Most IPv6-certified Home Network Gear Buggy

Julie188 writes "The University of New Hampshire InterOperability Lab held an IPv6 consumer electronics Plugfest on Feb. 14 and CableLabs has scheduled two more for this year. UNH is tight-lipped about the results, but the sad fact is that most home routers and DSL/cable modems certified as IPv6-compliant by the IPv6 Forum are so full of implementation bugs that they can't be used by ISPs for IPv6 field trials. And that's not helping the Internet have a smooth, fast transition to IPv6. Though OpenWRT and DD-WRT solve the problem, ISPs point out that requiring the average consumer to upgrade their own firmware, because the manufacturer can't do IPv6 right, isn't a practical solution."

IPv6 for older hardware

[oracleguy01]

From TFA:

However, Cisco isn't sure yet if routers bought prior to 2011 will get IPv6. "We are currently looking into which 'legacy' Linksys product can support IPv6. (There are many things that influence us being able to do it -- including if there is enough memory, as well as other factors.) The engineer teams are working on that," the spokesperson said.

I would be shocked if they offered firmware upgrades for old hardware to add IPv6 support even if the hardware could do it. It seems more likely they and others will use it as an excuse to obsolete a ton of old hardware and force people to buy new stuff.

Re:IPv6 for older hardware

[spywhere]

I would be shocked if Cisco ever produces a Linksys router that is worth the money, IPv6 or not. The hundreds I've seen in the field are so unreliable that I'd never buy one, and I replace one or two more every week. Linksys is the reason I carry two Netgear or Dlink wireless routers in the car.
Sure, I do see other brands fail after a year or two, but I've seen more brand new defective Linksys routers than I have Netgear routers that dies of old age.

Re:IPv6 for older hardware

[interkin3tic]

Sure, I do see other brands fail after a year or two, but I've seen more brand new defective Linksys routers than I have Netgear routers that dies of old age.

Obviously Cisco is tackling the IPv6 problem proactively: make IPv4 routers with very short half life, so when we to switch to IPv6, the number of people who need to buy a new router will be only slightly higher than normal!

Re:IPv6 for older hardware

Some of their models might suck, but their WRT54GL line has been pretty awesome. We've probably sent out a few hundred ourselves, and a half dozen failures a year would be a bad year. Uptimes with third party firmware like DDWRT or Tomato are pretty much "since the last power failure". We replaced one that was on battery backup to upgrade to 802.11n, and the uptime before disconnecting it was over 600 days.

Netgear's pretty good too, but D-Link? They couldn't code a DHCP server to save their lives.

Re:IPv6 for older hardware

[antdude]

How often third party firmwares like with Linksys WRT54GL?

Re:IPv6 for older hardware

[wagnerrp]

Sure, I do see other brands fail after a year or two, but I've seen more brand new defective Linksys routers than I have Netgear routers that dies of old age.

I've got a WRT54GS, a WRT54GL, and a WRT54Gv8 scattered around my house acting as dumb access points. The oldest is probably seven years old. Once configured, I haven't had to touch any of them. Meanwhile, my pair of Netgear gigabit switches are awful. I've replaced them each twice. Good thing they have a lifetime warranty. I get some issue where they will just start flooding the network with traffic, preventing anything from getting through, and requiring a power cycling. The 24-port Netgear switches at work have the same exact behavior. The only thing I can think of is some sort of STP failure.

Re:IPv6 for older hardware

[hairyfeet]

Funny that is why I carry a couple of TrendNet routers myself. Folks may make cracks because TrendNet routers are cheap and aren't fancy, but I have set up TrendNet routers on construction sites where the amount of grit, funk, and temp differences would choke just about any router (and killed brand new Linksys junk dead) and they just keep on humping along, solid as ever.

Like you I have thrown away more brand new Linksys routers than any other brand by a looong shot. There is cheap and there is garbage and Linksys has been garbage for as long as I've dealt with them. I walk into an SMB or SOHO with network troubles more than half the time a Linksys is involved. Just absolute trash.

To me what the real tragedy of IPV6 is (and why they didn't figure out a way to be backwards compatible I'll never know) is how many brand new routers are being sold at this very minute with NO IPV6 support. I'm normally not big on government regulation but this is just ridiculous. You just know the vast majority of these new routers will get NO IPV6 update and are just doomed for the garbage heap straight from the assembly line. The amount of waste this will create is just staggering and if the OEMs can't get onboard then the government simply needs to ban all non IPV6 capable routers from being imported, along with coming up with a standards test so that IPV6 capable doesn't end up another Vista capable.

. If they get a couple of shipments left to rot on the docks maybe they'll rethink selling IPV4 only routers this late in the game.

Re:IPv6 for older hardware

[Jahf]

You mean ... they might want you to purchase equipment to handle an entirely new function that wasn't part of the product you originally purchased, rather than spending significant effort and resources in order to give you this new functionality free? That's horrible.

Cisco and a number of other companies have directly given both specs and code to the world to aid in the adoption of IPv6. I think room for them to make money in a capitalist society is acceptable. It isn't the same as, say, buying a piece of equipment that promised an upgrade that never provided it (I'm staring at my cell phone right now). It isn't like they are going to shut down your perfectly working IPv4 home router once IPv6 products come out (I'm now staring at my OLDER cell phone). It isn't even like they lock your router from the ability to do 3rd party firmware updates (staring at my phone, my set top box, my PS3, my almost-everything-electronic).

In fact, they make it pretty darned easy for you to upgrade to a 3rd party firmware. And there are free 3rd party firmwares out there today that provide full IPv6 stacks (along with almost anything else).

Re:IPv6 for older hardware

[DigiShaman]

For the money, I highly recommend you get HP ProCurve line. If all you need is a simple un-managed 24-port gigabit switch, check out the V1410-24G. It has a lifetime warranty with next business day replacement. Currently, CDW's going price is $302.99

Re:IPv6 for older hardware

[ALeader71]

I have a different proposal. Let the Fed switch to IPv6, thus encouraging others to follow along. The President could issue an executive order to the Executive Branch mandating IPv6 support without getting approval from Congress. What does Congress care if the equipment uses IPv6, IPv4, IPX, etc? Most of these old people can barely type. I'm sure they will investigate, but what's a Congress without dozens of pointless, televised witch hunts?

Yes, the cost is huge. Here's how to blunt the expense: implement by targeting obsolete equipment. Run it on a few non-public facing networks as a pilot (12 months) then use your lessons learned to deploy on all other federal networks. By a simple matter of capitalist inertia, these initial equipment purchases drive down the cost of IPv6 hardware. Give it a 5 year implementation schedule (politicians like those). By then the world will have caught up.

As for consumer gear, there are three requirements. 1. Write candy-coated open firmware web interfaces for the less technically inclined. 2. Get retailers to sponsor a few "recycle the planet" events. 3. Hand out DVDs showing people how to install open firmware gear. Use slightly above average looking presenters.

I know Slahdot readers use open firmware capable hardware whenever possible so the transition will be easy for us.

Re:IPv6 for older hardware

[kenwd0elq]

My experience with this has been different; I purchased a NetGear WNR854T, got it replaced once during the warranty period, and have had to pay to replace the replacement. Deader than a doornail; NO connectivity at all. Before, say, 2005, NetGear stuff had been pretty good, but the recent models have been ... "sub-par" in quality and performance. I suspect that all the manufacturers are cutting costs by shaving quality, and until the disappointing reviews hit the web, they can get away with selling crap at high prices.

Re:IPv6 for older hardware

Some of their models might suck, but their WRT54GL line has been pretty awesome. We've probably sent out a few hundred ourselves, and a half dozen failures a year would be a bad year. Uptimes with third party firmware like DDWRT or Tomato are pretty much "since the last power failure". We replaced one that was on battery backup to upgrade to 802.11n, and the uptime before disconnecting it was over 600 days.

Yes, except last I checked, the WRT54GL could not do IPv6 on custom firmware. (You know, the entire point of the article.) It's not a standard feature on DD-WRT v24 and on OpenWrt 10.10 it's only on the 8MB builds.

There are some custom builds that shoehorn IPv6 into the 4MB of flash memory available. But even by custom firmware standards, they're highly experimental...

Cool routers? Yes. That can support IPv6? No.

Re:IPv6 for older hardware

[Martin+Blank]

Let the Fed switch to IPv6, thus encouraging others to follow along. The President could issue an executive order to the Executive Branch mandating IPv6 support without getting approval from Congress.

The government is ahead of you. The Defense Department started a move to IPv6 a few years ago, and required that all contractors be IPv6-capable by a certain date, and said that certain communications would be IPv6-only by a somewhat later date. Agencies that work with the DoD were required to be IPv6-capable, too (though they didn't have to implement it widely), which meant that a huge number of them were dragged along. The deadlines were missed in many cases, but it has put them much further along than it might otherwise be.

Re:IPv6 for older hardware

[bruce_the_loon]

I'm running v6 via Hurricane with the following version ouf of the box. v24-sp1 (07/27/08) std.

Re:IPv6 for older hardware

[GNious]

quite true - have a "Linksys by Cisco" home-router which fails catastrophically if asked to do basic routing things.
At this point, when colleagues or customers asks, I blankly state that I cannot recommend using Cisco equipment due to poor quality.
(The linksys is not the only Cisco item I own that is piss-poor and buggy as shite)

Re:IPv6 for older hardware

[jimicus]

I suspect that all the manufacturers are cutting costs by shaving quality, and until the disappointing reviews hit the web, they can get away with selling crap at high prices.

They haven't yet.

I've seen quite a few reviews from supposedly reputable publications where they openly admit to not doing long-term tests. I suspect quite a few of them, the test consists of "Turn it on and set up. Does it connect to the Internet? Tick, that's a 60% review straight away. Does the wireless work? Tick, 70%. Can I get wireless in another part of the house? Tick. 80%. Do the menus on the UI present a huge number of options, many of which I don't understand? Ah, it has a lot of features then. Tick. 90%."

Perhaps they don't want to upset advertisers.

Re:IPv6 for older hardware

[jimicus]

In fact, they make it pretty darned easy for you to upgrade to a 3rd party firmware. And there are free 3rd party firmwares out there today that provide full IPv6 stacks (along with almost anything else).

Yep. But none of them support PPPoA (and are unlikely to, seeing as PPPoA requires hardware-specific support), which messes up more-or-less anyone on ADSL in the UK.

"Get an ADSL bridge!"

Oh goodie. So my options are either:

• One piece of sucky hardware running sucky firmware.
• Two pieces of sucky hardware, one with sucky firmware and the other not so bad.

IME, you can't add two things that suck together and expect the overall level of suckitude to drop.

Re:IPv6 for older hardware

Sure, I do see other brands fail after a year or two, but I've seen more brand new defective Linksys routers than I have Netgear routers that dies of old age.

Wait, I'm confused. Are you saying netgear routers are so crap you hardly see them die of old age?
Or are you saying linksys routers are so crap, that even though virtually all netgear routers die of old age, all linksys routers are crap, thus even more of them fail when taking them from the box compared to the number of netgears dying of old age?

Re:IPv6 for older hardware

[AmiMoJo]

Buffalo use DD-WRT with a custom interface (more of a skin but with some re-wording and support for features popular in Japan like game console and one button setup support). In fact some of their models officially support vanilla DD-WRT.

They are most popular in Japan, not least because they were some of the first to support routing at close to 100Mb for fibre connections. The packaging actually had "98.6Mb" in big letters on it. Now they offer gigabit too, although the routing capability isn't up to 1000Mb/sec yet. I bought a few of the older ones really cheap for use back in the UK where they destroy everything on the market. I run Tomato on them.

Re:IPv6 for older hardware

[GillyGuthrie]

Linksys is for SOHO networks, you're going to have shell out more money for enterprise WAPs.

Re:IPv6 for older hardware

[hairyfeet]

The problem with your proposal is while it might help get the business sector moving in the right direction the Fed isn't dealing with consumer hardware which is where the real waste is piling up. After all if you spend $6k+ on a router most likely you will get an IPV6 update. Under $100? Not so much.

That is why we are gonna have to simply ban its importation, as there really no excuse for cranking out IPV4 routers this late in the game yet short of the $100 Apple there really isn't any consumer support to be had.

Add to this the fact that most ISPs have little to no IPV6 support at this moment and many of their consumer level modems will probably have to be shitcanned as well and one way or the other the third world is gonna get a hell of a lot of waste dumped on its doorstep when the final switch gets pulled.

I predict it is gonna make the CRT to LCD switchover look like planting trees in comparison, since there are so many routers that if it weren't for the fact that IPV6 isn't in any way backwards compatible nor will most of the ones that were capable of getting updated be seeing any will end up being thrown in perfectly (but obsolete) working order? Oh yeah its gonna be a BIG mess. Sad that so much waste is being cranked off the line, but as long as people would prefer to pay $25 for a wireless router instead of $100+ for the Apple logo without regulation I just don't see them disappearing.

Re:IPv6 for older hardware

[SHaFT7]

I second that d-link comment. I've had exactly one d-link router (and i've been doing homebased network installs and selling consumer routers in my retail store for over 10 years) that has worked correctly. netgear stuff has come along way recently, and is much better. linksys is still the gold standard from the consumer point of view. it's the brand they look for, so it's the brand we carry. For people that have repeat problems with one (which is admittedly VERY few), we throw DDWRT on it for them, no labor charge. I even run a linksys crappy WRT150N at home. it crashed 4x per day until I put DDWRT on it. Now I reboot it once per year, maybe.

Re:IPv6 for older hardware

You accidentally a word.

Re:IPv6 for older hardware

[cdrguru]

Regulation? How? You make the stuff in China and slap a sticker on it that says IPV6 compliant or IPV6 capable or IPV6 registered and that is all it might take. After all, currently there is no capability to block imports of materials that violate US safety standards or patents once it arrives in port. It is all in containers and nobody is looking - there is just too much of it coming in. We are talking about tens of thousands of containers a day.

How do you think poisonous cat food got in? And lead-painted toys? The only way to stop that was to stop it at the source - there was never any blocking after the ship left for the US.

How do you think contain-loads of Chinese laborers come here?

Regulation? Are you kidding?

Proprietary firmware

Are modern routers still being sold with shitty firmware included? I remember a couple years ago there were a couple of higher-end Asus routers which advertised DD-WRT support. Did that take off at all? It would be awesome to see OpenWRT (or Tomato) being used commercially.

Re:Proprietary firmware

[peragrin]

maybe if you would realize that average person just wants to plug it in and it works, instead of spending hours tinkering to get each of their router, phone, computers working.

being open takes a distant 3rd or 5th place to ease of use and first setup.

Re:Proprietary firmware

I'm going to guess that you haven't used DD-WRT, Tomato, or an OpenWRT-based firmware.

OpenWRT itself is more like Debian, the base system to bigger and better things (unless you're a nerd: then it's awesome on its own).

Re:Proprietary firmware

[Jesus_666]

The only hard part about OpenWRT or DD-WRT is the installation. Everything else is on par with other firmwares, save for the fact that you get more functionality and thus more options. If the firmware comes preinstalled they can slap on an interface that hides 3/4 of the options behind an "advanced functions" page and boom, instant super-capable consumer-grade router with no more hassle than every other router on the market.

Re:Proprietary firmware

[grumbel]

DD-WRT is a lot more complicated then any proprietary router I have ever used, sure, it also can do a lot more, but even as experienced user I feel kind of lost between the hundreds (or thousands?) of configuration options. It is simply to much stuff at once to be really considered easy to use.

Re:Proprietary firmware

[Midnight+Thunder]

I'm going to guess that you haven't used DD-WRT, Tomato, or an OpenWRT-based firmware.

OpenWRT itself is more like Debian, the base system to bigger and better things (unless you're a nerd: then it's awesome on its own).

Tell that to the average person. People who aren't technically inclined will generally want to be able to plug in the device and have it perform its magic. Telling them to upgrade their firmware with something non-standard would confirming to them why geeks seem so out of touch. It may not be rocket science to the average /. reader, but to the average person it might well as be.

Re:Proprietary firmware

Uh, wasn't this thread about community firmware being the default firmware choice? How did the topic get sidetracked to a discussion involving users installing their own firmware? In the original case, yes it would work immediately when it's plugged in.

No one sane would ask a user to install any kind of firmware. Even if it does load itself up with working defaults, which some do.

Re:Proprietary firmware

[rrossman2]

... really?

It's no worse than the stock Linksys firmware in terms of how "hard" it is to setup.. and a HELL of a lot easier than any Verizon Westell DSL modem for configuring for a router etc (it doesn't help Verizon's directions suck too)

Heck if I gave an end user a linksys router with DD-WRT on it (just flashed).. they could just plug it in and be online. Sure the wifi name would be DD-WRT and have no WEP/WAP/etc, but it's not much different than any other router you plug in and it just works.

Re:Proprietary firmware

[Nikker]

Plug in the Ethernet, Goto the web admin page (just like every router out there) click wireless set the password and encryption and OK. The router reboots and you're ready to go nothing more or less than any other router. Of course you can get into the guts if you want to but that's beyond the basics and not needed to get everything up and running.

Re:Proprietary firmware

[grumbel]

It's no worse than the stock Linksys firmware in terms of how "hard" it is to setup..

The problem isn't how hard it is to setup when you already know what you want to do, but the bazillion of other options floating around in the interface that provide plenty of opportunity to get things wrong. Simply put, options that you don't understand are intimidating and confusing and DD-WRT has no shortage of those. All the other routers I have used, while not being fundamentally different in UI design, simply had substantially less options to play around with and focused more on what the average consumer actually used.

Re:Proprietary firmware

[russotto]

All the other routers I have used, while not being fundamentally different in UI design, simply had substantially less options to play around with and focused more on what the average consumer actually used.

You've probably never used a Zyxel, then.

Yes, stock consumer router firmware is usually simpler. But you pay for that by simply not being able to do things you might want to do, like multi-NAT. DD-WRT is mostly aimed towards those who want to do more than the stock firmware allows, so it's going to be more complicated.

Re:Proprietary firmware

[MikeBabcock]

Most common people think if there's a blank field to be filled in they're supposed to type something in it.

I've seen some crazy settings in routers because a customer typed in randomly what they thought were answers to the questions instead of ignoring fields they didn't understand.

User-friendly configuration has nothing to do with you and I.

Looks familiar

[93+Escort+Wagon]

Okay, this may be a new article on the subject - but it's repeating exactly the same thing we've talked about ad nauseum before.

Apple's routers are fine with regard to IPv6, and D-Link's routers are fine as well; it's just that, once again, the reporter says "most home routers" instead of using the brand name Cisco.

Wait - is this actually a new article?

Re:Looks familiar

Apple (ha), D-Link, and Linksys hardly cover 100% of purchased routers.

Re:Looks familiar

[Midnight+Thunder]

Apple (ha), D-Link, and Linksys hardly cover 100% of purchased routers.

You are certainly right, but it would be nice if some of these router developers got their act together. At this point I have decided not to buy any hardware that does not have either IPv6 support out of the box or a guaranteed firmware upgrade path provided by the manufacturer.

BTW For anyone wondering, your switches are fine, since they operate at Layer-2. The issues are going to be things like routers and bridges.

Re:Looks familiar

[Thorizdin]

Didn't read past the first page, I guess:

"With the exception of some products by D-Link and Apple's AirPort Express and AirPort Extreme, none of today's CPE can operate using IPv6 well enough for a field test trial, Bulk says."

Also, even the high points of Apple and D-Link have gaps in their best models and many models that are still very broken. IIRC, only one of the D-Link (the newest one) includes a stateful firewall and older models probably won't ever because of memory limitations.

http://www.getipv6.info/index.php/Broadband_CPE

Re:Looks familiar

[aaron552]

The issues are going to be things like routers and bridges.

Actually, as far as I'm aware, bridges are also Layer 2 devices. You could say that is that a router is a Layer 3 bridge (yes, I'm aware this is a gross simplification)

Re:Looks familiar

[makomk]

Apple's routers are fine with regard to IPv6, and D-Link's routers are fine as well; it's just that, once again, the reporter says "most home routers" instead of using the brand name Cisco.

Not just Cisco; pretty much all consumer routers except Apple's AirPort and a couple of models of D-Link router (out of the dozens of different models they currently sell) completely fail to support IPv6. That's what, 3 models total? As a consumer, unless you went to a specific effort to buy a router that supports IPv6 chances are yours doesn't.

What's more, none of these routers have integrated ADSL modems, which means that most broadband providers can't usefully supply them bundled with their service - and that's how most end users get their routers these days.

Make hardware

If the whole unique selling proposition of your own software is that it's worse than free software, isn't it time you made the switch? Put your own logo in, add a "wizard" interface and be done with it. (Captcha: compete, emphasis mine)

Re:Make hardware

[profplump]

I know. I can't figure this one out. At this point writing your own router OS for SOHO-level things is like writing your own database -- you could, but it's going to be expensive and in most ways not as good as the pre-fab options.

Just put the top dev from your software team on the DD-WRT project to make sure your device and marketing features are supported, tell the guys that actually work on low-level drivers (if any -- most PHY units are now sold with prefab driver stubs from companies other than the router mfgs) to make a linux driver instead of whatever they're doing now, and lay off the entire rest of the team (or at least find something useful for them to do). You'd get better software for less cost and could still brand it however you wanted. It's not like the 4 pages of HTML in the quick-setup wizard would be hard to port to another backend.

Re:Make hardware

[zackeller]

This is exactly what Netgear has done with some of its newer products. The WNDR3700 and family comes with an older version of OpenWRT with the Netgear interface. Buffalo is now rebranding DD-WRT for use in some of its routers.

Re:Make hardware

[jimicus]

Probably because it would commoditise routers.

Go into any retail store and look at the packaging of home routers, there is a product that desperately does not want to be seen as a commodity item.

Mad-Libs

[blair1q]

I read this as

"Most (adjective) Gear Buggy"

Then don't require the user to do it..

Every ISP should offer to upgrade routers to dd-wrt for the consumers, charge a small fee, and then farm the operation out to local dd-wrt hackers.

Re:Then don't require the user to do it..

The *WRTs almost never have IPv6 configuration in their web interface, it usually needs to be set up from the command line. Adding IPv6 to their web setup isn't all that hard in principle though--seems like a good project for Google's 2011 Summer of Code.

Re:Then don't require the user to do it..

[hedwards]

The bigger issue tends to be the modem. I'm still using the same modem that I got when I switched from horrible Comcrap to terrible Qwest, it seems to have stability issues and yet lacks any sort of hardware watchdog setting and has to be periodically reboot when downloading via torrent.

Re:Then don't require the user to do it..

[wagnerrp]

Seems more like a good weekend project than a whole summer.

If only we had known earlier!

If we had known years ago that we needed to switch to IPv6 we could have tested and then fixed these bugs with firmware updates!

The exceptions

[CharlyFoxtrot]

"With the exception of some products by D-Link and Apple's AirPort Express and AirPort Extreme, none of today's CPE can operate using IPv6 well enough for a field test trial, Bulk says."

Which apparently makes Apple the only company to be ready for IPv6 across all of their current products.

Re:The exceptions

IPv6 DNS is borked in Snow Leopard, unfortunately.

Re:The exceptions

[pushing-robot]

And even their not-so-current products; all Apple routers have supported IPv6 since March 2008.

Re:The exceptions

[Bassman59]

IPv6 DNS is borked in Snow Leopard, unfortunately.

And it's not difficult to supply a patch for an operating-system install, as opposes to a firmware upgrade for a router.

Re:The exceptions

Too bad Apple's offerings nowadays caters to the consumer who hasn't the knowledge or the knowing need for IP6 in their lives.

Which depending on your point of view, may be a good thing.

btw, your praise, while correct factually, also reflects that Apple only has a like, well, 2 networking products in total. Whoop. Eee. Even they bury those products under "accessories."

Re:The exceptions

[Midnight+Thunder]

IPv6 DNS is borked in Snow Leopard, unfortunately.

Just curious, but what is the failure happening with IPv6 DNS? I am using IPv6 on my machine and have no issues. If you mean that it tries resolving IPv4 before IPv6, then while it may be incompatible with the spec, it will probably result in less people trying to turn off IPv6 on their machines.

Re:The exceptions

[Kizeh]

Too bad Apple has been entirely unwilling to address DHCPv6 for purposes of DNS information, which means that all of their products must have DNS servers configured by typing in their IPv6 addresses. (Yes, several other vendors suffer from the same issue) but I still suggest that disqualifies them form the "Ready for IPv6" badge of honor. See http://discussions.info.apple.com/thread.jspa?threadID=2607101&tstart=1, or most any education networking IPv6 discussion.

Re:The exceptions

SL generally can't retrieve IPv6 addresses for hosts with CNAME records. Since 10.6.6 this hasn't been obvious when running dual-stack, but switch off IPv4 and reboot and it's still pretty dramatic (eg. Youtube won't work at all even if you're using a whitelisted DNS server.)

The bug basically rules out running OS X under NAT64 until Apple can be bothered to squash it.

Re:The exceptions

[Thinine]

Lion fully supports DHCPv6 and other IPv6 broadcast technologies.

Re:The exceptions

Isn't DNS information supposed to be in the router advertisements used in stateless auto configuration?

Re:The exceptions

[Kizeh]

Really? People on the NANOG list from late February claim the developer copies do not have it. Having Apple officially announce this would be awesome, can you provide a link or documentation?

Re:The exceptions

iOS can get nameservers from DHCPv6 and from ND-RDNSS as well. Snow Leopard can't get them from either, while Lion, apparently, will be able to get them from ND-RDNSS, but not from DHCPv6.

Re:The exceptions

[SuricouRaven]

Partially. Stateless autoconfiguration gives all hosts an IPv6 address, the correct subnet mask, and the default gateway. DNS is conspicuously absent. There is an extension to the RA that can specify a DNS server, but not all OSs support it.

Re:The exceptions

By the RFCs it's pretty clear they are non compliant if they refuse radvd DNS information or DHCPv6 DNS information yet implement either of these dynamic addressing standards:

Hosts conforming to this
specification MUST extract DNS information from Router Advertisement
messages, unless static DNS configuration has been specified by the
user. If there is DNS information available from multiple Router
Advertisements and/or from DHCP, the host MUST maintain an ordered
list of this information as specified in Section 5.3.1.

Re:The exceptions

[j+h+woodyatt]

This is absolutely not true. In fact, the only currently shipping product that doesn't support both DHCPv6 and RDNSS for name server configuration is Mac OS X 10.6. Everything else Apple ships with an IP stack in it, i.e. Apple TV, iPhone, iPad, iPod Touch, AirPort and Time Capsule, all use both DHCPv6 and RDNSS to obtain their DNS configuration.

Members of Apple Developer Connection with access to the Mac OS X 10.7 Developer Preview can look for themselves to see if the pattern continues. (I'm not going to comment about features of technically unreleased forthcoming products.)

Re:The exceptions

[j+h+woodyatt]

Yes, and after I questioned those "people" (there was exactly one of them) about where they got their information and the accuracy of it, they posted a correction and an apology. Did you see it?

p.s. I wouldn't expect a press release from Apple about this. I mean, really... think about that for a moment. Seriously?

Re:The exceptions

[Mark+Atwood]

If your ISP claims to have IPv6, and isn't advertising their DNS servers over the DNS IPv6 anycast address, they are stupid. If they claim they can't, they are lying. If they claim it's someone else's fault, they are evil.

Why are you believing them?

Anyone know why?

[rsilvergun]

The manufactures bother with custom firmware? Don't they make the money on the hardware? I can see it in the business world, where Cisco makes a fortune on charging for patches to their custom firmware, but in the home space you don't pay Cisco for a patch, you go buy a D-Link.

Re:Anyone know why?

Product differentiation. As most of these products are 'fungible' meaning there are many equivalent versions out there (at least from an end customers point of view). Most of them are based on a generic OEM board (buffalo typically) and they tweak it a bit and slap some 'corporate logos' around. And poof... its 'better' than the other one.

web interface on OpenWRT / DD-WRT and branded

[johnjones]

the simple thing to do would be to create a decent web interface to OpenWRT and DD-WRT that can be branded by people and then we would be in a better situation !
most of them use linux anyway so it's simply that they dont know how to ship quality
encourage them to use Open systems and not and they will

infact was there not a competition to write a good web interface ?

regards

John Jones

Re:web interface on OpenWRT / DD-WRT and branded

[marcansoft]

The WNDR3700's default firmware is based on OpenWRT and Netgear (apparently) still managed to botch IPv6.

Personally, I run my own OpenWRT build on mine and that works great, providing a he.net v6 tunnel for my entire LAN.

Re:web interface on OpenWRT / DD-WRT and branded

What about m0n0wall? It supports IPv6 and does have a decent web interface. http://m0n0.ch/wall

Re:web interface on OpenWRT / DD-WRT and branded

Tomato has a web interface which lets you do everything.

Nice timing

[joh]

This "Internet" thing was getting out of hand anyway. Consumers will be happy to stay behind a safe and cheap NAT and everything else will be tightly controlled and expensive.

Seriously, I can't see this being fixed in any clean and fussless way soon (or at all). All have been sitting on their hands far too long. It's pathetic, really.

Apple and D-Link, only?

[RichiH]

Seems no one tried a Fritz!Box 7390 or other current models.

Re:Apple and D-Link, only?

[RichiH]

Or a RouterBoard, for that matter.

Re:Apple and D-Link, only?

[Midnight+Thunder]

Seems no one tried a Fritz!Box 7390 or other current models.

I don't believe it is sold outside of Europe. I suspect the routers tested were those available in the US market.

As to the RouterBoard, mentioned by RichiH, I doubt that consists of an out-of-the-box solution for most people.

Re:Apple and D-Link, only?

[Teun]

I just installed a 7340, the 'light' version of the 7390 as offered by my ISP.

There's a build in wizard that helps you with 2 or 3 clicks through the settings and it's up and running :)

The past several months there have been quite a few problems with this modem's firmware and that's why I waited before changing out the 7170, things look OK now.
But my main reasons to get it was for it's VDSL and the build in DECT base station.

Re:Apple and D-Link, only?

[Tapewolf]

I'm running a 7270 with the Lab firmware. The moment it came up it created an IPv6 tunnel before I had even configured it.

It should be interesting to see whether it is able to skip that step entirely when my ISP finally rolls out V6 later this year, after 8 years of sticking their fingers in their ears and going "La la la" about IPv4 depletion. Now if only I can get my web hosts to stop doing that too...

Re:Apple and D-Link, only?

[vlueboy]

There's a problem: your average tech can't even suspect Apple to be a "well known" IPv6 router maker ... see? IPv6 marketting was dead on arrival even for those who *deserve* to boast their early mastery.

I never heard of RouterBoard or Fritz!Box 7390 at the local giant computer store, or Staples, Circuit City, Best Buy, Sears, or even RadioShack. I also paid $150 for a router with no physical* sign that it was fully compliant out of the box. *That* is still the problem: even *they* don't care that they *care*

* Only the GUI once you pay and get the device home...webwise? only on the forum, or officially a few shy hints and firmware changelog one-liners.

Re:Apple and D-Link, only?

[ProfessionalCookie]

MikroTik's RouterOS isn't IPv6 ready, just go have a look at their forums. They're still working on adding v6 features in 5.0 RC11. Yeah that's 11, and it's still not feature complete.

Re:Apple and D-Link, only?

[amorsen]

As to the RouterBoard, mentioned by RichiH, I doubt that consists of an out-of-the-box solution for most people.

As long as you get the RB750 or the RB750G, it certainly counts as an out-of-the-box solution. It comes default with DHCP on the WAN interface, the rest bridged as LAN, DHCP server on the LAN, and IPv4 NAT. No assembly or configuration required.

I have no idea which IPv6 features are enabled by default though.

ipv6 cpe survey

[thanasakis]

Very thorough survey here.

OpenWrt isn't exactly a poster child for IPv6

[jmorris42]

OpenWrt makes you install the ipv6 packages yourself in the interest of keeping the base image small, after all almost nobody needs ipv6 currently. And I suspect Cisco/Linksys is right about the impact on the lower end of their range, even running OpenWrt. I'd have to see a Wrt54GL install the ipv6 packages and actually run under load to believe it. As for their current retail products running on half the ram? Not bloody likely. Me, I'm running a D-Link DIR-825 with 64MB of ram in it, I could probably load the OpenWRT ipv6 packages without a problem.... but AT&T has said word zero about support for IPv6 for residential DSL customers so I'm keeping the 1.3MB of remaining flash open for other stuff.

Re:OpenWrt isn't exactly a poster child for IPv6

[adolf]

I know it's a kludge, but:

What about 6to4 with anycast?

On my Uverse connection in Ohio, a traceroute to 192.88.99.1 is only 8 low-latency hops long (including my own router(s)). For me, it ends up in Chicago, and traverses only AT&T pipes.

If I understand the concept correctly, it should operate similarly anywhere on AT&T's network. (I haven't tried, though, and likely won't until one of the Tomato firmwares grows GUI support for IPV6.)

Re:OpenWrt isn't exactly a poster child for IPv6

[bbn]

What about 6to4 with anycast?

The problem with 6to4 is that it is asymmetric. Your outgoing packets will be going through that 192.88.99.1 node you found by traceroute. But your return packets will be going through whatever gateway is closest to the IPv6 host you are accessing.

This means that you will be using a lot of different gateways all around the world. And a lot of those are badly configured and give poor quality. One usual problem is badly configured MTU such that all larger packets do not make it through. Ping will work but any actual download fails.

The 6rd protocol is a small tweak to 6to4 such that the return gateway is forced to be one operated by your ISP. This way the ISP can ensure it is working properly and give you a good experience.

Re:OpenWrt isn't exactly a poster child for IPv6

[marka63]

We are out of IPv4 addresses for 6to4 to be viable anymore.

6rd, however, could eb used.

Re:OpenWrt isn't exactly a poster child for IPv6

Only if you combine 6rd with IPv4 NAT.

I run IPv6 at Home

[igb]

Most of my substantial home machines run IPv6, as do my offsite machines, and I link them via Hurricane Electric tunnels. It's a mix of OSX 10.5 and 10.6, Solaris 10, Open Solaris and Solaris 11, with Apple basestations and such. It all "just works", to the point that once I got the DNS sorted out "ssh machine-in-next-room" goes via IPv6 by default, as does remote access to websites that offer IPv6 connectivity.

But I guess Apple and Solaris isn't a typical "home" network...

Re:I run IPv6 at Home

[value_added]

But I guess Apple and Solaris isn't a typical "home" network...

Substitute Solaris with NexentaStore, and it's no more unusual than mine, which includes Free and OpenBSD, Windows, and Linux. ;-)

Still, the article is an interesting one in that it describes in fair detail what the issues are and makes it clear what everyone (ISPs, hardware manufacturers, consumers, etc.) is up against.

Relying on Soekris boxes running FreeBSD, for example, may give me the right to a chuckle, or even be dismissive, but the gnashing and wailing of teeth going on in the real world is interesting to read about, irrespective of whether it penetrates my cloud of smug.

Re:I run IPv6 at Home

[jmorris42]

And the benefit is? Bouncing all of your traffic around like that is just adding latency. Until there are resources only reachable by IPv6 most people aren't going to get interested enough for ISPs to offer it native.

Re:I run IPv6 at Home

Really the only big problem on the PC side is legacy XP installations, Win7 has IPv6 enabled OOTB.

Re:I run IPv6 at Home

[Midnight+Thunder]

Really the only big problem on the PC side is legacy XP installations, Win7 has IPv6 enabled OOTB.

Windows XP is not a problem either. All it takes is one command, on the command line, and IPv6 is active. It even assigns itself an address using router advertisements. For the DNS server address you will still need IPv4, but in an internal network that isn't really an issue.

Re:I run IPv6 at Home

[breser]

I don't know about the person you're responding too but I actually routinely get better latency via IPv6 tunneled via Hurricane Electric than IPv4 through my own ISP.

Fact of the matter is that IPv6 should be slightly faster since the routers don't have to recalculate a CRC for every hop. HE has multiple tunnel broker servers around the world. So you can pick one close to your network and the only CRC latency you'll eat will be the hops between you and the tunnel broker site.

Example:

--- leguin.freenode.net ping6 statistics ---
10 packets transmitted, 10 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 205.932/215.147/262.156/16.624 ms

--- leguin.freenode.net ping statistics ---
10 packets transmitted, 10 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 280.228/329.908/374.605/31.503 ms

And I just picked a random IPv6 host that I knew I could target the same machine via either network. I didn't dig around to find a machine that gave me better latency via IPv6 than IPv4.

Re:I run IPv6 at Home

[igb]

In my case I have research interests in IPv6, so it's a testbed, and being able to see all my home network via a /64 is handy. But as breser says, I actually see comparable or better latency via HE as compared to via my own ISP.

Re:I run IPv6 at Home

[igb]

For that testcase, my latency is (fractionally) worse over IPv6.
--- leguin.freenode.net ping statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 71.533/71.775/72.425/0.376 ms

--- leguin.freenode.net ping6 statistics ---
5 packets transmitted, 5 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 81.079/81.913/83.537/0.881 ms

But more generally, I've seen cases where indeed it is lower.

Re:I run IPv6 at Home

[butlerm]

Fact of the matter is that IPv6 should be slightly faster since the routers don't have to recalculate a CRC for every hop

Virtually every layer 2 protocol in the world (Ethernet for example) calculates a CRC in hardware for every frame. This is not a measurable overhead.

IPv6 doesn't require routers to calculate header checksums (not CRCs, checksums) the way IPv4 does, and that improves core router efficiency, but it is not the sort of thing that is going to make more than a couple of microseconds difference in actual latency.

Latency is primarily determined by congestion and the actual path packets take, which is a function of routing protocols like BGP, the way they are administered, the location of peering / interconnection points, and so on.

Why IPv6 is a pipe dream

[jmorris42]

Ding! We have a winner.

Where is the upside for a customer in caring about ipv6? Will they want to decloak when/if ipv6 becomes popular? OMG, my PC is broadcasting an IP address, of course I want your wonderful product to protect me! All ipv6 would do is get every Windows PC pwn3d twenty four hours after deployment and then everyone retreats behind a NAT and dynamic IP again, this time grafted onto ipv6. Or no ipv6 for end users. What is going to happen is that as addresses get tight the big ISPs will put residential users on 10/8 nets and double NAT just like they have been doing overseas for years and on mobile phones since day one. That will free up enough addresses for servers for the indefinite future. And end the open Internet as we have known it. P2P is over, end users consume content like they are supposed to and content producers produce content like they are supposed to. Or we implement IPv6 at a cost of billions in a down economy and uncork the P2P genie again along with untold new services once any host can reach any host as the Internet originally intended.. Put that way it is a real easy decision for the large players isn't it.

Re:Why IPv6 is a pipe dream

[proverbialcow]

Or we implement IPv6 at a cost of billions in a down economy

Because investing in infrastructure is certainly no way to get the economy moving again?

Re:Why IPv6 is a pipe dream

Only if we want to stimulate the Chinese economy.

Re:Why IPv6 is a pipe dream

[marcansoft]

NAT needs a connection state tracker to work anyway (which forms the basis of a stateful firewall). Slap a stateful firewall on v6, no need for actual NAT, and you get better security without the drawbacks. As for dynamic IPs, every IPv6 customer gets at least 18,446,744,073,709,551,615 IPv6s to himself. It's pretty easy to make computers pick one at random. This alone makes IPv6 a lot more resistant to attack than IPv4, since IP netblock scanning becomes all but impossible.

Re:Why IPv6 is a pipe dream

[smash]

I think you severely under estimate how long it would take to scan / malware install over the entire ipv6 address space...

Re:Why IPv6 is a pipe dream

[wagnerrp]

Where is the upside for a customer in caring about ipv6? Will they want to decloak when/if ipv6 becomes popular? OMG, my PC is broadcasting an IP address, of course I want your wonderful product to protect me! All ipv6 would do is get every Windows PC pwn3d twenty four hours after deployment and then everyone retreats behind a NAT and dynamic IP again, this time grafted onto ipv6.

How many times do we have to tell you people, NAT is not a security mechanism. All it does is translate packets from one address to another. All of these consumer NAT routers could just as easily become consumer stateful firewalls. Block all traffic unless originating from the internal physical network, or there is a specific rule to allow it. It's not hard. It's really functionally no different. You just lose those restrictions like not being able to run multiple servers on the same port, or not being able to use protocols like SIP which encode the address in each packet.

If you have enough addresses that everyone can have one, there is absolutely no reason why they shouldn't.

Re:Why IPv6 is a pipe dream

All ipv6 would do is get every Windows PC pwn3d twenty four hours after deployment...

Don't worry so much. Microsoft is probably working on a patch for that right now.

Re:Why IPv6 is a pipe dream

[jmorris42]

You know all that tech stuff. I know all that tech stuff. Explain to typical cable modem customer why they should care enough to not only pay more or replace hardware but to agitate to get their cable company to implement IPv6. Reread what I wrote, that last part was cast as how a large ISP that is in the content business (as every cable provider and most DSL providers are) will be evaluating the decision. Spend billions on something customers don't realize a need for and cost your content side of the house even more billions or roll out another layer of NAT when IP blocks start becoming too expensive to obtain. Or better, when SELLING off your customer's current IP blocks become more profitable than the NAT boxes. Now remember that the decision won't be made by the ISP's tech people but by the pointed haired bosses. Forget IPv6, ain't happening here. If the rest of the world (who are far more pressed for IPv4 addresses) do it to the point Americans can't reach content something might get done, not sooner. But if the content is attracting non-trivial traffic from the US there is probably enough money to get it up on an IPv4 host.

It is like the death of analog TV. With the combination of government handouts and force most people converted over a decade. BUt not without several retreats in the "Deadline" and there were still people up in arms when the analog signals disappeared.

Same for analog cell service. Right up until the drop dead date there were still areas out here in flyover country running analog only. And again that was government force at work, because they wanted to resell the spectrum and could force the previous users out.

Where is the drop dead date for IPv4? Who would even be in a position to declare one? Won't happen. Sure with enough slipped mandate dates and enough fraud and waste the government will eventually convert to IPv6. But every last .gov and .mil site intended for a general Internet audience will have an IPv4 address.

Re:Why IPv6 is a pipe dream

Or have a simple firewall, rather than NAT?

Re:Why IPv6 is a pipe dream

[jmorris42]

> I think you severely under estimate how long it would take to scan / malware install over the entire ipv6 address space...

To be so naive again.... they will adapt. Almost certainly before IPv6 spreads to average end points. Server logs will become the new hot item to steal. The webbugs in spam will be a rich trove of IP usage, etc. Then they will start hacking routers so they can see the traffic passing through. Huge lists of active addresses will pass around the underground. And remember, for the customer to receive the benefit their address will be basically static. And to be found at all there is going to have to be DNS or some other service that is aware of you. All IPv6 stops is mindless block scanning against dynamic ip blocks.

Re:Why IPv6 is a pipe dream

Ding! We have a winner.
Where is the upside for a customer in caring about ipv6?

Ding ding! No one cares about IPv4 either.

OMG, my PC is broadcasting an IP address, of course I want your wonderful product to protect me! All ipv6 would do is get every Windows PC pwn3d twenty four hours after deployment and then everyone retreats behind a NAT and dynamic IP again, this time grafted onto ipv6.

I guess I should stop reading. People that have opinions but know nothing about technology should not have opinions. Period.

1. NAT has nothing to do with IPv4 or IPV6 - IPv6 NAT works just fine
2. Security has nothing to do with NAT
3. Ever heard of IPv6 autoconfiguration or DHCP? Try to google for it. Ever heard of IPv6 privacy extension? You may want to google for that too....

And nothing is "grafted" on top of IPv6. All these tech works with IPv4 and IPv6, except when they are only supported by IPv6 protocol, like autoconfiguration.

FFS man, read about technology before posting FUD and bullshit.

Re:Why IPv6 is a pipe dream

IPv6 is pipe dream because it was not designed as an extension to IPv4. Neither can talk to each other - no smooth upgrade path.

http://cr.yp.to/djbdns/ipv6mess.html

Re:Why IPv6 is a pipe dream

[ayvee]

NAT. Firewall. Not the same.

Re:Why IPv6 is a pipe dream

[MavEtJu]

> All ipv6 would do is get every Windows PC pwn3d twenty four hours after deployment

How will you get its IP address? Don't tell you are able to scan through 2^64 IP addresses within a reasonable time.

Re:Why IPv6 is a pipe dream

[SuricouRaven]

My cynical side has to agree. ISPs hate P2P technology - not only does it suck up network capacity and force them into expensive upgrades, but many of them are closely tied to content companies or distribution services too. Give them a chance to kill P2P through inaction, and I imagine a lot of them will be more than happy to sit back let it happen. No more piracy to reduce the demand for cable TV, no more VoIP to compete with their telephone services.

Re:Why IPv6 is a pipe dream

Not all phone companies do this as my mobile phone has a "real" (not natted) ip address. I think any ISP that tried to NAT customers would loose most of them quite quickly once they cottoned on. Roll on IPV6 (well actually, my ISP has :-))

Re:Why IPv6 is a pipe dream

[gbjbaanb]

how many times do people have to be told that NAT is not a firewall.

OK, in most people's minds "NAT" means "that box that provides a secure local network safe from the outside", when the reality is really "NAT is a packet router that usually comes bundled with a firewall that provides a secure local network safe from the outside". Think of the 'DMZ' or port forwarding options on in their NAT router to clarify.

You can have the safe local network without NAT. If the IPv6 routers come with a firewall, configured in the "NAT" mode, then there will not be the disaster you predict. Even if they screw that up and put no firewall at all on your box, you still run firewalls on the computers on your network - even Windows complains vociferously if you turn the bundled one off.

Re:Why IPv6 is a pipe dream

[SHaFT7]

I never thought about the double NAT stuff. interesting....

Re:Why IPv6 is a pipe dream

[bbn]

You need to lookup IPv6 privacy extension. Your computer changes IP every other hour or so. What good will a log file with old stale no longer used addresses be?

If you want to run a web server on a domain name, then you need to be in DNS sure. That is not the majority of people.

If you want to run a bittorrent client you do not need to be using the same IP that you did yesterday.

What happend when

[SnarfQuest]

What's going to happen when IPv6 becomes necessary? Most ISP's don't provide it, most of the DSL/Cable modems don't support it, and new web sites will need to require it. Unless you are/know a technical person capable of reflashing your software, or you are rich enough to replace all your gear several times until they get it right, you're going to be missing half the internet.

Re:What happend when

None of the Internet needs IPv6 now. How long will it take for "half the internet" to need it?

Re:What happend when

[grumbel]

I doubt websites will require IPv6 for quite some years, as nobody would be stupid enough to just cut of a large percentage of the userbase. Where IP addresses will run out is at the user side, people are already behind dynamic IP addresses for that reason, in the future they might be behind a provider-NAT or transparent proxy and no longer get a public IP at all. That setup would still keep old gear running and allow access to IPv4 webpages and give plenty of time to fix/upgrade old router gear. Lets not forget that a random home router goes for as little as $20, so its quite affordable and without much upgrade pressure it shouldn't be that big of a deal. It might however mean that the IPv6 transition might take a long long.

Re:What happend when

[Midnight+Thunder]

Current web sites won't require it, but at a certain point new web sites or businesses will only be able to get an IPv6 address or IPv6 subnet. If you want to access their web sites then you will need it. The IPv4 address pool exhaustion is going to hit Asia and Africa first, so you will likely be cut off from new businesses and service in those geographic regions.

Akamai is already doing the work necessary for IPv6 support, but it probably won't be ready until late 2011 or 2012.

Re:What happend when

[vlueboy]

True, but sadly people are happy enough with the current, reachable IPv4 internet that they won't care unless somehow there's youtube and facebook killer that is v6 only out there. But you can't be #1 if you start out in a broken-off shard of the internet --I mean, your site's not even counted in official top-site stats, unless it's ipv4

Re:What happend when

[SuricouRaven]

It will be able to run for some time by just reselling IPs. You want a range, but none to be had? No problem: Just find a company with more addresses then they need and offer a reasonable sum of money. Eventually organisations will realise that if they deploy more NAT they can free up precious addresses to sell on the open market. It'll all cuminate at the point when everyone who isn't running a server is behind three nester NAT routers and it's impossible for any end user to communicate with another except via a company with the money to pay for a real address... which is exactly how a lot of people would like the internet. There is money to be made in an internet of equals, but there is a lot more money to be made in an internet where only those with the cash can publish easily.

Re:What happend when

[zach_the_lizard]

Africa is one of the regions expected to run out of IPv4 addresses last.

free? comcast forces you to rent if you have phone

[Joe+The+Dragon]

free? comcast forces you to rent if you have phone.

Home IPV4 equipment is buggy too

My Actiontec DSL modem can't survive more than about 5 days worth of inbound HTTP and spammer's dropped SMTP connections before it loses its mind and has to be rebooted. How about we fix all the IPv4 bugs before trying to take on IPv6? :D

meta comments

[ipfundamentals]

Certification to some conformance test is a very limited statement of functionality. It does not imply bug-free code.

These logos are frequently seen as an endpoint for development, but in reality they are a starting point. It's a "you must be this tall to go on this ride" kind of thing.

Re:meta comments

[JSBiff]

It actually depends on how well designed the conformance test is. If the conformance test is suitably rigorous and complex in that it tests every feature of the protocols included in the test, then it should give a fairly high level of confidence in the implementation being tested.

Yes, that doesn't guarantee 100% bug-freeness,if you will, but it should verify that it works well enough for use.

Re:meta comments

Every extra constraint that is added to a conformance test makes it that much more difficult to pass. What use is a perfect conformance test that no device can meet? Such testing is *always* a compromise. The solution isn't the perfect test, it's testing continuously. Quality doesn't improve on its own, or as a result of a one-off test. It's the result of constant, iterative, continuous ENGINEERING.

Except for IPv6, I prefer Linksys

[billstewart]

I've always had good luck with Linksys reliability and stability - I recently upgraded from my antique BEFSX41 to a newer model that had 802.11n support,and they're fine. (Of course, when I finally got around to looking at how to configure IPv6, and found that the answer was "folks on the net say it supports DD-WRT", I was much less happy :-)

By contrast, while I've always really liked Netgear's Layer 2 switches, the one Netgear router I bought (which did 802.11b) was a cretinous piece of junk, and I haven't felt motivated to try any of their newer Layer 3 equipment.

Re:Except for IPv6, I prefer Linksys

[Chuck_McDevitt]

Linksys is part of CISCO

Re:Except for IPv6, I prefer Linksys

Yeah, netgear used to be good - their newer routers are total piles though.

Everyone who's ever called me over with wireless network problems has had a netgear router.

Maybe it's just the cheap ones though...

Re:Except for IPv6, I prefer Linksys

Yeah, that's his point.

Re:Except for IPv6, I prefer Linksys

[Martin+Blank]

NetGear's business line is pretty good. I picked up an 8-port managed gigabit switch for about $90 and while the management interface is total crap, it really is manageable and handles a decent set of traffic through it (much better than $40 Linksys switches).

But the SOHO routers... No, I won't buy them anymore. I just gave away my old one as a holdover for some other dead router with a warning that it shouldn't be expected to last long.

Re:Except for IPv6, I prefer Linksys

My ProSafe VPN Gateway was total junk, security bugs, instability and even when you manage to talk to a Netgear engineer, they are too stupid to even work through a detailed 100% repro of a problem. I now make sure I don't even use Netgear switches let alone anything important.

Re:Except for IPv6, I prefer Linksys

[billstewart]

Netgear's older wireless routers were horrible too. On the other hand, for basic Ethernet switches (or hubs, back when we used hubs), they've been fine.

I'd been very happy with the 3Com Travel Router wifi access point I used for a couple of years, other than a tendency to overheat (never did melt or catch fire, but always felt like it would), and you could use it as a dumb bridge instead of a router, which meant I could let my older wired Linksys do all the Layer 3 work. However, enough of my apartment neighbors got 802.11n gear that the spectrum was getting overcrowded, so I needed to get 802.11n to improve my connection, thus the newer Linksys.

One possible transition technology

[JSBiff]

I think we're going to see a transition period (which might last a long time - decades, perhaps) where ISPs will offer native IPv6 transport for their customers who are all setup for it, and for those still using older gear (or a mix of new and old gear), they will setup IPv4 to IPv6 translation servers.

Kind of similar in concept to NAT, but instead of translating from public IPv4 to private IPv4 addresses, it will translate back and forth between IPv4 and IPv6. So, your computer will think it's talking to an IPv4 server (but the address of that IPv4 Server will be a 10.* private address allocated on the ISP's network (on a temporary, as-needed basis). That 10.* address will be mapped by the IPv4-to-IPv6 NAT Server to have all it's traffic forwarded to the public IPv6 address of the computer you are trying to contact.

IPv6 computers will not be able to initiate an 'inbound' connection to the IPv4 host (because it is hidden behind the ISP's NAT server), but IPv4-only devices inside the ISP network will be able to talk 'out' to IPv6-only servers.

At least, probably. This is how it *should* work. If you have working IPv6 cable/dsl modem, this could be done by the cable/dsl modem, hypothetically, with the traffic from your modem to the ISP being IPv6-only, so that there's no need to run your traffic through your ISPs NAT device, but I think that, because of the types of equipment problems this article is about, it's likely ISPs will end up offering such a v4-v6 NAT service to customers.

Re:One possible transition technology

[bbn]

So how is your computer going to access this URL? http ://[2001:470:1f12:73::2]/ (remove the space after http - slashdot is not exactly IPv6 compatible and gets confused).

Your computer has no way of translating that IPv6 address into something in the 10.0.0.0/8 range.

There is no way IPv4 only hosts are ever going to access content on the IPv6 network.

IPv6 hosts will always be able to access IPv4 content through the numerous transition technologies available.

Re:One possible transition technology

[JSBiff]

Two scenarios:
1) Computer you are connecting to has a DNS name. The DNS Server sees that only an AAAA record is available for the domain name, so it sets up a mapping (if one doesn't already exist for that server, in which case it serves it from cache).

2) Computer does NOT have a dns name.
      a) if the software you are using will accept dns names, give it a dns name that embeds the IPv6 address, which the DNS server can automatically create a mapping for. Something like:

2001-470-1f12-73--2.ip6

        I don't know if any RFC addresses (oh, the puns) this particular type of mechanism yet, but it's at least notionally possible.
      b) if the software will not accept DNS names, as a last resort you could manually request the mapping (for example, by typing the above type of ip6 dns name into your browser to trigger a mapping to be created), then find the local IP address (10.whatever) associated to that dns entry, and put the local IP into your client software.

Just because you can't think of a solution, doesn't mean that one does not exist. It just means you haven't thought of it yet.

I'm not saying anything like this exists yet - I'm not sure, haven't had a chance to spend much time digging, but I don't *think* anyone has yet. However, it's perfectly logical that it *could* exist. It probably *should* exist, too.

Re:One possible transition technology

[bbn]

Just because you can't think of a solution, doesn't mean that one does not exist. It just means you haven't thought of it yet.

Perhabs a bit arrogant saying considering that the whole world has been thinking of this for the past 10 years, and you think you can just come up with an easy solution, right here on slashdot, that nobody thought of before?

If the initial contact was made by DNS you are correct that a mapping could be made. That was why I asked you how to resolve an URL that did _not_ contain a DNS name. This needs to work on an unmodified IPv4 computer - and can of course not be done. Someone could setup a DNS name that resolves to the address I gave you, but that would not fix the link. Your browser would not know to go to that name. In fact your browser would know that it was a IPv6 link and that this computer does not have IPv6 and not even try.

The internet is not just web. Lots of protocols out there doing stuff you have no control over. Take a bittorrent client as an example. Bittorrent does not use DNS, but it connects to hundreds if not thousands of IP addresses that it learns about from other hosts, sometimes using encrypted communication. There is simply no way to set up mappings, neither automatic nor manually. Your IPv4 only computer will have to avoid connecting to the IPv6 hosts it learns about. It might get stuck on a download it would otherwise be able to complete if it could communicate with the IPv6 only seed.

The problem you are trying to solve is usually called 4to6. There was even an RFC on it using exactly the DNS mapping idea. The problem with it is that it solves the wrong problem. The first to be on IPv6 only hosts are going to be those bittorrent seeds and not some website that has a DNS record. Nobody would be crazy enough to set up a website with only IPv6 for many years to come.

Re:One possible transition technology

[JSBiff]

Yes, there are cases it wouldn't work for. Limited connectivity is better than zero connectivity in many cases. You're right that this wouldn't work for just about any protocol which gets IP's sent to it - video game clients which might receive a list of available servers and the IP addresses of those server. SIP VoIP clients. IM Clients (for doing things like direct file transfers - similar to the Bittorrent example you gave).

I agree, you're right about that. I still think that something substantially similar to what I describe is still necessary to help with the transition - a 50% 'hack' is better than a zero percent solution, sometimes, and in this case, I think it might be the best you can do.

One more note, on your comment, "Someone could setup a DNS name that resolves to the address I gave you, but that would not fix the link. Your browser would not know to go to that name. In fact your browser would know that it was a IPv6 link and that this computer does not have IPv6 and not even try."

If the browser is modern enough it knows about IPv6, and knows you don't have IPv6 on the current computer, it occurs to me that the browser could potentially be made smart enough (through a plugin/addon) to automatically rewrite the IPv6 URL as an IPv6 DNS name, on-the-fly.

Doesn't help bittorrent, but could help with browsing. Might not fix any javascript or flash objects, etc, which have embedded IPv6 addresses hard coded into the code.

Re:One possible transition technology

[bbn]

If the browser is modern enough it knows about IPv6, and knows you don't have IPv6 on the current computer, it occurs to me that the browser could potentially be made smart enough (through a plugin/addon) to automatically rewrite the IPv6 URL as an IPv6 DNS name, on-the-fly.

Or you could just configure the browser with a HTTP proxy. This is already supported by all major browsers and solves the IPv6 problem completely. Still requires the user to change his setup though.

To expand on the subject..

Just about every home router, NAS and IP enabled media device with proprietary firmware has problems. Not just with IPV6, but in general with a lot of their advertised features. I still have some around but the most reliable and usable "appliances" I have are running some for of open source software or firmware. My "home router" supporting two different internal networks and cable modem internet is running m0n0wall, my "NAS" device is a $109 Foxconn mini PC with an internal sata 2TB drive and an external 2TB USB drive running a custom install of Ubuntu server. Total cost was about $325 included the 4TB and it is ROCK fucking solid. My wireless is bridged around the house using a combination Linksys WRT54 series devices running DD- WRT. I'm still using a Seagate Theater+ for some HTPC functions and although not perfect, it still works enough until I can piece together a decent small MINI PC with HDMI.

To restate. Don't expect non enterprise class closed source embedded device to work reliably with all of the advertised features. I know I don't, if they do, bonus and you better get another one before a new broken rev comes out.

This is just an excuse

[hedrick]

I have little sympathy for the ISPs. No devices support IPv6 because there's no evidence that any of the networks for which they are intended has any plan for implementing IPv6 within the lifetime of the products. There are enough Apple routers out there to run a trial. What we need is the ISPs to turn on support, and a couple of intrepid web sites to put up attractive content. (An IPv6-only free porn site would be ideal.) Final debugging is going to occur only with real use, and you can't get real use if the pipes don't support IPv6. If the major ISPs even supported decent IPv6/v4 gateways in the right part of their architecture one could turn on tunneling, which seems to be supported by all real IPv6 implementations.

Re:This is just an excuse

Comcast is already doing IPV6 and unrelated but also DNSSEC in certain areas.

http://www.comcast6.net/
http://www.dnssec.comcast.net/

Re:This is just an excuse

[SuricouRaven]

"(An IPv6-only free porn site would be ideal.)"

One was actually tried, but AFAIK it collapsed due to a combination of repeated delays and licencing issues actually getting top-quality free porn legally. There's plenty of free porn on IPv4 already, so you need something people would pay for... and if people would pay for it, the studio isn't going to be too happy about giving it away for free. If you want to though, go ahead and set it up yourself. Servers arn't that expensive to rent, though you'll have to shop around for one with a real IPv6 address.

Upgrading firmware is easy for anyone...

[vlueboy]

but not using said alternative firmware. Let's face the upgrade side: we're talking about days when people routinely root their cellphones and have at least one alternative browser they click on without having an ounce of IT blood in their family.

On using the alt firmware... I'm under the impression that the main OSS router firmwares force you to use a CLI before you can 'install' what 99% of the world considers a mandatory port 80 GUI.

If that's still the truth, then it's pretty bad form. The only reason Joe User configures consumer routers is all the sticky color-coded labels / shrinkwrap saying "USE THIS CD IN WINDOWS TO RUN THE EASY-CLICK WIZARD GUI FIRST!" Alternative firmware doesn't get to use that trump card. That alone is the reason only 1 in 50 wifis in densely packed buildings in this large US metropolis is still in a factory state as opposed to 2 in 14 back in 2005.

Re:Upgrading firmware is easy for anyone...

[rrossman2]

"On using the alt firmware... I'm under the impression that the main OSS router firmwares force you to use a CLI before you can 'install' what 99% of the world considers a mandatory port 80 GUI."

I'm not sure what you're trying to say here, but if you're trying to say you need to use a CLI to get port 80 open.. no. If you're saying you need to use the CLI to get access to the router to flash.. no. While some models USE to require JTAG.. they were works in progress at the time. For example the linksys routers with 4M flash instead of 8.. but they broke that and have a special version you upload, and THEN you can upload the more featured one. While it is an extra step, the point is if the manufacturers stuck it on as the default instead of their own, it would all be good. There's no reason they couldn't change the GUI interface a little bit for those who think it's "too complicated".

As a side note, doesn't Buffalo also use DD-WRT or one of those in some fashion?

Re:Upgrading firmware is easy for anyone...

[Nikker]

No CLI involved, unless for some reason you really wanted to. Even upgrading between firmwares like factory > DDWRT > OpenWRT is all done via web GUI. The whole network is actually ready to go (without encryption) by just plugging it in.

But I thought...

[Low+Ranked+Craig]

Apple was all about the shiny? Now I'm even more confused...

"With the exception of some products by D-Link and Apple's AirPort Express and AirPort Extreme, none of today's CPE can operate using IPv6 well enough for a field test trial, Bulk says."

Re:But I thought...

[hedrick]

I believe their routers run a version of BSD. They've had IPv6 support for years. Apple is an interesting mix of flashy products that tend to be on the expensive side with fairly decent underlying technology. It's a mistake for techies to become fans and enemies of particular vendors. That approach to the world is fine for football fans, but not so useful for people making technology decisions.

Re:But I thought...

[Voyager529]

I have a bit of a love/hate relationship with those things. We have three of them at work, while I have a BuffaloTech WZR-300NH at home.

While I'm a fan of installable, offline applications for roughly 98% of circumstances, router configs are def a task best left to a browser. Apple routers require an installable application to be used. I've had issues with the client connecting to a misconfigured router, and the trick of forcing it to connect to an IP is known by half the applecare reps I spoke to (admittedly a sample size of two).

At the same time,the client is REALLY nice in that it makes exporting and importing configuration profiles real quick work. When I wanted to set up the third AP, I dialed into router 2, downloaded the config, imported it to the new unit, changed the name, and I was done in less than 90 seconds.

The transceivers in those things are incredibly powerful, so w00tness to that. They're generally low maintenance, and their color coded LED is generally easier to figure out the status from further away than the more standard lineup of LEDs whose labels can't be read further than half an arm's length away.

On the flip side, the Buffalotech router allows for USB printer and hard disk sharing, has an official, Buffalo-supported DD-WRT upgrade path, has an integrated bittorrent client (though only on the stock firmware, not dd-wrt unless you install deluge via SSH), and about a dozen other fun widgets, and costs a little over 1/3 the price of the Apple gear.

I like them both. I still think the Airport needs a browser config though.

The internet is more than the web. . .

[JSBiff]

I basically agree with your sentiment, but you need to test more than just website. It would be good to do things like get IPv6-enabled versions of a some popular games (like the Quake/Doom/Wolfenstein games, CoD, Halo, etc), and IPv6 enabled builds of the game clients also (because, of course, IPv6 Server with no IPv6 client will have no audience). Maybe an IPv6-enabled VOIP/SIP server (let people make free calls in USA, Canada, or Europe, for example).

Try to get as many different protocols as possible being tested by the customers over IPv6.

How to handle the firmware upgrades

[sco08y]

Given that router manufacturers shipped buggy products...
And given that the solution is a firmware update...
And given that the companies best equipped to handle this are ISPs...
And given that the products are implicitly warranted for fitness of merchantabilty...

I propose that rather than a product recall or class action lawsuit, the manufacturers jointly agree that they will pay a fee to the ISPs for each firmware upgrade performed by their techs for the residential and home office markets. The techs can simply take note of the product ID and serial number of each affected router, and each quarter the ISPs can send a bill to the manufacturers.

The serials will do a pretty good job of preventing cheating, and while the techs are there they can also advise people on setting up their home networks.

why not sell firmware upgrades?

[JSBiff]

For hardware that supports it, why not sell an upgraded IPv6-ready version of the firmware for like $10-20 (with free updates for 2 years or something)?

I, for one, don't expect free updates forever (if I just bought the router within one year of the IPv6 firmware version being released, I might expect a free upgrade, but further back than that, I could reasonably see buying the upgrade.

I would think that, without needing to manufacture or ship any new hardware, that $10-20 would give them almost as much profit (maybe more) than selling a new box with the new firmware. From my pespective as a customer, I'd rather spend $20 on a firmware update than spend $70 on a whole new router.

Re:why not sell firmware upgrades?

[jimicus]

So - what, ISPs will write to their customers saying "You'll need to upgrade your router. A firmware upgrade may be available cheaply or even free, check with the manufacturer's website"?

How many routers do you think actually get firmware upgrades in the field? I'd be surprised if it was 10%.

The headline would still read true...

[John+Hasler]

...even if you left out "IPv6-certified".

Why not use ISATAP at the ISP level?

[Myria]

In Windows Vista and 7, if DNS resolves the name "isatap", Windows will automatically try to acquire an IPv6 prefix using an IPv4 tunnel to the ISATAP server, and use that server to route all your IPv6 traffic. Windows XP SP1+ will as well, once you enable IPv6.

When an ISP implements IPv6, why can't they also add an ISATAP server? With ISATAP, customers with IPv4 routers will have computers that notice the ISP's IPv6 router and start using it through their IPv4 NAT router automatically.

Cisco could implement ISATAP into their routers so that ISPs' internal routers could provide the ISATAP interface, which would be better than a normal machine being a single point of failure. Is this an ISATAP packet destined for the fake IP address we set up as the isatap DNS result? Yes. Let's translate this packet to IPv6 and send it on its way.

Since this is effectively bypassing the customer's IPv4 router's pseudo-security inherently present in NAT, the ISP could have a policy that those using ISATAP as opposed to an IPv6-capable router will have incoming IPv6 traffic blocked, to maintain the status quo in security.

Sometimes, I feel like this transition process is being handled the wrong way, and that there are much easier solutions to these seemingly difficult migration problems.

Re:Why not use ISATAP at the ISP level?

[gbjbaanb]

you assume that the consumer has a IPv4 address to tunnel over - this assumption may not hold true shortly in the future.

Re:Why not use ISATAP at the ISP level?

Not likely. If they can't give you a real IP address they'll give you a NATed one, like mobile phone companies and Asian ISPs do now. If, using the GP's scheme, this gives you a real ipv6 address it's a huge improvement.

Practical solution...

Neither is putting a man on the moon.

NSFW

[Bomazi]

When i read plugfest, I was afraid it might be something else entirely.

Here, let me fix the headline for you.

[inkswamp]

"Most Home Network Gear Buggy"

Re:Here, let me fix the headline for you.

[Rising+Ape]

Ain't that the truth, and it's not just software bugs. My ADSL modem / NAT box overheats and reboots itself under any significant load unless you operate it upside down. In a example of true design genius the vent is on the bottom.

WRT54GL WiFi firmware broken for IPv6 bridging

I set up IPv6 at home with OpenWRT(White Russian)/WRT54GL using 6to4 (my ISP still refuses to offer native /48 blocks).

The one biggish problem I ran into was the WiFi bridging firmware doesn't support IPv6. It turns out the proprietary firmware implements a weird WiFi proxy for IPv4 because the encryption fixes the MAC address. I had to work around the problem with GRE tunneling and subnetting.

Modem only and PPPoE

[alanw]

I've just had a couple of days off work with a nasty virus, and even with my head full of cotton wool I had a play with setting my Netgear DG834 into "Modem only" mode (via the hidden page http://192.168.0.1/mode.htm) and running RP-PPPoE on my linux server. I managed to get it up running IPv4 pretty quickly. Now all I need to do is wait for my ISP to start supporting IPv6. Unlike Andrews and Arnold who have been running IPv6 for ages, they don't think it will be a concern for some considerable time. Don't they understand that some of us want to start seeing if things work and gaining experience right now?

ISP Perform a forced Firmware Upgrade to DDWRT

For DSL Modem/Router Combos:

My ISP issues only one or two brands of router, what about having the ISP perform firmware flash to DDWRT. Sure it would take some work but its do-able with a few good programmers to create the transition code.

1) Create code to harvest settings
2) Convert old settings to ddwrt nvram script
3) Flash to DDWRT
4) Upon Reboot, Get new settings VIA TFTP while using the MAC/Network Node as the unique key to the previously saved settings

If your ISP doesn't have the ability to upgrade your firmware now, your out of luck, but I would be that there are a lot of them out there that can. I know mine can.

I'm not sure DD-WRT is the answer either.

[blubdog]

My ISP doesn't offer IPv6 yet, so wanting to try it anyway I set out on a mission to get IPv6 running on my home network.

Since I had been running DD-WRT on my Linksys router/WAP, I thought would be easy. Upgrading to the latest version of DD-WRT, I learned that most of the editions don't support IPv6, so I had to change to the VoIP version of DD-WRT to get IPv6 support. After that I ran into many DD-WRT related problems and bugs. There is a very annoying problem with Dnsmasq cutting out, radvd doesn't start upon boot when you check the box (so I had to add a custom start command), there is no GUI way to configure static IPv6 leases, ip6tables isn't included in any DD-WRT build, and the web interface dies and won't restart after running a few days (although the router keeps running okay) -- just a general DD-WRT problem not IPv6 specific.

I ended up scraping DD-WRT as my router (WAP only now), and setup a real Linux box as my firewall/router. That was much easier and fighting with DD-WRT.

Maybe OpenWRT is better, and I may try that someday.

I can't see either DD-WRT or a custom Linux firewall as an option for upgrading the general masses to IPv6. The big ISP's (and their tech support people) are going to have some serious work ahead of them! :-)

Apple has it's issues too.

[dschnur]

A few months ago, I ran across a problem with an Airport Extreme (Dual Band) where it will not run IPv6 at all if you have IPv4 running inside via NAT and/or DHCP.

I posted a detailed question to Apple's airport support forum and got no response.

I posted a *short* question and got no response.

In the end, I wound up using an expensive airport as a simple a bridge, and a MikroTik based router to solve the problem.

  _Dan

Looks like prayer.

Airport Extreme (later model) details here

        * WARNING: Apple will NOT suppport IPv6, if it works it works, if it doesn't, their support will not talk to you

Worse than that

[Wesley+Felter]

Even Apple and D-Link don't support DS-Lite and won't provide free firmware upgrades. Basically nothing on the market today has adequate IPv6 support.