Slashdot Mirror
Comcast Plans IPv6 Trials In 2010
Mortimer.CA writes "In a weblog posting, Jason Livingood, Executive Director of Comcast's Internet Systems has stated that they're beginning public trials of IPv6; Comcast hopes 'that these trials will encourage other stakeholders to make plans to continue, or to begin, work on IPv6 in 2010 so that all stakeholders do their part in ensuring the future of the Internet is as bright and innovative as it has been in the past.' Interested guinea pigs can volunteer at Comcast6.net (FAQ). Those who have IPv6 connectivity via other means can check out their IPv6-only web presence."
I have no ipv6 at this location and it loads just fine here, not exactly 'ipv6 only' like the Dancing Kame ...
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
Pinging ipv6.comcast.net [68.87.64.59]
woops.
Nope. Can't see the IPv6-only web presence from my IPv4-only internet. I guess it got slashdotted.
I know most IP6 fan will say that you don't need them but you just know when the smoke clears Joe customer will still get ONE Address.
Besides, most IP-enabled toys wont like IP6 (Wii, VOIP boxes, etc.)
Obama's legacy: (N)othing (S)ecure (A)nywhere and (T)error (S)imulation (A)dministration
what is the per ip cost? $5? WILL there cable boxes also start useing ipv6? they use ipv4 now.
I've been waiting for mediacom to roll out some DOCSYS 3 / IPv6 forever. This little town I happen to be in, has excellent infrastructure and is physically capable of running it -- unlike most cities. This town is dependent only on major hardware upgrades, not cable plant upgrades.
Who is this that even the wind and the waves obey Him? Surely this computer must submit also!
The main page mentions tunneling IPv4 over what it calls "Dual-Stack Lite technology (aka DS-Lite)". But Comcast must not have been aware of Nintendo's prior use of "DS Lite" for a handheld video game system with Wi-Fi support. Do Nintendo video game consoles even support IPv6?
ipv6.google.com is IPv6 only, and if you can reach it, you are IPv6 enabled.
We actually used this for the IPv6 test in Netalyzr as the basis of the IPv6 connectivity test. Our servers don't have IPv6, but we have a small amount of javascript on the analysis page that tries to fetch the logo from IPv6.google.com and reports success or failure back to the server.
Test your net with Netalyzr
My ISP has given me (and any customer who wants it) 18446744073709551616 IPv6 addresses free of charge, That should keep me going for a while...
If Comcast actually does what they're saying on the tin, maybe the other ISPs will follow suit.
This just might be a good thing.
One of these days, I am going to flip out. When I flip out, I'll be back in five minutes.
It is very hard to block NATs even if they aren't allowed.
Hard, but doable. An ISP can "protect the security of its network" by requiring the customer to run a "dialer" or "supplicant" before the ISP will route the customer's packets outside the quarantine. The ostensible purpose of network access control methods is to make sure that the operating system and antivirus signatures on customer equipment are updated and that the botnet-of-the-week isn't running. But the side effect of Trusted Network Connect deployment is that connecting to a home-class Internet requires an approved and unmodified copy of Windows or Mac OS without any programs that interfere with the ISP's business model, such as Apache HTTP Server or NAT software.
Will the addresses by dynamic or static? Is there any good reason for them not to be static?
You got trapped by OpenDNS. OpenDNS is VERY agressive at wildcarding network failures:
132.219.67.208.in-addr.arpa. 18794 IN PTR hit-nxdomain.opendns.com.
So even though there is a valid name for ipv6.google.com (the Google DNS servers return a valid reply with a 0-size answer for an A query, and the whole data for an AAA query), OpenDNS instead goes "hey, lets wildcard it and return our server!"
This behavior is why I'm NOT a fan of OpenDNS.
Test your net with Netalyzr
I'm impressed that Comcast is talking about it trials publicly and engaging customers. Many service providers run stuff in private, don't tell their guinea pigs, I mean customers that they experiment on, and then just select whatever seemed convent for the service provider. Engaging people in a trials like this, seems win/win for the customers and service providers.
This is a good thing, but lets not forget how Comcast continually raped their customers and fought for a closed internet. I urge you not to give them too much credit. If nothing else it is nice to know that they are perhaps not *pure* evil.
They get to be left behind, duh. IPv4 isn't going away anytime soon. IPv6 is getting deployed. Its not going to stop.
I guess it means most companies (aka dlink, linksys, etc) have to get off their ass and add support to their routers since most home routers don't support ipv6.
Unless we start addressing every individual atom on earth I don't see it being a problem. There are ~3.4*10^38 addresses available in the IPv6 space, so even if every person on earth had a billion devices to uniquely address we'd *still* only use 7*10^18 addresses which would only be a millionth ( < 0.0001%) of the available address space.
So, yeah, I think we're good for a while on it.
Of course, if you desperately need to individually address every single atom in the known observable universe, you could eventually extend it to a 512-bit address space to easily cover that possibility.
Your ISP can easily protect you from IPv6 by giving you a NAT router, or you can get one yourself. As IPv6 gets rolled out, I expect more and more IPV6 to IPv4 NAT routers will become popular.
You ask for www.google.com, your computer does an IPv4 lookup to the router, the router translates that to an IPv6 lookup, caches the IPv6 address, and returns a valid-looking IPv4 address to your computer. When you ask for that IPv4 address, the router knows what IPv6 address it has associated with it and handles the heavy lifting for you. Just like regular NAT, except there's a protocol change too (which is pretty trivial).
Although, to be fair, you can actually load an IPv6 stack on Microsoft operating systems as far back as Windows 98 (DOS kernel) or Windows 2000 (NT kernel) and you may even be able to go further back than that. If you are concerned about IPv6 support on older operating systems than that, you'll have to opt for the router solution.
"This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
For what it's worth, I signed up for the trial. Despite the level-1 tech support's crappiness, and the relative overpricing of their services, Comcast's network department does a pretty good on the backend. Our area has gone from 3mbps to 16mbps (with a 50mbps tier available) in 8 years, and has already completed the analog reclamation process in our area. Good on them for getting a head start on IPv6.
I presume they are going to want to do end-to-end IPv6 eventually, instead of assigning a single IPv6 address to my modem, and then continuing to use IPv4 NAT behind it. However, if they are going to do that, several things are going to have to change:
1. Router default settings will have to change. Out of the box, most home routers use NAT by default, and, since most people don't change the settings (based on the number of 2WIRE### SSID's broadcast to my house), they'll have to redo them for IPv6.
2. Auto discovery services will have to get better. I can say, categorically, that OS X is better than Windows and Linux at automatically finding nearby machines and devices that do not have a static IP/DNS A record assigned to them. The other 2 OSes will have to catch up, because, while a quartet of triplets is annoying but manageable to type, an IPv6 address will be a bear to copy down.
3. A debate between static and dynamic IP addresses will have to take place. Ideally, a device would get a static IPv6 address assigned to it and keep it forever, no matter where it roamed and went. It'd be akin to a routable MAC address. However, if we do that, we'll run out of IPv6 addresses more quickly (though still not fast), since things like phones get recycled fairly frequently. But there are several obvious downsides to continuing to use totally dynamic IPs.
Finally, as an aside, it's interesting to me, at least, how Apple Airport Base Stations do IPv6 routing automatically via a tunnel provider (as another commenter noted). Comcast doesn't support any IPv6, but when I'm connected to my router at home I get full IPv6 support transparently. Apple doesn't even mention this as a feature on the box, and it's not highly configurable either. So why did they spend all the effort to get it that way? Are they trying to stay so far ahead of the IPv6 curve no one will ever complain they're behind?
-Ryan
AUWYHSTOT (Acronyms are Useless When You Have to Spell Them Out Too)
Why? I, for one, look forward to having a unique address for every computer. It is, after all, the original intent of the Internet.
I have developed a truly marvelous proof of this comment, which this signature is too narrow to contain.
I would totally be in on this. What, its Comcast? Bwahahahahahaha, forget it then. Not available in my neck of the woods. Seriously, I think this is just a ploy for them to figure out how to do their throttling, packet inspection, and spying on an IPV6 network.
but this comca$t that makes you pay as high as $20+ per tv for there hardware.
I guess they'd undo whatever they did to disable IPv6 in the first place.
Cory Doctorow talking about cloud computing makes as much sense as George W Bush talking about electrical engineering.
They re-enable IPv6, or whatever was broken that they had to disable it in the first place gets fixed. Failing that, if they leave it disabled, or have devices for which IPv6 isn't available, there are solutions like Dual-Stack Lite which will allow IPv4 only nodes to still get to the IPv4 internet (IPv4 traffic is tunneled through an IPv4-in-IPv6 tunnel on their CPE router to a Large Scale NAT device at the ISP.
There may be ways for these same users to get to IPv6 only web sites, etc, but I haven't actually looked into that, so I'm not sure. It would have to be some sort of proxy solution, or something like DNS64/NAT64 in reverse. :p
IMHO, these IPv4 only devices should be upgraded, or go away as soon as possible. :-)
By the time your 512-bit system is fully deployed, we will be communicating with parallel universes and people will be talking about how we really need to deploy a 1024-bit addressing system.
The problem with this proposal is that the ipv4 header is fixed in format and size. To support such an extensible addressing scheme would break ipv4 in at least as many ways as IPv6 will. IPv6, by the way, has an extension header mechanism, so it could, theoretically, have an extensible addressing system like what you describe (and you wouldn't even need to have multiple ports along the way). Supporting it would still require firmware updates to the routers, but it would not break any existing ipv6 connectivity.
File under 'M' for 'Manic ranting'
I find it sadly hilarious that this utterly contentless post somehow managed to get an insightful mod...
Yes, I know the IPv6 address space is galactically huge, but what exactly good purpose is served by giving each customer 1.8*10^19 addresses? Seems a bit excessive, doesn't it? Wouldn't most customers be fine with 16 bits of host/subnet (obviously, there might be som), and the rest of them shouldn't conceivably need more than 32 bits of their own address space? (And if someone needs/wants more than 32-bits of addressing assigned to them, then, sure, by all means, give them 48 bits). But why, 'by default', give people so many addresses I don't even know the name of numbers that large? (18 quintillion, I guess?)
I think DOCSIS 3 areas might have been assigning IPv6 addresses to cable boxes for a while now.
Climate Progress - Hell and High Water
Note that IPv6 wants sparse hierarchical addressing, doesn't like routing packets to subnets smaller than a /64 and requires some ranges reserved for things like 6to4 and multicast. In practice, we only really have enough IPv6 addresses for everyone on the planet to have a few tens of thousands of devices, depending on the network topology.
I am TheRaven on Soylent News
Depressingly, the grandparent isn't an idiot. This actually was the reason that a lot of corporate networks stayed with v4 for so long, and the v6 to v4 NAT arrangement was only finalised about a year ago. The main reason for it was printers. Lots of corporate networks contain network printers that only support IPv4. If you switch the network to v6, then you either need to upgrade the printers (expensive) or provide some hack to connect to them. Another issue was CCTV cameras. Lots of companies have IPv4 CCTV cameras which connect to a central monitoring station and stream video footage.
They needed some mechanism by which these v4-only appliances could keep operating. Most of them didn't actually need to connect to the outside Internet, so they can be put on a private v4 network with a gateway handling translation to v6 addresses.
A typical implementation of this would put all of the v4-only devices on the 192.168/16 subnet and use the 10/8 subnet for v6 NAT. Any connections to 10/8 addresses are automatically forwarded to a manually-configured v6 address. In the other direction, the gateway accepts connections on a few v6 addresses and forwards them to 192.168/16 addresses, with the origin address set to a 10/8 address. The v4-only appliances talk to the gateway via IPv4 and the rest of the network talks to the gateway via IPv6.
Gradually, you replace the legacy devices (as they wear out) with ones that support IPv6 and move them out from behind the NAT.
As the other poster mentioned, for v4-only software you can do this in your local operating system's network stack, but for embedded systems you can't (although, given that Adam Dunkels wrote an IPv6 stack that runs happily on a 6502 with 32KB of RAM, there's not much excuse for things not to support v6).
It's not a high priority for home users, because they can just run a dual-stack network and switch off IPv4 when they run out of v4-only devices.
I am TheRaven on Soylent News
You are correct sir or madam in principal IPV6 does *not* need NAT. But it does need a firewall;
last time I checked there were plenty of exploits that need only touch your Windows box to own it.
Isn't the time between an unpatched machine touching the net and it getting owned down to less than 20 minutes?
Unfortunately for the average non-firewall savvy user NAT = firewall. So although I agree with you
it means we'll need good out of the box IPV6 firewalls to prevent creating a meta-network that
is just an express lane for the bot writers. Comcast mooted in a powerpoint deck years ago
that IPv6 created better infrastructure management opportunities for them, and would allow them
to roll out new technologies such as customer owned network-enabled streaming devices (i.e. IPTV client
on the XBOX 360.) If I could use MythTV or some netbook IPTV client that would rock my world.
I'm a comcast customer, but I buy my internet from Earthlink over Comcast's network since it's cheaper.
Which is a bummer because I doubt they'll let me participate in the trial as I get a different address
space when they hand me an IP.
Why? A bald assertion like that with nothing to back it up is pointless and stupid.
Need a Python, C++, Unix, Linux develop
Well, that's an interesting proposal, though it seems like a really dumb hack to me.
And I don't understand any of the reasons why you think it will be a headache. The only one that really makes any sense is that you think your proposed scheme will require fewer software changes on devices.
You don't appear to explain any of your other reasons.
Need a Python, C++, Unix, Linux develop
And World of Warcraft will have broken its 10^100 player.
They should've just skipped to 256bit IPs and said "Every atom in the universe gets an IP, and still have room for reserved ranges.
What are you talking about? I'll have a /64, I can have just slightly less than 18,446,744,073,709,551,616 devices