Slashdot Mirror

← Back to Stories (view on slashdot.org)

Major 'Net Players Mulling IPv6 Whitelist

Posted by Soulskill on from the transition-period dept.

netbuzz writes "From this week's IETF meeting in Anaheim comes word that leading Web content providers are talking about creating a shared list of customers who can access their Web sites via IPv6. The DNS Whitelist for IPv6 would be used to serve content to these IP addresses via IPv6 rather than through IPv4. David Temkin, network engineering manager with Netflix, says: 'We're looking into the same service that Google has, where we will try to track what connectivity the user has. We're in discussions with Google, Yahoo, Netflix and Microsoft to see whether it makes sense to have a shared, open source DNS whitelist service.' ISPs are not wild about the idea."

5 of 158 comments (clear)

  1. ISPs are not wild about the idea. by John+Hasler · · Score: 4, Insightful

    If ISPs would get their heads out of their asses "this idea" would not be needed.

    --
    Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
    1. Re:ISPs are not wild about the idea. by mellon · · Score: 5, Insightful

      Actually it's not the ISPs they're referring to who have their heads in their asses. Indeed, I don't think anybody has their heads in their asses on this one--each side of the discussion has legitimate points. From the perspective of IPv6 deployment, the whitelists suck, because mostly they prevent people who are trying to use IPv6 from using it--you have to be on the whitelist before you can get AAAA records from these online services. It's very hard to get on the whitelist, and very easy to get knocked off of it.

      ISPs who are deploying IPv6 want to just get the AAAA records, and not have to jump through hoops to get on a whitelist. But the providers worry about people who have crappy home gateways that fall over and die when they get AAAA records, and also about people who have devices on their networks advertising IPv6 connectivity, when they don't actually have it. One presentation in that meeting set the number at about .8% of users, which they felt was too many.

      Personally, I think they should just turn on the AAAA records and let the customers who have broken routers see that their routers are broken and fix them. But it's a rough tradeoff--IPv6 has at times gotten a bad rep for being the cause of network problems, and so network no-nothings tend to tell you "IPv6 is the problem" when in fact it's bad code on embedded devices that's the problem. Since disabling IPv6 "fixes" it, IPv6 gets the blame. That's the rationale for the whitelists, and as much as I hate them, I can't say that this rationale is completely wrong.

  2. I'm sure they have a reason for it... by pathological+liar · · Score: 4, Insightful

    The article doesn't make it particularly clear what that might be though. The closest I found was:

    "There's a pretty key reason for whitelisting," Temkin explains. "It's really, really easy for anyone using, for example, Hurricane Electric's tunneling to find that the IPv6 network becomes an island and that it is broken because they didn't update a tunnel...You end up with the customer having a bad experience. They never see the content or they only see the content after a 30-second wait."

    Which seems like a no-brainer to me: Fix the tunnel. I don't even understand how the whitelist might help that -- if the whitelist says "This user has IPv6 connectivity" and you have a broken tunnel either you don't get the content at all, or you still only see the content after a 30-second wait.

    The real 'island' problem is that IPv6 routing is kind of a mess. If you're on the east coast of North America and want to connect to western Europe, depending on who your provider is it may well decide to send all of your traffic through Korea, if it even makes it to your target at all. I imagine that's a problem that will solve itself as more routes come online.

  3. Re:Not a "whitelist" by Abcd1234 · · Score: 4, Interesting

    LOLFR, "globally unique MAC address"... riiight. No manufacturer has *ever* reused a MAC address... *snicker*

  4. Re:Nice Try but... by mellon · · Score: 4, Interesting

    I want an IPv6-only connection. I want one that works. Because then I can have a global IP address that's reachable, and then I can do peer-to-peer protocols. This is much better than IPv4, where mostly my devices are behind a NAT, and peer-to-peer requires clever device-specific hacks to punch holes in the NAT. This reduces reliability, and in a lot of cases makes simple protocols that ought to work fail. I can't do iChat video with my dad because he's on the far side of two layers of ISP-inflicted NATting. And no, he can't change providers - what they have now is orders of magnitude better than what they had before my mom and several other members of the selectboard in her small town organized a local wireless ISP using an antenna at the top of a local mountain. If they had IPv6 that worked, it would be *much* better.

    The problem is that right now IPv6-only connections don't work, because not enough stuff on the network is reachable. That's changing, and this is part of the change. At the recent IETF, there was a v6-only network with a 6to4 NAT, and it worked pretty well, although it turned up a few bugs in a certain vendor's IPv6 stack.