Slashdot Mirror

← Back to Stories (view on slashdot.org)

World IPv6 Launch Day Underway

Posted by Unknown on from the it's-finally-1999 dept.

A number of readers have written in with stories related to today's permanent rollout of IPv6 by several major organizations. From the looks of it, for the 1% or so of end users with IPv6 support, everything is going smoothly. For those not so lucky to have IPv6 already, an anonymous reader writes with (mostly) good news: 60% of ISPs intend to enable IPv6 by the end of 2012. For business users, darthcamaro provides some words of caution: "...the Chief Security Officer of VeriSign doesn't think IPv6 should be turned on by a whole lot of people. The problem is network security devices in many cases don't scan IPv6. So if you turn IPv6 on, you're screwed. 'If you don't have that visibility into IPv6, you should probably consider explicitly disabling IPv6 on your systems until you can take a very concerted approach to enabling IPv6 in a secure manner,' McPherson said."

15 of 236 comments (clear)

  1. Verisign != Verisign by tepples · · Score: 5, Informative

    This is Verisign the operator of the .com and .net registry, not the other Verisign the certificate racket. The CA business was sold to Symantec in August of 2010. So don't mix this up with the recent news about the $99 fee to get your signed with the UEFI key that will be preloaded on every Windows 8-certified PC motherboard; that's all VeriNorton.

  2. slashdot? by pe1rxq · · Score: 5, Insightful

    So when is slashdot going to leave the dark ages?

    --
    Secure messaging: http://quickmsg.vreeken.net/
    1. Re:slashdot? by Anonymous Coward · · Score: 5, Funny

      Pff, first you want unicode support and now this.

    2. Re:slashdot? by oodaloop · · Score: 5, Funny

      I read that as unicorns at first, and I thought, "No, I just want ponies!"

      --
      Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
  3. Re:It will be a pain in the ass to remember... by pe1rxq · · Score: 5, Informative

    Google for this thing called 'DNS' it has been around for a while....

    --
    Secure messaging: http://quickmsg.vreeken.net/
  4. Re:It will be a pain in the ass to remember... by i+kan+reed · · Score: 5, Funny

    Humans have different needs than computers. It's almost like we need a table of easy to remember names that can be used to look up IP addresses automatically by a computer. Then that table needs to be distributed automatically to all the ISPs in the world. That'll never happen. Sounds impossible.

  5. Re:so what is ipv6 good for? by pe1rxq · · Score: 5, Interesting

    Peer to peer (the way connections were intended) actually works without strange workarounds.

    --
    Secure messaging: http://quickmsg.vreeken.net/
  6. Re:It will be a pain in the ass to remember... by zill · · Score: 5, Funny

    "Google" won't help him. He needs to go to 74.125.226.64.

  7. Re:so what is ipv6 good for? by gstoddart · · Score: 5, Insightful

    No more dealing with public/private IPs, or the whole NAT shitpile.

    And yet I predict internally companies will still use public/private IPs (10.x.x.x anyone?) and use NAT. My internal private network will continue to use a NAT'ed firewall.

    I predict this will mostly affect stuff outside of the firewall, not inside. Most companies will probably keep their internal network on IPv4. There's no way they're going to want all of their machines with an internet addressable location.

    Oh, and while every IP belongs to only one device, there's nothing saying every device should have only one IP. You could easily assign more addresses to a single IPv6 host than the entire IPv4 internet *has*.

    Which just sounds like more admin work that people won't want to do.

    I think IPv6 does bring some usefulness, but I just don't foresee everybody changing how their internal networks operate. And I can also see a huge amount of consumer type stuff taking years before it has transitioned. IPv4 isn't going to go away overnight.

    --
    Lost at C:>. Found at C.
  8. Re:so what is ipv6 good for? by DarkOx · · Score: 5, Interesting

    Oh, and while every IP belongs to only one device, there's nothing saying every device should have only one IP.

    You and the grand parent are missing the obvious outcome.

    For the most part home users are going to end up with /64s some ISPs might be generous and hand out something bigger but I suspect most will decide not do so in the end.

    Does that mean you can put 1,50,100,1000,10000 addresses on device sure, but the network portion the addresses will be the same. That network address is going to uniquely identify your household just like your full ipv4 address does today. Marketers will just assume that each /64 subnet is unique to a user or house hold. Just like the assume on ipv4address is an entire house hold behind NAT.

    It changes little to nothing with regard to track ability.

    --
    Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
  9. Re:It will be a pain in the ass to remember... by DarkOx · · Score: 5, Informative

    You have many options, DHCP6, you don't have to use autoconfigure you can still assign all nice consecutive address to each machine if you like. Setup DNS that actually works and use the host names. Best yet and actually probably the easiest to do and still be secure both (dhcp6 server can do the DNS updates so the hosts don't need to).

    This is not that difficult, and if you think it is you are in the wrong industry.

    --
    Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
  10. Re:It will be a pain in the ass to remember... by daniel23 · · Score: 5, Informative

    This is IPv6 Launch day. He needs to go to 2a00:1450:4016:801::1000

    --
    605413? Yes, it's a prime.
  11. Re:so what is ipv6 good for? by asdf7890 · · Score: 5, Interesting

    Most companies will probably keep their internal network on IPv4.

    Which is fine. My IPv6 hosts don't need to care. Of course they'll eventually need to ensure that they have a reliable v4-to-v6 bridge setup either locally or at their ISP, but that will most likely be easier to setup than changing their whole network to IPv6 would be.

    There's no way they're going to want all of their machines with an internet addressable location.

    They won't any more than they do now. Public facing routers/firewalls will simply be set not to pass through any incoming connections unless otherwise instructed, just like IPv4 routers do. NAT is a read herring here - before NAT was common things worked fine much the same way as they will work under IPv6 (just with a much smaller address space) in that regard. Most big corporate networks control outgoing connections too (which an IPv4+NAT-only setup generally won't by default) so the one incoming default "block" rule is not going to be a significant amount of extra admin.

    I think IPv6 does bring some usefulness, but I just don't foresee everybody changing how their internal networks operate.

    Certainly some will, though not all that many in the near future. I suspect it will quickly become normal for new networks to be IPv6, and IPv4 will vanish that way rather than due to mass conversions.

    It may not be the case here or where you are but it is already getting to the point in some parts of the world that people will have to be IPv6 all the way as their ISPs have too few IPv4 addresses to hand out to the connecting modems. Said ISPs use some form v6-to-v4 bridging so that IP4v-only servers will be contactable, but while your website will be fine not all protocols will work well through this arrangement. I don't know how common it is, but I know people who have been in Hotels out east where the provided network connections are IPv6 only (presumably with some 6-to-4 system in place so v4 only hosts can be contacted). IPv4 may not die any time soon, but that doesn't mean IPv6 use won't grow rapidly.

    The big win I see is for mobile devices like phones - it will make the job of large network providers for those devices easier.

    And I can also see a huge amount of consumer type stuff taking years before it has transitioned.

    Which is rather unfortunate as these devices are where one of the key IPv4 problems exist (Including phones as mentioned above).

    IPv4 isn't going to go away overnight.

    No, but IPv6 might grow very rapidly so you can't avoid interacting with it for long even if you stick with IPv4 internally.

  12. Re:It will be a pain in the ass to remember... by compro01 · · Score: 5, Insightful

    IPv6 is the final solution to the NAT question.

    Now we just need a cure to the people who have been beating their heads against a wall long enough that they think that NAT is/was a good thing.

    --
    upon the advice of my lawyer, i have no sig at this time
  13. Re:It will be a pain in the ass to remember... by IAN · · Score: 5, Informative

    Doing a reverse lookup for every goddamn IP I ever see would be completely impractical.

    Hyperbole much? Recognizing IPv6 addresses is not that different from recognizing IPv4 ones, especially if you assign local parts manually, which you should do for the servers instead of relying on autoconfiguration, for reasons which should be obvious. So, 2001:db8:0:1001::4 is...?

    • 2001:db8::/32 is your organization's prefix. You're supposed to know it by heart.
    • 0:1001 is, say, Accounting. You know your network's addressing plan, right?
    • ::4 is their print server.

    With a bit of practice, parsing the IPv6 addresses you deal with frequently will become second nature. If it doesn't, then maybe you're not such a hot network admin.