Most IPv6-certified Home Network Gear Buggy

Julie188 writes "The University of New Hampshire InterOperability Lab held an IPv6 consumer electronics Plugfest on Feb. 14 and CableLabs has scheduled two more for this year. UNH is tight-lipped about the results, but the sad fact is that most home routers and DSL/cable modems certified as IPv6-compliant by the IPv6 Forum are so full of implementation bugs that they can't be used by ISPs for IPv6 field trials. And that's not helping the Internet have a smooth, fast transition to IPv6. Though OpenWRT and DD-WRT solve the problem, ISPs point out that requiring the average consumer to upgrade their own firmware, because the manufacturer can't do IPv6 right, isn't a practical solution."

IPv6 for older hardware

[oracleguy01]

From TFA:

However, Cisco isn't sure yet if routers bought prior to 2011 will get IPv6. "We are currently looking into which 'legacy' Linksys product can support IPv6. (There are many things that influence us being able to do it -- including if there is enough memory, as well as other factors.) The engineer teams are working on that," the spokesperson said.

I would be shocked if they offered firmware upgrades for old hardware to add IPv6 support even if the hardware could do it. It seems more likely they and others will use it as an excuse to obsolete a ton of old hardware and force people to buy new stuff.

Re:IPv6 for older hardware

[interkin3tic]

Sure, I do see other brands fail after a year or two, but I've seen more brand new defective Linksys routers than I have Netgear routers that dies of old age.

Obviously Cisco is tackling the IPv6 problem proactively: make IPv4 routers with very short half life, so when we to switch to IPv6, the number of people who need to buy a new router will be only slightly higher than normal!

Re:IPv6 for older hardware

Some of their models might suck, but their WRT54GL line has been pretty awesome. We've probably sent out a few hundred ourselves, and a half dozen failures a year would be a bad year. Uptimes with third party firmware like DDWRT or Tomato are pretty much "since the last power failure". We replaced one that was on battery backup to upgrade to 802.11n, and the uptime before disconnecting it was over 600 days.

Netgear's pretty good too, but D-Link? They couldn't code a DHCP server to save their lives.

Re:IPv6 for older hardware

[wagnerrp]

Sure, I do see other brands fail after a year or two, but I've seen more brand new defective Linksys routers than I have Netgear routers that dies of old age.

I've got a WRT54GS, a WRT54GL, and a WRT54Gv8 scattered around my house acting as dumb access points. The oldest is probably seven years old. Once configured, I haven't had to touch any of them. Meanwhile, my pair of Netgear gigabit switches are awful. I've replaced them each twice. Good thing they have a lifetime warranty. I get some issue where they will just start flooding the network with traffic, preventing anything from getting through, and requiring a power cycling. The 24-port Netgear switches at work have the same exact behavior. The only thing I can think of is some sort of STP failure.

Re:IPv6 for older hardware

[hairyfeet]

Funny that is why I carry a couple of TrendNet routers myself. Folks may make cracks because TrendNet routers are cheap and aren't fancy, but I have set up TrendNet routers on construction sites where the amount of grit, funk, and temp differences would choke just about any router (and killed brand new Linksys junk dead) and they just keep on humping along, solid as ever.

Like you I have thrown away more brand new Linksys routers than any other brand by a looong shot. There is cheap and there is garbage and Linksys has been garbage for as long as I've dealt with them. I walk into an SMB or SOHO with network troubles more than half the time a Linksys is involved. Just absolute trash.

To me what the real tragedy of IPV6 is (and why they didn't figure out a way to be backwards compatible I'll never know) is how many brand new routers are being sold at this very minute with NO IPV6 support. I'm normally not big on government regulation but this is just ridiculous. You just know the vast majority of these new routers will get NO IPV6 update and are just doomed for the garbage heap straight from the assembly line. The amount of waste this will create is just staggering and if the OEMs can't get onboard then the government simply needs to ban all non IPV6 capable routers from being imported, along with coming up with a standards test so that IPV6 capable doesn't end up another Vista capable.

. If they get a couple of shipments left to rot on the docks maybe they'll rethink selling IPV4 only routers this late in the game.

Looks familiar

[93+Escort+Wagon]

Okay, this may be a new article on the subject - but it's repeating exactly the same thing we've talked about ad nauseum before.

Apple's routers are fine with regard to IPv6, and D-Link's routers are fine as well; it's just that, once again, the reporter says "most home routers" instead of using the brand name Cisco.

Wait - is this actually a new article?

If only we had known earlier!

If we had known years ago that we needed to switch to IPv6 we could have tested and then fixed these bugs with firmware updates!

The exceptions

[CharlyFoxtrot]

"With the exception of some products by D-Link and Apple's AirPort Express and AirPort Extreme, none of today's CPE can operate using IPv6 well enough for a field test trial, Bulk says."

Which apparently makes Apple the only company to be ready for IPv6 across all of their current products.

Re:The exceptions

[pushing-robot]

And even their not-so-current products; all Apple routers have supported IPv6 since March 2008.

Re:The exceptions

[Kizeh]

Too bad Apple has been entirely unwilling to address DHCPv6 for purposes of DNS information, which means that all of their products must have DNS servers configured by typing in their IPv6 addresses. (Yes, several other vendors suffer from the same issue) but I still suggest that disqualifies them form the "Ready for IPv6" badge of honor. See http://discussions.info.apple.com/thread.jspa?threadID=2607101&tstart=1, or most any education networking IPv6 discussion.

ipv6 cpe survey

[thanasakis]

Very thorough survey here.

OpenWrt isn't exactly a poster child for IPv6

[jmorris42]

OpenWrt makes you install the ipv6 packages yourself in the interest of keeping the base image small, after all almost nobody needs ipv6 currently. And I suspect Cisco/Linksys is right about the impact on the lower end of their range, even running OpenWrt. I'd have to see a Wrt54GL install the ipv6 packages and actually run under load to believe it. As for their current retail products running on half the ram? Not bloody likely. Me, I'm running a D-Link DIR-825 with 64MB of ram in it, I could probably load the OpenWRT ipv6 packages without a problem.... but AT&T has said word zero about support for IPv6 for residential DSL customers so I'm keeping the 1.3MB of remaining flash open for other stuff.

Re:OpenWrt isn't exactly a poster child for IPv6

[bbn]

What about 6to4 with anycast?

The problem with 6to4 is that it is asymmetric. Your outgoing packets will be going through that 192.88.99.1 node you found by traceroute. But your return packets will be going through whatever gateway is closest to the IPv6 host you are accessing.

This means that you will be using a lot of different gateways all around the world. And a lot of those are badly configured and give poor quality. One usual problem is badly configured MTU such that all larger packets do not make it through. Ping will work but any actual download fails.

The 6rd protocol is a small tweak to 6to4 such that the return gateway is forced to be one operated by your ISP. This way the ISP can ensure it is working properly and give you a good experience.

Why IPv6 is a pipe dream

[jmorris42]

Ding! We have a winner.

Where is the upside for a customer in caring about ipv6? Will they want to decloak when/if ipv6 becomes popular? OMG, my PC is broadcasting an IP address, of course I want your wonderful product to protect me! All ipv6 would do is get every Windows PC pwn3d twenty four hours after deployment and then everyone retreats behind a NAT and dynamic IP again, this time grafted onto ipv6. Or no ipv6 for end users. What is going to happen is that as addresses get tight the big ISPs will put residential users on 10/8 nets and double NAT just like they have been doing overseas for years and on mobile phones since day one. That will free up enough addresses for servers for the indefinite future. And end the open Internet as we have known it. P2P is over, end users consume content like they are supposed to and content producers produce content like they are supposed to. Or we implement IPv6 at a cost of billions in a down economy and uncork the P2P genie again along with untold new services once any host can reach any host as the Internet originally intended.. Put that way it is a real easy decision for the large players isn't it.

Re:Why IPv6 is a pipe dream

[marcansoft]

NAT needs a connection state tracker to work anyway (which forms the basis of a stateful firewall). Slap a stateful firewall on v6, no need for actual NAT, and you get better security without the drawbacks. As for dynamic IPs, every IPv6 customer gets at least 18,446,744,073,709,551,615 IPv6s to himself. It's pretty easy to make computers pick one at random. This alone makes IPv6 a lot more resistant to attack than IPv4, since IP netblock scanning becomes all but impossible.

One possible transition technology

[JSBiff]

I think we're going to see a transition period (which might last a long time - decades, perhaps) where ISPs will offer native IPv6 transport for their customers who are all setup for it, and for those still using older gear (or a mix of new and old gear), they will setup IPv4 to IPv6 translation servers.

Kind of similar in concept to NAT, but instead of translating from public IPv4 to private IPv4 addresses, it will translate back and forth between IPv4 and IPv6. So, your computer will think it's talking to an IPv4 server (but the address of that IPv4 Server will be a 10.* private address allocated on the ISP's network (on a temporary, as-needed basis). That 10.* address will be mapped by the IPv4-to-IPv6 NAT Server to have all it's traffic forwarded to the public IPv6 address of the computer you are trying to contact.

IPv6 computers will not be able to initiate an 'inbound' connection to the IPv4 host (because it is hidden behind the ISP's NAT server), but IPv4-only devices inside the ISP network will be able to talk 'out' to IPv6-only servers.

At least, probably. This is how it *should* work. If you have working IPv6 cable/dsl modem, this could be done by the cable/dsl modem, hypothetically, with the traffic from your modem to the ISP being IPv6-only, so that there's no need to run your traffic through your ISPs NAT device, but I think that, because of the types of equipment problems this article is about, it's likely ISPs will end up offering such a v4-v6 NAT service to customers.

Re:I run IPv6 at Home

[Midnight+Thunder]

Really the only big problem on the PC side is legacy XP installations, Win7 has IPv6 enabled OOTB.

Windows XP is not a problem either. All it takes is one command, on the command line, and IPv6 is active. It even assigns itself an address using router advertisements. For the DNS server address you will still need IPv4, but in an internal network that isn't really an issue.

Why not use ISATAP at the ISP level?

[Myria]

In Windows Vista and 7, if DNS resolves the name "isatap", Windows will automatically try to acquire an IPv6 prefix using an IPv4 tunnel to the ISATAP server, and use that server to route all your IPv6 traffic. Windows XP SP1+ will as well, once you enable IPv6.

When an ISP implements IPv6, why can't they also add an ISATAP server? With ISATAP, customers with IPv4 routers will have computers that notice the ISP's IPv6 router and start using it through their IPv4 NAT router automatically.

Cisco could implement ISATAP into their routers so that ISPs' internal routers could provide the ISATAP interface, which would be better than a normal machine being a single point of failure. Is this an ISATAP packet destined for the fake IP address we set up as the isatap DNS result? Yes. Let's translate this packet to IPv6 and send it on its way.

Since this is effectively bypassing the customer's IPv4 router's pseudo-security inherently present in NAT, the ISP could have a policy that those using ISATAP as opposed to an IPv6-capable router will have incoming IPv6 traffic blocked, to maintain the status quo in security.

Sometimes, I feel like this transition process is being handled the wrong way, and that there are much easier solutions to these seemingly difficult migration problems.

Re:I run IPv6 at Home

[breser]

I don't know about the person you're responding too but I actually routinely get better latency via IPv6 tunneled via Hurricane Electric than IPv4 through my own ISP.

Fact of the matter is that IPv6 should be slightly faster since the routers don't have to recalculate a CRC for every hop. HE has multiple tunnel broker servers around the world. So you can pick one close to your network and the only CRC latency you'll eat will be the hops between you and the tunnel broker site.

Example:

--- leguin.freenode.net ping6 statistics ---
10 packets transmitted, 10 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 205.932/215.147/262.156/16.624 ms

--- leguin.freenode.net ping statistics ---
10 packets transmitted, 10 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 280.228/329.908/374.605/31.503 ms

And I just picked a random IPv6 host that I knew I could target the same machine via either network. I didn't dig around to find a machine that gave me better latency via IPv6 than IPv4.