Slashdot Mirror

← Back to Stories (view on slashdot.org)

Worldwide IPv6 Adoption: Where Do We Stand Today?

Posted by Soulskill on from the very-slightly-ahead-of-where-we-stood-several-years-ago dept.

skade88 writes "IPv4 is much like a limited natural resource; it can't last forever. The well of new IPv4 addresses is already running dry in many parts of the world. The solution to this problem, which was presented decades ago, is to switch to IPv6. With peak IPv4 far behind us, why do we still see limited IPv6 adoption? Ars takes a good look at where we are and where we are going with the future of IP addresses, the internet and you. Quoting: 'As with all technology, IPv6 gets better and cheaper over time. And just like with houses, people prefer waiting rather than buying when prices are dropping. To make matters worse, if you're the only one adopting IPv6, this buys you very little. You can only use the new protocol once the people you communicate with have upgraded as well. Worse still, you can't get rid of IPv4 until everyone you communicate with has adopted IPv6. And the pain of the shrinking IPv4 supplies versus the pain of having to upgrade equipment and software varies for different groups of Internet users. So some people want to move to IPv6 and leave IPv4 behind sooner rather than later, but others plan on sticking with IPv4 until the bitter end. As a result, we have a nasty Nash equilibrium: nobody can improve their own situation by unilaterally adopting IPv6.'"

28 of 327 comments (clear)

  1. IPv6 Internet is "here" for some of us by insecuritiez · · Score: 5, Informative

    I have a native, public, non-tunneled IPv6 address at home through my non-business Comcast cable Internet service. My computer and phone automatically use IPv6 whenever available.

    I can use IPv6 at work too.

    It's already here and adoption seems to be accelerating.

    1. Re:IPv6 Internet is "here" for some of us by insecuritiez · · Score: 4, Informative

      It's very nice. I was in the process of setting up a tunnel between my home gateway and a Linode machine (Linode provides native v6) and making Linode my publicly visible exit point to the Internet. A few weeks into the project Comcast implimented v6 making my tunneling efforts redundant.

      Comcast currently allocates a /64 to each customer but they say they'll hand out shorter prefixes later.

      I currently use "privacy addressing" with my Linux machine which I do with:
      # IPv6 privacy stuff
      echo 209600 > /proc/sys/net/ipv6/conf/wlan0/temp_valid_lft
      echo 10800 > /proc/sys/net/ipv6/conf/wlan0/temp_prefered_lft
      echo 128 > /proc/sys/net/ipv6/conf/wlan0/max_addresses
      echo 2 > /proc/sys/net/ipv6/conf/wlan0/use_tempaddr

      This is mostly so that I'm trying out the most extreme end of IPv6 where I'm going through addresses quickly and have up to 128 at a time.

  2. Re:That's easy. by Anonymous Coward · · Score: 3, Funny

    I'm not taking any chances... I've moved our network to IPv8

  3. Re:That's easy. by Anonymous Coward · · Score: 3, Informative

    How so? Many (if not most) end system addresses have the MAC address embedded in the v6 host address, so you get more information out of a v6 address than you do out of a v4 address (including the ability to trace the same device even if it changes layer-3 networks).

    Since most vendors aren't supporting RFC 3972, tracking is probably going to be easier, not harder.

  4. IP6 addresses are a pain by Viol8 · · Score: 3, Insightful

    We have so many test VMs appearing and disappearing on our network that we don't bother putting them in DNS, we just give out the IP4 192.168... address for the testers and devs. I dread to think what would happen if we had to give them the line noise that is an IP6 address. Whatever other merits IP6 has, the designers REALLY didn't think it through at the manual address entry level.

    1. Re:IP6 addresses are a pain by Aqualung812 · · Score: 3, Insightful

      the designers REALLY didn't think it through at the manual address entry level.

      Yeah, they did, and they decided that the only servers that need a manual address are DNS servers and DHCP servers (if you choose to run DHCP).
      Outside of those, the only other things that need manual addresses are routers.

      Everything else should use Dynamic DNS.

      Give me a good reason why someone shouldn't be using DNS instead of direct IP address, other than lazy programmers.

      --
      Grammer Nazis - I mod you "troll" unless you actually add something on-topic. Yes, I know I have mispellings in my sig.
    2. Re:IP6 addresses are a pain by gclef · · Score: 5, Insightful

      One good reason why *servers* shouldn't be using DynamicDNS? I'll give you two.

      First scenario: your server isn't responding. How do you tell the difference between a failure of the server itself and a Dynamic DNS registration failure? If you don't know it's IPv6 address, how can you tell if its fine, just not registering in DNS properly? Heck, if it's not registering properly, how do you find it at all?

      Or, more fun: the server reboots & ends up with a different dynamic IPv6 address....even if it registers the new address to its name properly, clients don't always honor DNS cache times, and will keep trying the old address for a while. You've now created an outage for no good reason.

      If you said that desktops don't need static DNS, I'd agree with you completely. But making server infrastructure totally reliant on a middle layer is asking for trouble...things'll work fine until you have a problem & need to troubleshoot. Then your reliance on an external system will bite you in the ass.

    3. Re:IP6 addresses are a pain by arth1 · · Score: 4, Informative

      For example, you can omit segments that are 0, and collapse consecutive such segments, which is why you can write the loopback address as ::1.

      To be fair, you can do that with IPv4 too. Using 127.1 for the loopback address or 192.168.1 for a typical NAT gw address works just fine.

    4. Re:IP6 addresses are a pain by maz2331 · · Score: 3, Interesting

      Seriously, it sounds like SOMEONE can't convert between decimal and hex.

      The addresses are easy once you get even slightly used to them, and once you memorize your /48 or /64 prefix is no more difficult than v4. 2001:123:45:67::2E/64 isn't hard. [2001:0123:0045:0067:0000:0000:0000:002E]. I have memorized our /48 and our usual scheme is to split it into /64s that then match the 3rd octet of our 192.168.x.x private range...so for example, I'd set up a host that is on 192.168.16.5 as 2001:123:45:10::5/64.

      Or even better... just let the router on the subnet autoconfigure the hosts, or setup DHCPv6 on a server.

      (Ocourse the 2001:123:45 addresses are totally made-up and fictitious... no need to give my real-world v6 netblocks on here!)

    5. Re:IP6 addresses are a pain by Fred+Foobar · · Score: 4, Informative

      That address is a link-local address. The number following the percent sign is the zone index, which specifies which network interface the address is on. If it were not there, the address may be ambiguous with multiple interfaces (imagine if two hosts on two different network segments had the same IP address; neither host can talk to the other but the machine you're on can talk to both through separate interfaces). I don't think IPv4 handles this case at all. Indeed, RFC 3927 discusses address ambiguity but provides no real solution for it. IPv6 provides a solution in the form of zone indices.

      --
      It was a really good paper.
    6. Re:IP6 addresses are a pain by sl4shd0rk · · Score: 4, Informative

      Give me a good reason why someone shouldn't be using DNS instead of direct IP address

      Here's 4. Not trying to be a wiseass, but there are times when bypassing DNS is preferable.

      1) When you cannot trust your DNS source
      2) DNS is not working or too slow
      3) You didn't want to/need to spend $$ registering a domain
      4) Your IP changes but DNS hasn't updated yet

      --
      Join the Slashcott! Feb 10 thru Feb 17!
    7. Re:IP6 addresses are a pain by Anonymous Coward · · Score: 3, Informative

      Umm... Seems you haven't understood how IPv6 addresses work. Everything starting with fd is private. So you could assign the addresses
      fd00::1
      fd00::2 ...
      to your private VMs. Quite a bit shorter than then IPv4 192.168... madness.

    8. Re:IP6 addresses are a pain by Dagger2 · · Score: 4, Informative

      The right-most octet in the abbreviated address substitutes for the right-most octets of the full address.

      e.g.:
      127.1 -> 127.0.0.1
      192.168.1 -> 192.168.0.1
      192.168.257 -> 192.168.1.1
      10.65536 -> 10.1.0.0

    9. Re:IP6 addresses are a pain by icebraining · · Score: 3, Informative

      But nobody is saying we should burn all traces of IP addresses, just that manually writing them should be a negligible use case. One can just copy/paste the IP from some file if DNS happens to break.

      --
      Dilbert RSS feed
    10. Re:IP6 addresses are a pain by DarkOx · · Score: 3, Interesting

      I have this fight for a long time and some of what you say is true, but in my experience its always worked out better where my DNS rule is observed on a largish network. That is: if its not in DNS it does than it does officially not exist, that address is mine ( network admin ) to freely use as I please, and if your refer to a resource by IP directly its subject to change with minimal warning.

      A proper DNS infrastructure does not just fail ( most organizations don't have that but its a different matter ). Other 'stuff' happens all the time. Companies get acquired that happen to use your same address space, services have to be moved to different sites for one reason or another, something at some subsidiary starts causing problems on the wan and you need to know what is right away etc. A solid DNS database makes it possible to find the information you need quickly both for humans and machines, and to effect changes easily without having to chase all across your 30 site nation wide WAN to fix every the address of the time server on every box. If you are not using DNS, even in ipv4 world, everywhere you possibly can I say you are doing it WRONG. That extra layer is there to help you and give you options.

      Also even without DNS and DHCP most the time ipv6 is not going to require you to know any more bytes of an address than you do today. If you subnet properly the prefix should be predictable inside your organization. So you should still only need to communicate the last part of the address to all but the least clueful users

      --
      Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
    11. Re:IP6 addresses are a pain by cc1984_ · · Score: 3, Informative

      just so you know, the 2001:db8 is reserved as a fictitious subnet to use in documentation. You'd be better off using that instead of 2001:123:45

  5. Re:That's easy. by Ultra64 · · Score: 5, Informative

    >Many (if not most) end system addresses have the MAC address embedded in the v6 host address,

    http://en.wikipedia.org/wiki/IPv6#Privacy

    Privacy extensions are enabled by default in Windows, Mac OS X (since 10.7), and iOS (since version 4.3).[39] Some Linux distributions have enabled privacy extensions as well.[40]

  6. Still not working... by bartjan · · Score: 5, Insightful

    bartjan@ix:~$ ping6 slashdot.org
    unknown host
    bartjan@ix:~$

    Maybe about time to update this story from 2003??

    1. Re:Still not working... by alanw · · Score: 3, Informative

      I run the Firefox plugin SixOrNot. Google - a green 6. Youtube and Facebook ditto. Slashdot, a red 4. There are major sites out there running IPv6.

      I have a free tunnel from Hurricane Electric. The only issue is that Google thinks I'm in the USA, which can't be a bad thing.

      Now that there are no more IPv4 addresses available in Europe, it's in the interests of the established players to suppress IPv6 and lock out disruptive new startups: e.g. ISP's or Co-Lo's.

  7. Re:That's easy. by MajroMax · · Score: 4, Insightful

    That won't work in the long-term. The problem with carrier-grade NAT is that the ISPs have to... maintain carrier-grade NAT.

    Network Address Translation is a stateful protocol, and it's orders of magnitude more expensive to maintain connection tracking on a per-connection basis for your customers than it is to simply route packets between networks. Even ISPs that use Deep Packet Inspection have the luxury of looking at selected traffic flows; carrier-grade NAT has to cover everything or it doesn't work.

    --
    "Evil company X is threatening to restrict our rights! Let's all get together to stop--OOOH! SHINEY!!!" -- AC
  8. Re:That's easy. by MajroMax · · Score: 4, Interesting

    ISPs don't want to do carrier-grade NAT, because then they have to maintain carrier-grade NAT.

    CGN is a stateful protocol, meaning that each of their implementing-boxes needs to maintain and process state for each data flow to or from your devices. That's no big deal for a single home, but it's a problem for a carrier. If the boxes are too far towards the customer-end of their network, they will be small but they will also be numerous, making maintenance more frequent. If the boxes are too far towards the core of their network, an ISP will only need a few, but the hardware requirements are much heftier to provide acceptable performance. (Already, bittorrent can saturate some of the cheaper home routers).

    Simply routing packets is technically far, far easier than running network address translation. Even ISPs that use deep-packet inspection have the option of turning it off if things go wrong -- the network fails open. Carrier grade NAT doesn't have that option.

    --
    "Evil company X is threatening to restrict our rights! Let's all get together to stop--OOOH! SHINEY!!!" -- AC
  9. Re:End to end by Kjella · · Score: 3, Informative

    Don't call us, we'll call you. I actually had an Internet connection like that years back, entire campus hidden behind a single IP and no incoming ports. It was rather crippled but as long as the other half of the connection had a normal connection I could always connect to their servers and up/download. On modern IM services it'll even negotiate so that other people can send you files because under the hood you connect out instead. Worst case if you're both stuck behind such solutions you can always pass files via some third party file host. It's not pretty but it's not useless either, I bet enough people just browse and check their mail to not even notice.

    --
    Live today, because you never know what tomorrow brings
  10. Re:That's easy. by NatasRevol · · Score: 4, Funny

    They can still find it.

    Try IPv9¾

    --
    There are two types of people in the world: Those who crave closure
  11. Re:IPv6 isn't the solution by Dagger2 · · Score: 4, Insightful

    You've pretty much just described 6to4. We have it already.

  12. Re:IPv6 isn't the solution by Alomex · · Score: 3, Informative

    6to4 is an extension which is optional as opposed to an intrinsic part of the protocol. This distinction is important.

    Moreover the fact that 6to4 was developed at all, after IPv6 was proposed, proves my point and shows that my criticisms of IPv6 were/are shared by many.

  13. Re:That's easy. by firewrought · · Score: 5, Interesting

    Privacy extensions are enabled by default in Windows, Mac OS X (since 10.7), and iOS (since version 4.3).

    But it doesn't keep ISP's from moving to permanent, static IP addresses. So privacy extensions will "blur" the PC's within a single household together and keep stalking firms (um "ad agencies") from tracking you as you move between coffee shops*, but, in practice, all household traffic you generate will be branded with the same permanent, unique address.

    I'm not poo-pooing IPv6, that's just an unfortunate drawback that comes with all of its advantages.

    *Tracking you by IP, that is, there are still cookies, local storage, browser fingerprinting, etc.

    --
    -1, Too Many Layers Of Abstraction
  14. Re:It ain't working by WaffleMonster · · Score: 3, Informative

    IPv6 ain't working. This should pretty much be clear to all, since it is not being widely adopted.

    All major ISPs in US are in the process of testing and rolling it out.

    Google, Netflix, Akami, Federal government, Facebook all on IPv6.

    All major CPE vendors shipping IPv6 enabled gear.

    Perhaps you know something they don't?

    There will be a long tail and it will take forever to move enough for the plug to be yanked on IPv4. Nobody is saying RFC 801.

    A more constructive approach was to take steps to facilitate its adoption, such as tunneling, the IPv6 day and the IPv6 experiment.

    All these "steps" did was throw a wrench in the process of adoption. This is 2013 and people demand a production quality network. Tunneling does NOT provide that.

    Content is not going to deploy to a shit network with no bandwidth and crappy availability that tunneling provides.

    IPv6 day was necessary mostly to identify and fix what went wrong with the tunneling nonsense already deployed.

    still only 1% of the internet. At this point we have to believe that nothing short of a completely new protocol will succeed.

    We all get to believe what we want. I choose to believe publically available bandwidth charts showing an exponential curve and the interface statistics on my router showing ~30% of my traffic by volume is IPv6.

  15. Re:NAT by jbolden · · Score: 3, Interesting

    ARIN has been pretty clear they don't want carrier grade NAT. The carriers don't want carrier grade NAT. You aren't going to be forced behind a NAT. You'll have a v6 address and pool for v4 outgoing once they roll out v6.