Slashdot Mirror
IPv6 Challenges and Opportunities
1sockchuck writes "Opinions differ on when the Internet will run out of IPv4 addresses, prompting a wholesale transition to IPv6. In recent videos, John Curran of ARIN provides an overview of issues involved in the IPv6 transition, while Martin Levy of Hurricane Electric discusses his company's view that early-mover status on IPv6 readiness can be a competitive advantage for service providers. Levy's company has published an IPv4 DeathWatch app for the iPhone to raise awareness of the transition."
According to my copy of the CorpSpeak to English dictionary "challenge" and "opportunity" both say "See 'problem'."
There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
"Challenges" means problems. "Opportunity" = cool features.
Features of IPv6:
Every known star in our universe can now have 252 ip addresses with ver6.
My frigging socks can tell me they need to be cleaned via a script. My shoes can use GPS to track where I'm going, how many miles I walked/ran that day, etc.
Problems of IPv6: Screw it, we'll just nat our existing IPv4 addresses.
Sent from your iPad.
A 15 digit TCP/IP address so that everyone on Earth can have their own TCP/IP address that allows for their own subnet. So, if a criminal does somethign "bad" the cops know who to go for. What can go wrong?!
Dan Bernstein has chimed in on this before:
http://cr.yp.to/djbdns/ipv6mess.html
He is basically dead right.
The people who came up with IPv6 seemed to be too ivory tower: they forgot about
the reality on the ground. Few ISPs are even thinking about IPv6.
-paul
...and always will be!
US government contracts are starting to require IPv6 support. This is the main reason I'm seeing for IPv6 adoption. If it weren't for the government, we would all be keeping our heads in the sand until the internet starts slowly failing and Goldman Sachs starts selling remaining IPv4 netblocks to speculators.
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
Stolen from wikipedia:
"As of April 2008, predictions of exhaustion date of the unallocated IANA pool seem to converge to between February 2010 and May 2011"
Meta will eat itself
OK, here's a handy checklist to see if IPv6 is ready for prime time:
Use case: access a common web site (e.g. Slashdot) entirely by IPv6 packets: .org DNS server): CHECK .org DNS node via IPv6 packets (lookup slashdot.org address): ???
1) Look up host's IP via IPv6 packets:
1a) Access a root DNS node via IPv6 packets (look up
1b) Access
2) Access slashdot.org via IPv6 packets:
2a) Route IPv6 packets from my computer to "the Internet": FAIL
2b) Route IPv6 packets from "the Internet" to Co-Lo facility: ???
2c) Route IPv6 packets within the Co-Lo to Slashdot's servers: ???
When you (a presumably technically skilled user) can do that, then IPv6 is ready for the masses.
www.eFax.com are spammers
Under IPv6 will I still be able to block posting access to my Japanese discussion site from African/Russian 419 scammers? I have a nice list of IP addresses that are automatically sent an empty http response when they try to become members. I used to give them a chance but every single one turned out to be a scammer so now I just block whole regions outside of Japan. (And luckily most aren't smart enough to bother with a proxy.) Will I still be able to do this under IPv6?
According to the Mayans (I think they are a sect of Ron Paul followers) the world will end in 2012 anyway. I saw a youtube video about it, so it must be true.
2002 called. They want their impending-IPv6-transition stories back.
until consumer routers support IPv6 it's a dead protocol
People don't want to make the transition because it's a hassle.
Sure you lose your easily remember IP addresses for some huge 128 bit string, but it's not a total loss.
IPv6 has a great deal of benefits such as increased browser speed (due to more efficient packet headers), higher privacy (due to increased address space), and increased server efficiency (due to the fact that the server is not performing all the computations - that load is now on your computer).
Ultimately, yes it will make your old computer suck more, but it will make your new computer shine.
Interesting discussion, and not likely to be solved here.
But let's look at cost. The cost for an IPv4 allocation is basically zero. This obviously conflicts with the scarcity argument.
Once IPv4 starts costing more, either directly on via a secondary market, then we may see some corner IPv6 implementations.
The other side of this is usability. Currently for public connections which is where the address space crunch is, IPv4, not IPv6 has usability. Despite the fact that anyone can get one, IPv6 addresses are not globally usable, but IPv4 is.
So, count me skeptical on this transition.
I just rolled a 1 on vs Society Collapsing... was that good or bad?
We need IPV7 that will merge IPV4 and IPV6 in a usable way. Keeping them separate and incompatible is a big mistake. There needs to be a seamless upgrade path from the one to the other, else it will never happen.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
... does anybody realize how long have we been talking about ipv6?
august 2009, december 2008, august 2007, jan 2006, july 2005, jan 2004, feb 2003, feb 2002, may 2001, july 2000, july 1999, may 1998
...is that even new devices don't support IPv6, even when they're in entirely controlled address spaces.
For example, why the hell don't, for example, cell phones internet capabilities have IPv6? I mean the IPv6 routing would seem exactly designed for cell phones, devices external to the network don't need to reach them, and it's a frickin closed system with device upgrades fairly quickly. If we can't even use IPv6 in closed systems like that, it has failed.
The reason, of course, is because IPv6 is, in fact, an EPIC FAIL in actually working, because no one apparently bothered to figure out any sort of actual transition for it.
It's like, if instead of self-driving cars, they invented self-driving micro-monorails and expected us to buy them. But, don't worry, they have a handy monorail carrying rack we can install on top of our car that not that hard to set up so we can carry our monorail to the monorail tracks fifty miles away.
D. J. Bernstein is an ass, but he's right about this.
IPv6 should have been built by changing the damn format of the packets, but using the exact same IPv4 addresses with a specific prefix, routed exactly the same place. Any router that talked to devices that didn't understand IPv6 could just 'dumb it down' to IPv4, and, they should eventually do the same in reverse!
We could actually include a bit in the packet that upconverted IPv6 packets get, so we could keep statistics on how many packets were IPv6 their entire distance, and how many got converted down and back up at some point. So we could see what networks are actually switching out their equipment, and see what misconfigured gear thinks it's talking to IPv4 devices when it's talking to IPv6, so it needlessly converting. (IEEE 802.2 specifics a way to autonegotiate IPv4 or IPv6 using the EtherType, but it might not always work, and it's only for Ethernet anyway.)
At some point, as routers and OSes got replaced, large amounts of traffic on the internet would end up being IPv6 their entire distance, and at that point we can start assigning the IPv6 addresses that don't have a equivalent IPv4 one.
And, incidentally, we should keep the IPv4 network operational forever. 95% of the people can give their IPv4 addresses back, and as people stop connecting IPv4 devices, routers and whatnot will lose the ability to speak to them but there will still be some devices that cannot be upgraded, some embedded device that speaks only IPv4 or whatever. The company should be able to keep an IPv4 address, and require people to install one of the routers that can still upconvert in front of the device, and it gets routed over the internet and back just like anything else, because, for almost all the trip, it's IPv6. There would be no reason to ever turn off the subset of IPv6 that is IPv4.
Instead we invented a new fucking network that doesn't interact with IPv4 at all. Yes, yes, you can get IPv6 versions of IPv4 addresses, but routers and OSes do not automatically translate them. And it's actually against the rules for someone to try to contact a IPv4 server 'over' IPv6. They have to use their IPv4 address, like there should be a difference.
If corporations are people, aren't stockholders guilty of slavery?
grrrrrr
Ok kids. Go home tonight and turn ipv6 on. I know you're all running homebrew linux nat routers.
Here's all you gotta do.
Install radvd. It's a Router Advertisement server. Router Advertisements are how your LAN clients learn what the hell their IPv6 "prefix" is. You're going to use something clever called 6to4, which basically converts your public ipv4 address into the first half of your ipv6 address. You plug that information into your radvd configuration, and voila, all your LAN clients can learn their unique global ipv6 address. Then you just run a little script, which turns up the 6to4 tunnel on your linux nat, and all of a sudden, all your LAN clients have globally routable ipv6 addresses! And once the v6 stack fires up, your computers will try resolving AAAA records, so you might even get to visit some v6 websites!
You're not strictly running native ipv6, since 6to4 is a tunnel to an anycast server (dont worry, there's plenty of them sharing the same address). It emulates pretty damned close though. Enough for you to try it out!
Here's the thing that keeps blowing my mind. Remember back before NAT? The Internet was actually symmetrical back then. Any host could contact any host. Well, it's restored. I keep forgetting I can literally contact ANY lan host from remotely, using its v6 address. Security nightmare? You betcha. Restored services? Makes up for it! Maybe I can figure out what a firewall is, after all!
Sure, there's tunnel brokers out there too... don't waste your time with all that. 6to4 is quick and easy, and it works fairly faithfully. By the time a tunnel broker OKs your info, you could be pinging already with 6to4.
Oh yeah. That malarkey about "ooh my address is so long, it's just not worth it" -- My address is 2002:xxxx:xxxx::1 through ::5. Also, a few weeks ago they released an interesting workaround to memorizing ip addresses, called "The DNS". As ominous as that sounds, it's actually pretty clever and I've been enjoying it for a while.
And yes, ::1 is easily guessable and that makes it hackable. So please, no nmapping the 2002:xxxx/32 subnet tonight. (At the rate of 2^96 pings per second, it should be done by next century)
slashdot: where everyone yells sarcastic metaphors to themselves to understand the issue
> Problems of IPv6: Screw it, we'll just nat our existing IPv4 addresses.
Big Media might like that a lot. That's not a bug to them but a feature.
ISPs resorting to shoving most people behind NATs is a feature for Big Media, because it breaks P2P.
I know it would break WoW updates and other stuff too, but I'm sure Big Media would consider that an acceptable sacrifice.
It may help produce an Internet that's more like TV or a broadcast medium. The billions of users only being able to get content from a few million servers controlled by those who can afford public IPv4 addresses (which would go up in price).
Big Media might be very friendly with some Big ISPs in the USA right?
So while the IPv6 rollout is likely to eventually happen, it may take quite a long while. Way after the popular "run out of IPv4 addresses" deadlines.
Users would be shoved behind NATs and most of them wouldn't even notice- Fox News, CNN etc would still work for them.
With so many legacy apps out there I would not be surprised to see some sort of kludge to increase the ip4 space...
something along the lines of using a couple of the unused bits in the ip header to differentiate
between ip4 space 1,2,3 etc....
Every time something on IPv6 comes out, there's a thundering herd of people who've never used it but are certain that it's awful and won't ever work. What's wrong with you people? Do you feel threatened because you're used to being the networking expert among your clique and don't want to lose that reputation? If not that, then what is it that's making you sneer at a cool new technology without even trying it first?
I'm not addressing people who tried to make IPv6 work but had problems along the way, or who otherwise had bad experiences with it. That's totally understandable and I'm not going to tell such a person that they're wrong. I am talking directly to the people who've read old articles talking about why it won't work, or who are trotting out the same tired, invalid reasons to dislike it.
Here's what you need to know about IPv6:
I think that about covers it. There's no reason to be afraid of IPv6. If you haven't tried it, give it a shot before bragging about how smart you are for recognizing that it can't work. Again, if you've tried it and had problems, I can understand why you're leery of the idea. If you haven't at least used a free tunnel to see what IPv6 is like, though, then you don't have a lot of room to comment on the subject.
Dewey, what part of this looks like authorities should be involved?
IPv6 should have been built by changing the damn format of the packets, but using the exact same IPv4 addresses with a specific prefix, routed exactly the same place.
Yes, that's what was done the last two times the address space was upgraded.
When ARPANET IMP addresses went from one byte to two bytes, to allow the number of nodes to increase beyond 256, the old addresses retained their 8-bit value, with a new prefix.
When the ARPANET was extended to the Internet, the two byte IMP address was the low two octets of the IP address, and the first two octets were 10 and 0, so IMP addresses converted to IP addresses as [10.0.xxx.xxx]. And that's where "network 10" came from. When the ARPANET went down, it freed up that address space for other uses.
But we have DNS now.
Could somebody please tell me whatever happened to the ipv6experiment.com ?
We got only one ISP providing IpV6 addresses to normal end users. So there is not too much hope to get IPv6 trough quickly. I asked my ISP if they even can provide IPv6 addresses or if they need test users. They thought it a while, and told that they don't have any IPv6 plans yet.
So... That's it.
My home Linux systems, ADSL modem / router & firewaall are 100% IPv6 compatible and ready. ISP's arent.
I can't wait for the day I get home from work in my flying electric car to play Duke Nukem Forever against my friends over my new IPV6 connection.
Dear inventors of IPv6 please fix your protocol. I'm not asking for wholesale changes such as use of reasonable address lengths or a politically sane and realisitic transition scenario.. All I'm asking for is that some minor details be fixed OR ELSE!!!!
Not following law of demeter on ISO layer separation is a sin punishable by rotting in hell for eternity.
Using interface names to disambiguate IPv6 addresses..really? All %eth0 nonsense needs to be outlawed immediatly and forever. I don't know or care how many bis RFCs need to be created to make that happen but it must be done.
All hosts must be able to talk to themselves. If my servers IP address is AAA:BBBB:CCCC::BADD that address must work from the server itself without interface name decorations applied.
These above two demands are non-negotiable. The rest are nits I really don't expect anyone to take seriously:
The socket options to prevent use of IPv4 mapped addresses don't need to exist if dualstack is the accepted global transition strategy which it looks like will definately be the case. Make the IPv4 mapped space reserved like you know -- your precious massive Class E IPv4 block you just pissed away while the Internet is hurting for Internet addresses.
People should be assigned network prefixes that can remember using :: compression to its highest effect. The flawed notion that address will ever denote structure in any meaningful way needs to be dispensed with.
When the year of the Linux desktop comes they will implement IPv6.
Instead at the current situation you have to figure out how and were to get an IPv6 address, and either keep an IPv4 as well (and switch between the two as the situation demands) or work out how you are going to talk to the 90+% of the world that doesn't have an IPv6 address. Either of those require extra work, for every person trying to connect to the network.
The issue of where to get an IPv6 address is false one, unless you have an ISP who is dragging their feet. It is a short-term problem and once the infrastructure is in place the apparent issues will go away. Sure it is not IPv4, but no one said it was. There are plenty of solutions to give your computers names, so there should be fewer and fewer cases where you will need to access you machines using numbers.
For example of an ISP who is not dragging their feet, in France there is an ISP called free.fr that provides IPv6 to their customers at no extra cost. Once enabled the router (users are given modem-router hybrids) advertises the IPv6 subnet prefix to all the computers in the subnet. If the computers are IPv6 aware then they will self configure the address ( subnet prefix + MAC address ) and start routing all IPv6 addresses through the announced router.
If you have an ISP who is dragging their feet and you are behind a NAT, then you need to establish a tunnel to an IPv6 Tunnel broker. There are a number of places to do this, including but not limited to: Sixxs.net, Freenet6 and Hurricane Electric.
The only thing I would like to see now are more home router manufacturers providing IPv6 gateway/routers. Apple's Airport and the Fritz!Box are two of the few that do.
If you have your doubts about IPv6, then at least give yourself two months with it and then come back and tell me whether you are still of the same opinion.
Jumpstart the tartan drive.
Ask the people developing Slashcode what the IPv6 issues are and you get pointed to Perl libraries that aren't IPv6 ready. You ask the people at CPAN when they will fix the IPv6 issues and you find yourself hitting a wall. The experience I have had with CPAN makes me feel that Perl should be long dead, IMHO. The library at fault is libwww-perl. I see someone proposed a patch, but it appears to be slowly collecting dust.
The problem is that there are many people who recognise the IPv4 issue, like people recognised the Y2K issue, but it will only be on the eve of IPv4 exhaustion, and people running around like headless chickens, that we will see the remaining developers realising they have work to do.
Jumpstart the tartan drive.
"Comcast plans to enter into broadband IPv6 technical trials later this year and into 2010," TBarry Tishgart, VP of Internet Services for Comcast tells Internet News. "Planning for general deployment is underway."
They will have possibly completed a trial in 2010 and ar "Planning for General Deployment" I personally am planning for lottery winning, but there is no indication of when I might have completed my lottery winning deployment.
By 1986, every government computer was supposed to support OSI. So OSI backers thought that it would be commonplace.
Uncle's IPv6 mandate is just GOSIP II. But IPv6 makes OSI look like Shakespeare next to its own Ed Wood.
While many routers "support" IPv6, it is software support, not the hardware support for the "fast path" that IPv4 uses for standard packets. IPv6 packets are the slow exceptions. The total packet capacity is low. This isn't noticed yet much because v6 carries roughly 1/100 of 1% (i.e., 1/10,000) of the total traffic of v4, and a lot of that is just IETF dorkwads throwing around experimental packets to show that it can be done.
The transition will happen at latest when the end-users have a good reason for that. NAT works for them at the moment, but luckily there are some applications where IPv6 is forced.
One of the reasons to use IPv6 is IEEE 802.15.4 wireless sensor networks with 6LoWPAN protocol, which is basically a very low-energy, very low-bandwidth, wireless mesh network protocol that is IPv6 compatible. There is no IPv4 in this world, it would be a disaster as the sensors should be very cheap and numerous in the future.
The idea of having every light switch of your house connected to internet is ridiculous itself. Still, IPv6 would be a very good way to ensure connectibility and interoperability between devices by different manufacturers. Currently the home/building automation connections are a mess with dozens of incompatible standards. IP networks are proven and work.
"(Sorry, too lazy to use Google atm.) :(
ion.simon.c's knowledge in computers is really shallow. Without google he is helpless. He's too lazy to earn an actual college diploma oriented towards computer science.
"Obvious troll is obvious."
Coming from the biggest troll at slashdot, ion.simon.c, that's almost funny. All ion.simon.c can do is read manuals and spit back what he reads in them. His knowledge is really shallow so don't expect much out of him other than what he googles.
...we've already run out of IPv4 addresses.
I have so many devices that don't have a public IP address because my ISP only provides me with one.
We've been out of IPv4 addresses for a long time now.
...and that is all I have to say about that.
http://jessta.id.au
Don't even try to have a conversation on any topics technical in computing with ion.simon.c because he is an unintelligent moron that tries to play smart and all he does is google up topics and then spit back what he finds there, in his posts here. That's the kind of people that are produced from his area of the nation (maine).
$ dig slashdot.org
; <<>> DiG 9.5.1-P3-RedHat-9.5.1-3.P3.fc10 <<>> slashdot.org
slashdot.org. 2607 IN A 216.34.181.45
. 79212 IN NS M.ROOT-SERVERS.NET.
. 79212 IN NS F.ROOT-SERVERS.NET.
. 79212 IN NS L.ROOT-SERVERS.NET.
. 79212 IN NS B.ROOT-SERVERS.NET.
. 79212 IN NS H.ROOT-SERVERS.NET.
. 79212 IN NS I.ROOT-SERVERS.NET.
. 79212 IN NS E.ROOT-SERVERS.NET.
. 79212 IN NS A.ROOT-SERVERS.NET.
. 79212 IN NS C.ROOT-SERVERS.NET.
. 79212 IN NS G.ROOT-SERVERS.NET.
. 79212 IN NS K.ROOT-SERVERS.NET.
. 79212 IN NS D.ROOT-SERVERS.NET.
. 79212 IN NS J.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET. 134745 IN A 198.41.0.4
A.ROOT-SERVERS.NET. 262772 IN AAAA 2001:503:ba3e::2:30
B.ROOT-SERVERS.NET. 209708 IN A 192.228.79.201
C.ROOT-SERVERS.NET. 134745 IN A 192.33.4.12
D.ROOT-SERVERS.NET. 466134 IN A 128.8.10.90
E.ROOT-SERVERS.NET. 134745 IN A 192.203.230.10
F.ROOT-SERVERS.NET. 469625 IN A 192.5.5.241
F.ROOT-SERVERS.NET. 93705 IN AAAA 2001:500:2f::f
G.ROOT-SERVERS.NET. 134745 IN A 192.112.36.4
H.ROOT-SERVERS.NET. 300717 IN A 128.63.2.53
H.ROOT-SERVERS.NET. 139387 IN AAAA 2001:500:1::803f:235
I.ROOT-SERVERS.NET. 134745 IN A 192.36.148.17
J.ROOT-SERVERS.NET. 300716 IN A 192.58.128.30
$
Because the 128-bit IPv6 address space is so excessively large, there's really no value in hoarding the stuff - an ISP who has a /32 isn't going to try charging you even $1 for each single IPv6 address because they know the market isn't going to fork over $2**96 for it. If you go read the what the network operators are saying when they talk to each other, the original designs ~15 years ago assumed 64 bits for the operator to play with and 64 for the end user, which gave the end user 16 bits for subnets and 48 bits for MAC-address-based auto-addressing, letting you run your network like Netware, but when that got replaced with EUI-64 64-bit-MAC auto-addressing (which is uglier but should never need changing), operators moved to giving users larger blocks.
The general view is that corporate customers get /48s, and home users probably get /56 but some ISPs lean toward /48, though a few ISPs seem to like /64 as a default for home users and /56 or /48 as an extra-price upgrade. ( /64 means that either you only get one subnet at home or that you do something fancy with the addressing behind your home firewall, but realistically, as home wireless is becoming near-universal, almost everybody ends up with multiple subnets so working with /64 is a pain.) Operationally, for an ISP, it's a lot simpler and cheaper if you can treat all your users the same way, so you can put one set of instructions on the web site and have one set of scripts for the help desk folks to work from and have troubleshooting processes that work. There are a few people advocating /60 for home networks, but the value of aligning addresses on byte boundaries vs. the added complexity and minimal savings means that they get shouted down rapidly.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Just about anywhere in the US that has DSL has far more than two choices of ISP from a price/policy standpoint. Unlike cable modems, where the right technical choice is to do routing all the way down, and where the main technical approach to sharing with multiple ISPs is PPPoE or even uglier things, DSL is fundamentally a Layer 2 protocol that makes it easy to share between different sets of router operators, so issues like address space, bandwidth caps, and port 25 blocking are per-ISP, and there are lots of national ISPs like Speakeasy that can sell you service on top of the telco DSL wire. That doesn't get you competition from a highest-available-speed perspective; you're still limited by the DSLAM hardware and your distance from the central office, but at least you're not stuck with your telco's idea of forward-thinking Internet service policy.
In bigger cities in the US there's also Layer 1 competition, with Covad and occasional other CLEC DSLAM providers who use the telco copper wire, so they may have higher or lower speeds than what the telco offers. And for both cable and DSL, it's possible to have shared services at Layer 8, i.e. wholesale billing arrangements so you're getting your service from Example.Net instead of the telco/cableco, so you may not have the same price caps or policies about sharing or limits on static addresses, but any routing and port-25 blocking gets done by the infrastructure provider. (For Layer 9 reasons, cable companies usually don't offer this, but some telcos are ok with it.)
And of course if you live too far from your telco office, so DSL doesn't reach you, then you're stuck with either cable modem, satellite, or wireless. You don't even need to be near big cities - a friend of mine runs wireless ISP service in rural Wyoming, putting antennas on top of silos and such, though he *really* doesn't want any P2P running on his network because of bandwidth costs and performance impacts.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
And if you've got AT&T, you've probably also got a bunch of national DSL providers like Speakeasy who can provide you different policies and services on top of the AT&T DSLAMs. It tends to cost a bit more, but you get more choices about static addresses, email/web/etc. service, bandwidth caps, etc. I'm currently using sonic.net on top of AT&T DSL, and get my static addresses and a shell account which I mainly use to run procmail and webmail, and even N years ago when the telco's policies were very restrictive (no web or mail servers at home, no sharing wireless with neighbors, no more than N computers on your line, etc.), sonic's policies were "You're buying service from us because you want a Real Internet Connection - do whatever you want (except spam, of course)." The telco's relaxed a lot since then, but I've still been happy with value-added service.
It is slower than Comcast, but more than fast enough for me, and I'd prefer almost *any* ISP's policies to living with the typical cable modem company's policies.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
One of the pipe dreams of early-years IPv6 planning was that by handling IPv6 address allocations cleanly and hierarchically, without the leftover IPv4 swamp space, routers could all have a nice clean shiny view of the rest of the world, with far fewer routes and less routing table churn than IPv4. But it ain't happening, folks, because the user requirements that led to much of the IPv4 routing complexity are still there.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Having an ISP go to all the work of accounting for every device you need an IPv6 address for, all for free, would be charity; ISPs can't afford to do that. They're going to hand you a block of addresses and make you deal with address assignment inside them. One reason IPv6 address space is so big is so that we never have to expand it again (which is what killed the 64-bit addressing proposals), but another reason is so that we can afford a clean separation between the bits that the ISP assigns and the bits that the customer manages, because managing things costs money. The reason many ISPs only give you one IPv4 address today is because IPv4 addresses are scarce and expensive, and you use NAT to put multiple machines behind it (if you want multiple machines) because you can do that without dealing with the ISP, which costs you both money. IPv6 addresses are designed so they'll never be scarce - your ISP gives you one block of addresses and you do whatever you want inside that block. It does mean that your ISP-connection-box needs to be a router, since it's handling a whole block of addresses on your side and not just one, but these days that's cheap.
In early IPv6 planning, the block size was /64 - it was a nice clean round number, and was big enough for a Netware-style autoaddressing which gave the user 16 bits of subnet numbers if they wanted them and 48 bits of MAC hardware address, though it was later decided that autoaddressing should use EUI-64 hardware addresses instead of 48-bit MACs, which means that the boundary needed to shift, since /64 is now only one subnet. /48s to businesses and either /56s or maybe /48s to homes. There may be some ISPs that only want to give you a /64, but there's a high enough fraction of the market that needs multiple subnets because of wireless and other applications that it's an unpopular position. And there are some ISPs that are talking about /56 for smaller businesses and /48 for larger ones, since at that point the differences between what consumers need and what businesses need are more about reliability, billing options, and value-added services such as television or managed PBX services.
The consensus among ISP operations folks these days is that the boundary will probably be to assign
You referred to Joe Sysadmin wanting to assign addresses, so you're apparently thinking about a business context - a few devices like routers may need manually assigned addresses, but humans are going to deal with DNS addresses, and the IPv6 applications folks have been working on different tools for managing that for the last decade and a half. The worldview has changed a bit, from the original MAC-based autoaddressing to a more DHCP-centric view, but either way widespread manual addressing is non-scalable and usually silly in the IPv4 world and worse in the IPv6 world. (Doesn't mean that it doesn't happen; I'm currently working on a customer firewall project where we're doing lots of it, but if I were the architect we'd have done it differently...)
And as far as whether you've got a global address space or can assign your own IP addresses that overlap with the outside world, it's global, get used to it, and if you try assigning local addresses that overlap with the rest of the world's addresses, you're going to get spanked. Back in the mid-90s, when IP applications weren't universal (e.g. businesses still ran SNA and NetBEUI and Novell Netware IPX and didn't always have Internet connections on their internal networks), and RFC1918 hadn't been invented, I did have computer-consulting customers who had done internal projects using addresses they'd Just Made Up. "We're a Bank - This'll never connect to the Outside World! Who cares if our address space overlaps with University of Toronto." That was before DHCP, so it really *hurt* when they had to renumber their network :-)
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Anonymous Clients don't need names. But if anything, the fact that IPv6 addresses are often hard to remember is a *feature*, because it forces people to deploy name resolution for anything that does need names.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Nmap fails entertainingly when the average target subnet has 2**64 addresses instead of 1 or 256. There are ways to cheat on that, e.g. exploiting the MAC-based autoaddressing structure (guess that the target has a Dell or HP PC first), but it's still basically difficult. On the other hand, the average user is still going to have a firewall at home, and they don't really care how the little box they had to buy protects them; the real question is whether they had to buy their own or had it built in to their ISP's DSL/cable-modem.
If you're running a small business, 32 externally-visible IPv4 addresses is probably enough, but for a home network, by about 2012 it's going to start costing a good bit more money to have multiple IPv4 addresses, since the world will have run out of them, and ISPs are likely to move toward another layer of NAT for their dynamic-address customers if they're not using IPv6.
For your business environment, I agree with you about DHCPv6 vs. autoconfig and testing a lot of stuff in a virtual environment before running much of it for the real network. And yeah, older equipment is probably going to stay IPv4 for a while. I'm looking forward to seeing how my Corporate Desktop Support Overlords deploy IPv6 for us...
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Oh, wait, wrong meme...
IPv6 has a lot of problems, but the IPv4 address space is going to fall off the edge of the world by 2012 or earlier, so you're either stuck with IPv6 or multiple-NAT, which is at least as ugly.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Umm, no, thanks for playing.
Disclaimer: This is my own personal commentary, not the opinion of my employer, other companies they own, or my other corporate overlords. But it's still correct.
All major ISPs are thinking about IPv6, most minor ISPs are thinking about it, and any that aren't thinking about it are going to be in serious trouble by 2012 or before. A few years ago, what they were thinking was mostly [Expletive deleted!], but most of them are a bit more focused by now and the rest won't outlive the Mayan calendar rollover. Sure, some of us own large netblocks that will it may be possible to monetize, but just about everybody who does also owns large Cisco routers that will need to be replaced, which costs a lot more money, and in many cases it's the whole collection of operation support software that needs to be updated, which is even harder than just upgrading all your capital equipment. This is basically about as big a problem for a typical ISP as Y2K was - there are 32-bit address fields embedded in all sorts of things, so it's not as simple as just putting new values into existing tables.
Sometimes you can get around it by shoving your dynamically-addressed users behind another layer of NAT, and adding some IPv6 tunnel devices, but if your DSL or cable modem users require a hardware upgrade to support IPv6, it's potentially going to cost more in support to handle the transition than you'd gain by charging them extra to remain on IPv4, even if you make them buy the box. And if you're a business ISP, and your customer with a T1 line has been running fine on a Cisco 2500-series router for the last decade, well, time's up on that hardware. Most newer CPE routers can handle IPv6 fine, though if you've got a user with a T3 or E3 line (45 or 34 Mbps), you may find that it can't go full wire speed with IPv6.
There are a very few universities that still have big netblocks they haven't given back, but there's been enough market for them for the last decade that anybody who didn't need theirs has had plenty of incentive to sell them already. A much larger impact is the number of businesses who have a /24 address block when NAT and firewalls mean that they could get by just fine with a /28 or /29 to handle an inbound web server and VPN or two. In many cases, they can't do that, because they need their own address block that's large enough to be routable, since they're connected to multiple ISPs for reliability and business reasons. But even if we salvaged all of that, it would only gain us a year or two - there's so much growth in Asia that it'd get used up anyway.
I give Microsoft a lot of credit here - they started relatively early working on how to support IPv6 in their operating systems, and while it's not a vanilla feature on XP, you can install it, and they've done enough work on eating their own dogfood that it's as usable as anything they do, especially on Vista, which they'd hoped would be widely deployed by now.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Don't know what town you live in, but any ISP that doesn't have a really solid IPv6 plan by now is going to be toast by 2012 if not before. Either they won't be able to get enough IP addresses, or they're going to have to set up big tunnel servers and learn how to use them in a hurry, or start carrier-NATing their customers which starts to break applications. If IPv6 were something you could simply enable overnight it'd be different, but it's not - you're going to have a significant learning curve as you retrain all your people and rebuild all your management tools and replace any equipment that's not fast enough to run IPv6.
I'd expect that it would get even more exciting for people in the hosting business - not only do you have to keep getting more IP addresses as people virtualize their hosts, but as there start to be IPv6-only end users who want to reach websites, your hosting customers are going to want to have IPv6 support, and if you can't at least give them dual-stack, they're going to become somebody else's web hosting customer instead. You don't happen to have any Layer 3 switching gear in your hosting centers or manage load-balancers for customers do you? Good luck!
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
I went through this in the 1980s with the government trying to push their users to OSI and POSIX - every RFP had a check box saying whether you supported it, and sometimes you had to write reams of explanation about how you were going to do it, but for the most part the end users got waivers and ran MS-DOS on their underpowered desktops and deployed TCP/IP in any networks that weren't running SNA.
But it's different this time, really, trust us! Ok, 5 years ago it wasn't, but by now IPv4 space is close enough to running out, even for agencies that can live behind firewalls like the military does, that they're starting to get serious about using this stuff, and by requiring it they're forcing development of the tools it takes to use IPv6 in the real world and not just on paper. And they helped get Microsoft to build IPv6 support in Windows to sell to them as well as to the real market.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Yeah, I dealt with that market back in the 1980s, as well as the POSIX efforts, and worked with people who'd dealt with the US Auto Industry's attempts at standardizing on OSI as well. Five years ago, that was pretty much what government support for IPv6 looked like also, but it's different now, because the world really will run out of IPv4 addresses by about 2010-2012, so they really do need to do more than just hide behind NAT. And over the last few years their efforts to get testbeds run and actual operational experience have meant that ISPs and developers have some experience dealing with IPv6 now, and are starting to get ready to have to convert.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
There are a few big chunks that are still being hoarded, but not much; universities have mostly returned their early allocations, and some of them now belong to big ISPs which have legitimate use for them. (For instance, Bell Labs used to have a Class A to support their Cray in Murray Hill, but it's now used for AT&T's ISP customers.)
There's a lot more space out there for small-medium businesses that have Class C /24s that could probably get away with /28s or /29s now, but many of them need to have publicly-routable address blocks since they're connected to multiple ISPs, so they can't use anything smaller. (In the IPv6 world, they could use a /48 just fine.)
But no, it wouldn't save us much time - Asia's using multiple /8s per year for growth.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Ok, sorry, I shouldn't be snarky about it, but if you go look up IPv8 you'll know what I'm making fun of...
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
> Where the fuck do you live where you have more than 2 viable choices for an ISP?
I live in a tiny German town with approximately 2000 people in it and I would say there are about a dozen ISPs I can get DSL from.
> What universe do you live in where the "competition" would realistically compete on this feature?
Unless an ISP is forced not to give you more than n IPv6 addresses, they will give you a /64 for home connections, /48 for colocation, etc. Every LIR gets one /32, no matter how large they are. This means that there can be as many _large_ ISPs as you have IPv4 addresses _in total_ before you run out of IPv6 space. Every DSL customer has the current IPv4 address space timed the current IPv4 address space at their disposal. Colo customers have 2^16 times that.
Every backwater ISP can have as many DSL customers as there are IPv4 addresses _in total_ before they run out.
Long story short: There are just so many IPv6 addresses, it literally does not fit into anyone's head. Humans are not geared to think in those dimensions.