Comcast Carrying 1Tbit/s of IPv6 Internet Traffic

← Back to Stories (view on slashdot.org)

Comcast Carrying 1Tbit/s of IPv6 Internet Traffic

Posted by Unknown on Thursday July 24, 2014 @07:01AM from the hurd-1.0-released dept.

New submitter Tim the Gecko (745081) writes Comcast has announced 1Tb/s of Internet facing, native IPv6 traffic, with more than 30% deployment to customers. With Facebook, Google/YouTube, and Wikipedia up to speed, it looks we are past the "chicken and egg" stage. IPv6 adoption by other carriers is looking better too with AT&T at 20% of their network IPv6 enabled, Time Warner at 10%, and Verizon Wireless at 50%. The World IPv6 Launch site has measurements of global IPv6 adoption.

146 comments

Min score:

Reason:

Sort:

dig slashdot.org by Anonymous Coward · 2014-07-24 07:13 · Score: 0

You know the answer.
1. Re:dig slashdot.org by Anonymous Coward · 2014-07-24 09:17 · Score: 1
  
  $ dig -6 slashdot.org
  dig: can't find IPv6 networking
2. Re:dig slashdot.org by marka63 · 2014-07-24 13:01 · Score: 1
  
  Which shows more about you local network that slashdot.
  Yes. I do have IPv6 enabled and have done so for the last decade.
  % dig -6 slashdot.org +short
  216.34.181.45
  %
3. Re:dig slashdot.org by davester666 · 2014-07-25 08:01 · Score: 1
  
  Canadian ISPs: I believe we are studying the concept of IPv6. A couple of years ago, we made a major advance in IPv6, in that we made the home page of our customer-facing website be accessible via IPv6. Of course, as a customer, you can't access it via IPv6, because, well, you can't get IPv6, but know that we are working really hard at considering whether to fund a study as to the feasibility of approving a report on whether we can charge you more for permitting you to tunnel IPv6 traffic over our IPv4 network.
  
  --
  Sleep your way to a whiter smile...date a dentist!
Re:first by Anonymous Coward · 2014-07-24 07:15 · Score: 1

were you on ipv6
Saying something good about ComCast hurts my brain by gewalker · 2014-07-24 07:15 · Score: 4, Insightful

In actual fact, the ComCast internet service is not too bad. It is just their customer support, pricing, monopoly status and general arrogance that make them among the most hated company in existence.
The other interesting thing in the article was Google showing their IPv6 traffic was now around 4% up looked the perhaps the upward bend at the beginning of an s-Curve.
Being a site for geeks... by Anonymous Coward · 2014-07-24 07:16 · Score: 1

Slashdot can't be far behind, right?
1. Re:Being a site for geeks... by OzPeter · 2014-07-24 07:19 · Score: 4, Funny
  
  Slashdot can't be far behind, right?
  I've heard that you can only get ipv6 connections if your comments are in uni-code.
  
  --
  I am Slashdot. Are you Slashdot as well?
2. Re:Being a site for geeks... by Anonymous Coward · 2014-07-24 07:51 · Score: 0
  
  I've heard that you can comment in unicode if you connect via ipv6.
3. Re:Being a site for geeks... by Rick+Zeman · 2014-07-24 10:17 · Score: 1
  
  Slashdot can't be far behind, right?
  Only on Beta.
4. Re:Being a site for geeks... by TMYates · 2014-07-25 06:25 · Score: 1
  
  And it must be UTF-32 not UTF-7 or UTF-8
Advantages? by ArchieBunker · 2014-07-24 07:19 · Score: 3, Interesting

So any advantages to running an IPv6 tunnel other than so say you use IPv6?

--
Only the State obtains its revenue by coercion. - Murray Rothbard
1. Re:Advantages? by Anonymous Coward · 2014-07-24 07:26 · Score: 1
  
  Easily get around IP bans.
2. Re:Advantages? by CAPSLOCK2000 · 2014-07-24 07:28 · Score: 5, Informative
  
  The big advantage is that all my computers are reachable through the internet, no more NATting port 80 and port 22 to strange ports because you can use every port only once.
  A secondary advantage is that port 25 is not filtered, although that's not inherent to IPv6, just a lucky benefit of my current tunnel-provider.
3. Re:Advantages? by OzPeter · 2014-07-24 07:33 · Score: 5, Insightful
  
  The big advantage is that all my computers are reachable through the internet
  Depending on your point of view, that may also be considered as a down-side.
  
  --
  I am Slashdot. Are you Slashdot as well?
4. Re:Advantages? by jones_supa · 2014-07-24 07:41 · Score: 0
  
  Nooo. NAT is an incredibly practical tool to set up a poor man's firewall and to have a nice internal network behind it. Then UPnP or port forwarding is used to route incoming connections per need. Works.
5. Re:Advantages? by Anonymous Coward · 2014-07-24 07:44 · Score: 3, Insightful
  
  Um, no. The whole "NAT is security" argument is bullshit. KISS: I'd rather have a simple firewall which either blocks or does not block ports/IPs (or connections, if stateful) than a complex firewall which also has to rewrite packets.
6. Re:Advantages? by Anonymous Coward · 2014-07-24 07:45 · Score: 2, Informative
  
  No. That in itself is never a downside. If you don't want rest of the internet connecting to your computer/network, you filter it at your firewall (usually router). Personally I wouldn't mind if it was a requirement that all routers meant for home usage had a factory default that only established/related connections were allowed to LAN side from WAN port(s). Of course that should be configurable, but just sticking the router in would give reasonably secure default.
7. Re:Advantages? by CAPSLOCK2000 · 2014-07-24 07:47 · Score: 2, Insightful
  
  Instead of a poor man's firewall, why don't you use a real firewall? It's much easier to configure than NAT.
  If you use Linux, like every residential internetrouter sold in the last 10 years, NAT is a part of the firewall code.
  As it is more simple a "real" firewall is cheaper than your "poor man's firewall".
8. Re:Advantages? by CAPSLOCK2000 · 2014-07-24 07:48 · Score: 5, Funny
  
  This is Slashdot, News for Nerds. Not News for Grandma's that are afraid of configuring their router.
9. Re:Advantages? by Ksevio · 2014-07-24 07:53 · Score: 4, Insightful
  
  It works for a little while, but it still depends on the network having a public IP. A lot of ISPs, especially in Asian countries, have started implementing NAT level IP which means no UPnP and not even manual port forwarding.
10. Re:Advantages? by LordLimecat · 2014-07-24 07:59 · Score: 1
  
  Its perhaps misleading to say that NAT is security, but it undoubtedly provides security.
11. Re:Advantages? by Rising+Ape · 2014-07-24 08:08 · Score: 3, Interesting
  
  The problem with that is how many home users know how to configure the firewall? There are legitimate reasons to have incoming connections. Unless you want to reinvent uPnP for v6, but that would be needlessly complex and probably have security flaws of its own.
  Frankly there's no excuse for any modern software to be vulnerable even if connected directly to the internet with no firewall. This isn't 2003 any more, and in any case it's commonplace for computers to be connected to all sorts of untrusted networks such as public wifi. So anything that assumes "a firewall will take care of it" is utterly irresponsible.
12. Re:Advantages? by radarskiy · 2014-07-24 08:09 · Score: 1
  
  You are right: it *is* a poor firewall for a man. Or a woman.
13. Re:Advantages? by mrchaotica · 2014-07-24 08:15 · Score: 1
  
  The problem with that is how many home users know how to configure the firewall? There are legitimate reasons to have incoming connections.
  And if your use case includes one of those legitimate reasons, then it's your responsibility to know enough about security to configure the firewall. It is fundamentally impossible for there to be a safe alternative to this!
  
  --
  "[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
14. Re:Advantages? by Anonymous Coward · 2014-07-24 08:40 · Score: 1
  
  Hey tough guy, you can firewall off services running on a natted address just as easy as you can a real ip address. Do you get a pain in your side or does the extra emmisions from a router doing that give you a tingle in your neck hairs or do you think your router is wearing out a silicone junction or wearing down a wire trace as it rewrites packets over and over? Hint, it does not. There are a lot of things a router does to data and data streams so rewriting for NAT is not something above and beyond the other things it does.
15. Re:Advantages? by jones_supa · 2014-07-24 08:42 · Score: 1
  
  What benefits using a real firewall would provide me?
16. Re:Advantages? by jbolden · 2014-07-24 08:50 · Score: 1
  
  The ability to actually block or unblock what you need how you need it rather than randomly just disallowing a bunch of stuff and then punching huge holes in the wall that anything get through when you need to get out.
17. Re:Advantages? by Rising+Ape · 2014-07-24 08:51 · Score: 1
  
  And if your use case includes one of those legitimate reasons, then it's your responsibility to know enough about security to configure the firewall. It is fundamentally impossible for there to be a safe alternative to this!
  Do you really expect the average user to know about IPs, ports, TCP/UDP etc.? That's not very realistic. I don't agree that a safe alternative is impossible - there's no magic power that packets have to hack a computer. Any failings are due to poorly written software.
  If an application doesn't need to listen for connections, it shouldn't open a port. A firewall won't make any difference here.
  If an application does need to listen for connections the firewall will need to let them through. Again, the firewall doesn't help - at least not at the level of sophistication you'd see in a home router's firewall.
18. Re:Advantages? by segedunum · 2014-07-24 09:00 · Score: 0
  
  Um, no. The whole "NAT is security" argument is bullshit. KISS: I'd rather have a simple firewall which either blocks or does not block ports/IPs (or connections, if stateful) than a complex firewall which also has to rewrite packets.
  I'm afraid it's not. I never cease to be amazed by people who think that managing multiple IP addresses is better and less error prone than one, and frankly, I don't want anyone being able to discern anything about what should be my *internal* network.
19. Re:Advantages? by segedunum · 2014-07-24 09:01 · Score: 1, Flamebait
  
  Frankly there's no excuse for any modern software to be vulnerable even if connected directly to the internet with no firewall.
  Oh my fucking God.
20. Re:Advantages? by segedunum · 2014-07-24 09:03 · Score: 0
  
  Instead of a poor man's firewall, why don't you use a real firewall?.....As it is more simple a "real" firewall is cheaper than your "poor man's firewall".
  Seriously, this tripe is getting modded as insightful now?
21. Re:Advantages? by jones_supa · 2014-07-24 09:15 · Score: 1
  
  No, it does not work like that. NAT port forwarding and UPnP allow me to let in just the specific ports to a specific host, with UPnP having the added benefit that the port is open only when the application is running.
22. Re:Advantages? by mrchaotica · 2014-07-24 09:21 · Score: 2
  
  Do you really expect the average user to know about IPs, ports, TCP/UDP etc.? That's not very realistic.
  No, I expect users who want to run services that listen on ports (which makes them not "average!") to know about those things.
  
  I don't agree that a safe alternative is impossible - there's no magic power that packets have to hack a computer. Any failings are due to poorly written software.
  It's even less realistic to expect software -- especially the crap software the "average user" uses by default -- to become any less poorly written in the near future.
  
  --
  "[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
23. Re:Advantages? by WaffleMonster · 2014-07-24 09:26 · Score: 2
  
  So any advantages to running an IPv6 tunnel other than so say you use IPv6?
  None, turn it off and get a real IPv6 connection unless you need it for something.
  When content sees higher latency and lower throughput from crappy tunnels it only serves as a disincentive for continued adoption.
24. Re:Advantages? by sjames · 2014-07-24 09:38 · Score: 1
  
  With IPv6, a couple simple rules on a stateful firewall will give you exactly the same protection but without requiring packet rewriting. As a side benefit, you get lower latency and the router has less trouble under network load.
  If manufacturers would set those rules by default, there would be no problems.
25. Re:Advantages? by Rising+Ape · 2014-07-24 09:40 · Score: 1
  
  The fact that someone bothered to make uPnP suggests that there's a need for this capability for average users. Things such as voip, gaming, exchanging files - if you can't have peer-to-peer connections, you're reliant on big centralised services for all of these things. Granted, we seem to have gone down that path already (perhaps driven in no small part by the prevalence of NAT), and these services may have a place, but do we want it to be *all* there is to the internet?
  As for your second point - well, Microsoft seem to have managed it, and if they can surely anyone can. I accidentally left my Windows box connected to the internet without an external firewall for a few months with no ill effects. That would have been unthinkable a decade ago.
26. Re:Advantages? by ArchieBunker · 2014-07-24 09:41 · Score: 1
  
  Do you need to be on another IPv6 connection to access them?
  
  --
  Only the State obtains its revenue by coercion. - Murray Rothbard
27. Re:Advantages? by spire3661 · 2014-07-24 09:45 · Score: 1
  
  UPnP is lazy.
  
  --
  Good-bye
28. Re:Advantages? by jbolden · 2014-07-24 09:55 · Score: 1
  
  Which is precisely the same thing that happens with any firewall. You just specify port / host and or you let specific hosts cut holes for specific periods of time. None of that changes.
29. Re:Advantages? by drinkypoo · 2014-07-24 10:02 · Score: 1
  
  No, I expect users who want to run services that listen on ports (which makes them not "average!")
  Wut. The average user has ports open. Go install any major consumer OS and then nmap it. You can do better.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
30. Re:Advantages? by laie_techie · 2014-07-24 10:06 · Score: 2
  
  Frankly there's no excuse for any modern software to be vulnerable even if connected directly to the internet with no firewall. This isn't 2003 any more, and in any case it's commonplace for computers to be connected to all sorts of untrusted networks such as public wifi. So anything that assumes "a firewall will take care of it" is utterly irresponsible.
  I think you misspoke. It's irresponsible to think an external firewall will take care of it, so every computer / virtual machine should have its own. However, it's asking for trouble to allow untrusted traffic to arrive to any software. Just being accessible opens it up for a DDoS attack.
31. Re:Advantages? by laie_techie · 2014-07-24 10:09 · Score: 2
  
  If an application doesn't need to listen for connections, it shouldn't open a port. A firewall won't make any difference here. If an application does need to listen for connections the firewall will need to let them through. Again, the firewall doesn't help - at least not at the level of sophistication you'd see in a home router's firewall.
  Except I want my legal music collection to be accessible to computers within my home (DLNA server), but if external computers have access (without use of a VPN), I may be guilty of illegal sharing. Ditto for other things which should be available on a LAN, but not be public facing.
32. Re:Advantages? by pipedwho · 2014-07-24 11:05 · Score: 1
  
  How so?
  A firewall can be set to block all incoming connections with a few inbound exceptions that the user requires (eg. port 22 on a particular box, and port 80 on another one).
  The advantages are that the firewall no longer has to keep track of all NAT connections with the associated timeout issues, and that there will never be a network address collision issue when you connect via VPN from a remote network with the same subnet range. It also removes issues related to split-horizon DNS.
  For certain corporate requirements and address aliasing, IPv6 can still be NATed where necessary.
  But, for your bog standard user that just wants to 'feel safe' behind their firewall, there is really no difference in setup or maintenance complexity between NAT and a router with a default firewall setting of 'block all inbound connections'. UPNP/etc even works the same way to automatically open up a gaping hole whenever requested by a user application.
33. Re:Advantages? by marka63 · 2014-07-24 13:09 · Score: 0
  
  And you can to this at the application layer. You do not need a firewall to restrict service to particular clients.
34. Re:Advantages? by marka63 · 2014-07-24 13:22 · Score: 1
  
  Truly, you should be able to connect a box to the Internet without a firewall and it should be fine. If it isn't the manufacture has not done due diligence. That said mistakes happen. Keeping up to date with maintenance releases is the way to address this issue.
  Governments could help here by requiring manufactures to supply security fixes indefinitely for any internet connectable software. For consumer electronics this could be 20 years or more. Note the fix may be "upgrade to release X" where X involves a feature jump.
35. Re:Advantages? by marka63 · 2014-07-24 13:28 · Score: 1
  
  The ability to more easily diagnose network problems without having to deal with the consequence of address and port translations.
  A default deny in firewall is as easy to manage as a NAT and it doesn't mangle the addresses or ports.
36. Re:Advantages? by oursland · 2014-07-24 14:59 · Score: 1
  
  That, too, is rather misleading. NAT only provides a sense of security, as the devices may not be addressed directly. However if you assume that because your devices are behind a NAT, that they're secure from external attack, you can be easily surprised when one device acts as a portal to the rest. Piercing the Firewall is not a new concept.
37. Re:Advantages? by Sanians · 2014-07-24 16:06 · Score: 2
  
  I don't want anyone being able to discern anything about what should be my *internal* network.
  The so-called "privacy extensions" address this, though seemingly not by design, but simply because the dumb fucks behind "privacy extensions" provided something useful. Basically, in Linux for example, the kernel will choose a new random IPv6 address every day, and keep old ones for seven days. It always uses the newest one for outgoing connections, but will accept incoming connections on any.
  The supposed benefit of this is that you no longer have one static address and so you're harder to identify, but that's bullshit since anyone looking to identify you is only going to look at the first 64 bits of the address. Where it actually helps is that, because of the random addresses, someone from the outside can't count how many machines are on your internal network, or even know if they're talking to the same one as the day before. They know they're talking to a machine on your network, because the first 64 bits of the address are the same, but they knew that with IPv4 too.
  Of course, it kind of ruins the fun of having a static IP address if the address keeps changing all of the fucking time, which is why I think the people behind "privacy extensions" are morons. The problem wasn't the static IP. People have had static IPs with IPv4 and no one cared before. The problem was that the IPv6 addresses were based on the interface's MAC address. If they'd simply made the machine choose a random address and stick with it, that would have been fine.
  Anyway, the solution is DNS. I have a script that each machine runs that keeps the DNS server updated when it chooses a new IPv6 address. Since each address is good for seven days, it doesn't require a short expiration time on the DNS server. However, if you reboot the machine, it'll choose a new address immediately. So the script also has to detect this and manually assign the last few address it updated the DNS server with to the interface as well.
  Also, you have to be sure to set up an ip6tables rule to block connections to the MAC-based address, since even with privacy extensions enabled the kernel will still accept packets to that address, which reveals the machine's presence to anyone on the outside who happens to find out its MAC address. Personally, I think it's a bug that the kernel accepts packets on the MAC-based address at all. That anyone thought that IP addresses should ever reveal any fact about the hardware is insane. Must have been someone working for the NSA I guess.
  ...and now that I see it has taken me six paragraphs to explain why IPv6 isn't so bad, you know what? Fuck it, stick with IPv4. Wait until IPv6 has been in wide use for a decade and maybe they'll have worked all of the bullshit out of it by then.
38. Re:Advantages? by Sanians · 2014-07-24 16:30 · Score: 2
  
  The difference is like this:
  With NAT, say you want to open port 22 so that you can SSH to a machine on your LAN from the internet. So you forward that port to that machine. Next month you find you need to do the same for a second machine on your LAN. Your choices are to either forward the port to the new machine, which means it is no longer forwarded to the old one, or to forward some other random port and tell whomever wants to access that machine "OK, it's open, but you have to use port 122 instead."
  With a real firewall, the firewall by default blocks any connections to any ports on any of the machines on your LAN. However, you can tell it to allow any of those connections that you want to allow. So if you want to allow two machines on your LAN to accept SSH connections, you just tell the firewall to do so. There's no conflict because each of those machines is accessible via its own address.
  Personally, rather than having a dedicated firewall, I find it much easier if each machine simply has its own firewall. It's pretty trivial to simply firewall all of IPv6 and leave IPv4 completely open, which is all that you have to do since the machines on your LAN don't have IPv4 addresses. Just because IPv6 exists doesn't mean you have to start using it on your LAN. Use those nice short IPv4 addresses to communicate with machines on your LAN and save the hassle of IPv6 for when you're communicating with machines on the internet.
39. Re:Advantages? by pantaril · 2014-07-24 19:04 · Score: 0
  
  The big advantage is that all my computers are reachable through the internet
  Depending on your point of view, that may also be considered as a down-side.
  With IPv4 you have only one option - hide your network behind nat and be unreachable from internet.
  With IPv6 you can choose between your network being reachable from internet and your network protected by firewall from outside connections.
  I fail to see how IPv6 which gives you more freedom can be considered down-side from any reasonable point of view.
40. Re:Advantages? by pantaril · 2014-07-24 19:07 · Score: 1
  
  The problem with that is how many home users know how to configure the firewall?
  Probably the same amount who knows how to configure NAT. Fortunately the routers manufacturers usualy take care of the configuration for them.
41. Re:Advantages? by laie_techie · 2014-07-25 02:04 · Score: 1
  
  And you can to this at the application layer. You do not need a firewall to restrict service to particular clients.
  You seriously expect every piece of software to act as its own firewall, instead of a system-wide firewall?
42. Re:Advantages? by marka63 · 2014-07-25 02:35 · Score: 1
  
  Yes. Applications can do much, much better job of access control than any firewall can do. Additionally the access control can be based on things of other than IP address which are very poor authentication tokens.
  Having worked with protocols that uses cryptographically strong authentication it provides a much better solution space than using IP address. This is especially true when the client side is changing IP address all the time.
43. Re:Advantages? by LordLimecat · 2014-07-25 03:33 · Score: 1
  
  NAT provides "security" because it is actually impossible to hack a computer behind a NATing router, without A) hacking into the router (in which case a firewall doesnt matter), or B) having the end user poke a hole / port forward through the NAT (which they could do with a firewall).
  I suppose if you were MITMing the connection and could see what ports got opened for outbound connections, and you could spoof inbound traffic, you could perhaps exploit something-- but this will not affect the majority of users. In that sense it certainly DOES provide security, unless your ISP or someone similarly equipped is out to get you.
44. Re:Advantages? by stoatwblr · 2014-07-25 06:11 · Score: 1
  
  "A lot of ISPs, especially in Asian countries, have started implementing NAT level IP which means no UPnP and not even manual port forwarding."
  Have started? Try "have been doing it for 15 years"
  And yes, it blows goats, especially when the fucktards who "admin" the ISP also block all ICMP.
45. Re:Advantages? by Drakonblayde · 2014-07-25 08:01 · Score: 1
  
  NAT provides "security" because it is actually impossible to hack a computer behind a NATing router, without A) hacking into the router (in which case a firewall doesnt matter), or B) having the end user poke a hole / port forward through the NAT (which they could do with a firewall).
  Oh that's not true at all. Just because you can't access the IP assigned directly to the computer from outside of the NAT hardly means you can't communicate with the device. NAT doesn't imply packet inspection or anything of that nature.
  Far too many people confuse NAT as a security product because it's often paired with limited firewall capability in consumer grade routers. If you can do sufficient packet analysis (like, say, compromising an outside host that the NAT'd box talks to), you can communicate with the device. Malicious packets are translated inward just fine.
  If the end user of a NAT box does something stupid, like install software that (innocently or not) leaves the host exposed behind the NAT, the NAT might as well not be there.
  NAT is an ugly hack for address conservation, nothing more. Those who trumpet it as a security benefit are severely lacking in their TCP/IP skillset.
46. Re:Advantages? by Bengie · 2014-07-26 03:50 · Score: 1
  
  Except NAT has no official implementation, so many implementations have many different security bugs to be exploited. Firewalls are easy to test, NAT implementations, not so much.
47. Re:Advantages? by Bengie · 2014-07-26 03:54 · Score: 1
  
  Why would they be able to discern anything about your internet network without a NAT. You just saying that indicated you don't know what you're talking about or you're trolling.
48. Re:Advantages? by oursland · 2014-07-26 06:23 · Score: 1
  
  By "Piercing the Firewall", I didn't mean to imply that NAT should be considered a firewall, but rather to allude to a class of techniques to get around network restrictions such as port, content, or IP based filtering for both malicious and benign purposes.
49. Re:Advantages? by Bengie · 2014-07-26 07:25 · Score: 1
  
  Unless you want to reinvent uPnP for v6
  What are you talking about? PFSense supports IPv6 uPnP with the base install. Just enable uPnP service and it will allow uPnP to punch holes in the firewall for the requesting IPv6 address. Worked just fine with my Windows box and Torrent. It was quite turn-key. Enable service, done.
50. Re:Advantages? by Bengie · 2014-07-26 07:28 · Score: 1
  
  No, I expect users who want to run services that listen on ports (which makes them not "average!") to know about those things.
  You mean like the "server-less" P2P console games that elect the host from one of the current people in game?
51. Re:Advantages? by Bengie · 2014-07-26 07:32 · Score: 1
  
  Install OpenBSD on a computer not behind a firewall and see if it gets hacked. I think they've had 2 remote security vulnerabilities in the past forever.
52. Re:Advantages? by LordLimecat · 2014-07-26 18:17 · Score: 1
  
  It is true because without a NAT rule or a dynamic mapping, the router will discard the packet 100% of the time. There is nothing you can do that will convince a router to pass a packet onto a NAT'd computer that has not already initiated a connection.
  
  like install software that (innocently or not) leaves the host exposed behind the NAT, the NAT might as well not be there.
  The same is practically true of 99% of consumer firewalls out there, which allow outbound connections and return traffic.
53. Re:Advantages? by mrchaotica · 2014-07-28 11:47 · Score: 1
  
  The fact that someone bothered to make uPnP suggests that there's a need for this capability for average users.
  There's also a "need" for antigravity and wish-granting genies. They're just needs that may remain unfulfilled due to impossibility.
  I assume since you bring up uPnP without citing it as a viable solution, you're aware that it's disasterous for security. I think at least some of that is due to inherent problems in the concept, not just a poor implementation.
  
  Granted, we seem to have gone down that path already (perhaps driven in no small part by the prevalence of NAT), and these services may have a place, but do we want it to be *all* there is to the internet?
  I agree that we want people to not be reliant on centralized servers... however, the way to accomplish that would be to upgrade the "average" technical expertise of users to the point where they'd be competent to configure a firewall. That may be practically impossible, but I think developing a technical solution capable of saving them from themselves would be even harder.
  
  I accidentally left my Windows box connected to the internet without an external firewall for a few months with no ill effects.
  ...that you know of!
  
  --
  "[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
54. Re:Advantages? by segedunum · 2014-07-31 02:26 · Score: 1
  
  Why would they be able to discern anything about your internet network without a NAT.
  Multiple public IP addresses, join the dots. Seriously......
55. Re:Advantages? by segedunum · 2014-07-31 02:35 · Score: 1
  
  The so-called "privacy extensions" address this, though seemingly not by design, but simply because the dumb fucks behind "privacy extensions" provided something useful. Basically, in Linux for example, the kernel will choose a new random IPv6 address every day, and keep old ones for seven days. It always uses the newest one for outgoing connections, but will accept incoming connections on any.
  Sounds like a real recipe for reliable operation there, as well as reducing the complexity of something like NAT, especially amongst different operating systems.
Crap Traffic by extremescholar · 2014-07-24 07:20 · Score: 1

I tried native IPv6 with them about 6 months back, and I was constantly bombarded with random packets that overwhelmed my router. They have 1TB of traffic that is just junk packets. More Comcast BS.

--
Using the Freedom of Speech while I still have it.
1. Re:Crap Traffic by Anonymous Coward · 2014-07-24 07:29 · Score: 1
  
  I've had zero issues with native v6 on Comcast in the San Francisco, CA area. Where in the US are you located?
2. Re:Crap Traffic by Anonymous Coward · 2014-07-24 07:29 · Score: 1
  
  This is what worries me.
  Moving to IPv6 means more challenges. Having to retest firewalls and it's rules, making sense of the IPv6 addresses and then figuring out what looks normal and what looks like bad (generated) traffic when looking at PCAP's.
  How does blocking work when everybody can have a trillion addresses? Can people have a trillion addresses? Do they have a block allocated to each user/system? Does it matter? So many questions.
  I don't want a little mistake somewhere or lack of knowledge to cause a lapse in security.
3. Re:Crap Traffic by Mathieu+Lu · 2014-07-24 07:32 · Score: 1
  
  Would be nice to have more details about that, and the proportion with IPv4 scans/crap.
  Personally, I've been pleasantly surprised when going to the US, that random places (small motels, AirBNB places) had native IPv6. In some cases, they even had weird broken NAT, but working IPv6.
  This migration to IPv6 has to happen one day or another. May as well be in front of the curve, with regards to privacy, security, topology and performance.
4. Re:Crap Traffic by Anonymous Coward · 2014-07-24 07:36 · Score: 0
  
  That may have been your router doing that to itself. Look if the source address is a link local one; if so then your router firmware has a buggy IPv6 implementation, which isn't unheard of for toy SOHO routers. Some of them even have an IPv6 implementation that doesn't work at all.
5. Re:Crap Traffic by Anonymous Coward · 2014-07-24 07:42 · Score: 0
  
  IP blocks have been useless against IPv4 botnets for years now. Hopefully you already have a better way of dealing with bad behavior.
6. Re:Crap Traffic by CAPSLOCK2000 · 2014-07-24 08:16 · Score: 3, Insightful
  
  Better start learning now, while you can afford to make mistakes. The bigger IPv6 gets the more those little mistakes will hurt you.
7. Re:Crap Traffic by jbolden · 2014-07-24 08:53 · Score: 2
  
  How does blocking work when everybody can have a trillion addresses?
  
  You block a range. And it actually works because there is no NAT!
  
  Can people have a trillion addresses?
  
  Far more. The minimum subnet is a /64 which is 1.8 million trillion.
  
  Do they have a block allocated to each user/system?
  Yes.
8. Re:Crap Traffic by segedunum · 2014-07-24 09:04 · Score: 1
  
  Welcome to IPv6.
9. Re:Crap Traffic by NormalVisual · 2014-07-24 09:44 · Score: 1
  
  18,446,744,073,709,551,616, or 18 quintillion, or 18 million trillion, minus a couple for netblock addresses. "Practically unlimited" is a good term here. :-)
  
  --
  Please stand clear of the doors, por favor mantenganse alejado de las puertas
10. Re:Crap Traffic by WaffleMonster · 2014-07-24 10:13 · Score: 1
  
  Moving to IPv6 means more challenges. Having to retest firewalls and it's rules, making sense of the IPv6 addresses and then figuring out what looks normal and what looks like bad (generated) traffic when looking at PCAP's.
  I will be happy when IPv4 is gone and the constant cheap attacks and probes to random addresses are no longer viable at least not on the scale of IPv4.
  
  How does blocking work when everybody can have a trillion addresses? Can people have a trillion addresses? Do they have a block allocated to each user/system? Does it matter? So many questions.
  In IPv6 land users are assigned prefixes rather than IP addresses so you block the prefix rather than the IP address.
11. Re:Crap Traffic by Anonymous Coward · 2014-07-24 10:14 · Score: 0
  
  You block a range. And it actually works because there is no NAT!
  
  Do they have a block allocated to each user/system?
  Yes.
  Sounds like a fucking privacy nightmare to me.
12. Re:Crap Traffic by Anonymous Coward · 2014-07-24 11:30 · Score: 0
  
  In IPv6 land users are assigned prefixes rather than IP addresses so you block the prefix rather than the IP address.
  Sounds like a problem for privacy.
13. Re:Crap Traffic by marka63 · 2014-07-24 13:43 · Score: 1
  
  You have a IPv4 address allocated to you. You have a IPv6 address block allocated to you. There is no difference from a privacy perspective. The single address (IPv4) or the block (IPv6) identifies the home. With privacy addresses implemented and on turned on by default by the major vendors you don't get to track back to individual computers unless you are running a service which doesn't use them.
14. Re:Crap Traffic by Anonymous Coward · 2014-07-24 16:25 · Score: 0
  
  You have a IPv4 address allocated to you.
  I can easily change my IP address right now, and lots of other people use similar addresses. Can I change my entire IPv6 block as easily? It all depends on the implementation. If I can't, then yes, privacy is at stake.
15. Re:Crap Traffic by jbolden · 2014-07-26 15:51 · Score: 1
  
  If you get a /64 you can do whatever you want on it. If you get a /60 then you have 16 subnets you can do whatever you want on.
Their implementation sucks. by Anonymous Coward · 2014-07-24 07:29 · Score: 3, Interesting

Their implementation of DHCPv6-PD blows. It's incompatible with openWRT, Netgear, pfSense router firmware. You'll get your prefix, but it will get either dropped or changed within several hours. Then this premature change of the lease will fall out of sync with radvd on the routers then you will completely lose IPV6 connectivity. With all the IPV6 address space available, why not give out a static IPV6 prefix, but no, they want to change it frequently. This is completely contrary to their IPV4 DHCP servers which will basically give you the same IP address forever until you change the MAC address on the router.
So screw Comcast's IPV6. I'll stick with my hurricane electric tunnel and it's static IPV6 prefix until my router breaks. Maybe be then Comcast's implementation will actually work with most of the routers on the market that support IPV6.
1. Re:Their implementation sucks. by Anonymous Coward · 2014-07-24 09:06 · Score: 0
  
  This is completely contrary to their IPV4 DHCP servers which will basically give you the same IP address forever until you change the MAC address on the router.
  My ISP locks the IP address on to the authentication password, changing the mac doesn't seem to affect it yet changing the password does...
  Is this normal?
2. Re:Their implementation sucks. by NormalVisual · 2014-07-24 09:47 · Score: 1
  
  With all the IPV6 address space available, why not give out a static IPV6 prefix, but no, they want to change it frequently.
  
  Because they don't want you running servers with a static IP? Can't have that now, can we?
  
  --
  Please stand clear of the doors, por favor mantenganse alejado de las puertas
3. Re:Their implementation sucks. by WaffleMonster · 2014-07-24 09:59 · Score: 3, Interesting
  
  Their implementation of DHCPv6-PD blows. It's incompatible with openWRT, Netgear, pfSense router firmware.
  There seems to be problems with Comcast IPv6 that I can see.
  Lease query is fucked up/does not work at all so if your cable modem reboots while the lease is still valid the CMTS has forgotten all about it and won't let any traffic pass until you transmit a renewal request for your PD. It seems some consumer router gear uses Ethernet/media detection to notice the link has bounced and refresh the lease...otherwise your basically SOL and have to manually do it.
  I don't think it is fair to blame Comcast for a systems shitty/buggy support for DHCPv6 prefix delegation. Comcast is not doing anything magical or non-standard. Vanilla ISC DHCPv6 client has worked flawless for me.
  Incidentally have maintained same IPv6 prefix for over a year now since they turned up v6.
  
  Then this premature change of the lease will fall out of sync
  To be fair if the client is fucked up and not properly renewing lease sometime before it expires I don't see how that's Comcast's fault. If you don't ask for renewal you won't get one.
  
  With all the IPV6 address space available, why not give out a static IPV6 prefix, but no, they want to change it frequently.
  Exactly they should hand out addresses or at least make them very sticky so that anything short of some kind of reorganization/renumbering does not result in a new prefix. It really sucks even if radvd is sync'd there are still implementation problems with the zero lifetime pulling and hosts if using SLAAC locally.
  
  This is completely contrary to their IPV4 DHCP servers which will basically give you the same IP address forever until you change the MAC address on the router.
  If you allow your IPv4 lease to expire good luck getting the same address back. At least on the two occasions I've had my system down long enough for it to happen and was greeted with a new address. It may very well be certain areas are configured differently and so mileages vary.
  
  So screw Comcast's IPV6. I'll stick with my hurricane electric tunnel and it's static IPV6 prefix until my router breaks.
  The HE tunnels were awesome. I was sad when I shut mine down.
4. Re:Their implementation sucks. by cdwiegand · 2014-07-24 10:08 · Score: 1
  
  This! Wow, I had no idea others had the same issue. I tried putting the IPv6 modem on the outside of my firewall, and couldn't get the delegation to work reliably, so finally in order to "keep my IPv6" I had to put it on the inside of my network. Luckily all of my ipv6-capable equipment is modern enough OSes (ubuntu, osx and windows 7+) to have real firewalls, and everything else is known non-IPv6-capable (my old wireless canon printer, mostly).
  Once they fully launch it in the business accounts, I plan to get a static delegation so I don't have to deal with their DHCP-PD problems.
  
  --
  . Define sqrt(x) as something really evil like (x / rand()), and bury it deep. Watch your coworkers go nuts.
5. Re:Their implementation sucks. by Burdell · 2014-07-24 11:13 · Score: 1
  
  I have no problem with Comcast's IPv6 setup, once I hacked a few things in OpenWRT that were wrong; not sending the requested prefix size was a big one (so I could only get a /64 initially). Also, if the link drops, when it comes back and dhcp6c tries to update radvd, radvd doesn't restart (so the RAs go away and IPv6 quits on all auto-configured systems). My link is generally stable enough that I haven't been bothered enough to track down this bug to get it fixed.
  IIRC, the only time I've had my delegated prefix change was when I was working things out to get a /60 instead of a /64. After working with a Comcast engineer, it seems under normal conditions, the only reasons your prefix should change is if your MAC address changes or they switch you to a different headend (which should be rare).
6. Re:Their implementation sucks. by marka63 · 2014-07-24 13:53 · Score: 1
  
  It is so that they can reduce the number of routes they need to manage. This applies to IPv4 and IPv6.
  When segments of the network become overloaded then need to split them by installing new equipment. Rather than install a route per customer they get the customer to renumber.
  Similarly if they need to increase a address pool because there is too many customers for the configured pool of addressees. They find a bigger address block and have the customers renumber into it. The old block will be marked as free, possible consolidated with other address blocks and reused somewhere else in the network.
What about Verizon FIOS? by Anonymous Coward · 2014-07-24 07:30 · Score: 0

Any idea about FIOS IPV6 adoption rate?
1. Re:What about Verizon FIOS? by Anonymous Coward · 2014-07-24 07:41 · Score: 0
  
  close to 0%
2. Re:What about Verizon FIOS? by DewDude · 2014-07-24 07:43 · Score: 1
  
  As far as I know, it's at 0%. They have not activated IPv6 for anyone; nor do they seem to have any plans to. They've been promising it for years; but nothing.
3. Re:What about Verizon FIOS? by Martin+Blank · 2014-07-24 16:47 · Score: 1
  
  Their status page promised roll-outs starting in late 2012, but it also has horrifically bad information, even for an ISP ("Verizon will use a IPv6/56 address format, which means this will support 56 LANs.") I've asked about it several times, but no one at any level seems to know what's going on. The routers have been IPv6-enabled since spring of 2013, which got a lot of people excited. There's a rumor that the hold-up has to do with newer set-top boxes and broken IPv6 stacks, but no one knows how believable that is. (I don't buy it. I just think Verizon is refusing to spend the money necessary to implement it.)
  
  --
  You can never go home again... but I guess you can shop there.
4. Re: What about Verizon FIOS? by Anonymous Coward · 2014-07-24 17:02 · Score: 0
  
  Cox has a FAQ on IPv6 that says they'll enable it for residential customers in 2015. I suspect that is a variable in a script: it's been (currentYear+1) every year since the mid 2000's. Every year I check and see that the year of delivery has been pushed off again.
  I wish there were a residential ISP that gave static IPv6 addresses, equal up/down speed, and allowed servers. That's true net neutrality and the only way to achieve real privacy (run your own web/mail/ftp/social services to avoid providing easily scanned or censored data-at-rest stores).
Nice graphics at Cisco by CAPSLOCK2000 · 2014-07-24 07:32 · Score: 5, Informative

Cisco has nice graphics of the IPv6-deployement in the world. It's based on the same measurements but presented with nice graphs instead of a boring table of numbers. Look up your own country at http://6lab.cisco.com/stats/in... .
chicken and egg? by Anonymous Coward · 2014-07-24 07:33 · Score: 1

With Facebook, Google/YouTube, and Wikipedia up to speed, it looks we are past the "chicken and egg" stage
Yeah cause those are the only 3 sites anyone ever uses, right?

Comcast...30%...AT&T at 20%...Time Warner at 10%
Those numbers are still terribly low.... better, but low... chicken needs to get to work

Verizon Wireless at 50%
For a bit I skipped right over the wireless part and thought it was cause FiOS... my theory was, providers never want to upgrade their stuff to handle bandwidth, they sure as heck aren't going to upgrade for newer equipment. Most likely they'd be doing both with one purchase whether they want to or not, considering IPv6 is so old now, and the network co's (cisco, etc.) have been selling IP6 equipment for over a decade.
As for the sites, it doesn't really matter. Cloud matters. Amazon, and the other big ones need to get up on it. It's the small businesses and sites that matter, and they offshore their technical needs to any number of hosting providers these days as a springboard (dedicated, sharded, vpc, 'cloud' [yes it's different], shared, etc.). It's those providers that need to upgrade along with the actual pipe providers. One could argue that there are only chickens, as once the chickens have ipv6, so will the eggs (new sites).
It's probably almost all cellphone bandwidth by TrollstonButterbeans · 2014-07-24 07:38 · Score: 1

The ipv6 traffic is probably almost all cellphone bandwidth.

A guess.

--
Priest: "Universe from nothing, no laws of physics, sped up time"+ huge discrepancies. Creationism? No. Big Bang Theory
1. Re:It's probably almost all cellphone bandwidth by marka63 · 2014-07-24 13:37 · Score: 1
  
  If you turn on IPv6 in a typical home today over half the traffic will move to IPv6. In the future the shift will be greater.
  For Comcast, this means that ~15% of their traffic from the home is IPv6, and the overall home traffic is ~6Tbps.
  One packet in six is IPv6.
and yet, those on ipv6 can't see slashdot by the_humeister · 2014-07-24 07:41 · Score: 1

still not sure if that's a pro or a conâ¦
Comcast Throttling 1Tbit/s of IPv6 Internet Traffc by Anonymous Coward · 2014-07-24 07:49 · Score: 0

Fixed that for you!
And there there is Charter Com6munications by QuantumRiff · 2014-07-24 07:51 · Score: 1

Charter's Ipv6 website hasn been saying its coming "soon" since about 2011. Last time I called the NOC, and our regional sales people (I'm a fiber customer of theirs) nobody could give me any time frame, area, or any other information about when they plan to start testing it for customers.

--

What are we going to do tonight Brain?
1. Re:And there there is Charter Com6munications by Anonymous Coward · 2014-07-24 08:24 · Score: 0
  
  You can get IPv6 through charter via 6rd. It's very easy to setup. I use it on my OpenBSD firewall.
  It's like a tunnel from HE, but Charter provides it. The advantage is that the tunnel should always be up as long as you can reach your provider's network.
2. Re:And there there is Charter Com6munications by QuantumRiff · 2014-07-24 08:40 · Score: 1
  
  That is possible, and has been for a while, but I don't want all of my traffic going to Missouri first
  
  --
  
  What are we going to do tonight Brain?
3. Re:And there there is Charter Com6munications by Anonymous Coward · 2014-07-24 13:41 · Score: 0
  
  that is the annoying thing. i've been using charter's 6rd relay for a while, mainly since nothing i do that's ipv6-ready is really latency-sensitive. it works well, except for all packets taking the scenic route. not sure why they couldn't set up a few more relay servers in other locations (keep the same IP, route with anycast).
  actually, not sure why they don't just start putting ipv6 RAs on the network, since they apparently do that for their cable boxes and stuff. so obviously they've got the equipment, and pretty much any OS that is going to even notice those packets is modern enough to "just work" once they're received...
  sigh...
4. Re:And there there is Charter Com6munications by marka63 · 2014-07-24 13:58 · Score: 1
  
  Whine, Whine, Whine.
  My IPv6 tunnel end point is the other side of the Pacific ocean.
5. Re:And there there is Charter Com6munications by Anonymous Coward · 2014-07-25 01:59 · Score: 0
  
  I have Charter and my IPv6 "just works" without any need for setup. I have a "prosumer" router/firewall that can handle IPv6, and it gets a WAN IP for both v4 and v6. Tunneling is pointless because IPv4 is available as a real fallback in the event IPv6 isn't available to the other end of any given connection.
  It's kinda freaky to ping-test a domain and get an IPv6 address back. The "new" hasn't worn off yet.
Re:Saying something good about ComCast hurts my br by eli+pabst · 2014-07-24 08:12 · Score: 4, Informative

In actual fact, the ComCast internet service is not too bad.

Their cable TV service is another story. I'm reading this article right now because my cable box is busy rebooting...again.
Re: Saying something good about ComCast hurts my b by Anonymous Coward · 2014-07-24 08:25 · Score: 0

So basically all the things that are important?
Wait for Kong's firmware for R7000 wit IPv6 by gunkelNY · 2014-07-24 08:33 · Score: 1

It's going be blast for people using the best available ARM home router at this moment, Netgear R7000 More details here: http://www.dd-wrt.com/phpBB2/v...
IPv6 How will it happen? by LessThanObvious · 2014-07-24 08:35 · Score: 1

How do you [Slashdot users] see IPv6 transition actually happening?
Will each internet user have dual stack?
IPv6 is much more complex, how will companies support users who barely understand IP addressing when IPv6 is going to seem like a long string of meaningless characters?
Do you see something like a dynamic IPv6 to IPv4 DNS/NAT translator to hide IPv6 complexity from the user a viable solution?
1. Re:IPv6 How will it happen? by l2718 · 2014-07-24 08:48 · Score: 1
  
  Why should users care? How many "users" are aware of IP addresses, or view them as anything but a string of meaningless digits? The "complexity" of IPv6 falls entirely on sysadmins and on those who implement IPv6 stacks, that is on experts. It's possible some users will have a home network on the 192.168.x.x IPv4 range connected via a NAT to the IPv6 internet, but this choice will be made for them by the people who write NAT software: home users universally use first-come-first-served DHCP to assign addresses on their home network so they never see even the local IP addresses. I like to remotely SSH to my home computer, so I note the IP address assigned to my NAT by the ISP, but a typical user can't pull that off. I also like to have fixed IP addresses inside the home network so I can reliably use SSH between the machines. You might be diong the same. But the average user can't and doesn't feel the need to.
2. Re:IPv6 How will it happen? by NotInHere · 2014-07-24 08:55 · Score: 1
  
  I have DNS in my home network, using the hosts file of my openwrt router.
3. Re:IPv6 How will it happen? by Tim+the+Gecko · 2014-07-24 08:58 · Score: 3, Informative
  
  How do you [Slashdot users] see IPv6 transition actually happening?
  Will each internet user have dual stack?
  Yes. They will have a dual stack with the IPv6 address being used for a bigger and bigger proportion of traffic. Meanwhile IPv4 will probably traverse some NAT.
  Once IPv4 is the minority of traffic (many years in the future), it will turn into a legacy PITA to administer separately. But that is a while away.
  
  IPv6 is much more complex, how will companies support users who barely understand IP addressing when IPv6 is going to seem like a long string of meaningless characters?
  Those 30% of Comcast customers aren't calling a helpdesk and reading out hexadecimal digits. If DNS is working they will say things like "www.facebook.com". If DNS isn't working then they can't fix it by reading out or typing those "meaningless characters".
  
  Do you see something like a dynamic IPv6 to IPv4 DNS/NAT translator to hide IPv6 complexity from the user a viable solution?
  Not viable. It wouldn't help more than a single digit percentage of users anyway.
4. Re:IPv6 How will it happen? by jbolden · 2014-07-24 08:59 · Score: 2
  
  How do you [Slashdot users] see IPv6 transition actually happening?
  
  a) Carriers and ISP have support (mostly done)
  b) Cellular (mostly done)
  c) Default is switched for home / small business (mostly not done). Then they have a shared pool of v4 addresses for v4 traffic rather than one address per location.
  d) Enterprises start running dual stack
  e) v4 is mostly retired
  
  Will each internet user have dual stack?
  
  Probably each carrier. You'll see the v4 address space living inside some subnet at an IP address inside your ISP's allocation.
  
  IPv6 is much more complex, how will companies support users who barely understand IP addressing when IPv6 is going to seem like a long string of meaningless characters?
  
  What do end users care? How do companies support their end users not understanding all the details of ARP vs. IP addressing. They don't they just make is seamless.
5. Re:IPv6 How will it happen? by spire3661 · 2014-07-24 09:49 · Score: 1
  
  If you have a way to make IPv6 palatable, the world is awaiting you.
  
  --
  Good-bye
6. Re:IPv6 How will it happen? by don.g · 2014-07-24 12:09 · Score: 1
  
  V6 to DNS/NAT: you mean NAT64? It's a thing. It works.
  But what we'll probably end up with is Carrier Grade NAT for IPv4, hopefully dual-stacked with native IPv6. There are already ISPs selling CGN IPv4 connections with no IPv6 support, e.g. most cellular IP service.
  
  --
  Pretend that something especially witty is here. Thanks.
7. Re:IPv6 How will it happen? by Anonymous Coward · 2014-07-24 13:46 · Score: 0
  
  also have DNS on home network, using a combination of the hosts file and dnsmasq's ability to take the hostname from a client's DHCP request, and map that to the IP it assigned. works great. and i've got IPv6 RAs on the network, using charter's 6rd relay and dnsmasq (again), and the DNS even sort of works for the IPv6 addresses. seems it can figure out the SLAAC address to name mapping (as you'd expect), but the privacy extensions really mess things up. i'm still torn on whether to turn those off on my client machines or not.
8. Re:IPv6 How will it happen? by marka63 · 2014-07-24 14:05 · Score: 1
  
  CGN for homes breaks things people expect to work at home.
  Cellular networks are almost completely client only. Home networks aren't. People run services on home networks and ISP's know this. Port forwarding is all about providing services from the home network.
Re:Saying something good about ComCast hurts my br by Anonymous Coward · 2014-07-24 08:41 · Score: 0

The service isn't bad but all of their hardware definitely is bad. In the last year alone I've gone through 5 dvr boxes and 4 cable modems. That's just plain bad. Plus, don't even get me started on how terrible the firmware is on their cable modems. DHCP just stops working randomly, wireless turns itself off about every four hours, and when the two problems coincide, you basically are fucked unless you pull the damn power. Plus, you have to call comcast because you can't disable services you don't want.
Re:first by Anonymous Coward · 2014-07-24 08:50 · Score: 0

I guess the first ipv6 post will be done by a staffer to test ipv6.
Re:Saying something good about ComCast hurts my br by jslaff · 2014-07-24 08:58 · Score: 3, Interesting

Hurts my brain, too, but... I really have to admit that in the past 25 years with Comcast, first just for TV, then internet, then phone, I've had pretty much zero complaints. In fact, I get discounts off my bill for asking (minimal, yes, but $10 a month off $180), upgraded boxes for free for the asking (true, just one of their old SD DTAs to an HD DTA), and actually got a few hundred bucks for signing up my VERIZON cell phone through Comcast. In fact, the one company that I will never go back to for anything major is Verizon. I was one of the original DSL customers where I live in Montgomery County, Md., and saw my speed grow as the years went by. I had Verizon DSL for about 10 years when, all of a sudden, it stopped working. Cold. Swapped out DSL modems, swapped out my old router for a new one, different PCs, nothing. I KNEW it was their equipment. I called, and they said they would send someone out...in 2 weeks. (And of course, that would do no good, since it was on their end. We also had a Verizon land line, which worked perfectly.) I said I had been a Verizon customer in some manner all the way back to Bell Atlantic and Nynex days--2 weeks. I had a Comcast coax line in my office for a TV that I wasn't using anymore. Went to Best Buy, got a Motorola cable modem, called Comcast to register it, and in 10 minutes I was up and running. No problems at all. For less money than Verizon DSL. When I called Verizon to cancel everything, they said that had I said the magic word--Retention--they could have fixed it the next day. In a word, aaargh.
Carry on citizens by Anonymous Coward · 2014-07-24 09:11 · Score: 0

Yessiree! Enjoy our 1Tbit/s internet!*
* 250GB bandwidth cap still applies. Overage fees and speed restrictions and other bullshit fine print here.
Math by fulldecent · 2014-07-24 09:34 · Score: 1

Percentage of US consumers using broadband 74%
http://www.forbes.com/sites/gr...
Percentage of US marketshare served by Comcast 25%
http://www.dailytech.com/Marke...
Percentage of Comcast customers on IPV6 30%
RTFS
Percentage of people that use Google 100%
http://google.com/
ASSUMING NOBODY ELSE HAS IPV6 EXCEPT COMCAST 5.5% PRODUCT
Google says 4%

--
-- I was raised on the command line, bitch
1. Re: Math by Anonymous Coward · 2014-07-24 10:54 · Score: 0
  
  All your stats are for one country only, except for Google's IPv6 traffic which is global.
works for me by Anonymous Coward · 2014-07-24 09:35 · Score: 0

I have had Comcast IPv6 for over a year. I use Apple base stations and my prefix doesn't change as long as I don't reboot my base station. When I do, there's a chance it changes, but usually it doesn't. I have the same prefix or months at a time.
I don't know why it ever change, my IPv4 address doesn't change at the same time when it changes.
Re:Saying something good about ComCast hurts my br by Anonymous Coward · 2014-07-24 09:37 · Score: 0

Ever get that stuck picture bug? I haven't seen it in a long while. I figured out that if you change the change to a music station, moments later, it fixes it. No more needing to unplug the box.
This September, I think I will be going on 4 years for this DCX3425R HDDVR, if I'm not mistaken. Although, I should replace the "Comcast" remote since the 'last' button is worn. Although reprogramming it to the 'help' button is something I did.
You know how they changed On Demand so it's 10 minute skips? Just use the 30 second/15 second skip buttons for the 5 minute skipping forward and backward.
A lot of our internal Internet 2 runs on IPv6 by WillAffleckUW · 2014-07-24 09:38 · Score: 1

Mostly hardened traffic, but there you go.
Pretty sure it doesn't get counted in with the general Internet, since you guys run so slow, and we have 100 GB/sec ports at most major research universities and military installations, and 40 GB/sec ports within 1-2 mile radius of those.
It carries a lot more data, but no spam.

--
-- Tigger warning: This post may contain tiggers! --
IPv6 routers by NormalVisual · 2014-07-24 10:05 · Score: 1

Can anyone recommend a SOHO-level router that properly supports IPv6? Right now I've got my desktop on a Teredo (okay, stop laughing) tunnel set up to a server I have colo'd which in turn has a real /64. It works pretty well, but it was a pain to set up and counts against my colo bandwidth, and of course adds a bit of latency. Router support for IPv6 may be moot since I don't even know for sure that AT&T has IPv6 rolled out here anyway.

--
Please stand clear of the doors, por favor mantenganse alejado de las puertas
1. Re:IPv6 routers by rsmith-mac · 2014-07-24 10:43 · Score: 1
  
  Apple Airport Extreme. They have supported IPv6 very well for years now.
2. Re:IPv6 routers by Rick+Zeman · 2014-07-24 11:00 · Score: 1
  
  Can anyone recommend a SOHO-level router that properly supports IPv6? Right now I've got my desktop on a Teredo (okay, stop laughing) tunnel set up to a server I have colo'd which in turn has a real /64. It works pretty well, but it was a pain to set up and counts against my colo bandwidth, and of course adds a bit of latency. Router support for IPv6 may be moot since I don't even know for sure that AT&T has IPv6 rolled out here anyway.
  My Cisco RV-320 supports IPv6 just fine on Comcast's network.
3. Re:IPv6 routers by Pop69 · 2014-07-24 11:07 · Score: 1
  
  I'm using a Draytek 2860 which does the job just fine
4. Re:IPv6 routers by pantaril · 2014-07-24 19:26 · Score: 1
  
  Can anyone recommend a SOHO-level router that properly supports IPv6?
  If you understand networks and are not afraid to setup your own router from scratch, i recommend mikrotik router boards. For home use, i'd use something like RB951G-2HnD
5. Re:IPv6 routers by Anonymous Coward · 2014-07-25 02:02 · Score: 0
  
  Netgear FVS336Gv2 with the 4.x firmware update. (They typically still ship with 3.x firmware installed.)
6. Re:IPv6 routers by zbobet2012 · 2014-07-25 02:38 · Score: 1
  
  Most anything with openwrt :)
7. Re:IPv6 routers by Anonymous Coward · 2014-07-26 02:40 · Score: 0
  
  Apple Airport Express. At home I have native IPv6 with Comcast and airport express handles it fine and another location with Comcast Business does not have IPv6 so I use a tunnel from SIXXS and Airport Express as a wireless access point to relay IPv4 and IPv6 traffic. The ports on Airport Express are limited to 100 Mbps, but the connections to the internet are way slower than that anyway
IPv6 much more end-user friendly than IPv4 by Anonymous Coward · 2014-07-24 10:45 · Score: 0

The only people calling IPv6 "non-palatable" are those who haven't used it enough to get acquainted properly..
As soon as you use it you realize that it's no different to IPv4. The string representation of addresses looks different, but so what? Addresses are hidden by DNS, that's what it's for. Nobody except techies looks at addresses, and techies aren't fazed by hex or they're not techies at all.
And for the end user, IPv6 is a total blessing, because it's self-configuring, doesn't require complex NAT systems for running multiple boxes on one assigned IPv4 address, and doesn't suffer from broken NAT implementations. And with NAT gone, firewalling is much simpler and cleaner, and also easier to control with each box on a different public IP address.
"Palatable" is in the mind, and in this case it's just another term for "fear of the unknown". As soon as you really use it, it becomes friendly technology within a day.
IPv6 end user footprint by LessThanObvious · 2014-07-24 11:00 · Score: 1

Published on Monday, December 09, 2013 www.comcast6.net
"Comcast's IPv6 deployment continues to expand, over 25% of our customers are actively provisioned with native dual stack broadband! The following areas of the Comcast broadband footprint are now fully IPv6 enabled - Colorado, New Mexico, Minnesota, Kansas, Missouri, Maryland, Ohio, Pennsylvania, West Virginia, and Houston."
1. Re:IPv6 end user footprint by marka63 · 2014-07-24 14:09 · Score: 1
  
  And now 100% of their home users have IPv6 available to them if they wish to avail themselves of it. Comcast have been aggressively supporting IPv6 for many years now.
Why does Comcast have 32 ASN's? by knorthern+knight · 2014-07-24 14:23 · Score: 1

One of the major arguments for IPV6 was that it would eliminate the bloated routing tables that are almost as much of a problem for IPV4 as addresses being all used up. So why does Comcast need 32 ASN's?

--

I'm not repeating myself
I'm an X window user; I'm an ex-Windows user
1. Re:Why does Comcast have 32 ASN's? by marka63 · 2014-07-24 21:10 · Score: 1
  
  What does ASN count have to do with route counts? They have no relationship with each other other than you need a ASN to announce routes in BGP. Note you can have a ASN without announce routes.
Re:Saying something good about ComCast hurts my br by id-10000000 · 2014-07-24 16:32 · Score: 1

how much is this going to cost me? The only thing that increases over time with comcast is the price.
So how will they position it? by gelfling · 2014-07-24 23:13 · Score: 1

Super DUPER mega EXTREEEEEEM internet service for only $299.99/month when bundled with their other services?
Nerds do not live in isolation by tepples · 2014-07-25 01:49 · Score: 1

News for Nerds. Not News for Grandma's that are afraid of configuring their router.
Nerds often have to act as tech support for said grandmothers.
Routing loop by Chelloveck · 2014-07-25 03:10 · Score: 1

Well, there's yer problem. Looks like you got yerself a routing loop there sending all IPv6 traffic back on itself. Fix that and your IPv6 levels will go back down to infrequent pings and the occasional guy who turns on IPv6 just to see if anyone else is using it yet.

--
Chelloveck
I give up on debugging. From now on, SIGSEGV is a feature.