Slashdot Mirror
The IPv4 Internet Hiccups
New submitter pla writes: Due to a new set of routes published yesterday, the internet has effectively undergone a schism. All routers with a TCAM allocation of 512k (or less), in particular Cisco Catalyst 6500 and 7600's, have started randomly forgetting portions of the internet. 'Cisco also warned its customers in May that this BGP problem was coming and that, in particular, a number of routers and networking products would be affected. There are workarounds, and, of course the equipment could have been replaced. But, in all too many cases this was not done. ... Unfortunately, we can expect more hiccups on the Internet as ISPs continue to deal with the BGP problem." Is it time to switch to all IPv6 yet?
We changed all our systems over time to handle this great IPv6 change, and haven't used IPv6 yet. Our service provider doesn't even offer it. Come on, some of us are more than ready. We will probably have failures, because it hasn't been truly tested, but we are far more ready than we were for Y2K.
How much more gradual do you want? I've been running dual stack for over a decade with a tunnel back to HE. At this stage most of your equipment runs fine with IPv6.
In many cases, the "work around" is to use software routing instead of hardware routing. In the cases of the Cisco routers linked above, their TCAM can be re-partitioned, then restarted. But with the rate of IPv4 route fragmentation, it will only buy so much time. The fix is to use IPv6 or get newer hardware with a larger TCAM.
You're right. It was time 10 years ago. Now it's way PAST time.
SJW's don't eliminate discrimination. They just expropriate it for themselves.
This isn't really to do with BGP or IPv4 as such, it's an inherent problem in the way "The Internet" regards addresses.
You might be able to get some efficiencies in IPv6 by incorporating formerly-unrelated address allocations under a single prefix. But that doesn't solve the problem of a continuously growing network, increasingly complex (and commercially controversial) peering arrangements, the fact that IPv6 addresses are actually larger and the fact that you're going to have to support IPv4 anyway in parallel with any IPv6 transition (I don't personally believe it will ever happen, but that's a different story).
You could, however, get rather more efficiency in core routing tables if network addresses only had a very transient existence and were related to the source/destination route to be employed (eg: look up a domain name, do some route pre-computation, allocate some addressing tokens that make sense to the routers on the path, recalculate the route periodically or in response to packet loss). That's not IPv6, though. IPv6 has the same order of dependence on every router knowing about every destination network as IPv4 does (give or take the slightly greater prefixing efficiency).
TL;DR - The Internet is getting bigger. Buy more kit.
googling verizon, comcast, and time warner it seems like their original pledge in 2012 to start rolling out ipv6 has quietly halted. most of their sites simply say "check back" while others imply certain undisclosed service areas may be exposed to both 4 and 6. forums are another story, with most customers and techs confirming the support exists, but either modems arent enabled to receive ipv6 due to bugs, or the support is broken in all-in-one devices in the case of DSL.
speaking from a linux neckbeard standpoint, i dont care. ive had competent functional v6 support for almost a decade and in many cases implemented it for pay. In my experience the problems associated with implementing v6 are related to companies angry about any downtime at all, or vendor specific appliances that just cant for some reason or another. they either lied about their ipv6 support, only partially support routing IPv6, or have egregious bugs in their implementation that cause stability problems in the rest of the network. Hosting providers have done an excellent job of supporting it from what ive seen, and most (with the exception of godaddy) are very generous in their IP offerings (i get 30 with ramnode.)
Good people go to bed earlier.
Except that this has nothing to do with IPv6. IPv6 will do nothing to resolve this problem and will in fact make it worse because the problem itself is due to a router not having enough RAM and nothing about IPv6 results in less RAM usage.
Sure, we should get on the IPv6 bandwagon, well, except it sucks right now and can lead to some annoying connectivity issues when sites are misconfigured, or setup IPv6 and then forget about it so you're trying to connect to an IPv6 address thats no longer used because no one bothered to update DNS ... or their IPv6 connection is through one of their shitty over saturated links.
My ISP does IPv6, as does all my equipment. I had to disable it so that the rest of my family doesn't wonder why random sites don't work on their PC but work fine on their phone and while I can't remember the ones off to the top of my head, there are some big ones that regularly fuck up. Hell, even Google's IPv6 connectivity is shoddy at times.
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
Unless IPv6 addresses are being handed out in a way that's much more conducive to this, it won't really change anything
Which they are, as a direct result of v6 being so huge. See RFCs 1715 and 3194 for discussion on this.
Obviously in the long run we'll end up with a higher absolute count of routes in v6 (because supporting more people was the other reason for it) but the route count will scale far better than a network that has to be run at a ridiculously high HD-ratio because it's too small.
One of the design goals of IPv6 was to reduce the size of the global routing table. That's why there are so many more addresses in IPv6 than there are ever going to be devices. Each provider gets so much address space that nobody needs to come back for more. That means there's no address space fragmentation due to address scarcity, like there is with IPv4, where providers usually have dozens or hundreds of separate allocations which can't be aggregated and must all be entered into the global routing table. IPv6 addresses are four times as long as IPv4 addresses, but there are far more than four times as many routing table entries per ASN with IPv4 than with IPv6
v6 makes things better, because it uses 128-bit addresses rather than 32-bit addresses. See RFCs 1715 and 3194 for the details.
Yes, there's a small linear factor of extra memory required for v6 routes vs v4 routes, but that's irrelevant compared to the route count reduction that comes from a lower HD ratio.
Also routing only occurs on the first 64-bits of an IPv6 address, the router doesn't need to store the host last 64-bits of an IPv6 address.
Core routers only use the first 48bits as that's the smallest block that is routable on the Internet. Which is why IPv4's /24 vs IPv6's /48 explains the routers supporting 1024K IPv4 routes or 512K IPv6 routes or a 512K/256K split. Exactly 2x difference. But IPv6 has sparse allocations resulting in about an effective 10x reduction in the number of routes.
but that's irrelevant compared to the route count reduction that comes from a lower HD ratio.
Only if you assume you can reduce routes because there are so many people with diverse blocks in their network, which isn't the case so much.
The route count is much more a result of multihoming and portable address space, which means larger prefixes aren't going to help at all. At no point in my career would my provider having a larger prefix helped reduce the routing table as I have always had either portable address space, which is a direct allocation from a NIC rather than an ISP, or been multi homed which means at best I get the addresses from ONE of the peers and announce it out to another peer, but in that case traffic gets all screwed up if the upstream provider which allocated me the non-portable space aggregates it since aggregated addresses aren't preferred over non-aggregated address space.
I.E. larger upstream prefixes don't really help at all.
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
The Mayans had predicted that we would run out of IPv4 addresses in 2012 -- and they were right.
I'll see your senator, and I'll raise you two judges.
I actually bought a new router within the last year. A "nice" Buffalo model with DD-WRT built in. Only to find out DD-WRT doesn't support native IPv6 (which my old, faulty NetGear did, go figure). They just support Toredo or other tunneled IPv6 solutions.
Man, was I disappointed.
Maxim: People cannot follow directions.
Increases in truth directly with the length of time spent explaining them
Not the fact that wifi routers degrade, you are totally right about that, but that people will replace them. I'm amazed at how shitty someone's Internet can be and they have an "Oh well, whatever," attitude about it.
A good example near and dear to me is my parents. They moved in to their current place about 7 years ago and got a cheapass Linksys router to handle their NAT and WiFi. It has been giving them enough grief for me to hear about it for at least 3 years. They are not poor, a new router is not a big deal, yet they didn't get one. So I got tired of it, and also had an easy solution: When they were visiting me this June I upgraded my WAP to a new 802.11ac one and gave them my old one, which was working great.
They still haven't installed it. It's not like they don't have time, mom is retired and dad is semi-retired, it's not like it is hard, it is much simpler to set up than their old model and they can always call me. They just haven't bothered. Their router acts up, they go reset it, and don't bother to replace it.
Another somewhat related example would be a friend of mine. He's a young guy, under 30, and quite technically savvy. He's complained to me that the Internet at his house is not meeting advertised speeds, going quite well below it. Strange, since we are both on the same ISP, and live only a couple miles from each other and my experience has been that they always are right around max. I inquire a bit more and find out he still has a DOCSIS 2 modem. Ahh ok, well that is probably the issue. Though his connection is of a speed that a single DOCSIS channel can handle (25mbps), that modem has one one channel to choose from and it could well be too loaded down by other people on the segment. So my recommendation was to get a DOCSIS 3 modem. An 8x4 modem that is compatible can be had for like $80. That should solve any speed issues since now there's a bunch of channels to choose from, and will be compatible when they bump the speeds in the future.
He didn't want to spend the money, and so just complains occasionally about the speed.
For whatever reason, there are more than a few people who will just use old, failing, technology and bitch about it rather than fix the issue.
OK, I've done BGP before, and I've never heard of anything smaller than a /24 being globally advertised -- most common router configurations won't even accept anything smaller.
That said, how is any network of any size supposed to protect itself again ISP outages other than multihoming? It clutters the routing table, but there is no other solution.
If it weren't for the stupidity of OS and IP stack authors, we'd be able to use the 240.0.0.0 - 255.255.255.254 addresses.
However, most of them refuse to route to those addresses because they're "Reserved for Future use."
Apparently no one stopped to think that blocking routing to those addresses would stop them from being used in the future because people insist on using older technology.
GLaDOS for President 2016! "Well here we are again. It's always such a pleasure." -- GLaDOS, 2011