Slashdot Mirror
Can Large Scale NAT Save IPv4?
Julie188 writes "The sales pitch was that IPv6, with its zillions of new IP addresses, would eliminate the need for network address translation altogether. But Jeff Doyle, one of the guys who literally wrote the book on IPv6, suggests that not only will NAT be needed, but it will be needed to save IPv4 at the tipping point of IPv6 adoption. 'I've written previously that as we make the slow — and long overdue — transition from IPv4 to IPv6, we will soon be stuck with an awkward interim period in which the only new globally routable addresses we can get are IPv6, but most public content we want to reach is still IPv4. Large Scale NAT (LSN, also known as Carrier Grade NAT or CGN) is an essential tool for stretching a service provider's public IPv4 address space during this transitional period.'"
Of course it could fit most people needs who, by the way, don't even know what having a unique IPv4 address means, forget about knowing what a fixed IP address is. My only concerns would be towards people hosting services, even if they only host a gaming server.
Before getting a fixed IP address, I remember using services like dyndns before I setup my own private dyndns server on a fixed IP address server that I had access to. I could always reach my system even if it changed address every 6 hours on the first dialup provider I registered to back then.
So yes, it could, my only concerns is that it may cause prices to have a unique address or a fixed address to rise.
Everything I write is lies, read between the lines.
Stop the madness. Give us ip6. We (as a society) would gain so many productive hours without NAT and the shit that comes with it. (Portforwarding etc). We have the technology ready to go and give everything it's unique ip. Can we please use that tech? It's not like it's high-tech or to new to be implemented by now.
For years we've heard predictions about how we'll run out of addresses "this year." Yet we haven't.
I assume that's partly because my toaster doesn't have an IP, but it's also got to be because of NAT.
There's no -1 for "I don't get it."
to ask someone from Rosenet, in Thomasville GA, who have NATted *all their customers* for some years now.
I expect they've learned all the necessary lessons.
If you're a Qwest customer in Omaha like my inlaws, you get a non-routable from the head end... and the last time I was there, they did not support VPN passthrough (although IIRC you could pay extra for a routable dynamic IP if you wanted VPN to work).
Obviously you haven't had to deal with an entire organization using one IP for several thousand users,
and each user forced to use a NAT again to "protect" against other members of the organization.
Two layers of NAT defeats ALL dynamic DNS, and return traffic.
And this is the goal of every major ISP I've had contact with. They want to force you to use their
servers, and pay for it.
Never mind that they can't handle the problems of that.
at work we use NAT behind a whole public class B and it work great. But as a customer I would not put up with it. I want to act as a server not only a dumb host. So please stop the carrier grade nating madness.
Jehovah be praised, Oracle was not selected
Probably because he doesn't own the infrastructure. The problem is that in the US we heavily subsidized the industry, but didn't require them to really do anything to deserve the money. We didn't require neutrality, we didn't require them to keep building out broad band, or enhance the speeds in urban areas either.
Considering that ultimately they're using public resources to provide a service, I do think they owe us at least something in exchange for making profits using our right of way or airwaves.
So the same guy advocated IPv6 and now it's IPv4 again? I'm dazzled! This sounds like what you hear during an election.
Most P2P protocols have at least some trouble working with local NAT. If it was implemented on a large scale there might be a few more problems, and it certainly gives ISP's (the ones running the NAT) more control over the traffic they route. I wonder how quickly the RIAA and friends will pick up on that and start pushing for NAT instead of IPv6...
I never understood why some people are determined to get as much mileage out of IPv4 as possible before going to IPv6. An aggressive move towards IPv6 would probably revive a decent part of the IT industry. Now is as good a time as ever.
The only thing holding us back is carriers are all looking at each other waiting for someone to go first as it will definatly be an expensive transition and will introduce a few unknowns into their network cores which they pride on being extremely reliable. Although I know some carriers are running dual stack on their cores to test it all out as we speak.
Large scale or ISP wide NAT is part of the solution. It will not "save" IPv4, whatever that means. It will make it possible to transition to IPv6 and still access all the old sites, that have not yet made the transition.
It is not really important that slashdot.org is still IPv4 only. You can access it just fine. And slashdot.org has no need to access you.
You use IPv6 in all the cases where you wanted that nice static IPv4 address before: When running peer to peer software. Setting up your small hobby server. Using direct peer to peer VoIP. And so on.
All the consumer ISPs will transition soon enough during the next few years. We will fairly quickly be able to assume consumers will in fact be able to access IPv6 only sites. For the next 10 years you can also assume consumers will be able to access IPv4 only sites - is anyone really surprised by that?
If all your gaming friends got IPv6, playing on your private IPv6 only game server - what do you care that some backwards dialup only ISP, in a country you never heard of, still is IPv4 only?
p1. IPv4 doesn't need to be "saved" from any kind of calamity. It's doing just fine, thank you very much.
p2. The transition to IPv6 is probably going to need some NAT64 and DNS64 magick at some point. Not everybody is going to be well-served by running dual-stack hosts and networks. I've heard that some mobile broadband providers are looking at various kinds of NAT tricks to keep IPv4 marginally functional for legacy applications on IPv6-only networks without resorting to expensive tunnel encapsulation mechanisms.
p3. Repeat after me: IPv4 is fine. It will still continue to work just the same as it does today after the last address is allocated by the last registry. It just won't be growing anymore, but that's fine. It doesn't need to grow. That's why we have IPv6, which can grow for at least another century before there might conceivably be a problem.
p4. So globally routable IPv4 addresses will soon start getting more expensive (and the future value of an address is already hard to predict). That was always going to happen. It's not like there's any surprise here. But look on the bright side, you have TWO ways to get your IPv4-only private network reachable over IPv6: A) transition to IPv4/IPv6 dual-stack network or B) deploy a NAT-PT gateway. (Okay, I'm cheating here. I know that only one of those two will ever make any economic sense, but I'm trying to be nice.)
p5. IPv4 is doing fine. Go back to sleep. There's nothing to see here. Pay no attention to the geeks behind the curtain. You don't want to know what they're doing anyway. Probably something weird and unsavory, right? Go back to sleep. IPv4 is doing fine. Stop worrying. It's okay.
jhw
There are only 65536 port numbers, so there is only so thin that you can spread a single IP address. Remember that some clients open many ports. There are also questions of reuse; you can't simply cram the 65536 space close to full. When a TCP connection terminates, you don't want to start reusing the port number right away. It's tricky.
People are not going to be happy to be NAT ed. Will large scale NAT also come with large scale port forwarding? Large scale UPnP? What do you do about port number abuses?
Dynamic DNS goes out the window. People can't have a quasi static IP any more with their own port 80, port 22, port 25 mail server or whatever.
If I were to be NATed, I would not want to pay more than 5 dollars a month for such a crippled connection, regardless of bandwidth. So you will automatically have to sell the service to ten subscribers like me instead of just one to make the same revenue.
As long as I can get non-NAT-ted service somewhere, than that is where I will be.
NAT == CRIPPLED_INTERNET. Impose that next door. Next city. Next country. NIMBY: not in my backyard.
And remember that if EVERYONE is NATted, then nobody can talk to anyone. Because you have to connect somewhere to use the Internet. That means resolving DNS to some IP address.
To reach a DNS server you need an IP address. So the DNS server can't be NATed. That DNS server has to hand you the IP address of a host such as a web server. Are all web servers going to be NAT ed? That means they can't be all on port 80 any more. You are looking at redirects! There will have to be a port 80 service sitting on those NAT nodes, which will intercept web traffic, parse the HTTP request and forward to the appropriate node behind the NAT.
Or else DNS will have to be re-architected so that it returns not only IP's but port numbers, so when you go to www.somewhere.com, it resolves to x.y.z.w:n, and the host x.y.z.w has port n forwarded to the right server.
Good grief, and good luck with that.
Because there will literally be mountains of eWaste and headaches galore? How many of the home routers sold in the past 5 years even support IPv6? I don't think any of the consumer grade stuff does. That means we will have to replace just about every router in every home or have some sort of IPv6 to IPv4 bridge built into every modem in the country, again not cheap.
Whether we like it or not, there is a reason why IPv4 has lasted so long. It is a mature tech that everyone knows how to fix. IPv6 is gonna be a nightmare for probably 5 or 6 years and it really ain't gonna be fun trying to fix the mess. So yeah, I can see them stretching out IPv4 for as long as humanly possible, simply because the transition costs are gonna be insane.
ACs don't waste your time replying, your posts are never seen by me.
So, if money talks, and bullshit walks, then what the fuck are you still doing here?
It isn't his responsibility, this is basically the same problem we've seen in the wireless space, the people who actually control access don't bother to upgrade until the last minute, if even then, and without somewhere else to take your business, it's not a realistic option. I've heard that Comcast has IPv6 around here, but going back to them is a non-starter. They're far worse than the other options.
Unless the end user can do to their CO and upgrade the equipment it's a moot point.
Mostly because it's expensive, painful, and older versions of most operating systems don't properly support it. No one wants to deal with the dramas before they absolutely have to. That and there's the fact that as far as I can tell the one and only killer feature of IPv6 is a larger address space and having every item have a publicly addressable IP, which isn't a really huge selling point especially when you consider that while IPv4 addresses are easy to remember, IPv6 addresses are not.
Most people don't want to run servers, NAT and port forwarding isn't all that hard to set up, and not every device needs or even should have a public IP address. There's still a whole bunch of unused Class A's floating around that were picked up by companies who were there in the early days and who aren't actually using them, I'm sure a lot of those will be reclaimed before we run out of space. Hell I'm sure Sun had a couple which Oracle doesn't need.
The same reason why people are determined to take America back to the 50s. Change is costly and at time you make the wrong call. And ultimately it's scary.
The changes that businesses make tend to be the ones that either improve their profit margins immediately or the things that consumers demand. Ever notice how lately every store has to have air conditioning? It's not because it's profitable per se, it's because if you want to have customers they have to come into the store, and they won't come into your store if your store is the only one without AC.
I was once told by another fellow Slashgeek, regarding the IPv6/IPv4 debate, that "one cannot boil the ocean"! I think we probably need these interim steps and solutions.. that's probably the only way things will continue working during the changeover. We do have to be careful not to fall into the trap of implementing an interim measure and getting stuck with it for a long time, when the better solution is almost never reached as soon as was desired. How many systems get implemented to be "temporary" and then become production for years?
At the same time, massive direct cutover changes almost never work. Although, that may not be entirely true - the recent change from analog to digital television seems to have gone reasonably well and that was a direct cutover.
6d
We have 3.7bn IPV4 addresses. That won't even cover 1 device per person, before even taking into account losses due to subnetting. The population is growing exponentially, and we should probably plan on the number of IP enabled devices growing even faster than that (higher number of devices per person).
NAT, large scale or otherwise is only a band-aid delaying the inevitable.
Its a horrible hack that breaks many protocols and causes all sorts of problems when you want to (say) join two previously private networks together only to find that they're using the same internal network range.
NAT got us through the late 90s while IPV6 was being finalized. It is truly time to let IPV4 go and get on with the changeover. Other countries (china) are already implementing large-scale IPV6 networks due to an inability to acquire IPV4 - so it can certainly be done.
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
The other side of big NATs is that they could make IPv6 unnecessary. With big NATs everybody could have private IPv4 space with the public IPv4 space being used to connect the private spaces.
Protocols that don't like NATs are protocols that violate the principle of independence of protocol layers. Things like SIP and FTP are hard to NAT because they carry lower level addresses. Nobody cares about FTP any more but SIP is a security and implementation nightmare that is going to need to be re-designed from scratch anyway.
The net is moving towards a world in which users see the net not as a means to transport packets end-to-end but rather as a platform to support various applications. That means that what is becoming important are application level gateways to bridge application services rather than a seamless IP address space.
Hah. The only way this will work is if they make an extremely good IPv4/IPv6 NAT gateway. Except, if they make one that does a good job such that people are going IPv4->IPv6->IPv4 and everything basically works, then people will wonder why they don't just do an extremely good IPv4 NAT solution and go IPv4->IPv4 and drop the entire IPv6 part.
Add to this how many more NAT workarounds we will need to have in software. We already have to deal with NAT busting solutions, now we will have to deal with double NAT busting solutions. Believe me, NAT was a workaround to a limitation and we shouldn't be using this workaround at any more levels than necessary.
There is only so much duct tape you can use before it is time to just accept you will have to install the new solution.
If IPv6 appears so hard, its because people keep on waiting for someone else to take the plunge. If you are an IT professional, then is should be your business to understand and embrace IPv6, whether that is in your network or in your software. If your issue is with your router not supporting IPv6, then make some noise to your router's manufacturer, install a third-party firmware or go with a company already offering an IPv6 capable router.
Jumpstart the tartan drive.
In addition to using NAT to conserve IPv4 space it is still being sold as a more secure setup. NAT provides obscurity but not really security. A decent firewall is only going to allow what you configure it to allow. The only benefit I can think of is it may reduce the scope of subnet scans your network is subjected to. Then again, the bots/scripts are scanning em all anyway.
Keep the Classic Slashdot.
You are talking to Michael David Kristopiet. The one slashdotter too stupid for even slashdot.
Don't waste your breath on this crazy but ultimately pathetic and worthless fucker.
Maybe they can start at the backbones by converting to IPv6 and NAT to the rest of the world. Then, they can implement IPv6 as they reach out and keep pushing the NAT farther and farther out until it's at the ISP level (where hopefully they've been starting to work on their own IPv6 implementation).
What we really should do it have a cut off day, like digital TV, for the switch to IPv6. It worked great for TV! :)
-m
http://www.invisik.com
http://www.ipv6porn.co.nz/ is giving away free porn to anybody who can access it with an ipv6 address
This would be great for pirates, who the hell would the MPAA and RIAA sue if everybody in one region shared a single IP#?
iptables -s YOU -p tcp --dport ! 80 -j DROP
We should have huge NATs connecting large private spaces together, with most people talking through multiple layers of NAT?
FTP and SIP don't work because they "carry lower level addresses", like what, IP addresses? It's not like they use the MAC to connect.
Are you insane?
Yes, there will be Carrier Grade NAT (CGN) used for the time to be. You will primarily see if in Mobile Wireless networks for handsets that don't require a full Internet connection but other ISP's will eventually be forced to do the same. That said, CGN is required so that we can do Dual Stack (where you have both an IPv4 and IPv6 address). This is the most commonly accepted transition technique and really the best available. It works by using the DNS system to determine if the name you are trying to resolve has a AAA or AAAA (referred to as a Quad A) record. The IP stacks of today are set to prefer Quad A over AAA records so if a site has a IPv6 address (or Quad A record) you will hit the site using your IPv6 connection. CGN is a IPv4 technology and not a IPv4 to IPv6 Gateway. CGN just allows us to do a massive amount of NAT44 that most of our current NAT devices can't handle.
Really there is nothing to see here that hasn't been said over and over again on every "World ending IPv4 shortage" article on Slashdot. Yes, the threat is real. Does it really matter to many people outside of Service Providers, not really because almost everyone else is doing NAT44 today anyone in one form or another. As usual, what should be taken from this is that if you are a Network Engineer responsible for managing a network, you should be taking the time to take inventory of your IPv4 space and making plans for implementing Dual stack in the near future.
Yeah, lemme just go in my ISP's server room and reconfigure the routers.
Because there will literally be mountains of eWaste and headaches galore? How many of the home routers sold in the past 5 years even support IPv6? I don't think any of the consumer grade stuff does. That means we will have to replace just about every router in every home or have some sort of IPv6 to IPv4 bridge built into every modem in the country, again not cheap.
Whether we like it or not, there is a reason why IPv4 has lasted so long. It is a mature tech that everyone knows how to fix. IPv6 is gonna be a nightmare for probably 5 or 6 years and it really ain't gonna be fun trying to fix the mess. So yeah, I can see them stretching out IPv4 for as long as humanly possible, simply because the transition costs are gonna be insane.
You can't get better evidence of the incompetence of government than this. There's a dwindling resource that will run out in just a couple of years, impacts practically every person in every OECD country, yet have you heard of even one government agency, in any country, that is mandating IPv6 for consumer grade gear to force the vendors to solve the problem before it becomes critical? Of course not! That would require foresight and competence. About the only IPv6 push I'm hearing is that for government tenders in the US, IPv6 support is required, but that does nothing to solve the problem of hundreds of millions of home routers that are IPv4 only.
No government on Earth has even bothered to lift a finger to solve a well known, easily predicted problem with a ready and tested solution that would cost the government no money whatsoever (it's just legislation!). Given that, now picture the level of competence you'd get from the same bunch of idiots when tasked with solving much bigger issues like global warming, peak oil, or overpopulation. Issues like that won't be critical for decades, have no obvious solution, and all possible solutions are expected to cost trillions. I can only imagine the level of incompetence that will no doubt ensue...
I don't think my DSL router/modem supports IPv6. It's not a problem. I just run it in bridge mode, and leave the PPPoE support to my PC. (I did this even before enabling 6to4, because the router has ridiculously small NAT tables.) Every existing DSL router should be capable of acting as a simple PPPoA-to-PPPoE bridge.
This may not work for cable router/modems; I've never had the chance to configure one.
"The state is that great fiction by which everyone tries to live at the expense of everyone else." - Bastiat
slashdot.org has no need to access you.
As far as I know, Slashdot does a short port scan on your IPv4 address when you preview or post a comment in order to make sure that your machine isn't an open proxy that might be abused for vandalism. That's why your first preview of the day from a given machine is so slow: it has to wait for the connections to time out.
You use IPv6 in all the cases where you wanted that nice static IPv4 address before: When running peer to peer software. Setting up your small hobby server.
In other words, things that cable and phone companies don't really want customers on the residential plan doing in the first place, as explained in the terms of service.
If all your gaming friends got IPv6, playing on your private IPv6 only game server
By the time that happens in several years, you may have grown out of online gaming. Which of the current video game consoles supports IPv6?
Who on earth would want to save IPv4?
Carrier grade NAT is the dumbest idea yet. Just ditch the junk and move on.
Let's think about this shall we. there are 64K port addresses if I am not mistaken. that's effectively two quads IF you used them optimally. for inside the nat there are only 3 quads x 3 prefixs (169,192, 10). SO that gives us a little bit more than 5.2 quads. But that assumes every nat in the stack does everything perfectly.
Now you might isn't that 5.2 quads worth of addresses? No because each computer is going to be using multiple ports.
So this won't work. it's a bandaid however that will delay the inevitable probably by about a factor of I'd say 256 or so. Which is not bad. but it will require some strict use and people not needing static IPs.
Some drink at the fountain of knowledge. Others just gargle.
Why should I have to pay *EXTRA* for the full internet, and competent support?
Because the majority of people don't see the point of paying for the full Internet, and what little competition there is between cable and DSL forces the two to cut their rates to the point where they have to offer a half-Internet package.
Are you stupid? If the public gives them money for something, they most definitely owe us some service. There's no hypocrisy involved. It's basic economics, and it's a situation where the average American is getting fucked from their tax dollars being paid for no value returned.
The problem is that our elected morons didn't set the requirements. They don't not owe us services, they just don't LEGALLY owe us anything. Big difference.
Fucktard.
My blog. Good stuff (when I remember to update it). Read it.
You're such a fucking dumb stupid troll, but here I go anyway.
The ISP in my area was, in fact, created by people who overcome the limitations placed on them. Other ISPs wouldn't run high speed cable internet up to where I live, so a few people formed a cooperative and did it themselves.
As for getting a new ISP, it isn't an option. There aren't any other ones here. Not that there would be a reason to switch - They're the best one around. They're a better ISP than the ISP they lease their backbone line from. Better prices, better service, better technical support.
And by the way, nice assumption, I'm not american. You're pathetic.
So yeah, I can see them stretching out IPv4 for as long as humanly possible, simply because the transition costs are gonna be insane.
Won't the transition costs just increase as time goes on?
Okay, let's assume that IPv4 no longer exists...
1. Is Comcast going to give me unlimited IPv6 addresses? How will that work through my router? Do I now need to announce every device to Comcast? I REALLY like the fact that I get a single IP address, and I can port forward and use NAT as I like.
2. NAT makes for a pretty good firewall. I have Linux and Mac machines, and consumer devices, behind my current NAT router. With NAT and SPI, I have it pretty good. I really only ever use an outbound firewall to detect phone-home stuff and malware (and with Linux and Mac, surprise, surprise, there's not a lot of the latter).
Hey, I understand the need for IPv6. I guess I just don't want to lose what NAT offers.
--Jim (me)
so those people who overcame the limitations when there were 0 ISPs, and created the ISP option you have today... how did they create that ISP? people today don't have the same option to create an ISP in the same way?
what changed?
Nothing changed. There's no need for a new ISP. Why create an inferior one?
i did not assume or state you were american. i dismissed your ignorance and then recalled the reason americans rose up to rid themselves of the company of idiots LIKE you.
You're allowed to admit you're wrong.
you're an idiot.
Hearing it from you is meaningless.
Your IP address is a large part of being able to serve you relevant content, and more importantly relevant ads. If all of Comcast were, for example, to appear from one /24 then all of a sudden the ability of the content providers to target ads based on location would be done. And don't underestimate what the value in that is.
If you go ahead and say "Well, good, I don't like ads anyway" then realize this - content isn't free. It costs money for big ass datacenters to serve your page view. So take away the ability of the content providers to make money and they'll go away quickly. And then you won't have any content to view in the first place.
"Where quality is like a dead stinking rat - you just can't miss it."
The way CGN works is to spread multiple users across the same IP address. So forget about dyndns. Also forget about google maps, because it runs through ports like water, and TCP requires a 90-second timeout before releasing a port. Basically, CGN is a hack to cushion the blow, but it doesn't eliminate the need to switch to IPv6. You will like CGN a lot less than you like your present NAT.
A much better choice would be to go to NAT64. That way you get end-to-end connectivity for the hosts that do IPv6 (e.g., Google Maps can do IPv6 at this point) and use IPv4 ports for the hosts that haven't converted yet. Less demand on the scarce IPv4 ports means better performance for the cases where they are needed. And you get end-to-end when you really care about it--e.g., when Skyping your pal who also has NAT64.
... to provide you with IPv6
If you have
-a static IPv4, use a tunnel from he.net
-a dynamic IPv4, use 6to4 like on openWRT or Apple Airport Express
-a nated IPv4, use a teredo tunnel
Most likely your PC is already using tunnels.
Once you have done it, you will wonder what was all the commotion about.
For the office, disable IPv6 on your servers and provide IPv6 on your clients, then figure out your servers later
Franck Martin
Avonsys
Well mine does. Everyone else I know just uses whatever they got free with their DSL/Cable subscription. They get a new one every year or so when they sign a new contract or when the old one breaks.
I don't think even I have a five year old router. I don't think the transition costs are anywhere near as much as you imply, or that there's any way it would take as long as you think.
ISPs are licking their chops for this. They want to roll out NAT for all default consumer grade ISP connections. It solves problems with scarcity, they profit from scarcity (want public IP? You pay extra for it), and it will jack with routing of P2P data and thus cut down on the leeches. It's a WIN-WIN-WIN for the Telco and cable companies.
If you guys think IP6 will be adopted, just wait till they find huge money in artificial scarcity of IP4 blocks. There will be no where to run and escape it! Unless you pay that premium...
Life is not for the lazy.
I see a lot of threads rejecting the idea that we should use large scale NAT to manage the transition. Those threads are making one of two, superficially contrary, mistakes: either arguing that IPv4 is fine and we don't need IPv6, or that we should move to IPv6 and drop IPv4 immediately. Both are wrong. Both miss the real issue here.
Both mistakes I outlined above amount to pretending there is no problem. There's a big problem. We're running out of IPv4 addresses. The IPv4 Internet will collapse unless that transition is managed. The real issue is that we must transition from IPv4 to IPv6, but we've delayed far, far too long for this to be handled elegantly. We should have started the transition years ago. Ideally, we should have had a transition period in which each machine had an IPv4 address and an IPv6 address, and once IPv6 was in general use, we would have phased out IPv4 as redundant. Instead, we have few IPv4 addresses left, so we have to have some sort of rationing system.
That's what's being proposed here, and whether this particular rationing system is the way to manage the transition is the relevant question.
FTP is hard to NAT because it uses 2 connections (one control, 1 data) and NAT routers are not very good at keeping track of state for BOTH connections as a single transfer, when dealing with both incoming and outgoing FTP. Also, the IP address is embedded in the command channel, and NAT packet mangling doesn't look into the command channel and modify this to suit what NAT is doing to the packets, unless you have fairly clever packet inspection going on.
That's kinda moot anyway, because FTP is broken and needs to die also (use SFTP insteaed). I'm not SIP expert, but I suspect similar issues are going on there as well. IPSEC security is weakened somewhat when traversing a NAT as well.
We can keep making firewalls and routing tables more complex (and thus, prone to programming bugs and thus security holes), or we can bite the bullet and go to a clean, flat IP address space and get away with much less complicated routing, firewalling, etc.
Adding complexity as you increase network size simply WILL NOT SCALE - never mind the fact that NAT also has practical limits which we will exceed in due course as well.
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
There's little excuse at this point to buy a router that doesn't support IPv6. And for existing routers, a simple software upgrade will suffice. There will be some "eWaste", but not nearly as much as you think. In addition, IPv6 is not that big a headache, and there are already resources to learn and implement IPv6. I've had IPv6 in my home and on my server for the past 18 months for free, and my ISP doesn't support IPv6 at all. http://ipv6.he.net/
Hello little man. I will destroy you!
Actually, you usually have to stop the car to change tires.
Unless you're from Massachusetts...
deleting the extra space after periods so i can stay relevant, yeah.
Or else DNS will have to be re-architected so that it returns not only IP's but port numbers, so when you go to www.somewhere.com, it resolves to x.y.z.w:n, and the host x.y.z.w has port n forwarded to the right server.
That's called a SRV record (RFC 2782) and is a really terrific idea that seems to have gone nowhere.
We need to just shutdown the internet for a week for maintenance, get ipv6 working properly, then activate everything again.
" I've heard that Comcast has IPv6 around here,"... You must be near me. "They're far worse than the other options."
Mobile providers already do huge IPv4 NAT. T-Mobile is now doing IPv6 handsets with NAT64, which translate the IPv6 address on your phone to an IPv4 address to reach the IPv4 internet. IPv6 native services like Google are delivered end to end with IPv6, no NAT, no Firewall. http://groups.google.com/group/tmoipv6beta
If "we" actually were growing exponentially, running out of IPV4 addresses would be near the least of our problems.
On top of everything else, this means users cannot run servers of any sort. Even if we assume Skype can punch through double-NAT, this means any sort of peer-to-peer technology, or any attempt to host anything inside one of these ISPs and connect to it from outside (like remote desktop / ssh, a home fileserver, etc), all requires at least the coordination of one external server.
And yeah, 65536 ports won't last you long.
Don't thank God, thank a doctor!
Comcast? will they try to push $5 /m per IP no nat on ipv6? They likey to hit you for $6-$15 per tv to rent there box. cable card also are with the $6-$8 outlet fee.
I am working on an IPv6 migration project for our group. Our solution will include:
IPv6 to IPv4 proxy servers to a Private internal IPv4 address space
Some native IPv6 support where it is easy
White listing of some IPv4 services where the above two solutions do not work
I suspect our solution is fairly typical for most Internet portals considering IPv6.
Two big issues with Carrier Grade NAT (CGN) or Large Scale NAT (LSN) that will have to be resolved are geolocation and denial of service protection.
Geo-location is the mapping of a browser's IP address to a physical location. Most of the large portals are fairly accurate about this. Although I move around from Hayward to Pleasanton and sometimes they get it right with Palo Alto. The problem with CGN is that many browsers for many different users will be NATed behind a single IP address. So if you are on the left coast you might be mapped to the Silicon Valley, if you are on the right coast it might be DC or New York, and people in the middle might be Omaha, Nebraska. As long as the ISPs hide big regions behind a single set of IP addresses, geolocation is going to have problems.
HTML 5 has a separate geolocation protocol built in, but that is going to have to wait for browser upgrades. A logical solution might be to have the ISPs map their old POPs to a single fixed IPv6 address so all traffic from Palo Alto has one IPv6 address and all the traffic from Redwood City has another IPv6 address. But this is entirely to logical and would require effort on the part of the ISPs
The other big problem is Denial Of Service protection. My company has tools to block traffic from IP addresses that are determined to be abusers of the site: to many account creation requests, to many emails sent, to many login failures, etc. With CGN this becomes a real problem. First how do you determine how many is to many. With thousands of hosts NATed behind a single address a thousand emails an hour is entirely reasonable and ten thousand an hour is not outrageous. The other problem is that when you block the IP address you block all of the customers, not just the one causing the problem. A logical solution for this would be to give each customer their own IPv6 address that they are NATed behind. This could also work well with geolocation. But again it entirely to logical and it requires work on the part of the ISPs. Without the unique per browser IP addresses DOS protection becomes a really hard problem.
RLH
"IPv6, too much, too soon" -- Someone
I am not a network specialist, but does this mean that no one will have a publicly assigned Internet-wide IP address in this interim period ? A computer would not be identifiable from its 'IP' unless there is explicit consent from the carrier. I expect this is a problem even with NATs today, but they aren't usually wide enough to cover more than one home or one organization. When a carrier is using NAT, it'd be hell to track down hackers and botnets, especially if they are across borders or are protected by privacy laws..
Entia non sunt multiplicanda praeter necessitatem.
Practically all of them can support IPv6 with a simple firmware update, but I'm betting the vendors would rather sell you a new router than provide that update.
From what I understand support for IPv6 happens in the DSL modem not the customer's router. It talks IPv6 on the DSL side or probably on the DSL concentrator at the POP. Over the Ethernet port it talks IPv4 private IP address space.
Does anyone know if I am correct?
RLH
"IPv6, too much, too soon" -- Someone
It's not at all expensive or painful. In fact, it's free and can be up in 5 minutes.
Port forwarding is IMPOSSIBLE to set up if your ISP sticks you behind it's own NAT and gives you a non-routable IP address. You'd have to try to talk one of their trained chimps into escalating your call to someone who knows what NAT is to even discuss it, but it probably won't be in the corporate policy manual so all they will be able to do is say they can't help you.
XP supports IPv6, Linux has supported it for quite a while. What are you running, Windows 95?
Uh why would they?
Just look at the "problem" from the Gov and Big Corp point of view.
When we are out of IPv4 addresses this is what will happen:
0) Most people start getting NATed.
1) P2P stuff stops working well
2) SIP phones and Skype won't work so well
3) "Normal People" can't run their own servers, only people with more $$$ can.
4) Stuff like Farmville and most other games still work.
Sure looks like a benefit and not a problem from their POV.
If you have the skills to set up IPv6 just for kicks I seriously doubt you are dealing with what we out here in the field run into in most folk's homes, which is CCC, or "Cheap Chinese Crap". Trendnet/Zonenet, linksys, hell pick any under $50 router and see how many updates are sitting there for it on its home page. my guess it'll be like the Trendnet that is looking at me right now, which is zip. And unless things have changed in the less than 6 months I looked at routers there were exactly squat when it came to home combo wireless/wired routers under $50 that supported IPv6. None. you are not gonna get a home user to shell out $100+ for a router when their neighbor got a Trendnet for $20.
So trust me pal, they'll be eWaste all right, fricking endless traincars full of the crap. And where are all the IPv6 experts gonna come from? I don't see too many around here in NW AR, and traveling the south mostly what you find is good old boys running the networks that know IPv4 tools like the back of their hands and probably still got Win2K boxes running at home.That is a hell of a lot of flyover states that are gonna be seriously short of manpower when that switch gets flipped, a hell of a lot of problems that would take a couple of hours on IPv4 turning into weeks, it'll be a mess friend. Thanks to all the offshoring young folks just don't go IT hardly anymore, and it isn't like they can ship all those fixit jobs to India. Hell I'll admit I'm guilty of it myself, as I have been putting in 9 hour plus days and simply haven't had the time to learn IPv6, as there is nobody here actually using the stuff which makes learning it all that more difficult.
So if you are in NYC, LA, Miami, Dallas? Yeah it probably won't be that bad. The flyover states? Gonna be a fucking mess man, as someone who lives there I know of which I speak dude, i know of which I speak.
ACs don't waste your time replying, your posts are never seen by me.
Why not use Teredo? The whole purpose of it is to punch holes in NATs, and Windows 7 has it enabled by default if you don't have an IPv6 address.
While TCP would be a lot more work, a userland Teredo IPv6/UDP stack would be dead simple, and could even be integrated into the next generation p2p networks. Build them for IPv6, and no worries about the port forwarding nonsense.
"heavily subsidized the industry"? No. There are some companies, in some places that were subsidized in an effort to bring about more universal service. Where I live the cable companies have managed to provide service to everyone on their own dime. They use public rights of way, but they provide what they were asked to provide when they laid the cables - cable television.
Basically, yes. If you are on a carrier using NAT for their entire customer base, you don't get even one public IP address. But, tracking hackers will only be one problem (which might be able to be overcome through ISPs logging every Port Address Translation mapping they ever make - e.g. if you make an outbound connection through their NAT, that connection is assigned some unused port to act as the 'source' port for those packets. A remote server or website, if they log both the source IP address AND the source port of incoming connections, might be able to request the ISP to find out what internal address that source port was associated with at the instant of the hostile traffic).
Other problems will be a very widespread breakage of all sorts of apps that need to do any kind of communication directly to a host. I expect carrier-wide NAT will very adversely affect BitTorrent, Skype, VoIP programs (including the voice/video calling features in many popular Instant Messenging programs), direct file transfers, remote PC administration/access (things like VNC, PCAnywhere, Remote Desktop Protocol, etc).
Today, when using NAT on my home network, I can at least setup a port forward to give me some in-bound traffic capability. With Carrier-NAT, you won't control the router, so good luck getting any port forwards setup. And, oh yeah, only one computer per port on the entire ISP network can get a particular port forwarded to it (that is, act as the destination for that port number), so the carrier can't really offer port forwarding, even if they would be otherwise inclined to do it.
Carrier-level NAT is made of highly-enriched LOSE, wrapped in EPIC FAILURE.
There is only so much duct tape you can use...
Watch out for the duct tape fundamentalists, though I do agree that enough is enough. :)
I listen to both RIAA and non-RIAA stuff if I like the music, tangential business/politics nonwithstanding.
I can access it just fine, but like all the Free IPv6 Porn sites, it is indeed a sham. It just features the heading "The IPv6 is for porn" and that internet-is-for-porn video.
It's what we should have done 8 years ago in a firmware flash.
Add 2 octets to the front of ipv4.
1.1.x.x.x.x = the entire current internet.
Any new addresses start at 1.2.x.x.x.x
All the way up to 254.254.254.254.254.254.
What's that? Around 250 trillion IP's?
Sure beats the 4bn we're at now.
Sure, it's not as elegant as IPv6, and it has all the problems of IPv4, but shit, we would have another 50 years or more to play with and no dodgy NAT solutions.
The best thing is, every device ever made could have had a relatively straight forward firmware flash.
It's a classic chicken and egg problem: Everyone realizes that making the change sooner rather than later would be cheaper -- as we wait, the total estimated costs keep rising and rising. The problem is that for an individual actor this is not true: making the change before others is not cheaper, in fact it's probably more expensive.
The end result is that everyone waits and waits until the pain of IPv4 is totally unbearable. Ungodly amounts of money will be spent in stop gaps and workarounds because for the individual companies that is still the economically smart thing to do.
Absolutely. I don't understand why do dual-stack and NAT44 instead of giving customers IPv6 and NAT64.
I assume this is because the problem isn't just all those web servers on IPv4 addresses, but a significant number of end user applications that are not IPv6 aware. Unfortunately, if we allow them to avoid upgrading with NAT44 then we can confidently predict that apps won't get updated and you'll never be able to switch it off. It's human nature not to fix the problem until forced to.
This article reminded me to go look for a good table of international "IPv6" readyness, because I expect a lot of fail, but what I found is even worse than I expected.
Check this out: IPv6 Status Survey
Un.. fucking.. believable. These aren't penny-pinching private organisations with no interest in advancing technology, these are universities, the organisations that have traditionally been at the forefront of IT. Think about the first campus networks and the internet itself, which was primarily first deployed by the education and military sectors.
The status of IPv6 at these shapers of minds, these thinkers and inventors?
Fail.. fail.. fail.. fail.. fail.. mostly fail.. fail.. fail.. fail.. almost pass.. fail.. fail.. fail.
My entire country has one university on IPv6. Just one. And that's for their main website only, their email isn't IPv6 yet.
nat is here to stay . Firewalls, load balancers, port forwarding ,internal and external networks ,internal and external dns are all permanent features . ipv6 and ipv4 . Ip routing is dead long live the port forward . The internet has been found to be insecure . Anyone who thinks ipv6 will bring back routing is a fool .
Deleted
You mean a mesh network? Will never work.
Latency will be terrible, because instead of a dozen hops you'd need hundreds to reach any service outside your area.
Bandwidth will be terrible, because instead of an ISP's fat pipes you'd have to route huge amounts of traffic through consumer grade wireless routers, with plenty of bottlenecks.
Mesh is interesting as a secondary connection, especially for local traffic. But people won't use Facebook, Youtube or Netflix over them.
Dilbert RSS feed
If the people here are idiots, start your own Slashdot and GTFO.
Dilbert RSS feed
Not true. You can't claim that as a defect unless you had a reason to think it supported IPv6 at the moment of sale and it didn't. It's not their fault if you use an unsupported protocol if the router is designed for IPv4.
Dilbert RSS feed
http://www.xtranormal.com/watch/7011357/
Most ISP's in Russia already only give you "gray" (i.e. NATted) IP address. "White" one (i.e. the one from global IP space) usually costs extra, about $5/month.
Most users don't seem to care, but for advanced guys that's a bummer.
As far as I know that would be illegal around here where I live.
Consider the following language from a hypothetical acceptable use policy: "Occasionally, criminals attempt to vandalize discussions on the Service by relaying messages through computers whose security has been compromised. We reserve the right to take reasonable network security measures to protect the Service from vandalism. These measures include but are not limited to probing for common backdoors on computers posting a comment." Where do you live that considers such a condition to be unconscionable?
Many of those 'Chinese crap' routers are only one or two steps away from Tomato, DD-WRT, OpenWRT or any of the other alternative firmware distributions. Once installed they will handle IPv6 just fine which should not come as a surprise since they're based on Linux which has done IPv6 just fine since the early 2000's.
--frank[at]unternet.org
There are a *lot* of old router models out there. Many people are using 5-10 year old equipment at home, because there's no reason to replace it - old home routers are faster than the cable/ADSL still, and 802.11B is still good enough wi-fi if you're only using it to browse web sites.
Even if it was made law, vendors couldn't possibly provide software updates to all of those routers - free or paid.
In many cases the people who worked on the router don't work at the company any more, the schematics are lost, the source code is lost, and the chances of finding the source code and known-good toolchains even just to replicate the last shipped firmware are slim. It's totally impractical.
On the other hand, adding IPv6 support for all *new* routers is quite reasonable, and could have been mandated - or agreed within the industry - any time in the last 10 years to get us ready. But it wasn't.
specifically, the broken window fallacy
http://en.wikipedia.org/wiki/Parable_of_the_broken_window
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Why should we use large scale NAT to save a technology which is deprecated? IPv6 is better suited for P2P use for everyone. While some people NAT can be used as a security thingy and it supports your privacy, this is not so true as they assume.
a) In NAT packages are switched between networks via special rules. The machines behind the router are therefore not directly visible via an IP address. But the router can be hacked and then a appropriate tunnel can be used to access internal machines. In IPv6 you can use firewall rules to realize the same setup. And you have the same problems with them.
b) On the net your machine is not directly visible and therefore no one can track you. This is true to some extend. But the IP of your gateway is visible and that is sufficient in most cases. Also you can be identified by the content of you data. Governments and secret services can always infiltrate the gateway and see which machine is the origin of the communication. And "Intellectual Property" organisations can do so through the government.
On the downside you cannot use P2P communication in its best ways. Like in Skype you need a central hub for the dispatching (at the beginning) or a set of P2P-rules which are dynamically activated on your home router. However on large NAT you would need such bridging stuff also at these large exchange hubs. These bridging technologies use ports on routers. Therefore massive use of P2P technologies in conjunction with bridging technologies relay on ports. There are only a few ports available as this is 16 bit. Therefore it can result in a port shortage in these network bridging hubs.
Therefore a clear cut, a step away from IPv4 is in order. And please do not try to save IPv4. IPv4 might have been enough for the US, but it is not sufficient for all of us.
SIP is more of an addressbook server, not the target location you're connecting to. I don't really see this going away. SFTP works because the target machine is one and the same and you know exactly who and where you're connecting to. You can't do that with SIP, because you're asking SIP, "I want to call X" and SIP will reply, "You can call via the Internet Protocol addresses X, Y, Z on protocols P, Q using codecs T, G, D"
Change is certain; progress is not obligatory.
Written law does not override a private party's right not to provide a service. If the legal department discovers a written law in some country against taking reasonable measures to secure a server, the server administrator will set up IP geolocation to replace the comment box with a link to the relevant statute for viewers in that country.
I like the way you think. I was rather kidding with the ipv6porn link, even though pr0n does drive a lot of tech, but if you look back to the roots of the internet it was the geeks who made things happen. Perhaps we should design new protocols built exclusively for ipv6 that fix longstanding ipv4 problems, requiring people to upgrade to ipv6 to alleviate the problem.
I guess it could be considered the Apple OS9 -> OS X route vs the Windows XP -> Vista -> 7 route, but with networking. Break the compatibility at the ground-level design, then code backwards support in later if you really need it.
Okay, prove it. Here is mine show me how to put ANY of those you named on it. Or show me how to put any of the above on even half of those on this page. My guess is you MAYBE, and that is a serious maybe, might get ONE.
I think you are VASTLY overestimating the skills of the FOSS community my friend. It is like when Linux advocates say "OMG Just run Linux! It works on anything!" and then when I point out the hardware i can't get to work I get "Why are you using THAT? You need to get rid of that as (insert..they don't support FOSS, don't share, suck, etc) and buy this!" which just kinda kills the whole "Linux runs on anything" argument ALL to hell. I stand by my statement, most home routers are gonna be a big mountain of eWaste when IPv6 rolls around. Hell I don't think even a single router on that page is IPv6.
ACs don't waste your time replying, your posts are never seen by me.
There are some exceptions, perhaps 'practically all' was a bit too strong a phrase, but certainly anything based on the Broadcomm reference boards can be flashed with DDWRT or FreeWRT, including devices past EOL. I've been using 6to4 at home on a WRT54GL for years now.
I certainly agree that mandatory support well in advance of a reasonable expected switchover point would have been the way to go. It's not like the specs have been hard to get.
Just for fun, I searched homestore.cisco.com and found no references to IPv6 at all. Certainly Cisco should be aware of the need by now and at least mention it in an FAQ somewhere. Meanwhile, according to Comcast, Motorola expects to support v6 on their cablemodems sometime NEXT year.
Starting from home.cisco.com, I went to the Linksys support page, searched for ipv6, and got three mundane hits.
Support is minimal, but there is something as indicated here:
http://homecommunity.cisco.com/t5/Cable-and-DSL/IPv6-mentioned-in-AG310-release-notes-but-can-t-find-it/m-p/258373?comm_cc=HSus&comm_lang=en#M7927
It's interesting there is no *direct* IPv6 support, but you can run IPv6 on the internal network and the router will tunnel it for you.
I find it interesting that it doesn't automate the process. Boot up, wait for a router announcement. If you get one on the wan port, use it and make an appropriate announcement downstream. If you get one on the LAN ports, assume it's covered by another device and do nothing. If you get nothing, set up 6to4. In all cases, default firewall rules for the equivalent of NAT protection.
It's good to see the support exists in at least some of the products, but it should really be a bit more prominent and automated these days.
IPv6 will be adopted as soon as ISPs realize it means they get to charge by the device instead of by the household.
This is my given name, you insensitive clod!
Dilbert RSS feed
you're an idiot.
you can't quote properly because you're an idiot.
cowardly idiots are insignificant.
you are NOTHING
Trolls who fake others' accounts say what?
Dilbert RSS feed
you're an idiot..
Because there will literally be mountains of eWaste and headaches galore? How many of the home routers sold in the past 5 years even support IPv6? I don't think any of the consumer grade stuff does.
Apple Airports and Time capsules; a slew of D-LINK WiFi, including DI-784, DI-524, DI-624, WBR-1310, WBR-1310, WBR-2310, DIR-615; Thomson ST620. And others that I don;t have to hand right now. Admittedly, it's a pathetically small list, but certainly there is SOME consumer grade stuff that does. And the latest Broadcom chipset and associated software does IPv6, so expect it in the next roaund of gateways.
Protoplasm. Quiet Protoplasm. I like quiet protoplasm.
you are NOTHING
Oh just FYI I went to the OpenWRT and guess what I found? Take a look at this partial list of unsupported routers. that's a LOT of routers that will end up eWaste, ain't it? Oh and to actually even find out IF you are supported, you have to know EXACTLY which chip your router runs? I'm sorry dude but WTF? Hell I'm a fricking geeks and I have NO clue on which cheap ass chip this model of Trendnet runs, and guess what? It don't say diddly squat on the website of the manufacturer either.
So please explain to me how the average Joe is gonna have a snowball's chance in hell of not having to shitcan their IPv4 router, when a fricking geek that builds his own boxes and plays with OSes for fun can't even find out if he is supported or not. Whoever designs these FOSS websites seriously suck, as you need a fricking degree is CS just to find the info! These things make Man pages look like Reader's Digest!
ACs don't waste your time replying, your posts are never seen by me.
> My only concerns would be towards people hosting
> services, even if they only host a gaming server.
We already have this concern with widespread dynamically-allocated addresses (via DHCP), and we already have the solution: depending on your ISP, the cost for a static IPv4 address ranges from "you just have to actually ask for it" up to a few bucks a month. I don't see any reason why that should change, just because the default setup is a non-public address instead of a dynamic public one.
The whole thing is a non-issue. There are *always* going to be more available public IPv4 addresses than are actually needed. The only reason unallocated ones are running short now is because they were given out pretty much for *free*, which creates artificial scarcity. Public IPv4 addresses will be very affordable for the forseeable future, but they won't be completely free of charge for much longer, because anything free gets snapped up by people who don't actually have any real use for it.
IPv6 would eventually run into this as well, because people would be like, "Hey, I can have my own personal "Class AA" range of network addresses, whatever that means? Sure, give me the biggest size available! Why not? I mean, I know I only have the one computer and the one handheld device to network together, but so what? Give me a full-sized range for me, and another full-sized range for my nickname-alias here, in case I want to be a sock puppet!" Any finite resource that you give out for free is going to run out eventually. Start charging ten or fifteen bucks per address per year, and suddenly a lot of people who don't actually have any real use for a public address decide they can live with NAT.
The problem will solve itself.
Cut that out, or I will ship you to Norilsk in a box.
you are NOTHING.
i'm responding to emails sent to me. you're feverishly refreshing a page so you don't have to divulge who you are. pathetic.
you are NOTHING.
disregard that, i suck cocks
present yourself to me, admit what you've done, and i will proceed to kill you.
you're a coward. nothing more. completely pathetic.
i know you are but what am i, neener neener neener.
tell me who you really are. present yourself to me. admit what you've done. i will then kill you.
your place or mine?
you're an idiot. present yourself TO me. ADMIT what you've done... only then, I WILL KILL YOU.
i'll be in your mirror waiting when you get home tonight.
pretty simple, coward.
you are pathetic.
i never threatened to shoot anyone... in the past i've relied on stabbing weapons.
present yourself to me; admit what you've done, then i will kill you.
you choose to remain anonymous because you are a coward. post your name and address. why do you continue to cower? what are you afraid of?
i already stated i was gparent, you're retarded.
yes, I did say it was me. A few posts ago, when I mentioned 'I'm the same guy as above'. But you're a moron so you probably didn't realize. Apologies accepted in advance.
I'm not going to give you my name and address because A. I live in another country, so it's a pointless exercise. B. You're such a fucking freak that I wouldn't be surprised if you weren't just a 12 year old kid trolling and actually wanted to kill me for real. C. I won't stoop that low for a pathetic retarded child. And #33881316 isn't me. He's quite a funny guy, though, so props if it's you.
I was the only one who posted 'above' back when I said that. You're dumb. And no, I'm not cowering, I explained it clearly above kid.
To be honest, if you weren't completely retarded, you'd have my address, full name, and would have killed me already. I'm getting too popular for my taste right now and a child could find me.
hedwards was way too many posts ago for me to care. It was obvious by the content of my post who was talking to anyone but a fuckwit like you who can't even find my name by himself when it's blindingly obvious.
I was right. Use context, dickhead. And how come you don't have my address yet? Are you retarded?
No, some of them were me (they are pretty obvious and less trollish, and some of them even include my username).
Consider my lack of name a test, if you're not a complete retard you'll have my full name and address within 10 minutes.
The only post not by me at that point was by either you, or hedwards (or the obviously excluded Anon Coward). What are you afraid of? Post a picture of yourself with your name, address, and driver's license, and I will do the same. You should already have my name right now, but I suspect your IQ is too low. You're a coward. You are nothing.
Does Trudy know about this? I don't think she'd be happy to find out you threaten people over the internet for days and days.
Are you scared to answer my question?
So that's a yes, then. What a coward.
you're an idiot .
Good come back. Does she know you're that much of a loser? Would she mind? What about the rest of your family? I hope not.
you're an idiot.
do whatever you want to do. say whatever you want to say.
when you are finished, present yourself to me; admit what you've done, then i will kill you.
pretty simple, coward.
My email should be obvious if you want to have a talk. I like Google.
I'm still debating on further course of action. I haven't determined if you are mentally ill or not yet.
the determinations of an ignorant coward are meaningless.
Fortunately I was talking about mine, not yours.
Figures, you couldn't comprehend the sentence. Good job babe.
what do you believe i failed to comprehend? you're an idiot.
we're both talking about your determinations and the fact that you're an ignorant coward who refuses to claim their given name and current address.
Nope, I'm not. Sorry. Doubt it's your address either, unless you're really that poor.
No you?
why do you cower? what are you afraid of?
what is your given name? where do you live?
my name is michael kristopeit... i live at 4513 brittany ct. eau claire, wi 54701.
you are completely pathetic.
I am myself, above you. Keep cowering.