so you can keep your old IP addresses in service for a while after your new IP addresses are put into service.

Some boxes have an infinite DHCP lease?

If that's your setup, you need to get a network manager who has a clue.

Businesses know that IPv6 is broken, untested, and unstable in production environments, with hastily written standards that factor little in the way of security.

You post indicates that people *think* they know that IPv6 is broken, untested, unstable and insecure. In reality, these people are grossly misinformed.

Re:It will happen

[FireFury03]

Is that really a NAT problem or is it a SIP (VOIP) problem?

It is a general peer-to-peer problem. NAT breaks peer-to-peer communications - there are workarounds (such as STUN) but they are not, and cannot be, reliable. The only solution is to remove NAT from the equation.

SIP certainly could have been designed better IMO. Wonder who first conceived of embedding the IP address, normally only a part of the IP header, in the application data, as a security measure no less!

It's actually a pretty sensible idea: Your phone registers with a SIP registration server so that other users can find it - lets say your ISP runs the registration server, so people know to place calls to r7@yourisp.com if they want to phone you (very similar to email). So I phone r7@yourisp.com, my phone talks to your registration server and says "hey, I want to call 'r7'". Your registration server then talks to your phone and says "there's a call for you", your phone sends back a message to the registration server saying "answer it" and that gets forwarded on to my phone.

Now the clever bit (which requires the IP addresses to be embedded) - the 2 phones negotiate (via the registration server) for the IP addresses and ports that will be used to carry the voice data. This means that the registration server is not involved with passing the voice data - this is a Good Thing for 2 reasons: 1. the server doesn't need as much CPU, memory, bandwidth, etc. 2. Most importantly, the route that the voice data is going over is as direct as possible, so you should get a nice low latency.

It gets more important to do this if you start doing stuff like transferring calls - if I'm talking to you, and you want to transfer my call to someone else, your phone will issue a "reinvite" message to my phone, telling it where to direct the voice stream. This means that once the call transfer is completed, your phone is nolonger involved in the communication at all.

If your phone is behind a NAT, it won't know what IP address and port its voice traffic will be transmitted on once it is NATted. You can try and work around this by using STUN, but it isn't entirely reliable since this requires your phone to make some educated guesses about what your NAT is going to do with the traffic - sometimes it'll be right, sometimes it'll be wrong.

This is not only ineffective security it also ignores the ISO seven layer stack.

IP itself isn't an ISO sever layer protocol - never has been, never will be. What you probably mean is that it ignores protocol encapsulation boundaries. And you're right - it does.

But sometimes you have to do that to get the results you want - any other peer to peer protocol is going to do the same thing (e.g. bittorrent) because it has to tell the peers where to connect to.

That's why SIP doesn't play well with NAT. Has nothing to do with NAT itself, IMO.

*NO* peer to peer protocol can play well with NAT. this isn't a flaw in the protocol, it is a simple fact of life. NAT breaks the end-to-end nature of the network, peer-to-peer requires an end-to-end network, ergo they are incompatible technologies.

The "solution" to doing VoIP without an end-to-end network is to use different protocols for the client-server and server-server parts of the system - make the server-server part a peer-to-peer protocol (such as SIP) and the client-server part a client-server protocol. This means that the media path is going to be longer and the servers are always going to have to route the media path meaning a higher cost and a lower quality of service.

Fastest dup ever?

[dgatwood]

I'm seeing two copies of this story posted on the front page, both posted in the same minute. That has to be some kind of Slashdot record. Even normal user comments can't be duped by the same person less than two minutes apart....

Re:Fastest dup ever?

[MichaelSmith]

They just want to be sure we get the message.

Post in one thread, mod in another SWEET

[grondak]

Oh yes, finally. It has occurred! A story duped right next to each itself. Timothy FTW!

Aside from the obvious "business driver."

[palegray.net]

As a developer and network security professional, I frankly can't wait until everything under the sun is addressable. I really do want my car to be able to talk to my electric razor.

I demand it.

[YesIAmAScript]

I demand it because I'm tired of NAT. As I have more devices at home that I might want to access remotely, or that need full inbound and outbound access for full functionality (as jump-in, jump-out games often do), I get more and more tired of dealing with NAT.

And it's not just me. When I'm trying to help my dad with his machine, I can't connect to it remotely to access it.

Even my DirectTV satellite receiver uses IP access now, and due to NAT, they can't count on being able to contact your receiver from their end. So, any centralized service like remote booking has to take special measures to work.

IPv6 makes all this a lot easier, for example if you "request assistance" on Windows Vista/7, the first thing it does is create a Teredo tunnel so that your machine can be accessed remotely to diagnose and fix it.

Customer demand should be the business case.

[mellon]

I don't mean customers should want IPv6. I mean that that's what should drive IPv6 deployment. Address depletion is a problem, but it's a problem that has workarounds, and to the extent that customers aren't bothered by the workarounds, there will be no IPv6 deployment.

The main impact of the workarounds is twofold. First, your outward-facing global IPv4 address will go away. Right now, your ISP has probably assigned you a real IPv4 address, not an RFC1918 address. So people can get packets to your gateway directly. That will go away.

The second impact is that we will have more and more layering of NATs. This will make peer-to-peer applications harder and harder. Also, as more users are piled up on single IP addresses, we will start to see port starvation. What this looks like is that iTunes will start acting funny - displaying some things, showing error messages for others. DNS lookups will fail, and you'll have to retry. Google maps tiles won't show up, so you'll see a partial map, and have to reload (possibly to see different tiles not show up).

So yeah, things will keep chugging along. But it will work less and less well as time goes on.

And I think that is what can, and should, be driving demand. If you don't want that, you might want to start fantasizing about how to get IPv6 into your own home. I have it in mine, it works a treat. I think it's too hard for the average person to do right now if their ISP doesn't support it, but that's a problem that we ought to try to solve if we want the internet to keep being a place where peer-to-peer is possible, and where innovation is possible.

Running out of address won't kill the internet. But it will suck the life out of it.

Cell phones

[FranTaylor]

If cell phones turn into real computers, which has probably already happened, then we will need IPv6 if all those phone users want to surf.

Let's flip the question....

[mark-t]

People ask what can IPv6 offer that NAT cannot. Try running multiple servers on multiple machines behind the same NAT, where one would like them to be accessible to the outside world via default port numbers. No amount of NAT configuration can get around this limitation, so saying NAT solves all the problems that IPv6 is supposed to answer is nothing more than self-delusional. Let's flip the question now.... what can NAT do that IPv6 cannot? Especially considering the fact that even *IF* for some reason that didn't involve how many IP's you actually have available, you still wanted to utilize NAT for some reason, you still could do that with ipv6... no problem at all. So what does NAT do that IPv6 can't? The only answer that might actually exist to this is that it arguably costs less to implement. So in reality, it's not that there's no business case of IPv6, it's really the case that these businesses are just cheap.

Re:Let's flip the question....

[DA-MAN]

There is more than one protocol than http. Try ftp, imap, smtp, irc and https on for size.

Re:Let's flip the question....

[sjames]

Want a private net? Unplug the uplink and number your machines any way you want! If you prefer a protected LAN, make your firewall default to DROP, then tell it what you do want. The IETF probably proposed local IPv6 addresses because they were tired of the few holdouts drooling on their shoes when they explained that for the nth time.

2009

2009 will the Year of IPv6 to the Desktop.

Chicken and egg

[Midnight+Thunder]

Part of the problem at the moment is that because network companies are failing to provide IPv6 ready equipment, it is only the dedicated few that are moving to IPv6. Linksys, D-Link I am talking about guys like you. The there are the ISPs like Bell and Telus here in Canada who have to plans, or even anything beta.

Now look in Africa, Asia and Europe and you will see some serious movement in that direction.

Don't get me wrong, I have my computer enabled with Tiredo, providing me IPv6 access, but companies are going to want the easy route to IPv6 and until they are provided the support, or like my experience two days to immenent failure they aren't likey to do sod.

I have a Linksys WRT54G v8 and there isn't even the possibility of installing a version of DD-WRT that supports IPv6 :(

The switch from DC to AC

[amiga500]

I suspect the switch to IPv6 will take about as long as the switch from DC to AC electricity. IPv4 is so ingrained in hardware and software that it will take decades after the last IPv4 only hardware has been produced for the switch to occur. Additionally, the cost of IPv4 addresses is going to need to rise above the couple of dollars a year it currently is at. http://cityroom.blogs.nytimes.com/2007/11/14/off-goes-the-power-current-started-by-thomas-edison/

and the basic low cost data planes are nat'ed

[Joe+The+Dragon]

and the basic low cost data planes are nat'ed

Re:DirectTV does not need IP access for remote boo

[YesIAmAScript]

Yes, I know. That's what I said it had to take special measures to work as opposed to saying it doesn't work.

There are inward-bound services that are precluded by the lack of incoming access. No, none of these are on the PVRs right now, because there is no such incoming access.

As an example, when you remote book, why don't you get any confirmation? Why does it just make you select "record if possible" (instead of priority record) and then you just go home and hope it recorded? Why can't it contact your box with the request, get a response saying "yes, it will record" or "this won't record, which conflict would you like to cancel?" The reason is because it cannot contact your box as there is no incoming access.

The current feature set is partially determined by what can be done under the current system. With IPv6, the feature set could be expanded.

Self-defeat.

[numbski]

I tell this story all the time, and I'll tell it again.

I *tried* to build up a new fiber network in downtown St. Louis using IPv6. I couldn't get the address space!

It's insane - I could get 3x/24 blocks (non-sequential) assigned to my ASN, but in order to get an IPv6 allotment, I had to show proof that I *already* had utilized a full /24 of IPv6 addresses (which is NOT 256. It's 256*256*256!) They said to get it from my upstream provider - they said they don't do that, get it from ARIN. I go back to ARIN, ARIN says "They're full of it, get it from your upstream provider."

Even more insane? IPv6 allotments are FREE! I had to pay per year for an IPv4 allotment, but the free stuff? Pfft...we have it, we'll never run out of it within your lifetime, but you can't have it.

WTF?

Re:Self-defeat.

[mellon]

Instead of getting upset, get smart. ARIN is correct - you're supposed to get your allotment from your upstream provider, unless you're peering on the backbone (which it seems you aren't, since you have a provider). Your provider is probably used to the IPv4 way of doing things; the problem with that is that it produces fragmentation, which produces huge routing tables. In order to keep the routing tables small, the IPv6 allocation policy is to allocate hierarchically, so that you would get your addresses out of your provider's space.

When your provider runs out of space, you either renumber or fragment; renumbering is obviously preferred, and in v6 it's also easy, because you can do a soft transition - deprecate the old addresses, but keep using them for a month; by that time, all existing connections will be using the new addresses, and in the meantime all the connections that used the old addresses have faded away.

This is sufficiently different than the way things are done in IPv6 that it's not surprising that your provider doesn't understand it yet. So you need to help educate them - this isn't a situation where people are deliberately fingerpointing, but rather an opportunity for some education.

Re:Self-defeat.

[numbski]

I said it wrong is all. :\ I meant a /32. Oi. You guys don't skip a beat, do ya?

Re:Self-defeat.

[numbski]

Also - wasn't thinking clearly. We had two upstream providers, and WERE peering. That's why this was so infuriating. :(

Minor nit - ARP cache timeout

[karl.auerbach]

This is a minor nit - ARP cache timeouts are normally on the order of 300 seconds, not two minutes.

A less minor nit is this: IPv6 does not help decrease the size of routing tables as seen by major providers. Nor does IPv6 reduce the burden of sending routing updates so that routing updates are propagated faster than the underlying rate of change of usable net paths. (Enterprise subnets, whether IPv4 or IPv6, don't generally propagate into the routing announcements as seen by the big carriers.)

The compelling argument, for me at least, is that IPv6 is really a new internet that runs along side of the existing IPv4 net - there is no direct interoperability. This means that pretty much any new expansion of the net is going to require IPv4 connectivity, and IPv4 addresses, to reach the legacy net. And that makes IPv6 redundant from the user's point of view. That sort of drains the oil out of the IPv6 crankcase.

Of course the biggest argument of all is that IPv6 does not solve the hard issues of propagating routing information and finding usable paths across the net, particularly as the demands of human-conversational traffic and the political acts of nations are (unfortunately) driving routing to become increasingly aware of the types of traffic being routed.

I'm waiting to be shown that I'm wrong - I helped do the very first calculation of IPv4 address consumption back in the mid 1980's. And I was in the group at Sun back in the very early 1990's where IPv6 took form. I spent time at Cisco wrestling with questions like how to efficiently mechanize 128-bit longest-prefix matching on 32 and 64 bit hardware. And my company currently has IPv6 testing products. So I've been watching IPv6 for what will soon be two decades.

To me one of the tilt-points of IPv6 will be when I can go into Frys Electronics and find IPv6 capable print servers and other widgets of that ilk on the shelves.

I saw ISO/OSI come and go (I was rather a fan of TUBA - which included the use of ISO/OSI CLNP for the new IP layer - when the various IPv4 alternatives were being considered in the early 1990's.) It would not surprise me to see IPv6 go the way of ISO/OSI.

Re:Minor nit - ARP cache timeout

To me one of the tilt-points of IPv6 will be when I can go into Frys Electronics and find IPv6 capable print servers and other widgets of that ilk on the shelves.

We're starting to see this already. The Apple Airport Express/Base Station products are IPv6 capable and do 6to4 tunnelling when used as gateway devices, out of the box.
The HP CPxxxx series network printers are also IPv6 capable.
Now we just need the other tilt-point of broadband providers handing out IPv6 allotments, and we'd be set.

Re:IPv6 will eventually be a cost reduction measur

[maz2331]

I'm going to sacrifice 5 of my mod points to comment here, just because I have to in order to refute your preposterous point.

"Climate change" and "fossil fuel supply" sure sound like big FUD points. We have little of the former, and much of the latter at this time. Thus, at this time, any radical and painful "cure" is not indicated any more than it would be for giving an ultra-aggressive course of chemotherapy, radiation therapy, and surgury to a person who has a potentially pre-cancerous cell.

Could it be real? Yep.
Could it be wrong? Yep.

I guess some people are SO uncertainty-adverse that they would rather guarantee an absolute collapse of the entire world's economy. Absolute collapse is easy and "certain" (properly engineered) and very comforting to the asshats that actually want such a thing to happen.

We can't just up-end an installed base that would cost tens (or hundreds maybe) of trillions of dollars to replace.

Truly clean energy in abundance and cheap enough that even the poorest person can have 10 kW/h sustained in perpetuity? Yes - I'm for that.

Energy so expensive that only the richest among us can have any? Fuck that, fuck it in the ear, and fuck anyone advocating such an approach in the ass with a canon firing a shell at full velocity.

And if a new tax or "cap and trade" law makes my heating bill double, I'll be beyond angry.

Damn business cases

[AxeTheMax]

The recession occurred because there was no business case for financiers and banks using common sense.

Joe Sysop doesn't give a flying fuck about IPv6

[Colin+Smith]

He and the entire 100,000 person corporation he works for are sitting behind half a dozen routable IPv4 addresses on their own private 10net. He is already overworked supporting the infrastructure which is in place already and when an IPv6 rollout is suggested the first thought which comes to mind is "Just how retarded are you?".

IPv6 is neither exotic nor frightening. Admins and programmers have been dealing with differing networking protocols for decades, including IPX, IP, OSI etc. IPv6 is nothing new. It's simply a fuck of a lot of work for little or no gain.

The question is. What is the "killer application"? If you want IPv6 adoption to proceed at faster than a crawl, you're going to have to come up with something as compelling as the WWW but which simply cannot be realistically achieved over IPv4. Maybe some sort of peer to peer mobile phone application might do it, otherwise, go away and come back when you have something worth talking about.

Re:NAT comes with a firewall

[growse]

And if everyone could have as many IPV4 addresses as they wanted, you could still probably buy a $50 appliance that had a firewall configured to deny everything incoming except established traffic out of the box.
NAT exists entirely because of the need to provide point to point routing with a shortage of IP addresses. Remove the shortage and you remove the point of NAT.

You have to tell ARIN you're multihoming

[billstewart]

The official philosophy behind IPv6 addressing was that they wanted to keep everything hierarchical, to avoid the IPv4 problem that makes everybody's routing table have to keep track of (currently) ~300,000 separate routes plus whatever their own users and customers need. So they want to hand out fat blocks to ISPs, and have those ISPs hand out whatever-sized blocks to their users, and if you change ISPs, IPv6 is supposed to be easier to renumber than IPv4.

In practice, of course, this doesn't help the problem of business users who need to be multihomed for reliability, so their 2nd-Nth ISPs are still going to have to announce their little blocks to the world. There are ugly hacks like shim6 that some people think will help, but it's basically an unsolved problem. So you can generally get larger blocks if you're multihoming, and if you were asking for a /32, that's a typical ISP allocation, so it makes sense that your ISPs said to get it from ARIN.

If you wanted to get a /48, your ISP should be handing those out like candy, but of course that's still Provider-Assigned address space.

Re:NAT comes with a firewall

[growse]

And I'm saying the point is irrelevant. You could categorise broadband consumers as (a) those who need more than one computer to access the internet and (b) those who don't. (a)-type users need a router anyway, and (b) type users don't - they can just plug their modem into their PC.

Users in the first category only need NAT because their ISP gives them one IP address. If they got a ipv6 /64, they would still need a router, and would be able to buy one with a firewall on it. Users in the second category don't need NAT, or a router.