Comcast Plans IPv6 Trials In 2010

Mortimer.CA writes "In a weblog posting, Jason Livingood, Executive Director of Comcast's Internet Systems has stated that they're beginning public trials of IPv6; Comcast hopes 'that these trials will encourage other stakeholders to make plans to continue, or to begin, work on IPv6 in 2010 so that all stakeholders do their part in ensuring the future of the Internet is as bright and innovative as it has been in the past.' Interested guinea pigs can volunteer at Comcast6.net (FAQ). Those who have IPv6 connectivity via other means can check out their IPv6-only web presence."

ipv6.comcast.net isn't ipv6 only

[BitZtream]

I have no ipv6 at this location and it loads just fine here, not exactly 'ipv6 only' like the Dancing Kame ...

Re:ipv6.comcast.net isn't ipv6 only

[Midnight+Thunder]

Confirmed by dig:

IPv4:

ipv6.comcast.net. 7200 IN A 68.87.64.59
ipv6.comcast.net. 7200 IN A 69.252.76.96

IPv6:

ipv6.comcast.net. 7200 IN AAAA 2001:558:1002:5:68:87:64:59
ipv6.comcast.net. 7200 IN AAAA 2001:558:1004:9:69:252:76:96

IPv6?

[Delwin]

Pinging ipv6.comcast.net [68.87.64.59]

woops.

Re:IPv6?

[mmontour]

Pinging ipv6.comcast.net [68.87.64.59]

It works for me.

$ ping6 ipv6.comcast.net
PING6(56=40+8+8 bytes) 2002:1159:44ef::226:48ff:fe12:a9a7 --> 2001:558:1002:5:68:87:64:59
16 bytes from 2001:558:1002:5:68:87:64:59, icmp_seq=0 hlim=52 time=235.216 ms
16 bytes from 2001:558:1002:5:68:87:64:59, icmp_seq=1 hlim=52 time=245.426 ms

This is through an Apple airport base station via whatever tunnel provider it uses for its IPv6 support. No manual setup, just click the buttons to turn IPv6 on and to block incoming connections.

Re:IPv6?

[Marauder2]

Looks like ipv6.comcast.net has both A (IPv4) and AAAA (IPv6) records.

$ host ipv6.comcast.net
ipv6.comcast.net has address 69.252.76.96
ipv6.comcast.net has address 68.87.64.59
ipv6.comcast.net has IPv6 address 2001:558:1002:5:68:87:64:59
ipv6.comcast.net has IPv6 address 2001:558:1004:9:69:252:76:96

Re:IPv6?

[harmonise]

woops.

I know! What where they thinking by letting people using IPv4 also see that content?

Re:IPv6?

[fluffy99]

Pinging ipv6.comcast.net [68.87.64.59]

It works for me.

$ ping6 ipv6.comcast.net
PING6(56=40+8+8 bytes) 2002:1159:44ef::226:48ff:fe12:a9a7 --> 2001:558:1002:5:68:87:64:59
16 bytes from 2001:558:1002:5:68:87:64:59, icmp_seq=0 hlim=52 time=235.216 ms
16 bytes from 2001:558:1002:5:68:87:64:59, icmp_seq=1 hlim=52 time=245.426 ms

This is through an Apple airport base station via whatever tunnel provider it uses for its IPv6 support. No manual setup, just click the buttons to turn IPv6 on and to block incoming connections.

The 2002 prefix on your ipv6 address says you're using 6to4 address translation/tunneling. The ipv4 address at the time was 17.89.68.239. I'm not sure if its your computer doing the 6to4 tunneling or your airport. I'm thinking it's the computer as its using the 2002 address as opposed to the router doing it all in the background.

Re:IPv6?

[mmontour]

I'm not sure if its your computer doing the 6to4 tunneling or your airport. I'm thinking it's the computer as its using the 2002 address as opposed to the router doing it all in the background.

The tunnel is established by the airport; I'm not running any 6to4 stuff on the LAN computers (Macbook, couple of Linux boxes, and an OpenBSD instance running in a KVM virtual machine). They just auto-configure themselves on the /64 announced by the router. The LAN computers can 'ping6' each other as well as external sites like ipv6.google.com.

Re:IPv6?

[fluffy99]

Okay that makes sense. The router is actually running ipv6 dhcp and assigning stateful addresses with the 2002 prefix. The router is doing the 6to4 tunneling for you.

Re:IPv6?

[j+h+woodyatt]

Put that AirPort base station (if it's the latest Extreme or Time Capsule product) on the Comcast IPv6 trial network, and you won't need to use a tunnel over IPv4. It'll route IPv6 natively.

Oh, well...

[__aaclcg7560]

Nope. Can't see the IPv6-only web presence from my IPv4-only internet. I guess it got slashdotted.

Re:Oh, well...

[jbb999]

I can see it on my ipv6 connection, it's on 2001:558:1002:5:68:87:64:59 and seems to work :) For those on the UK wanting an ADSL ISP with ipv6 support I recommend Andrews & Arnold (http://www.aaisp.net.uk/) who have been doing this for years now and provide native or tunneled ipv6 and full ipv6 static addresses to their customers on request. Just a happy customer of theirs :)

Re:Oh, well...

I like to pay a little extra for my broadband, to get a better quality service, and i'll accept high caps because you have to draw the line somewhere and stop nut jobs, but ...

That ISP is surely having a laugh. Separating peak and non-peak downloads takes me back to dialup era with off-peak phone at 1p per min. Surely the idea of always on, is that you can use it any time?

Re:Oh, well...

[Deleriux]

But the IPv4 version appears to be a hell of a lot slower than its v6 counterpart.

In fact i've found v6 runs much faster generally (probably cause so few people are using it at the moment). I use it quite often to download new Fedora distros at max speed.

Re:Oh, well...

Almost all ISPs in the UK have some limits on usage, either they are honest about it like this ISP or they have fair use limits, or throttle speeds or some protocols, or they get congestion at peak times and slow down. Or they are heavily subsidising heavy users from their light users and hoping that overall use doesn't increase or they'll be badly caught out.

I know with my ISP that if I get any packet loss or it slows down at all at any time I can report it as a fault and they'll sort it out.
My daytime usage is effectively unlimited because I never get close to what I paid for and at nighttime I can use effectively as much as I like,. I never even come close.
So it suits me completely, I'd rather have that than an ISP that slows down, has hidden fair use limits or blocks certain ports or protocols, or which is running their business on overselling their links and hoping to get away with it...

Re:Oh, well...

[Mike+Rice]

Except for a few research networks, all V6 traffic runs through the same 'tubes' as V4.
So all else being equal, V6 data rates should be no different than V4.

But all is not equal.

V6 has several refinements over V4, which tend to enhance throughput.

Re:Oh, well...

[icebraining]

I'm capped too during daytime, and I always get the speed I paid for (sometimes more!), but what they call a "heavy business owner" (10GB/month), I call having to "stretch". And 50/month? I know here in Portugal we get paid less, but that seems expensive. For 60/month I can get 60Mbps down, 3Mbps up, plus digital cable TV and free calls to landline numbers.

Re:Oh, well...

[petermgreen]

Almost all ISPs in the UK have some limits on usage, either they are honest about it like this ISP or they have fair use limits, or throttle speeds or some protocols, or they get congestion at peak times and slow down. Or they are heavily subsidising heavy users from their light users and hoping that overall use doesn't increase or they'll be badly caught out
I've just taken a look at AAISPs prices and they don't seem quite as insane as they used to be but they are still very high if you have any significant daytime usage (otoh if you are a home user and either not in the house or prepared to abstain from bandwidth heavy stuff during the daytime they are more tolerable).

If you do have significant daytime usage and want a small ISP with with honest but reasonable limits I would suggest IDNET.

If you can deal with little to no support from a big company and you live in an appropriate LLU area BE and sky probablly give you the best bang for your buck as well as in many areas giving you the highest top speeds (since in a lot of areas BTs infrastructure isn't ADSL2).

I know with my ISP that if I get any packet loss or it slows down at all at any time I can report it as a fault and they'll sort it out.
The impression i've always got with the smaller ISPs like aaisp and idnet is they are at the mercy of BT, they can (and will) pester BT harder than most larger ISPs would but ultimately if BTs network in your area is badly congested your only real way out is to switch to a LLU ISP (I notice aaisp are offering a be based service now but if you can take care of yourself your probablly better just dealing with be directly).

Re:Oh, well...

In Finland, at least one ISP (Nebula) is giving out static, native 64-bit IPv6 blocks to their residential customers. Unfortunately, they do it wrong. They keep the gateway (x:y:z::1) and give you the rest of the block meaning that the block cannot be subnetted. You can't use a wireless router for your home network, for example.

I asked the ISP to change their configuration slightly (x:y:z::1/120 and route x:y:z::/64 via x:y:z::2), but they refused saying they'd like to reserve that for their (better-paying) business customers.

There's a way around: add a small program on the (OpenWRT) home router to do faked neighbor discovery. Still, it's a big let-down from the ISP's part, not to mention a huge waste of the IPv6 address space (who's got a LAN with 2**64 machines connected).

Re:Oh, well...

[gbjbaanb]

More to the point, which ADSL modem/router are you using that supports IPv6, 'cos it aint no use if my PC and my ISP support it if there's a big block in between the 2 :(

Re:Oh, well...

[GameboyRMH]

Yeah, those nut jobs, who when they pay their monthly bill for 2Mbps ADSL, expect to have received in return the ability to download (and/or upload as the upload speed and asymmetric connection allow for) 1 month's worth of data at 2Mbps.

Buncha crazies, what the hell's wrong with 'em?

Re:Oh, well...

[SigILL]

who's got a LAN with 2**64 machines connected

My ISP (XS4all in The Netherlands) gave me a /48, which is 65536 of those blocks. Actually, RIPE policy is that they're supposed to (ARIN allows /56's for residential users, which is a mere 256 64-bit blocks).

The rationale for this policy is that it allows for really easy routing while not even using one percent of the entire IPv6 address space.

Will they permit NATs?

[denis-The-menace]

I know most IP6 fan will say that you don't need them but you just know when the smoke clears Joe customer will still get ONE Address.

Besides, most IP-enabled toys wont like IP6 (Wii, VOIP boxes, etc.)

Re:Will they permit NATs?

[Manip]

It is very hard to block NATs even if they aren't allowed.

Re:Will they permit NATs?

[BitZtream]

Its pretty hard to stop someone from using a NAT. Comcast can't really tell the difference between a NAT and a single machine without deep packet inspection.

At which point you just sue them for invasion of privacy, not that you'll get anywhere but its a neat idea.

The other side to that is that your IPv6 router can deal with helping IPv4 devices communicate over the IPv6 backbone as long as the backbone does the proper bridging (according to the protocol) back to IPv4, which they'd surely have to if they don't intend to break of the Internet and become their own useless island.

In short, some very smart people already thought of that problem when designing the system.

Re:Will they permit NATs?

[tepples]

you just know when the smoke clears Joe customer will still get ONE Address.

As I understand it, the best practice is for an IPv6 ISP to give out a /64. That's still relatively one four-billionth of the space they're giving out now.

Re:Will they permit NATs?

[Reason58]

Its pretty hard to stop someone from using a NAT. Comcast can't really tell the difference between a NAT and a single machine without deep packet inspection.

I am pretty sure there is no difference between a "normal" and NAT packet once it leaves the router. It doesn't matter how much Comcast examines it.

Re:Will they permit NATs?

[amorsen]

But there is. For one thing the TTL will be one lower than "usual". You can hide that, but there are lots of other ways to detect it.

Re:Will they permit NATs?

[amorsen]

No, that is not allowed (well the police won't stop them, but it's definitely not best practice). Best practice was originally a /48, but now ISP's are allowed to cut all the way down to a /56 if they feel a /48 is too much.

You shouldn't put hosts in anything but a /64, and some don't think there should exist non-/64 unicast networks at all. Personally I believe that at least /128 should be allowed.

Re:Will they permit NATs?

[Reason58]

But there is. For one thing the TTL will be one lower than "usual". You can hide that, but there are lots of other ways to detect it.

The TTL will be decremented because the packet passes through a router which is performing the NAT (Linksys, Netgear, whatever). By blocking hosts based upon TTL inspection wouldn't they would preclude anyone using a home router, or more importantly, having wireless access?

Re:Will they permit NATs?

[dotwaffle]

Let's say your ISP has a /32. The ISP uses a /64 for every point-to-point link between their router and your home router, and you have a /64 within your own home. Additionally, you have a second /64 reserved for you to make VoIP easier. Then, your ISP can clearly only have 1.1 billion customers.

I realise the above is a bit silly, but seriously, there are enough /64s for everyone. There is no need for a /128, no need for a /126, no need for anything but a /64.

Even if the ISP was "wasteful" and allocated each residential customer a /56 to do whatever they want with, their /32 will be able to support 16.7 million customers. If you've got more than 16.7 million customers, you just get another /32, in 2000/3 there are 500 million /32s.

I'm waffling. /64 is fine.

Re:Will they permit NATs?

[Cato]

As the website explains, one of Comcast's 3 transition strategies is based on DS-Lite, which essentially means a big provider-based NAT that allows IPv4 only devices such as games consoles to connect via a new IPv4/IPv6 home router (dual stack) over v6 infrastructure to an end server that is v4 based.

Re:Will they permit NATs?

[Mike+Rice]

The originating TTL of a packet is decided by the application that created it.
Since there is no mandatory original TTL, there is little use in filtering by TTL.

If some ISP decided to start filtering packets based on a low TTL, all application vendors would respond with updates that originated all packets at the maximum TTL.

Re:Will they permit NATs?

[petermgreen]

I realise the above is a bit silly, but seriously, there are enough /64s for everyone. There is no need for a /128, no need for a /126, no need for anything but a /64.
The trouble is the ipv6 autoconfiguration mechanisms were designed arround giving each subnet a /64 so if you only have a /64 you either have to limit yourself to one subnet (e.g. no seperate subnet for a segregated wifi network) or configure all your machines manually (and in the case of XP configure them from the command line!)

there are enough /56's for everyone, hell there are enough /48s for everyone (personally I preffered the old reccomendation of giving every site a /48 because it made it clear where the site number ended and the subnets within the site began).

Unfortunately you can bet crappier ISPs will give a /64 at best and a /128 at worst.

Re:Will they permit NATs?

[grantek]

...or you could just update the firmware

Re:Will they permit NATs?

[nitehawk214]

What I am failing to understand is this: Why would they want to block NATting? What benefit does this buy the ISP? Are we talking about the ability to force customers to pay an extra fee for each connected device as they do with cable boxes? I dont see that flying with anyone who has non-computer devices, such as DVRs and game systems.

Re:Will they permit NATs?

[fluffy99]

No, that is not allowed (well the police won't stop them, but it's definitely not best practice). Best practice was originally a /48, but now ISP's are allowed to cut all the way down to a /56 if they feel a /48 is too much.

You shouldn't put hosts in anything but a /64, and some don't think there should exist non-/64 unicast networks at all. Personally I believe that at least /128 should be allowed.

The first 64-bits are the "network" portion of the address, and the second 64-bit chunk is the interface portion (ie the ipv6 version of your mac address). I'm ignoring multicast for the present. For normal unicast, you can't subnet smaller than a /64. If your ISP is following the standard, they can't give you bigger than a /48 for your site.

It's also a bit of a myth that ipv6 allows for 2^128 addresses. That's not really true given the first several bits define the address type, not all of the TLAs have been assigned, some of the prefixes are special (like 6to4, and terado), 64-bit host id's uniqueness (generally derived from the 48-bit mac address), ranges set aside for multicast, link-local, non-routable addresses, etc.

Still ipv6 is a massive expansion of the available range, and solves many routing difficulties. It's also much more complicated and has some drawbacks.

Re:Will they permit NATs?

[Jeffrey_Walsh+VA]

"Why would they want to block NATting?"

I've seen where ISPs tack on charges for additional ips. But this seems to be going away. Now I'm seeing that most ISP provided routers will nat - sometimes even allow port forwarding and dmz.

Re:Will they permit NATs?

[j+h+woodyatt]

I think they're delegating a /56 to each subscriber. Certainly shorter than a /64.

Re:Will they permit NATs?

[boog3r]

the only way to detect nat is with protocol-based packet inspection. the tcp header would appear the same whether there was a router doing nat or a regular pc hanging off the circuit. unless the router is assigning a tos value or some other such malarkey of course.

Re:Will they permit NATs?

[amorsen]

The first 64-bits are the "network" portion of the address, and the second 64-bit chunk is the interface portion (ie the ipv6 version of your mac address). I'm ignoring multicast for the present. For normal unicast, you can't subnet smaller than a /64.

It may not be allowed, but it is widely deployed. Not with hosts in those subnets, but it is fairly popular with router-only subnets.

If your ISP is following the standard, they can't give you bigger than a /48 for your site.

If you can demonstrate need, you can get up to a /32 even as a non-ISP. Obviously demonstrating the need for such a large allocation is a bit theoretical.

Re:Will they permit NATs?

[amorsen]

What is wrong with protocol-based packet inspection?

Re:Will they permit NATs?

[amorsen]

Good point, TTL inspection would catch anyone using a router (NAT or not). However, you can't use a non-NAT-router with just 1 IP address anyway, so that's a bit of a theoretical concern.

Re:Will they permit NATs?

[Fred_A]

I know most IP6 fan will say that you don't need them but you just know when the smoke clears Joe customer will still get ONE Address.

My ISP gives me (or anyone who cares enough to activate the free option) a /64 IPv6 subnet. It wouldn't make much sense if it didn't.

I'll grant you that it'll be a while before the various gadgets (or even the software) play nice with IPv6.

Re:Will they permit NATs?

[fluffy99]

The first 64-bits are the "network" portion of the address, and the second 64-bit chunk is the interface portion (ie the ipv6 version of your mac address). I'm ignoring multicast for the present. For normal unicast, you can't subnet smaller than a /64.

It may not be allowed, but it is widely deployed. Not with hosts in those subnets, but it is fairly popular with router-only subnets.

Yes, there are some address types like router loopback and multicast that are different, but that's not your typical globally accessible unicast stuff. Breaking unicast addresses into smaller than /64 breaks the normal routing mechanism and is against the RFCs.

If your ISP is following the standard, they can't give you bigger than a /48 for your site.

If you can demonstrate need, you can get up to a /32 even as a non-ISP. Obviously demonstrating the need for such a large allocation is a bit theoretical.

In that case, you're really getting multiple TLAs, which isn't really the same as subnetting per the RFCs. In practice though it works to get bigger than a /32, and the routing tables may have something bigger than a /32 to reflect the contiguous TLA assignments.

Re:Will they permit NATs?

[amorsen]

In that case, you're really getting multiple TLAs, which isn't really the same as subnetting per the RFCs.

This makes no sense. If you get a /48 you get 65536 subnets. If you get a /56 you only get 256 subnets. And if you manage to show the need for a /32, you get 2^32 subnets. In all cases the actual subnet "mask" is /64 (with the caveats about non-/64-subnets for routers mentioned earlier)

Re:Will they permit NATs?

[Bengie]

/64 is the standard and if the ISP doesn't use it, it could break stuff. They would have to order custom Cable/DSL modems since all suppliers will be following the /64 rule.

Re:Will they permit NATs?

[fluffy99]

You might want to review the RFCs, particularly the difference between TLA, NLA, and SLA and what bits of the prefix they use. Only the last 16-bits of the network portion of the address are intended for site subnets. Unless you're an ISP or other aggregator, you don't get bigger than a /48. The Top Level ISPs get a /24 which they are expected to route into the NLAs, who assign up to /48s to sites.

http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_2-1/ipv6.html - scroll down to the section titled Public Routing Topology Prefixes.

Re:Will they permit NATs?

[amorsen]

You're quoting a document from 1999... Back then it was assumed that sites would not have provider-independent addresses, because site renumbering would be really really easy, and multihoming would be handled by new clever protocols.

Well renumbering is a lot easier with IPv6, but it still isn't easy. Multihoming solutions never materialized. So in the end it was decided to just go ahead and allow provider-independent addresses in much the same way as IPv4, which forced address assignment rules to be adjusted.

what is the per ip cost? $5? WILL there cable boxe

[Joe+The+Dragon]

what is the per ip cost? $5? WILL there cable boxes also start useing ipv6? they use ipv4 now.

MediaCom Anybody?

[skogs]

I've been waiting for mediacom to roll out some DOCSYS 3 / IPv6 forever. This little town I happen to be in, has excellent infrastructure and is physically capable of running it -- unlike most cities. This town is dependent only on major hardware upgrades, not cable plant upgrades.

Re:MediaCom Anybody?

Shut it nigger. Hatian nigs like you deserve to die and burn. Just like the fags. -- wbc

Unfortunate abbreviation

[tepples]

The main page mentions tunneling IPv4 over what it calls "Dual-Stack Lite technology (aka DS-Lite)". But Comcast must not have been aware of Nintendo's prior use of "DS Lite" for a handheld video game system with Wi-Fi support. Do Nintendo video game consoles even support IPv6?

Re:Unfortunate abbreviation

No, they dont.

Re:Unfortunate abbreviation

[metamatic]

The Wii supports IPv6. The DS Lite doesn't. I don't know about the DSi.

Re:Unfortunate abbreviation

[Randle_Revar]

and none of them support WPA

Re:Unfortunate abbreviation

[SScorpio]

The Wii and DSi both support WPA, the DS and DS Lite don't.

Re:Unfortunate abbreviation

The Wii definitely does...

IPv6 only test...

[nweaver]

ipv6.google.com is IPv6 only, and if you can reach it, you are IPv6 enabled.

We actually used this for the IPv6 test in Netalyzr as the basis of the IPv6 connectivity test. Our servers don't have IPv6, but we have a small amount of javascript on the analysis page that tries to fetch the logo from IPv6.google.com and reports success or failure back to the server.

Re:IPv6 only test...

[belphegore]

...except that it's not:

[craig@Puck:~]$ host ipv6.google.com
ipv6.google.com is an alias for ipv6.l.google.com.
ipv6.l.google.com has address 208.67.219.132
ipv6.l.google.com has IPv6 address 2001:4860:800b::69
ipv6.l.google.com has IPv6 address 2001:4860:800b::68
ipv6.l.google.com has IPv6 address 2001:4860:800b::63
ipv6.l.google.com has IPv6 address 2001:4860:800b::6a
ipv6.l.google.com has IPv6 address 2001:4860:800b::93
ipv6.l.google.com has IPv6 address 2001:4860:800b::67

Re:IPv6 only test...

[molo]

208.67.219.132 is OpenDNS.

-molo

Re:IPv6 only test...

[mmontour]

ipv6.l.google.com has address 208.67.219.132

Not from here:

$ host ipv6.google.com
ipv6.google.com is an alias for ipv6.l.google.com.
ipv6.l.google.com has IPv6 address 2001:4860:800b::93
ipv6.l.google.com has IPv6 address 2001:4860:800b::63
ipv6.l.google.com has IPv6 address 2001:4860:800b::67
ipv6.l.google.com has IPv6 address 2001:4860:800b::68
ipv6.l.google.com has IPv6 address 2001:4860:800b::69
ipv6.l.google.com has IPv6 address 2001:4860:800b::6a

If you actually try to connect to 208.67.219.132 you end up at "hit-nxdomain.opendns.com" so it looks like there are some DNS shenanigans going on at your end.

In any event, you can't get to the actual Google website with its "bouncy" logo unless you do so over IPv6.

Re:IPv6 only test...

[belphegore]

Ok. So it's only ipv6 if your DNS provider doesn't return IPv4 records for it... It's still not a good test for IPv6 connectivity. A better test for IPv6 connectivity would be, you know, sending an IPv6 packet and seeing if it gets through.

Re:IPv6 only test...

[Matt_R]

# host ipv6.google.com
ipv6.google.com is an alias for ipv6.l.google.com.
ipv6.l.google.com has IPv6 address 2001:4860:c004::68

# host www.google.com
www.google.com is an alias for www.l.google.com.
www.l.google.com has address 66.102.11.99
www.l.google.com has address 66.102.11.104
www.l.google.com has IPv6 address 2001:4860:c004::68 :)

Re:IPv6 only test...

[RoFLKOPTr]

Ok. So it's only ipv6 if your DNS provider doesn't return IPv4 records for it... It's still not a good test for IPv6 connectivity.

Yes it is. A good DNS provider won't return records when there are none. OpenDNS earns money from ad placement on their bad hostname page, so when there isn't a valid record to a hostname, they return a server of their own. An honest DNS provider is a great test for IPv6 connectivity, though.

Re:IPv6 only test...

[adaviel]

Request IPv6 records only:
bash-3.2$ host -t aaaa ipv6.google.com
ipv6.google.com is an alias for ipv6.l.google.com.
ipv6.l.google.com has IPv6 address 2001:4860:800b::67
ipv6.l.google.com has IPv6 address 2001:4860:800b::68

bash-3.2$ traceroute6 ipv6.google.com
  doesn't work from here :-( no tunnel set up

Re:IPv6 only test...

ipv6.google.com is IPv6 only, and if you can reach it, you are IPv6 enabled.

I think there's something wrong with that link. I just get a "host not found" error. I'm using Google's DNS too. What's IPv6, by the way?

Re:IPv6 only test...

Except that it is... when your DNS is not broken:

host ipv6.google.com
ipv6.google.com is an alias for ipv6.l.google.com.
ipv6.l.google.com has IPv6 address 2a00:1450:8001::6a
ipv6.l.google.com has IPv6 address 2a00:1450:8001::68
ipv6.l.google.com has IPv6 address 2a00:1450:8001::93
ipv6.l.google.com has IPv6 address 2a00:1450:8001::63
ipv6.l.google.com has IPv6 address 2a00:1450:8001::67
ipv6.l.google.com has IPv6 address 2a00:1450:8001::69

$ whois 208.67.219.132

OrgName: OpenDNS, LLC

Re:IPv6 only test...

To quickly see if you're connected with an IPv6 webserver, you can install "ShowIP", a Firefox plugin: https://addons.mozilla.org/en-US/firefox/addon/590

As its name says it shows the IP(v4 or v6) address of the server on the bottom right of the Firefox window.

Re:what is the per ip cost? $5? WILL there cable b

[jbb999]

My ISP has given me (and any customer who wants it) 18446744073709551616 IPv6 addresses free of charge, That should keep me going for a while...

Grudgingly, impressed.

[Orbijx]

If Comcast actually does what they're saying on the tin, maybe the other ISPs will follow suit.

This just might be a good thing.

Re:Grudgingly, impressed.

[jonbryce]

Maybe, but it is a difficult sell to customers. They will want to know what ipv6 enables them to do that they can't do at the moment. Being able to visit ipv6.google.com and do exactly the same things that they can do on www.google.com at the moment, and being able to see a dancing turtle at www.kame.net isn't really going to seal the deal.

Re:Grudgingly, impressed.

[david_thornley]

Except that, if this relies on customers making a decision, it's dead.

Modern computers support IPv6. Modern consumer-level routers don't necessarily (mine doesn't), so the connectivity provider needs to provide and/or recommend equipment that does. Provide connection instructions that start up both IPv4 and IPv6. Leave the customer out of it, since 99% of customers don't know what IP is in the first place.

Re:Grudgingly, impressed.

Big national projects can work, if they are properly managed, and everyone's pulling in one of the corners. The analog/digital switchover is a good example.

Re:Grudgingly, impressed.

[japhering]

Except that, if this relies on customers making a decision, it's dead.

Modern computers support IPv6. Modern consumer-level routers don't necessarily (mine doesn't), so the connectivity provider needs to provide and/or recommend equipment that does. Provide connection instructions that start up both IPv4 and IPv6. Leave the customer out of it, since 99% of customers don't know what IP is in the first place.

If the customer really, really wants to know what is the advantage for him.. the simple answer is continued access to the internet.

Re:Grudgingly, impressed.

[sjames]

Are you on the same internet I am? The internet that went crazy for the "I kiss you" guy? The same internet filled with people who will sit through a sales pitch to get a $0.10 blinking LED toy?

IPv6 MUST be the best thing ever! It's like the internet PLUS TWO!

Re:Grudgingly, impressed.

[nnet]

There is no "selling point". The move to IPv6 will be transparent to Joe Sixpack pr0n downloader/web browser/emailer, and Grandma Moses. The move is required in order for them to stay in business, and provide services to their customers. Its that simple.

Re:Grudgingly, impressed.

[N7DR]

I was part of the team that wrote the IPv6 portion of the DOCSIS 3.0 specs. Although DOCSIS 3.0 added a huge number of features, the two that the cable companies were most desperate for were channel bonding (so they could compete with fiber) and IPv6 support.

IPv6 has been internal testing with major cable operators for several years now. Comcast was always likely to be the first to deploy it (for reasons that I can't go into) but I expect the other major operators to follow suit within a year or two.

Re:Grudgingly, impressed.

[owlstead]

It allows multiple clients to have their own IP addresses. Which means that you don't have any limitations you have with IPv4 while hosting stuff (bittorrent, games). If your router supports IPv6 of course, but I don't think that network appliances are the problem. Things like mobile devices (for which IPv6 would be great) are more likely to suffer because of lacking IPv6 support.

Re:Grudgingly, impressed.

You think the analog/digital switchover was properly managed? Tell that to the hundreds of nearly-bankrupted smaller stations that had to pull millions of dollars out of their collective asses to make equipment upgrades. Hundreds of things about that should have been done differently, not the least of which would rolling changeover deadlines based on market size.

Re:Grudgingly, impressed.

[jonbryce]

The selling point for Digital TV, at least in the UK was lots of extra channels.

People get the idea that if you switch to Freeview, you get 45 Channels on your TV rather than the 5 you have at the moment, so they do it.

I can't see what the selling point for the average non-slashdotter is at the moment. Their internet works fine at the moment, so they won't see any need to change it.

Re:Grudgingly, impressed.

[Ironchew]

Are you on the same internet I am? The internet that went crazy for the "I kiss you" guy? The same internet filled with people who will sit through a sales pitch to get a $0.10 blinking LED toy?

Sorry, I'm only on IPv4. So, you're tacitly admitting that people who use IPv6 are raving lunatics?

Re:Grudgingly, impressed.

[petermgreen]

IMO the most likely endgame for IPv4 is the removal of public IPs from home lusers (replacing them with ISP level NAT) to give them to more profitable buisness customers.

Continued ability to use peer-peer stuff efficiantly will be the main selling point of IPv6 to home users, of course peer to peer is something ISPs want to strongly discourage.

I really really doubt that most ISPs would dare cut a customer without v6 supporting network equipment. computers and software off from the internet at this point. Not to mention that most websites aren't available on v6.

One complication is that iirc some of the largest American cable providers have actually already run out of private v4 IPs for thier internal network and so are putting cable boxes on public IPs. If they could move the cable boxes to v6 they could reuse their v4 addresses (whether public or private) for peoples internet connections and thus avoid the need to partition thier network into mulitple addressing domains.

Re:Grudgingly, impressed.

[petermgreen]

I'm sure I remember hearing a while back that a big american cable provider had run out of private IPs for cable boxes etc and were now using public IPs for new ones. was it comcast? If so that would be a very powerfull reason to want ipv6 support on the network before v4 addresses ran out.

Re:Grudgingly, impressed.

[adaviel]

From a presentation by Tata Communications: "the promises of IPv6"
Restores p2p communication
Mobility
  * Much easier roaming
  * Better spectrum utilization
  * Better battery life!
Security
  * IPsec mandatory
Multicast
Better QoS (flow labels)
Auto configuration
  * Mobile Ad-Hoc networking
  * Mobile networks
  * Sensor networks
  * Plug and Play networks
Permanent addresses
  * Identity (CLID)
  * Traceability (RFID)
  * Addressability!
  * IP address based billing

But yes, staying in business. Even if you have enough IPv4 to last you for years, you will start to find new services and businesses that you can't use, or can't get to without going through some kind of tunnel/proxy

Re:Grudgingly, impressed.

[adaviel]

So, reading this backwards, I presume we need new cable modems for native IPv6 support ?
And if Comcast's doing a trial, I guess they are in production somewhere.

Re:Grudgingly, impressed.

[tftp]

Which means that you don't have any limitations you have with IPv4 while hosting stuff

It also means that ISPs can now charge you per computer, instead of per IP (that you then NAT to cover your whole house.)

If your router supports IPv6 of course

I have three routers, none of them support IPv6, and without specifically searching I don't know any that do (except Airport.) Often it's hard to tell even holding the box in hands at the store.

I don't think that network appliances are the problem.

Unless, of course, you have such appliances. There are millions of devices that are IPv4-only. Support for IPv6 just started, and there is zero chance that earlier products will be upgraded (they are out of warranty by now.)

Things like mobile devices (for which IPv6 would be great)

Mobile devices (cell phones) are self-contained, so they are welcome to have whatever IPv$x they want. These devices are not a problem, and they indeed benefit from IPv6. However everyone else, industrial and residential PC and gadget users, will be in need of some serious 6 to 4 bridging. There are just too many embedded devices which are IPv4 only *and* out of maintenance. We also should remember that majority of network-aware applications are IPv4 only. This is even more true in niche, expensive applications, those that use networked license servers, for example. In their market even if a newer app is available and supports IPv6 you have to buy it again; support on that level is not free.

Re:Grudgingly, impressed.

[fluffy99]

There is no "selling point". The move to IPv6 will be transparent to Joe Sixpack pr0n downloader/web browser/emailer, and Grandma Moses. The move is required in order for them to stay in business, and provide services to their customers. Its that simple.

In more ways than you might expect. Enabling ipv6 with something like terado on windows can accidentally provide a nice backdoor through your router, and firewall. Most of the personal firewall software on the market does absolutely nothing with ipv6. You might find out the hard way that setting up ipv6 exposes your computer to a lot more than you realize.

Re:Grudgingly, impressed.

[Abcd1234]

Luckily, the same software on your PC doesn't listen on IPv6 in the first place, so it doesn't really matter that your box is v6 accessible.

Re:Grudgingly, impressed.

[fluffy99]

Luckily, the same software on your PC doesn't listen on IPv6 in the first place, so it doesn't really matter that your box is v6 accessible.

Huh? Most of the Microsoft services listen just fine on ipv6. Are you comfortable with anyone on the ipv6 internet being able to hit your netbios ports? Even Microsoft points out ipv6 tunneling at a security risk and recommends blocking teredo traffic as the network boundary. http://technet.microsoft.com/en-us/library/bb726956.aspx

Re:Grudgingly, impressed.

[LingNoi]

You get to use bit torrent without NAT problems. That seems like a big selling point to me.

Re:Grudgingly, impressed.

[Captain_Jackass]

You did, and it was comcast

Re:Grudgingly, impressed.

[j+h+woodyatt]

It's very simple. IPv6 will save them money.

After the IPv4 free pool is exhausted, subscriber experiences using legacy software will start to such very badly, and word will get around that the cause is something in the Internet.

Subscribers may start hearing vaguely scary stories about carrier-grade IPv4/NATs that serve entire neighborhoods, and have heavily limited functionality, but almost nobody will understand a flipping word of it. Subscribers will only know their service providers are presenting them with two basic choices if they want the Internet to work right again: A) upgrade once to software that uses IPv6, or B) pay extra every month for a public IPv4 address at the subscriber gateway.

Most subscribers won't think about this decision at all rationally. They'll just switch to software that works better, and they won't think about which version of the Internet protocol they're using. This is how IPv6 will save them money.

Re:Grudgingly, impressed.

[TheRaven64]

Having IPv6 doesn't mean that your v4 devices are going to stop working. They'll still be able to make outgoing v4 connections even when every consumer network is double-NAT'd. Most of these can then continue functioning via gateways even if the rest of the world is v6-only. You can, for example, run an IPv4 web proxy which forwards connections to IPv6 web servers. I don't think there are consumer-grade things that do this yet, but you can already get routers that handle external NAT, so IPv6 addresses returned by DNS are mapped to a private range (usually 10/8), then connections to these addresses are forwarded to the real server. You can also get reverse NAT devices that sit in front of things like v4 networked printers and let people talk v6 to the gateway, which then talks v4 to the printer. These are trivial to implement because everything above the IP layer (TCP or UDP, then IPP, HTTP, or whatever) is the same.

You act like this is some kind of new experience for the Internet, but back in the '90s, there were AppleTalk, IPX, DECnet, and various other protocols deployed on local networks, all connected to the Internet via gateways. You'd run the same high-level protocols (SMTP, HTTP, and so on) on the local network as on the Internet, but different layer 1-3 protocols. Your mail client wouldn't know or care that your OS was talking AppleTalk to the gateway, the gateway was talking IP to the remote gateway and the remote gateway was talking DECnet to the mail server.

Re:Grudgingly, impressed.

[Abcd1234]

Microsoft doesn't enable services to listen on IPv6 unless the application explicitly requests it. Furthermore, the built-in firewall doesn't allow unsolicited inbound traffic unless you explicitly enable it.

As for netbios, it's not defined over IPv6.

Re:Grudgingly, impressed.

[fluffy99]

Microsoft doesn't enable services to listen on IPv6 unless the application explicitly requests it. Furthermore, the built-in firewall doesn't allow unsolicited inbound traffic unless you explicitly enable it.

As for netbios, it's not defined over IPv6.

I'm not sure that first link applies to Windows XP, as its for Windows Mobile 6.

The second link you referenced says NetBT is not defined over ipv6, which is correct as NetBT is netbios implemented over ipv4. To be more precise I should have said file/print sharing instead of netbios, which by default is listening on ipv6 if its running.

A fair number of people are not running the built-in firewall when they are behind a corporate or home firewall. If file/print sharing are enabled, there are holes punched in the local firewall anyway. A lot of third-party software opens up holes in the Microsoft firewall as well. Some third-party firewalls I tested last year totally ignored ipv6 traffic and let it all through.

My point is that enabling ipv6 adds exposure. If you've implemented an ipv6 tunnel, you could be inadvertently bypassing firewall protections as you essentially create a tunnel for the entire ipv6 world to directly access your computer.

As an example, try setting up teredo on an XP box that's behind NAT (the main reason for using teredo, btw). Doing a bit of packet sniffing, you'll discover that you're getting an occassional port scan. Yes indeed there are black hats out there scanning ipv6 space already.

Re:Grudgingly, impressed.

[Abcd1234]

As an example, try setting up teredo on an XP box that's behind NAT (the main reason for using teredo, btw). Doing a bit of packet sniffing, you'll discover that you're getting an occassional port scan. Yes indeed there are black hats out there scanning ipv6 space already.

True. And all I'm saying is that the exposure isn't nearly so earth shattering as you seem to think, so long as you a) don't turn off your firewall like an idiot (this applies to virtually all home users, who don't even know what a firewall is, let alone how to disable it), and b) don't enable services you don't need (something any knowledgeable user should already be doing).

Re:Grudgingly, impressed.

[rdnetto]

Just tell them the internet will stop working if they don't switch (sort of like the Y2K bug). It's a gross oversimplification, but it should do the trick.

Re:Grudgingly, impressed.

[tftp]

Having IPv6 doesn't mean that your v4 devices are going to stop working. They'll still be able to make outgoing v4 connections even when every consumer network is double-NAT'd.

That's what I meant when I said "you'd need some serious 6 to 4 bridging". This stuff is not for consumers, and the first paragraph of your comment just caused a headache :-) Nearly tl;dr. Yes, if you must keep an IPv4 device on your network then you need to have an IPv4 gateway which, hopefully, knows how to translate a bogus server IP address that your IP phone sends out into an IPv6 address that the SIP registrar or SER actually uses on the new Internet. It's way more painful than an IPv4 NAT.

With regard to mixing protocols, this was done by experienced professionals, at ISPs, and even then very sparingly. IPX, for example, was primarily used by Novell and was limited to its NetWare. But if the world migrates to IPv6 this chore will belong to the end user, and no ISP would want to support him (not for any reasonable money, at least.) The end user may need to dump his IPv4 peripherals - it could be cheaper than to figure out how to use them. This is particularly bad with SIP phones because they are supposed to talk to each other, directly (SIP is only setting up the connection.)

Re:Grudgingly, impressed.

[TheRaven64]

Do you have any idea how complicated NAT is? If I explained what goes on in a consumer-grade NAT to make everything work, it would be far longer than my tl;dr paragraph. Gateways are simpler to implement than NATs. Why on earth do you think that they'd be harder to deploy?

Trusted Network Connect

[tepples]

It is very hard to block NATs even if they aren't allowed.

Hard, but doable. An ISP can "protect the security of its network" by requiring the customer to run a "dialer" or "supplicant" before the ISP will route the customer's packets outside the quarantine. The ostensible purpose of network access control methods is to make sure that the operating system and antivirus signatures on customer equipment are updated and that the botnet-of-the-week isn't running. But the side effect of Trusted Network Connect deployment is that connecting to a home-class Internet requires an approved and unmodified copy of Windows or Mac OS without any programs that interfere with the ISP's business model, such as Apache HTTP Server or NAT software.

Re:Trusted Network Connect

[nitehawk214]

I doubt any ISP implementing that would be an ISP for very long. That would cut out all non windows-mac users, and more importantly every user that has a cable/dsl router.

Oh, this is sooo going to suck

[Marrow]

Ipv6 is going to suck on so many different levels.

Re:Oh, this is sooo going to suck

Explain.

Re:Oh, this is sooo going to suck

Couldn't agree more.

Yeah, it increases the number of IPs MASSIVELY, but the drawbacks are way too much, not to mention the idea of having one IP is a rather scary thought, especially since it is rather easy to make enemies online.

NAT could be extended and work more-or-less on current hardware as long as firmware updates are possible.
Currently, NAT depends on subnetting to reach internal IPs, right?
This causes huge problems, such as no direct access to ports on any internal IPs, forwarding, blah blah etc, we all know the pain.

A better solution would have been the addition of X octets in packets that will direct them to a device behind the routing device. (yes, a 2nd Destination IP)
X can start off at 1 initially, but is future-proofed for 4. (or even more?)
Directly accessing an IP behind another IP could be done in this format: X.X.X.X:port;Y[.Y.Y.Y.n]:port/resource.ext
This is incredibly simple to do in comparison to IPv6, most of it only requires a firmware update and updates to the routing rules in whatever servers, hard-coded hardware is going to be a bit of a problem, but any change is expected to cause problems.
While it will decrease space in packets for data (and potentially clog up the net a little more), the benefits far outweigh the problems, unlike IPv6 which is the opposite. (and already uses more space anyway!)

Both routes will cause headaches for network operators, the dual-destination IP approach is just simpler and easier to implement, not to mention familiar.
IPv6 just looks like a major headache waiting to happen. Admittedly it was designed for the sake of not requiring the need to LOOK at IPs due to the large number being capable of assigning more than several IPs to every person alive, but some work requires IP.
The headaches this will cause for people setting up game servers...
ISPs should at least have some sort of DNS redirect that a person can setup to simplify it. (maybe even sell it as a premium service, evil, yes)
user.personal.ISP.TLD:port

If any confusion is found in this post, blame the heat, i'm almost fainting with it. Bring back the snow and cold.

Re:Oh, this is sooo going to suck

[slimjim8094]

Why? I, for one, look forward to having a unique address for every computer. It is, after all, the original intent of the Internet.

Re:Oh, this is sooo going to suck

[mark-t]

The problem with this proposal is that the ipv4 header is fixed in format and size. To support such an extensible addressing scheme would break ipv4 in at least as many ways as IPv6 will. IPv6, by the way, has an extension header mechanism, so it could, theoretically, have an extensible addressing system like what you describe (and you wouldn't even need to have multiple ports along the way). Supporting it would still require firmware updates to the routers, but it would not break any existing ipv6 connectivity.

Re:Oh, this is sooo going to suck

[Abcd1234]

I find it sadly hilarious that this utterly contentless post somehow managed to get an insightful mod...

Re:Oh, this is sooo going to suck

[Omnifarious]

Why? A bald assertion like that with nothing to back it up is pointless and stupid.

Re:Oh, this is sooo going to suck

[Omnifarious]

Well, that's an interesting proposal, though it seems like a really dumb hack to me.

And I don't understand any of the reasons why you think it will be a headache. The only one that really makes any sense is that you think your proposed scheme will require fewer software changes on devices.

You don't appear to explain any of your other reasons.

Eventually...

[ATestR]

By the time IPV6 is fully deployed, the IPV6 space will be rapidly filling up, and people will be talking how we really need to deploy IPV8...

Re:Eventually...

[ImprovOmega]

Unless we start addressing every individual atom on earth I don't see it being a problem. There are ~3.4*10^38 addresses available in the IPv6 space, so even if every person on earth had a billion devices to uniquely address we'd *still* only use 7*10^18 addresses which would only be a millionth ( < 0.0001%) of the available address space.

So, yeah, I think we're good for a while on it.

Of course, if you desperately need to individually address every single atom in the known observable universe, you could eventually extend it to a 512-bit address space to easily cover that possibility.

Re:Eventually...

[some_guy_88]

By the time your 512-bit system is fully deployed, we will be communicating with parallel universes and people will be talking about how we really need to deploy a 1024-bit addressing system.

Re:Eventually...

[TheRaven64]

Note that IPv6 wants sparse hierarchical addressing, doesn't like routing packets to subnets smaller than a /64 and requires some ranges reserved for things like 6to4 and multicast. In practice, we only really have enough IPv6 addresses for everyone on the planet to have a few tens of thousands of devices, depending on the network topology.

Re:Eventually...

[Bengie]

And World of Warcraft will have broken its 10^100 player.

They should've just skipped to 256bit IPs and said "Every atom in the universe gets an IP, and still have room for reserved ranges.

Re:Eventually...

[Bengie]

What are you talking about? I'll have a /64, I can have just slightly less than 18,446,744,073,709,551,616 devices

Static or Dynamic?

[Tubal-Cain]

Will the addresses by dynamic or static? Is there any good reason for them not to be static?

Re:Static or Dynamic?

[nnet]

Contact your ISP for information on how they'll implement and deploy IPv6. There's an incorrect assumption that customers MUST be given static IPs, or netblocks simply because there's so many available IPs. Only your ISP can decide that. You can bet if they can "sell" IPs as static for an additional fee, they will. Same for netblocks.

Re:Static or Dynamic?

[outlander]

It'll be dynamic - the protocol doesn't use DHCP as we know it; it uses 'neighbor discovery,' which is described here: http://www.tcpipguide.com/free/t_TCPIPIPv6NeighborDiscoveryProtocolND.htm

I've experimented with it on a number of various networks - some professional, some personal - and it's not so bad. THe implementation isn't as complete as IPv4, but given the user base, it's not that surprising....

Re:Static or Dynamic?

According to the RFC you should get a dynamic /48.

Re:Static or Dynamic?

[xZgf6xHx2uhoAj9D]

That's not to say they can't use DHCPv6. From what I've heard, a lot of organizations have opted for DHCPv6 instead of stateless auto-configuration because the network admins get the warm fuzzies from having logs of everything. Who knows, there might even be legal ramifications (if the MPAA has anything to say about it?) for ISPs that don't keep logs about who's assigned what?

Re:Static or Dynamic?

[mikael_j]

Maybe I'm missing something but shouldn't you be able to just share the prefix and other configuration data using radvd/rtadvd and then use your switches to determine the MAC and thus also IPv6 address of all IPv6-enabled hosts on your network? To me it seems straightforward but maybe I'm missing something here...

/Mikael

Re:Static or Dynamic?

[Jeremy+Visser]

They should be static, if they have any sense. See a blog post of mine on the subject.

Basically, with IPv4, if you have a dynamic address (say 5.6.7.8), and then your connection drops out, and now you are a different address (say 5.8.7.6), then the machines behind your NAT aren't affected, because they're still using a 192.168.0.x 192.168.0.1 gateway thingy.

But in IPv6, what subnet your ISP allocates you (e.g. 2001:db8:1:5678::/64) influences what machines in your LAN (i.e. what would be behind your IPv4 NAT) have as their IP address.

So if your subnet your ISP gives you is 2001:db8:1:5678::/64, then a machine on your network may have an IP address of 2001:db8:1:5678:aaaa:bbbb:cccc:1234. Then, if your connection drops out, and you get a new dynamic subnet, say, 2001:db8:1:9876::/64, then your machines on the LAN will not get the new address scheme immediately, and have the wrong IP address when sending to the Internet. A whole world of hurt.

Really short durations set on the Router Advertisements may help, but there is still a window of breakage, and thus a whole world of hurt that you just don't want to foist onto your customers.

Just think -- you can give out dynamic subnets and conserve address space, but you'll have all hell break loose with the support calls. (My ISP, Internode, is sane and gives out static /60 subnets.)

You got trapped by OpenDNS

[nweaver]

You got trapped by OpenDNS. OpenDNS is VERY agressive at wildcarding network failures:

132.219.67.208.in-addr.arpa. 18794 IN PTR hit-nxdomain.opendns.com.

So even though there is a valid name for ipv6.google.com (the Google DNS servers return a valid reply with a 0-size answer for an A query, and the whole data for an AAA query), OpenDNS instead goes "hey, lets wildcard it and return our server!"

This behavior is why I'm NOT a fan of OpenDNS.

Re:You got trapped by OpenDNS

[belphegore]

Ok.... but without IPv6 connectivity (I turned it off), I type ipv6.google.com in my browser address bar, my DNS lies to me, and my browser magically gets (over IPv4) the google homepage. Using ipv6.google.com in a browser as a test for whether your ipv6 connectivity is working is not a good test. I guess if you're testing specifically for the ability to fetch the bouncy logo from that address, that's one thing -- assuming that bouncy logo isn't available at the ipv4 site that opendns is magically making it look like I'm going to, or redirecting me to, or whatever it's doing (no time right now to sniff traffic and see). But the statement:

ipv6.google.com [google.com] is IPv6 only, and if you can reach it, you are IPv6 enabled.

makes assumptions about your network and its services (like DNS) which are not guaranteed to be true.

Re:You got trapped by OpenDNS

[icebraining]

I get the "OpenDNS search", which tells me that "ipv6.google.com is not loading right now" and shows me the search results for "ipv6 google".

Re:You got trapped by OpenDNS

[Midnight+Thunder]

Another approach is simply to do:

ping6 ipv6.google.com

This should hopefully isolate you from broken DNSs returning fake 'A' entries.

Re:You got trapped by OpenDNS

[belphegore]

Right. That is a much better test, because it's doing what I suggested: sending an IPv6 packet, and seeing if it gets through. You're still subject to possible shenanigans like traffic filtering which might block ICMPv6 ECHOs but allow TCPv6 through.

Re:You got trapped by OpenDNS

[belphegore]

...and by the way, I'm not sure you can say the DNS is "broken" -- it may be in the case of OpenDNS, but I can definitely picture local DNS administrators implementing a staged IPv6 rollout by having some default IPv4 address returned when a DNS query otherwise only yields AAAA records, and then having a host on that IPv4 address that says "Sorry, you can't access that IPv6 site" or something to that effect.

Re:You got trapped by OpenDNS

[TheRaven64]

without IPv6 connectivity (I turned it off), I type ipv6.google.com in my browser address bar, my DNS lies to me, and my browser magically gets (over IPv4) the google homepage

And without IPv6 connectivity, you type a Bing or Yahoo v6-only address into your browser bar, your DNS lies to you, and your browser magically gets the Google homepage.

Love comcast is working with it's customers

[cullenfluffyjennings]

I'm impressed that Comcast is talking about it trials publicly and engaging customers. Many service providers run stuff in private, don't tell their guinea pigs, I mean customers that they experiment on, and then just select whatever seemed convent for the service provider. Engaging people in a trials like this, seems win/win for the customers and service providers.

Re:Love comcast is working with it's customers

[LoSt180]

I signed up for the trial, interested if I get a response. Guess I need to start looking into getting IPv6 working on a DD-WRT based router. Hopefully it doesn't break my parents' internet too bad...

Re:Love comcast is working with it's customers

They aren't just engaging customers, but also the people that "run the Internet".

See this NANOG thread: http://www.merit.edu/mail.archives/nanog/msg04678.html

(In other news, why isn't Slashdot using reCaptcha?!)

And what, pray tell, do these good people do?

[The+Altruist]

http://social.answers.microsoft.com/Search/en-US/?query=disable%20IPv6 (Myself being one of them.) Being as the vast majority of home users and small businesses still send their money to One Microsoft Way, Redmond Washington, the standard Slashdot solution of install Ubuntu/Gentoo/OpenBSD/FreeBSD/Buy a Mac might not work for everybody. (I am a dual-booter, by the way.)

Re:And what, pray tell, do these good people do?

[nnet]

They get to be left behind, duh. IPv4 isn't going away anytime soon. IPv6 is getting deployed. Its not going to stop.

Re:And what, pray tell, do these good people do?

[natehoy]

Your ISP can easily protect you from IPv6 by giving you a NAT router, or you can get one yourself. As IPv6 gets rolled out, I expect more and more IPV6 to IPv4 NAT routers will become popular.

You ask for www.google.com, your computer does an IPv4 lookup to the router, the router translates that to an IPv6 lookup, caches the IPv6 address, and returns a valid-looking IPv4 address to your computer. When you ask for that IPv4 address, the router knows what IPv6 address it has associated with it and handles the heavy lifting for you. Just like regular NAT, except there's a protocol change too (which is pretty trivial).

Although, to be fair, you can actually load an IPv6 stack on Microsoft operating systems as far back as Windows 98 (DOS kernel) or Windows 2000 (NT kernel) and you may even be able to go further back than that. If you are concerned about IPv6 support on older operating systems than that, you'll have to opt for the router solution.

Re:And what, pray tell, do these good people do?

[harmonise]

And what, pray tell, do these good people do?

I guess they'd undo whatever they did to disable IPv6 in the first place.

Re:And what, pray tell, do these good people do?

[jbgeek]

They re-enable IPv6, or whatever was broken that they had to disable it in the first place gets fixed. Failing that, if they leave it disabled, or have devices for which IPv6 isn't available, there are solutions like Dual-Stack Lite which will allow IPv4 only nodes to still get to the IPv4 internet (IPv4 traffic is tunneled through an IPv4-in-IPv6 tunnel on their CPE router to a Large Scale NAT device at the ISP.

There may be ways for these same users to get to IPv6 only web sites, etc, but I haven't actually looked into that, so I'm not sure. It would have to be some sort of proxy solution, or something like DNS64/NAT64 in reverse. :p

IMHO, these IPv4 only devices should be upgraded, or go away as soon as possible. :-)

Re:And what, pray tell, do these good people do?

For the love of god, NAT and a firewall are two different things.

IPv6 does not need NAT.

Also, Vista/7 both have a firewall enabled by default. These are the only MS OS to install IPv6 out of the box. NAT/firewalls/home routers need to go away.

Re:And what, pray tell, do these good people do?

[eudaemon]

You are correct sir or madam in principal IPV6 does *not* need NAT. But it does need a firewall;
last time I checked there were plenty of exploits that need only touch your Windows box to own it.
Isn't the time between an unpatched machine touching the net and it getting owned down to less than 20 minutes?

Unfortunately for the average non-firewall savvy user NAT = firewall. So although I agree with you
it means we'll need good out of the box IPV6 firewalls to prevent creating a meta-network that
is just an express lane for the bot writers. Comcast mooted in a powerpoint deck years ago
that IPv6 created better infrastructure management opportunities for them, and would allow them
to roll out new technologies such as customer owned network-enabled streaming devices (i.e. IPTV client
on the XBOX 360.) If I could use MythTV or some netbook IPTV client that would rock my world.
I'm a comcast customer, but I buy my internet from Earthlink over Comcast's network since it's cheaper.
Which is a bummer because I doubt they'll let me participate in the trial as I get a different address
space when they hand me an IP.

Comcast still sucks

[WiiVault]

This is a good thing, but lets not forget how Comcast continually raped their customers and fought for a closed internet. I urge you not to give them too much credit. If nothing else it is nice to know that they are perhaps not *pure* evil.

most routers?

[arbiter1]

I guess it means most companies (aka dlink, linksys, etc) have to get off their ass and add support to their routers since most home routers don't support ipv6.

Re:most routers?

[nnet]

DLink already does, their DIR 615 comes to mind...

Re:most routers?

[Midnight+Thunder]

It will mean that the router companies suddenly have to pull their collective fingers out, but in the meantime there are forward thinking manufacturers:

http://www.sixxs.net/wiki/Routers

Re:most routers?

Support. Support?... What's this "support" thing you speak of??? No, if you want IPV6, they will gladly sell you a NEW router. ...support. To funny, Hah!

Re:most routers?

[izomiac]

I would image they're waiting until they can sell ipv6 support to people who don't have it. Really, all it'd probably take is a firmware update but how many users will do that rather than buy a new router with "Compatible with IPv6!!!" on the box? Perhaps the strategy is to wait and market it as an upgrade or wait for a major ISP to start NAT-ing ipv4 rather than buy new address space.

Re:most routers?

[haapi]

My Dlink wireless router switches/forwards IPv6 just fine.
It is not doing routing, though, just switching.

Autodiscovery will have to fully mature...

[rritterson]

For what it's worth, I signed up for the trial. Despite the level-1 tech support's crappiness, and the relative overpricing of their services, Comcast's network department does a pretty good on the backend. Our area has gone from 3mbps to 16mbps (with a 50mbps tier available) in 8 years, and has already completed the analog reclamation process in our area. Good on them for getting a head start on IPv6.

I presume they are going to want to do end-to-end IPv6 eventually, instead of assigning a single IPv6 address to my modem, and then continuing to use IPv4 NAT behind it. However, if they are going to do that, several things are going to have to change:

1. Router default settings will have to change. Out of the box, most home routers use NAT by default, and, since most people don't change the settings (based on the number of 2WIRE### SSID's broadcast to my house), they'll have to redo them for IPv6.
2. Auto discovery services will have to get better. I can say, categorically, that OS X is better than Windows and Linux at automatically finding nearby machines and devices that do not have a static IP/DNS A record assigned to them. The other 2 OSes will have to catch up, because, while a quartet of triplets is annoying but manageable to type, an IPv6 address will be a bear to copy down.
3. A debate between static and dynamic IP addresses will have to take place. Ideally, a device would get a static IPv6 address assigned to it and keep it forever, no matter where it roamed and went. It'd be akin to a routable MAC address. However, if we do that, we'll run out of IPv6 addresses more quickly (though still not fast), since things like phones get recycled fairly frequently. But there are several obvious downsides to continuing to use totally dynamic IPs.

Finally, as an aside, it's interesting to me, at least, how Apple Airport Base Stations do IPv6 routing automatically via a tunnel provider (as another commenter noted). Comcast doesn't support any IPv6, but when I'm connected to my router at home I get full IPv6 support transparently. Apple doesn't even mention this as a feature on the box, and it's not highly configurable either. So why did they spend all the effort to get it that way? Are they trying to stay so far ahead of the IPv6 curve no one will ever complain they're behind?

Re:Autodiscovery will have to fully mature...

[JesseMcDonald]

I can say, categorically, that OS X is better than Windows and Linux at automatically finding nearby machines and devices that do not have a static IP/DNS A record assigned to them.

That would be strange, since Linux uses exactly the same system as OS X (mDNS) for advertising local machines and services. You didn't disable the Avahi daemon, did you? It's generally enabled by default in new installations. You should be able to refer to any Linux machine on your local network as hostname.local, just as with OS X.

Windows is a bit behind on native support, of course, but you can install Apple's Bonjour for Windows software to get the same effect.

Re:Autodiscovery will have to fully mature...

[asaz989]

Linux has this, but it's a bit of a pain to actually use it, as I've discovered trying to set up a home Ubuntu network. Macs have all these nice GUIs for setting up network services (printer sharing, SFTP, etc.) that also activate Bonjour for the service with some sane defaults just by marking a checkbox. Linux boxes, by default, contain Avahi, a few applications that use it (such as Empathy/Pidgin, which use it for local messaging, and the Remote Desktop Viewer, which is very polished in its Avahi integration), but that's about it. If you want to, say, set up a (non-Samba) fileshare and have it advertised over Avahi/Bonjour, you've got some quality time with config files ahead of you. Sharing a printer is a bit easier (at least it's GUIable!) but it's still a pain (one dialog box to set up "print server settings" so that shared printers are advertised, and another to actually say to share a printer).

Re:Autodiscovery will have to fully mature...

[the_other_chewey]

Ideally, a device would get a static IPv6 address assigned to it and keep it forever, no matter where it roamed and went. It'd be akin to a routable MAC address. However, if we do that, we'll run out of IPv6 addresses more quickly (though still not fast), since things like phones get recycled fairly frequently.

Ummm... you don't really grasp the vastness of the IPv6 address space, do you?

Re:Autodiscovery will have to fully mature...

[TheRaven64]

Ideally, a device would get a static IPv6 address assigned to it and keep it forever, no matter where it roamed and went

Why? What problem does this solve? You should be advertising machines via DNS, not by their IP address. If you move to another network, you update the DNS entry. If you're talking about mobile devices roaming between networks then I suggest that you look at Mobile IPv6. This uses IPsec (optional in IPv4, a required bit of IPv6) to update the routing tables when the machine migrates. If you have a Mobile IPv6 address, you can move the machine between networks without dropping connections. Making this the default would be silly though; how often does your PVR move between networks? Your web server? Even my laptop doesn't usually need to maintain connections when it hops between unrelated networks; I suspend it and resume it in between, so the connections would drop anyway. Of all the devices that I might own, only a pocket computer / telephone would actually need this.

Re:Autodiscovery will have to fully mature...

"Ideally a device would get a static IPv6 address assigned to it and keep it forever, no matter where it roamed and went"

Care to share how in the world routing would work and scale for this?

What are these "several obvious downsides" to totally dynamic addressing?

lame

I still fail to see why we can't just extend the address space of ipv4 all of those new ipv6 features are just wasted overhead bullshit. Here's looking forward to my net being disabled for a month and being extorted to buy some new modem or other crap only to have my ping never return to the way it was before :(

I'm in...oh wait

[sajuuk]

I would totally be in on this. What, its Comcast? Bwahahahahahaha, forget it then. Not available in my neck of the woods. Seriously, I think this is just a ploy for them to figure out how to do their throttling, packet inspection, and spying on an IPV6 network.

but this comca$t that makes you pay as high as $20

[Joe+The+Dragon]

but this comca$t that makes you pay as high as $20+ per tv for there hardware.

Why not making the Chinese pay ?

[djscoumoune]

I'm feeling the Chinese are the only ones that can benefit from the ipv6 and they would get the help of everyone for free ?! Economically it would be foolish to make the world switch to ipv6 for nothing. China is not fair to anyone they don't respect patents and counterfact items so I don't see why we should make them the ipv6 gift. Make them trade this ipv6, let every ISP in the world test it and then regroup and ask China to trade ipv6 for something. It doesn't have to be money : pollution reduction laws or human rights sound fair. Anything they can do fast and not just a promise would do. They're the ones who'll run out of addresses not us.

More Spam Pleez, and Jumk Mail

IPv6 yeah, for making somebody some money. Go ahead and spray us with all the radiation you want fellas because you live in it to. Nothing like a little more autistic babies.

Re: IPv6 to IPv4 NAT, whatnow?

Your ISP can easily protect you from IPv6 by giving you a NAT router, or you can get one yourself. As IPv6 gets rolled out, I expect more and more IPV6 to IPv4 NAT routers will become popular.

I've been using IPv6 for many years and I don't get it. My obvious question when reading this is: WHY, why would anyone do this? The primary reason I use IPv6 in the first place is to have real globally routable IPs on all my boxen. I expect zero people who understand that most stories who are repeated time and time again on television these days have huge gaping holes will want IPV6 to IPv4 NAT. ISPs may decide to only hand out one IPv6 IP pr. subscriber and force such garbage upon the people, but it seems clear that those 2-3% of the population who have that now rare quality called "ability to think" will want and demand their own /64 subnet and not even consider foolish IPv6 to IPv4 NAT solutions. It's simply a very dump idea to begin with.

Isn't that kind of wasteful?

[JSBiff]

Yes, I know the IPv6 address space is galactically huge, but what exactly good purpose is served by giving each customer 1.8*10^19 addresses? Seems a bit excessive, doesn't it? Wouldn't most customers be fine with 16 bits of host/subnet (obviously, there might be som), and the rest of them shouldn't conceivably need more than 32 bits of their own address space? (And if someone needs/wants more than 32-bits of addressing assigned to them, then, sure, by all means, give them 48 bits). But why, 'by default', give people so many addresses I don't even know the name of numbers that large? (18 quintillion, I guess?)

Re:Isn't that kind of wasteful?

[mikael_j]

The idea is to keep it simple, assign a standard network size that's big enough for just about anyone and assign the same size network to everyone instead of messing around with the IPv4-style "You get _one_ IP, you over there get a /28, and that guy in the corner gets a /24, Joe was an early adopter so he's got a /16 and Steve over there had some good arguments for why he should get a /20, and lucky Dan over there has a /8..." mess.

/Mikael

Re:Isn't that kind of wasteful?

[amorsen]

Because you aren't supposed to ever worry about the lower 64 bits. They just magically acquire reasonable values, like in IPX.

Re:Isn't that kind of wasteful?

[Professor_UNIX]

You know, 4 million years from now people are going to be thinking "God damnit, why were they so wasteful with ipv6 address space? I didn't need a /56, all I needed was a /64! If they would've allocated the more efficient subnets we wouldn't have to be worrying about IP address exhaustion within the next 10 million years. :-(

Re:Isn't that kind of wasteful?

[fulldecent]

2^64 hosts should be enough for anyone

Re:Isn't that kind of wasteful?

[amorsen]

7/8ths of all IPv6 address space has been reserved for just that eventuality. Should the current policies prove too wasteful, we'll have to allocate another 7/8th and be more careful. Hopefully that won't happen 7 times.

Re: IPv6 to IPv4 NAT, whatnow?

I've been using IPv6 for many years and I don't get it. My obvious question when reading this is: WHY, why would anyone do this?

Well, here's a plausible scenario.

You have IPv6 apps on your box, but a few of them are old and only work on IPv4.

For example, your mail server is IPv6, but your preferred mail client is IPv4.

The GP speculates that this could be handled in routers... but I reckon this could be handled much more locally: in software in your OS. It would automatically intercept outgoing IPv4 traffic, and network-address-translate it to IPv6.

Too late!...

[Linwooder]

Everyone knows the IPv4 internet will grind to a halt in 2007.

Re:what is the per ip cost? $5? WILL there cable b

[Randle_Revar]

I think DOCSIS 3 areas might have been assigning IPv6 addresses to cable boxes for a while now.

Re: IPv6 to IPv4 NAT, whatnow?

[TheRaven64]

Depressingly, the grandparent isn't an idiot. This actually was the reason that a lot of corporate networks stayed with v4 for so long, and the v6 to v4 NAT arrangement was only finalised about a year ago. The main reason for it was printers. Lots of corporate networks contain network printers that only support IPv4. If you switch the network to v6, then you either need to upgrade the printers (expensive) or provide some hack to connect to them. Another issue was CCTV cameras. Lots of companies have IPv4 CCTV cameras which connect to a central monitoring station and stream video footage.

They needed some mechanism by which these v4-only appliances could keep operating. Most of them didn't actually need to connect to the outside Internet, so they can be put on a private v4 network with a gateway handling translation to v6 addresses.

A typical implementation of this would put all of the v4-only devices on the 192.168/16 subnet and use the 10/8 subnet for v6 NAT. Any connections to 10/8 addresses are automatically forwarded to a manually-configured v6 address. In the other direction, the gateway accepts connections on a few v6 addresses and forwards them to 192.168/16 addresses, with the origin address set to a 10/8 address. The v4-only appliances talk to the gateway via IPv4 and the rest of the network talks to the gateway via IPv6.

Gradually, you replace the legacy devices (as they wear out) with ones that support IPv6 and move them out from behind the NAT.

As the other poster mentioned, for v4-only software you can do this in your local operating system's network stack, but for embedded systems you can't (although, given that Adam Dunkels wrote an IPv6 stack that runs happily on a 6502 with 32KB of RAM, there's not much excuse for things not to support v6).

It's not a high priority for home users, because they can just run a dual-stack network and switch off IPv4 when they run out of v4-only devices.