Slashdot Mirror
One Year After World IPv6 Launch — Are We There Yet?
darthcamaro writes "One year ago today was the the official 'Launch Day' of IPv6. The idea was that IPv6 would get turned on and stay on at major carriers and website. So where are we now? Only 1.27% of Google traffic comes from IPv6 and barely 12 percent of the Alexa Top 1000 sites are even accessible via IPv6. In general though, the Internet Society is pleased with the progress over the last year. '"The good news is that almost everywhere we look, IPv6 is increasing," Phil Roberts,technology program manager at the Internet Society said. "It seems to be me that it's now at the groundswell stage and it all looks like everything is up and to the right."'"
But its still difficult to get an ipv6 home connection in many areas. I can see that for years to come we will have an ipv6 backbone, ipv6 in amjor organisations but most people connected via NAT and an IPv4 isp
Not a single business partner, client, or home user that I've dealt with for the last 3 year has an active IPv6 DNS registration. _None_.
The critical factor for IPv4 exhaustion was the lack of "/24" addres spaces for businesses and buildings. This has been impressively ameliorated by the use of NAT, which shares numerous intenral and protected IP addresses behind a single or pair of public addresses and should be the _default_ configuraiton in most businesses and organizaitons, simply to reduce the constant external vulnerability scanning of any host directly connected to the Internet.
The growth of high capacity load balancers for web servers and other network services has also helped tremendously, allowing a wide set of behind the scenes hosts to be serviced by a single exposed device and reducing the IPv4 footprint of these services. Also, people have learned how to economize in the ir IPv4 use: They _do no tneed_ a different IP address for their email server, their FTP server, their web server, their phone server, their chat server, and their IRC server. The services are being easily funneled through a single exposed router or firewall, far more efficiently than before.
The result has been that the great need for IPv6 simply has not yet occurred, and is unlikely to occur for another 10 years. The foundation of the need for IPv6 is basically that of ubiquitous comuputing: the idea that every single device scattered around the home or around the workplace will have its own IP address for remote communications, and they _should not have_ public IP addresses. Providing public, routable IP addresses puts them at risk of attack at all times: putting them in the unroutable, easily tracked and maintained IPv4 address space handles almost all internal network needs quie effectively and is a signigicant security advantage and eases scanning and tracking of local resources.
I can't think of a better place to cite it. I mean come on, I don't even have to click through and RTFA. It's right there in the summary that no, we aren't there yet.
The Chinese government loves IPv6 because it provides extra granularity for surveillance of their citizens. Fuck that. They can kiss my shiny metal NAT.
If you don't have much stuff on the inside of your firewall it's not really any harder. Actually if you have a lot it's not really harder either since it's still all ports and addresses. The fuckup you've linked to is due to separate teams working on separate firewalls for IPv6 and v4 and is a management issue which only affects the endpoint. If you've got the network under the adult supervision of even a cheap and nasty ADSL IPv6 aware router the filtering should just work without having to care about problems due to internal empire building at Microsoft or Apple. "Block all except ports X,Y,Z" is not that hard to do on any sort of sane interface, and if you have to do it twice due to an unforgivable fault of UI design from office politics it's still not that bad.
IPv6 space won't run out in 20 years. "Well", you say, "It's inefficiently doled out - each user gets a /64 under how it's supposed to work even if their network has just one device!"
However, the amount of /64 prefixes theoretically available is 2^32 (4 billion) times larger than the address space of the *entire* IPv4 address space. Four billion times larger. Even if only 48 bits of those were usable for whatever reason, that would still be 65536 times larger than the *entire global IPv4 space*. However, there's more than 48 bits usable.
Oolite: Elite-like game. For Mac, Linux and Windows
'"The good news is that almost everywhere we look, IPv6 is increasing,"
Every time we measure it the mean distance between the Earth and its moon is increasing. Wooooo Hoooooo.
Oops 2^64 times larger than the entire IPv4 address space. That'll teach me to preview....
Incidentally, there are enough /48s that you can give every man, woman and child on the planet over 4000 /48 allocations each before IANA even has to think about releasing some of the currently undefined address space.
Oolite: Elite-like game. For Mac, Linux and Windows
But what do we do in 20 years when the IPv6 address space starts to run out? Think I'm kidding? I can remember when people thought they'd never fill a 20mb because it was so huge!
There are enough IPv6 addresses available to give each and every of the 7+ Billion humans alive today 4.6 x 10^28 addresses
Or as someone else put it, The earth's surface area is about 510 trillion square meters. If a typical computer has a footprint of about a tenth of a square meter, and we stacked computers 10 billion high blanketing the entire surface of the earth, that would use up one trillionth of the address space.
I seriously doubt we're in danger of running out in the next millennium or two.
IPv6 has gone "live"? First I've heard of it! :-O
Publicly addressable does not always mean "reachable". Most routers will probably have a firewall by default to filter incoming connections.
.sig: No such file or directory
Me: "Hello, big boss! I'd like to go to IPv6 soon!"
BB: "What will that take?"
Me: "Oh, probably a couple of months worth of completely dedicated work from your best network folks. If you don't exclusively task them, could take a year."
BB: "Sounds complex. Is it risky?"
Me: "Absolutely! We could totally drop off the internet or lose internal connectivity for quite a while if we mess it up."
BB: "What, exactly, am I getting from this expensive and risky thing?"
Me: "More or less what you have now. The features it does you don't really care about."
BB: "So it's expensive and risky and I get nothing out of it."
Me: "Yep! When can I start?"
*doorslam*
Ack!
IPv4 is the backbone of nearly all networked systems and applications; to expect EVERYONE to switch over to IPv6 immediately is a bit naive. It's not just the service providers (Quest, Lightbound, AT&T, Verizon, etc) that have to update their WHOLE infrastructure, but applications and operating systems have to natively support IPv6. Many home users cannot afford to upgrade their hardware and software on a whim and won't have a budget to do so for a few more years (mostly due to slow economy and unemployed consumers). I suspect it will take five to 10 years before we start seeing IPv6 make its way into mainstream services. I have a VM with Rackspace and it has a public IPv6 address, but the only service that I've found useful (or even readily available) are the primary Debian mirrors. Having worked as an IT Consultant for small businesses, a SysAdmin in the ISP vector (gaining insight from a vendor aspect) and now as a SysAdmin for a software company (consumer aspect), I have first hand experience at witnessing the readiness from two different ends of the spectrum. The insight I've gained tells me that NO ONE is ready to simply flip a switch; it's going to be a painful, multi-year migration.
I wanted to make a cool graphic to show the relative sizes of the IPv4 and IPv6 address spaces. You know, where I’d show the IPv6 address space as a big box and the IPv4 address space as a tiny one. The problem is that the IPv6 address space is so much larger than the IPv4 space that there is no way to show it to scale! To make this diagram to scale, imagine the IPv4 address space is the 1.6-inch square above. In that case, the IPv6 address space would be represented by a square the size of the solar system.
09F91102 no, 455FE104 nope, F190A1E8 uh-uh, 7A5F8A09 that's not it, C87294CE no. Ah! 452F6E403CDF10714E41DFAA257D313F.
I have been looking at the IP v6 specs for enterprise level hardware, top of the line products from Cisco and the likes. The last I check, a few months ago, the accelerated routing on their top of the line Layer 3+ switch had about 1/2 the aggregate routing for IPv6 as it did IPv4, and older hardware is much worse.
Until the hardware ASIC's are acellarated as much for IPv6, I think businesses will lag unless they need to use IPv6 due to contract requirements (military and the likes). Why would they pay more for modern hardware that is slower than what they have to adopt IPv6 when IPv4 is satisfying their needs, even if NAT is a gimped solution. It still works, and is pretty fast.
$ nslookup -type=AAAA google.com
Name: google.com
Address: 2a00:1450:4007:80a::1001
$ nslookup -type=AAAA slashdot.org
Name: slashdot.org
$
Obligatory xkcd.
Me and my 255 friends are still on IPv1, you insensitive clod!
Get free satoshi (Bitcoin) and Dogecoins
Note that, as with so many sites, the announcement that XKCD is now available over IPv6 is obsolete. At some point they broke something, couldn't figure out how to fix it easily and so they just removed IPv6 from the site.
Surely, this is the year of the Linux Desktop^W^W the really long and unwieldy IP addresses.
The DoD assignment does seem a bit excessive. But they are the exception not the rule. I also wonder what ARIN can really do when the government of the US tells them to jump. The only thing they can do is to ask "how high?".
The RIRs always spreads the assignments so there is nothing strange in that. The idea is that if one of those /22 some day would need to be expanded, that is possible because there likely will be no adjacent assignment. This does not mean the space is reserved as such. If the world some day is lacking address space they will start allocating that space to somebody else.
It is also quite possible that IANA will ask ARIN to use some more of that /13 before ARIN can get more space from IANA.