Slashdot Mirror
How Ready Is IPv6 To Succeed IPv4?
New submitter unixisc writes: Over the last 2 years, June 6th had been observed as IPv6 day. The first time, IPv6 connections were turned on by participants just for a day, and last year, it was turned on for good. A year later, how successful is the global transition to IPv6? According to Cisco 6labs, adoption rates vary from 50% in Belgium to 6% in China, with the U.S. coming somewhere in the middle at 37%. A lot of issues around IPv6, such as the absence of NAT, have apparently been resolved (NAPT is now available and recognized by the IETF). So what are the remaining issues holding people up — be it ISPs, businesses, consumers or anybody else? When could we be near a year when we could turn off all IPv4 connectivity worldwide on an IPv6 only day and nobody would notice?
Absence of NAT is a feature! If not THE feature of IPv6!
seriously, as long as it goes end to end, and I don't have to set it up, I don't care which method goes.
if this is supposed to be a new economy, how come they still want my old fashioned money?
It is rumoured that when an African country changed the road rules from driving on the left to driving on the right, the Minister for Transport was asked when this change was going to take place, he replied "Gradually"
Now with IPv6 being around (I believe that Facebook has gone completely IPv6 internally) why are we still on IPv4? Because we can get everything on the Internet by staying on IPv4.
If that wasn't the case, people would demand IPv6 and countries would transition virtually overnight.
Tubby or not tubby. Fat is the question
Hard coded IPs in old software mean many companies will not change until forced.
Here in Canada Shaw communications doesn't make IPv6 available to residential customers. To compensate I have been using Hurricane Electric IPv6 tunnel for a few years now.
Never. IPv6 would have to be demonstrably better *everywhere*, even in un-upgradable legacy embedded systems. (Even now, there are plenty of places where horses and donkeys are used because cars can't go or are impractical.)
Even the answer to the question when will IPv4 become obsolete? is "A long, *long* time from now" because it's simple, Just Works, and is pervasive.
(If there was no NAT or unroutable IP ranges like 10/8 then IPv6 uptake would have happened a lot sooner.)
"I don't know, therefore Aliens" Wafflebox1
Older routers can't handle routing IPv6 in hardware so it puts a higher CPU load on the router. Nobody wants to spend the money to replace them.
Most consumer NAT routers don't have IPv6 support and nobody wants to spend the money to replace them. This could be fixed with firmware updates, but few companies offer them, preferring to force people to buy new.
Because of the above 2 items, residential ISP's rarely offer IPv6.
All my servers are available via IPv6, but I can't even effectively test it because my local ISP does not.
64 bit addresses?
Ain't nobody got time for that.
I don't think I will live long enough (I'm 55) to see this happen. SMTP is poorly designed from a modern security standpoint with spammers running amok for years now without a decent solution in sight. Can't get rid of it because so many use it. IPV4 replacement will be much harder.
Remember when Intel pushed IA64 for years and years with little success? Then AMD rolled out x86_64 and it spread like wildfire. Intel has been making "AMD clones" ever since.
You know how many parts of the world have skipped deploying millions of miles of phone wire and jumped straight to cell towers?
You know how everyone said they couldn't switch to Linux because they were familiar with Windows? Then MS rolled out a new Windows with a drastically different UX, and everyone jumped on it? Or how OpenOffice is more similar to pre-ribbon Word, but people who couldn't go to OOo because it had different menus plunked down good money to use the new Ribbons?
In each of these cases, the important piece wasn't familiarity or similarity. It was compatability.
IPv6 is not backwards compatible with IPv4. My IPv6-only client cannot talk to your IPv4-only server and your IPv4-only client cannot talk to my IPv6-only server. For these reasons, I don't believe that Belgium has 50% adoption. I don't believe that the U.S. has 37%. And it can't be like cell towers and just leap-frog the old. Because cell technology is compatible with non-cell technology.
I'm waiting for somebody to come out with IPv7 that is compatible with IPv4 and convince Cisco or Juniper to put it on their boxes and submit it to IEEE. It might not even have to be IPv6-compatible to displace IPv6. Just like x86_64.
Comcast and CenturyLink are the only two viable players in my area and neither provide native IPv6 addressing (even though I've requested it from my current provider comcast many times). So I'm still forced to use the he.net tunnel that I setup 15 years ago or so when they first started offering them (after 6bone closed up shop because testing was through), and even with this, I'm forced to disable auto provisioning of IPv6 addresses because various problems with access to IPv6 web pages / services, etc.. With auto provisioning enabled, the wife was constantly complaining about her facebook and instragram apps not connecting (which is no surprise since these services advertise IPv6 addresses and yet have a horrible fucking track record when it comes to reliable connectivity.
Anyways, the problem with IPv6 isn't the address space, it's the lack of stable services within the address space, and the on going failure of major ISP's to roll out addresses.
Even good old fashioned IPv4 has fundamental issues and limitations (besides the obvious addressing shortage) which the global community is working through same like IPv6. The same reasons why people aren't using the latest Internet Protocol are also why they are still not keeping up to date on other technology changes as well. The scope of your question is way too broad to bother with addressing in detail here considering this is the fundamental protocol that the Internet uses (hence the name) so affects things from one end to the other and each would have its own list of reasons. So considering IPv6 has been around since 1998 & its only recently that we've run out of spare IPv4 addresses (even with using NATs to extend IPv4's life) and so finally have gotten some considerable traction then I wouldn't expect IPv4 to not be needed for a long time although we could see some IPv6-only networks with IPv4 gateways become somewhat common soon.
It's been vaunted as the go-to solution for over a decade, yet nobody saw fit to actually implement it, except as a [x] token effort. It's the all-new all-singing all-dancing replacement full of bugs that got hit by bit-rot before deployment. Why would anybody want this crap? Because we have to? Please. Should've built something that people wanted back then, or simply refrain from building something and instead refine the design without setting it in stone yet, so we could benefit from the decade of experience before we actually needed it. I say that IPv6 is the internet community's greatest double-whammy of a failure. It's a broken design from back when we didn't need it unsuitable for the world that does need it. Because of that, we'll end up stuck with it when we could and should have gotten ourselves something better.
As long as consumer ISPs aren't enabling IPv6, it's a catch-22-22: services won't switch until there's demand for it, consumers can't demand it because it doesn't work for them, and ISPs won't spend the money to get it working because there's no services that require IPv6 that consumers are threatening to quit over.
Windows 7 and up, Mac and Linux are all ready today. Most consumer routers are ready (seeing as how they're mostly based on DD-WRT) and just need a checkbox checked, same for most of the WiFi routers consumer ISPs are giving to customers. If you don't have NAT to contend with, there really isn't any configuration needed on consumer equipment and it's not that complex on the upstream side (at least not for a competent netadmin, I won't speak for places where their admins got their MCSEs from a certification mill). Even my smartphone's using IPv6 when it's operating on T-Mobile's LTE network, I can see the connections via IPv6 addresses on my own servers. But the consumer ISPs won't spend a penny on infrastructure that they could take in profits unless someone all but literally holds a gun to their heads. They may not have a choice much longer, though. IANA's exhausted, the RIRs are exhausted or all but (ARIN will hit exhaustion on 20-Jul-2015, AFRINIC has 2.5 /8s left, the rest are on empty). The only chunk that can be recovered would be the unadvertised blocks (basically public IP addresses that companies are using internally or have reserved for future use), the largest set of those are in ARIN (North America) and the Opportunity rover will hear the screaming if you start telling large corporations that they're going to have to renumber their internal networks to use the private netblocks because you're taking any public netblocks that they aren't publicly using back.
Me, I've given up on my ISP. Hurricane Electric's IPv6 tunnels work just fine, and I'll worry about the state of Cox's network when they get around to telling me my head-end's got IPv6 active. If they ever get around to it. I'd say I've got better things to do than worry about it like washing my dog, except I don't have a dog. Maybe I can convince the coyote out back he'd like a good scrub...
Unless you manually configure every client (public wifi prevents this), or use a small enough network that IPv6 auto configuration doesn't work, you have the clients getting their addresses without a DHCP server, so no way to register their hostnames in DNS.
Yes there is DHCP for ipv6 now, but auto IP configuration runs if the network is large enough, anyway. And, the assumption is you do not own every client and don't trust every client you do own.
There is the MS chaos model where every client registers its own DNS entry, but a) it doesn't work well (try a reverse lookup at a Microsoft shop with high turnover on DHCP addresses, you will get something like 3-5 hostnames returned for a single IP address), and b) it requires the server and ALL the clients to have a shared secret (which our off-the-street clients will not have; shared secret since our clients are likely not windows, and the servers definitely are not windows).
And, canned names like host1, host2, host3, are not a very useful solution, especially, if you do control all the hosts, but don't want to trust every host to update DNS.
So, I think the biggest issue for places like where I work, is the auto IP configuration breaks DNS for dynamic addresses-- since this is currently the DHCP server's job.
Mark it. The momentum will change starting this year - 1996!
I have Gig Fiber coming into my research lab with a /24 subnet of IPv4. We assigned about 100 IP's right off the bat (mostly tunnels to other labs and remote access for outside researchers), we added another 12 or so this last year for new people/projects. So with 140 (give or take) IPv4 IP's left, why would I bother changing to IPv6.
IPv6 adds NO additional useful features to our network, none. Yet would add some expense in switching over (our firewalls are PFSense, so they're ready for IPv6 if there's ever a need to switch over). We have about 90 workstations, 10 servers, and three 384 core clusters, all just chunking away on their 10.0.x.x networks.
It will be decades before IPv4 traffic can't communicate with IPv6 networks, and if you want to run your networks on IPv6 then it's up to you and your service provides to bridge to IPv4 if you want to communicate with my systems.
So, until there's a REAL reason (read, worth the expense and time and training) to change over, I don't see it happening. Worse case, if we get a client that's valuable enough and they're on IPv6 only, we'll setup a bridge ourselves just for that client (but it hasn't happened yet).
The number is too damn long! And you still have DNS...
“He’s not deformed, he’s just drunk!”
IPv6 is two better than IPv4, but I'm still holding out for IPvX.
You are welcome on my lawn.
Real time, real world IPv6 statistics:
http://www.akamai.com/ipv6
https://www.google.com/intl/en/ipv6/statistics.html
https://ipv6.he.net/bgpview/bgp.html
etc... ipv6 ftw!
as long as people keep publishing on v4 -- or rather, as long as they don't publish stuff on v6 -- carriers are stuck with v4. Maybe one day ... or maybe someone will make trillions by selling a ridiculous amount of dual-stack reverse proxies.
The real problem is people.
There are a ****LOT**** of so called network engineers who don't get IPv6 and are so shit scared of it, their only option is to spread fud to hide their incompetence.
These are the same people who run our IPv4 networks now.
Yep. They also don't really get IPv4. They manage to fumble their way through their jobs, keeping IPv4 working just well enough.
I've seriously seen engineers who run ISPs argue against IPv6 as fundamentally broken. These people run ip at large ISPs. What hope is there when key staff are so shit scared?
Really. There are a fucking lot of dumb fucks running our networks.
Just recently I had an IPv4 routing issue. It took months to resolve. One of the big ISPs can no longer dynamically update their route filters to add/remove prefixes. These dimwits cant even run IPv4 competently.
There's no hope for IPv6.
google, facebook, twitter, etc will only accept ipv6 connections. then we'll see some people getting interested in making their ISP's provide ipv6 ability. as far as joe shmoe is concerned everything is just fine so nothing is going to change.
Still crickets on business class IPv6 from Comcast.
Their CEs don't work the way they are deployed to provide PDs to customer network. No choice but to use a Comcast provided CE. AFAIK they still have IPAM issues to work out internally with static prefix allocation.
IPv6 still unreliable for residential deployment land due to DHCPv6 lease query problems /w CMTS.
I realize most of the remaining problems are vendor issues but they could at least COMMUNICATE with their customers.
My smart phone has had an IPv6 address since I bought it a couple of years ago. Cell companies had to go that way to get enough addresses to handle the move to smartphones.
Comment removed based on user account deletion
Honestly, the only reason I haven't switched to IPv6 on my internal network is because I cant remember the damn IPv6 addresses. O_o
I still want to know why I can't ping or otherwise access my ipv6 address on my lte phone or jet pack or USB modem from any other ipv6 address
Minimum threshold fixed. Thanks!
Charter.com is my IP and IPv6 is only mentioned to say it's not enabled..The decoder boxes (what their cat 5 plugs into) if you access them IPv6 isn't even an option. It would require a major undertaking to change out all of the boxes, they just aren't IPv6 ready. The boxes are programmable to a point through support services, but I wouldn't think IPv6 an easy update, or even possible due to the limited storage space available.
The official "switch-on for good" of IPv6 a year ago was entirely seemless in my experience. There wasn't anything to fix, as nothing was broken, and IPv6 autoconfiguration handles everything so there isn't even any setup involved, it just works. This simplicity will be a boon for non-technical users once the IPv6 rollouts gain steam.
Unfortunately the ISPs are still dragging their feet and so public rollout is slow, but it's an always upward trend, and the adoption curve is close to exponential so IPv6 will be ubiquitous before long. So many ISPs are currently planning their rollouts that there's going to be a sudden upsurge when they finally appear.
People shouldn't talk about switchover to IPv6 though, that's not how it works. IPv4 and IPv6 networks run together side by side, and you use both together. Your application (eg. browser) generally picks IPv6 if your destination is accessible on that network, or else it falls back to IPv4. This is all automatic of course. It's better described as a switch on of IPv6 by your ISP followed by your gradual increasing use, not a switchover. There is no plan to switch off IPv4. The last remnants of IPv4-only equipment could still be around and operational for decades ahead.
IPv6 works so well that I recommend everyone to get on it as soon as they can. You'll be able to see 100% of the Internet, whereas if you don't have IPv6 then you're only seeing a part of it. IPv4 is by far the larger part for now of course, but it's not all of it, and the parts you can't reach are growing daily.
Happy First Anniversary of the official turn-on, IPv6! :-)
"The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra
A problem for some students at my University is an inability to access content in Java. The Applet loads fine (the browser does the fetching), but as soon as the applet runs and tries to access content it can't go anywhere or get anything. Disabling IPv6 fixes the issue. It's not just one Java applet from one vendor either; three separate Java based tools from different vendors fail for these users, and all three work when IPv4 is made the primary protocol.
Other than that hiccup though, I've seen surprisingly little issues with IPv6 in the past year. Hoping we get transitioned fully to IPv6 as soon as possible, though I'm gonna miss troubleshooting with easy to type dotted quads.
"I will trust Google to 'do no evil' until the founders no longer run it." Hello Alphabet.
IPV6 is a failure. Something else will emerge that is easier to understand, implement and compatible with the current infrastructure. Probably will be invented by China.
... when people have no choice.
It little behooves the best of us to comment on the rest of us.
They have IPv6 DNS servers, but they are still not providing IPv6 addresses.
Also, routers don't all have native IPv6 built-in. And custom firmwares are somewhat lagging behind in that department as well (like DD-WRT, where you need to manually configure everything, there's no "easy way" to activate IPv6)
And you can't remember an IPv6 address. Why didn't they just add another octet to an IPv4 address and increase the number of addresses by a trillion? I could remember 10.10.122.136.188
Comment removed based on user account deletion
Older routers can't handle routing IPv6 in hardware so it puts a higher CPU load on the router. Nobody wants to spend the money to replace them.
Most consumer NAT routers don't have IPv6 support and nobody wants to spend the money to replace them. This could be fixed with firmware updates, but few companies offer them, preferring to force people to buy new.
Because of the above 2 items, residential ISP's rarely offer IPv6.
All my servers are available via IPv6, but I can't even effectively test it because my local ISP does not.
Is that still the case? My Netgear router, which I bought a year ago, does support IPv6, and so did every Belkin router that I had. As far as corporate routers go, is it still the case w/ Cisco, Juniper, Foundry, Brocade and other routers that they only have IPv4 but not IPv6 acceleration in hardware? By now, that should be commonplace.
Do you know whether FreeBSD does the same thing or not - ignoring router advertizements once it's configured as a router? Also, what's the command you use at a terminal for tcpdump if you want to see whether you have IPv6 traffic? I'd love to do that on this system that I'm typing this on right now - a PC-BSD laptop, so that I can access my Charter internet via IPv6.
Actually, that's probably what we will wind up going with. The overengineered and hard-to-use IPv6 hasn't caught much popularity. We have given it a lot of time and still the Internet has not switched over. The world will probably have fully HTTPS web sooner.
Just double the IPs, but keep them 0-255 so everyone with an IPv4 address will just be 1.1.1.1.101.135.25.67 or whatever.
You don't need to worry about running out of addresses, and you keep the hex out of it.
How ready is Perl 6 to succeed Perl 5?
I was just trying to be facetious with that comment, but then I thought of asking "How ready is C++ to succeed C?" or other silly things. As someone who programs in C++, I see little reason to use pure C, yet people do. When using Python, I use Python 3 and see little reason to use python 2.7, yet people do. People just don't like change, and they often won't do it unless absolutely forced to. Others here have already made this point, but the whole world isn't going to switch to pure IPv6 without some incentive, to practically force them to do it, it seems.
Recap: It's not a question of how ready IPv6 is to succeed IPv4, it's a question of how ready people are to adopt IPv6, at the ISP and consumer level. Services will follow when there's a demand, as someone else also noted.
If you did it that way for IPv6, the max address would read 255.255.255.255.255.255.255.255.255.255.255.255.255.255.255.255. In fact, if you loathe hexadecimal, you could represent 2001:db8.dead:beef::1 as 32.1.13.184.222.173.190.239.0.0.0.0.0.0.0.1. Somehow, the IETF didn't think that most people would have preferred this to the hexadecimal representation.
Also, adding just 1 octet would have made it a 40 bit address. So you want to retrofit that into 32-bit CPUs, or start making completely non-standard 40-bit CPUs whose addresses would need extra logic to weed out addresses that don't map. A 64-bit address was contemplated at one point, but given the split between network and hosts, it was decided to add another 64 bits for each item.
Can't wait for the ISP's to switch from bandwidth pricing to number of devices. Tier1 can handle 1-5 devices. You have more you need to pay another $20 a month for Ter2 that allows 5-10 devices. A upgrade to Tier3 is only another $15 and its free for 6 months when you sign a 2 year agreement. With the internet of things on its way I will have to be on Tier5 just so the robotic vacuum cleaner can inform me that its stuck under the sofa and the fridge can tell me the kids finished all the milk yet again. Thanks IPV6
I sometimes wonder if the change in notation in IPv6 is as big a problem as any specific technical issue.
I think a lot of people have a cognitive model of how IPv4 works based on the notation it uses. When they look at IPv6 notation, it's so different that it doesn't make sense visually. The IPv6 designers didn't make this easier to understand with the various summation schemes and drops of leading zeros, collapsing of fields and so on.
Oh, and hex numbering, too, which I think is also an issue. I'm an old fart and I learned hexadecimal in my various Apple ][ assembly language hackery, but I think there are a lot of people in IT jobs who have had almost no reason to use hex numbers at all unless they are following some how-to that specifies entering a hex value (a fair number of Windows registry values are hex, for example).
If IPv6 had kept a similar notation as IPv4 (with more octets, obviously) I think it might be seen as less daunting and more understandable. I think people could look at 10.11.12.13.14.15.16.17 and "Ok, same kind of address, just more addresses."
And it also makes me wonder if maybe the IPv6 change was just too ambitions, changing both addressing schemes and many protocol and operational internals, and if maybe had they simply extended the address space, possibly by just adding a hex network prefix but without all the protocol changes it might have made it simpler to adopt and also seem less daunting.
None of this to say the design of IPv6 is bad or not beneficial in many ways beyond mere address space size.
Personally, I wonder if maybe IPv4 should have used the numbering scheme (NOT the protocol) used by IPX/SPX -- 32 bytes of network and the host's MAC address. It solves a lot of problems like client address assignment and would seem to have made address exhaustion unlikely, at least in reasonable timelines.
I doubt that OSs will want to keep supporting IPv4 long after everything else is IPv6. That'll go for internal networks as well. Already, MS is IPv6 only as far as home networks go, and others will only follow. Just like few modern OSs support things like DECnet or NetBEUI or SPX/IPX, similarly, there will come a time when OSs will want to drop support for IPv4. Not because you're likely to have >256 toys at home all simultaneously connected to the internet.
I'm with you. IPV6 addresses are just unwieldy. They should have made it 64 bits not 128 bits. ABCD:1234:ACDF:5678 would have been much more manageable.
46137
https://www.youtube.com/watch?v=v26BAlfWBm8
To illustrate, let's look at phone numbers.
Imagine a phone company with 6 digit numbers which wants to give users world-accessible phone-numbers. What did the phone companies do? Easy: Just add prefixes to the numbers and everybody is happy. The old numbers stay valid, you can still connect within the old network(s), nobody has to remember new numbers.
But what if phone-numbers would have been expanded the "IPv6-way"?
Then you would have your old number and would receive a completely different new number, which would also be in an incompatible format (maybe letters instead of digits). Then you would have to update all your phone numbers everywhere, to "switch over". of course such a scheme would fail instantly and that's why IPv6 continues to fail.
The IPv6 adherents just don't get it. If the IPv6-designers were smart enough to just extend the IPv4-address space we would all be running IPv6 already, because it would require no reconfiguration of routers, no reconfiguration of DNS names, no reconfiguration of anything.
But these morons thought that a billion people will just change all their addresses just because they tell them. Well, it doesn't work that way.
Then the address would change every time the hardware changes.
"adoption rates vary from 50% in Belgium"
Really? Belgacom/Proximus, whom I understand is the largest ISP, says that they don't support IPv6 (also, said they don't do home-routers with 11n, 5GHz, or non-butt-ugly-casing)
I don't see where they got their info @ cisco, but in Belgium ISP are not distributing IPV6 to consummers, that's for sure (except for http://Neutrinet.be, but that's another thing ;) ). Maybe internally in the high traffic subnetworks but surrely not in the last miles...
There's a heap of people here debating if the security is better with IPv6 or if doing things "right" is the better way and you may be all correct but the question for the mid tier and lower skilled tech users, adopters and end users is where is the big benefit?
You tell someone "yes, your netflix video will buffer faster" (I know, that's bandwidth) or "You can do more on your network at once" that might help./
The only thing I recall (which I think was pulled?) was multicast? As a mid teir tech, that was the only thing which got me all hot and bothered. The potential for huge bandwidth savings as data can be "split" as it goes down the network branch to only the nodes requesting it and only a single time (until the split is required, down a different trunk)
THAT was interesting, that might mean, my Australian ISP uses VASTLY less bandwidth for certain applications / users and therefore I get allocated more monthly quota since their bills decrease.
So yeah, ok sure, we should be switching to a better protocol, regardless and for the sake of too few ipv4 address's but to my knowledge there isn't some big huge (or even small) gain to most end users, at all. If not plain old inconvenience in setting up a new network type they know nothing about and may require more knowledge to secure.
I think the problem has always been hardware adoption in the field. Its just like Wireless standards advancing much faster then end users buying new routers and its no different for this. Not to mention the lack of support for iPv6 on many consumer routers that still work fine and I'll bet you ask the people that own them and they no nothing about IPv6.
"... Imagine, every device can have their own IP address and... blaa blaablaa " do you remember this happy song and dance about IPv6, performed long before Snowden showed us how sick and twisted governments really are? Even the craziest conspiracy theorist couldn't come up with this shit.
Lets say IPv6 gets forced down everyone's throat and every piece of net connected hardware is going to have it's unique hardcoded IPv6 address tat is registered in some type of central database. You buy yourself a new shiny idiot watch and your IPv6 gets registered like a car VIN number and stored. Then a new law requires you to notify "central something" when ownership is transferred and so on.
Is this want you guys really want? Seriously?
From the google link, you can see that during the last 12 months, the fraction of traffic that is ipv6 has doubled from about 3.3% to 6.5%. The rate of increase is still accelerating, and is currently about 4 percentage points per month. If we use linear extrapolation, we get about 18% ipv6 traffic in 3 years. If we use exponential extrapolation, we get 52% ipv6 traffic in 3 years. It is finally coming (though it should have happened 15 years ago).
When people talk about 'breaking end to end connectivity', what do they mean? Do they simply mean an uninterrupted path from the source address to the destination address, as specified in the IP header?
The way I understand it, end to end connectivity means that the packet should travel directly from the source address to the destination address without having its address headers altered. It is fine for it to travel through a gate, a firewall inspect whether its source address has a pass or not, and then ushered in: that does not break end to end connectivity. But when a NAT firewall takes its destination address and replaces it w/ one from RFC 1918, that breaks end to end.
Let's consider a postal analogy of this. If you send a mail to someone in 123 Elm Street and it gets there, you have end to end connectivity - your letter got to his door and he picked it up when he opened his mailbox. But if you sent a parcel to that same guy, and he gets a slip in his mail box to go ahead and pick it up in the nearest post office and if he doesn't, it remains there in some mailbox, and gets returned to sender if not picked up within 3 days, that breaks end to end. It's this - the parcel didn't get to the destination, just like NAT packets don't: the parcel got to a point in b/w, and waited to be picked up by the recipient. Same thing here - the NAT packet stops at the gateway, and gets a new private address in which to go and find its recipient.
What is it that IPv4 can do that IPv6 can't? And why? (Don't say NAT, since NAPT is now allowed in the IPv6 standard so that there is only 1 type of NAT that's officially endorsed)
It couldn't come up with it's own day and is trying to encroach upon the International Day Of Slayer
No, and NAT without a decent firewall activated doesn't prevent attackers doing that either:
http://grothoff.org/christian/pwnat.pdf
http://blog.webernetz.net/2013/05/21/why-nat-has-nothing-to-do-with-security/
Phone companies - if you're talking about Wireless carriers - want to get away from NAT, since it's one of the things that disrupts Mobile IP. In a mobile network, it's easy to have more nodes in an area that exceed your average Class A density, at which point, one out of luck. With people owning multiple cellphones, and with more people in the world getting their hands on cellphones - even if they may have little else - it won't be long before the number of devices needing an IP will exceed the world's population.
Also, even if you claimed back all addresses, you'll still need >4 billion addresses for at least everything in the world, even assuming that every node was behind some NAT or the other. And let's do your math - 700 IP addresses per server? That claims that there are just 5 million servers of any type worldwide. That number will fast mushroom as you get more places in the world connected to internet traffic. The day you need 4,194,305 public addresses worldwide, it would be over, had IPv6 not been around.
... when will spammers switch to IPv6?
now we need to go OSS in diesel cars
It pretty much is 64 bits, anything more than that is the local segment, Pop a human readable version of the ipv4 address if the last /64 if you like.
1234:abcd:5678:abcd:192:168:1:1 effectively means you just need to remember the first 64 that's the same for the subnet.
No sir I dont like it.
Try to teach an IPv4 address to a normal person :)
If you can understand one then the other isn't really any more tricky.
In IPv6, ISPs can either allocate a /128 - in which case, they can't provide you a router, only an ethernet cable running directly to your laptop, which would really go down well w/ people wanting to get Wi-Fi connections for their iPhones & iPads. Or they can allocate you a /64, which would allow you to have 1 address to every device you'd ever own w/o having to reassign. If they did the latter, then the example the GP was mentioning - two kids w/ 2 Xboxes in the same household could seamlessly connect their boxes to the internet and play. With IPv4, their household would have gotten just 1 public v4 IP, plus NAT, and they'd have been outta luck.
Last year, I had an AT&T phone issued from my workplace, and a Verizon phone I got myself. Ran the IPv6 test on both of them, while nowhere near a hotspot. Verizon passed, while AT&T failed. Are things different now w/ AT&T?
Yeah, there may still be some people somewhere playing w/ their Amigas. Or somebody somewhere might have a DEC Alphastation running Windows NT 3.5. Or some people might still have G4 Power Macs that might not support IPv6 (though I doubt it - I think OS X had it for a while). My question was about the population in general - if we turned off IPv4 today (say) next year, how many people would scream bloody murder? I know today it would be the majority. But a year from now, once every connection has both IPv4 and IPv6, if not only the latter?
Is IPv6's solution here the linked local addresses - the fe80:/10 or the ULAs - fd00:/8? The latter is the equivalent of private addresses, and would be used in an organization's network. It would likely be globally unique, just not routable. It would also be easier to merge w/ another LAN to form a VPN, and one won't risk two sets of 192.168.1.x addresses clashing in the process, forcing segregation in a different OSI layer.
Linked local addresses are useful for cases where you don't have a router, and are say trying to transfer data b/w 2 laptops using an ethernet cable. In the old case, you needed to do that at layer 2, w/ one node sharing the network connection w/ the other. In the IPv6 environment, the link local address is what is used to do a layer 3 transfer b/w 2 nodes. I think it's the only place where UAI-64 is used (although Microsoft doesn't use it there either).
And then complaining that knives don't have the second blade that scissors have, and are therefore unsuitable for use when there's a scarcity of scissors
Many ISPs will assign you a /48 prefix meaning you only need to remember 48 bits. The remaining bits is something you decide. You can decide it should all be zero. And all zero can be shortened to the string "::".
So your IPv6 address could be 2001:db8:beaf::
This happens to 15 characters. The typical IPv4 address is also 15 characters.
Population of the earth is easy to translate to the number of node addresses. Imagine that everyone on earth has a cellphone (with it's penetration in China & India, it's getting there more rapidly than one imagines). Even assuming that nobody in Africa has one (balancing out the people who do w/ people outside that continent who don't), that would be around 6 billion people. Since each of these phones have to have at least 1 public address, that exhausts your address pool right there.
And that's just 1 thing. Think of all the millions of Xboxes, PlayStations, Wii's and other toys that are internet enabled, which ultimately aim to end up in the hands of that many of the world's population. Cars are a new thing that now need something like internet addresses - particularly for things like GPS. Multiply that w/ the fraction of the world's population that has such cars. The population of the earth is very relevant, since the increase in internet usage will be a function of that number, along w/ other factors, like the ubiquity of internet devices.
OTOH, the grain of sand argument has never made sense to me - particularly in the context of IPv6 assigning a /64 instead of a /96 to the global prefix. What is going to consume a lot of these addresses is not the physical entities themselves - be it number of phones, cars, toys, TVs or computers - but lending hierarchical structures to them. I have already read some books and articles that advocate using hierarchical entities such as regions, branches and so on to set up layers of subnetting or categorization. Once you start doing that, you start devouring those addresses like cotton candy, even if you won't use even a fraction of them. It's the logical assignment of variables to the various attributes that accelerates address consumption. Which is why I have argued that the address space should have been partitioned differently to allow for variable levels of subneting & hierarchical structures.
Let's see, my IP address is 2ad1:0db ... ah, fuck it ... my IP address is 192.168.0.1
Comment removed based on user account deletion
It wouldn't change for virtual machines at all, and there's nothing that says you couldn't use a static MAC address. A single block of manual/private MAC addresses could be used globally, since it's not necessary that a MAC address be unique except within a given network range.
I'll bite, as that's a perfectly reasonable question. OK, no technical info at all in the following list, the technical answers are given in detail elsewhere.
Benefits of IPv6 for dumb (meaning non-technical) END USERS:
- All protocols work over IPv6, unlike the breakage on IPv4.
- IPv6 "just works" without user setup, great autoconfiguration.
- As many public IP addresses as you want for devices on IPv6.
- Safer because network security is built into IPv6, not optional.
- Add IPv6 to see the whole Internet, not just the IPv4 part.
- New quality of service features for stutter-free video or gaming.
- Faster networking for a better all-round user experience.
Each of these 7 benefits has a technical reason for which the corresponding improvements were added to IPv6 by design to improve on IPv4. These benefits are available to everyone, and non-technical users don't need to understand the details to enjoy the benefits.
"The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra
Amazon STILL doesn't support IPv6 except through their elastic load balancers, and those cant do domain apexs unless you also use their DNS service, and it still doesn't enable internal IPv6 on the actual computing instances. If Amazon supported IPv6, IPv6 adoption and traffic would increase significantly. I have no hope they this will ever happen though given their inability to add it 5 years after being asked and still no time table.
. Define sqrt(x) as something really evil like (x / rand()), and bury it deep. Watch your coworkers go nuts.
When was the last time you used IP addresses in a browser? When was the last time you typed http://216.34.181.45/ instead of slashdot.org in your browser? You're not likely to type [2001:db8:dead:beef:5la5:d04] any more than you're likely to type an IPv4 address. Like someone else said, anyone who understands 192.168.2.57 will also understand fe80:1234:5678:9abc::defg once it's explained to them.
Yeah, but do they support IPv6 in hardware, as in ASICs, or are they still IPv4 centric for acceleration but use the CPU for IPv6 forwarding?
On IPv4, you won't be able to reach the endpoints of millions of computers and other devices that have IPv6 addresses now (eg. Android always looks for IPv6 connectivity on startup). This is relevant not only in the east where new IPv4 address blocks are no longer available, but also here in the west where IPv6 deployment is continuing and accelerating.
Your "What will I miss?" question is pure IPv4 thinking, because in IPv4, NAT makes almost everything except static public servers inaccessible as individual device endpoints are typically hidden. That's a severe limitation in IPv4, and you've become conditioned by it and so you're expecting a reply involving a list of websites. It's incredibly narrow thinking.
With IPv6, a user on any random portable device can share an object with you directly, not needing to upload it to a public website first. You could be chatting with them on IRC and they write "Hey look at this wierd stuff I'm seeing on my phone", and you just point a browser or image app at their IPv6 address and bingo, you see whatever they're making available, live. You can't do that with IPv4 because there aren't enough IPv4 addresses available for every device to have one, and connections to arbitrary endpoints are typically blocked by NAT anyway.
That's why in IPv4 people have to upload stuff they want to share to public websites first, which is annoying and limits the content protocols that can be used. Applications can be much more versatile and immediate in IPv6, and you will be missing all that directly-available content if you can't reach the IPv6 endpoints of devices. It can't be done on IPv4.
"The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra
Disclaimer: I work in tech, and have a basic understanding of networking. I am far from a full-time network engineer, however.
A few weeks ago I finally turned on IPv6 on my ISP-provided modem/router from CenturyLink. I confirmed using several devices that it is working.
What I have seen is that during normal browsing (almost all under OS X or iOS), there is more stalling and pages that fail to load. It is a small number, probably 1-3% of pages. This is a noticeable increase from pre-IPv6.
I do not have the interest to try to narrow down what is causing this. It could be OS X/iOS's networking stack, it could be a problem with the servers doing a dual IP stack implementation, or something else entirely.
When people ask if everyone is ready for IPv6, my question now is "Is the software ready for IPv6?"
- (c) 2018 Hank Zimmerman
If you used either DHCP6 or SLAAC (preferably the former), you'd have the interface IDs of all your boxes already configured. Once your boss leaves the room, just marry them w/ the new global prefix that your new vendor hands you. At worst, if your current vendor gave you a /48 and your new one gives you a /52, there might be some work required in re-mapping the subnet addresses, but aside from that, I fail to see in terms of address assignments how it will take you all that work. And in DHCP6, unlike in DHCP4, IP addresses are proactively given out to any box on the network. So once the rules have been defined, everything that's connected to your network will get their IP addresses. Even for your static addresses, your interface IDs can remain unchanged, while the prefixes change.
Testing the network, you say? That's something you'd have to do no matter what - be it IPv4 w/ NAT, IPv4 w/o NAT, IPv6 w/o NAT. I fail to see how NAPT lessens your workload, even though it does now make possible for you to do load balancing b/w both your providers.
Someone fuck me in the nose
I'm not going to get into the argument here but I do want to ask the question; what would be the ideal addressing protocol?
Something hex like IPv6 but a shortened version like IPv4. "A3B4:FFFF:AAAA:1111" and that would give us a wealth of addresses past IPv4 while being short enough for people to quickly write down.
What's your all's take on what the new IP should have?
Last week I found that my IPv6 address was blocked as a spam IP by Comcast. I have had IP addresses blocked in the past so I did some digging and found the Comcast form you fill out to unblock an IP address and filled it out. When I tried to submit my IPv6 address the form reported that it was a malformed IP address. The form only accepts IPv4 dotted quad addresses.
Just one of the many minor issues facing IPv6 adoption.
Isn't that there already - delineated by port numbers at the end, such as :8080?
Plus the average home user doesn't know much more about IPv4+NAT than s/he does about IPv6. S/he calls the support line when s/he suddenly can't link to the latest Caitlyn Jenner story online, is told to open a cmd box and run 'ping 192.168.1.1', tell them the results, then they do something on their end and then s/he is told to reset the modem.
So there's nothing different that will happen in IPv6. Connection stops working, support will be called, they'll probably ask her/him to ping or ping6 ff02::2 - in fact, even that won't be needed, since her/his computer/phone/tablet is always getting RAs, so if it stops getting it, it's probably b'cos the router is down. So as far as Mr/Ms Doe go, they'll probably have to know even less than they did in the IPv4 scenarios.
The syntax for IPv6 stateful firewall IS EXACTLY THE SAME in Linux for IPv4 and IPv6.
What is this Linux thing you speak of?
What you're doing is thinking like a nerd and thinking what's technically and academically correct...and not thinking of the masses out there who are NOT nerds. As in my above statement, not everyone runs Linux.
Don't worry, I do the same thing at times, but we shouldn't do it to excess.
Okay, let's take Windows. (I'll have to check how exactly it's done in 10, but in 7...)
Go into settings and then my network places, right click on the adaptor you are using and select properties, and instead of selecting IPv4, select IPv6 and then check off the settings that apply. Done!
Oh, and enable Windows Firewall.
The IP for every lightbulb is one of the luxuries that came about b'cos of the boundary at which the Global Prefix and the Interface ID were split - a wrong choice IMO.
Let's take a subnet. What's the maximum number of hosts any subnet is likely to have? Imagine a rock concert that sells 100s of tickets, and everybody in the stadium has their phone accessing the internet while it's on, and a worst case - only 1 hotspot for them all. What is the maximum number of hosts it might service? Whatever it is, I doubt it would even be anywhere near 4 billion - which would be gotten from a /96. Yet, the boundary is fixed at /64, and whenever anyone raises that, we're told that we'll never run out of IPv6 prefixes (not addresses, mind you) due to the grains of sand argument.
Why is the Interface ID given a whopping 64 bits? The ONLY reason I've seen given for that is auto-configuration. Well, it is nice that there are mechanisms to automatically allocate Interface IDs, but even for that, 64-bits are overkill. And directly tying those IDs to hardware IDs, be it MAC addresses or SCSI addresses or EMEI numbers is a security risk - which is why there have been recommendations not to use those.
Just like the world's population is unlikely to ever be in the range of 2^64 while we're still on earth alone, it's just as unlikely that any single router - wired or wireless - will ever have on its subnet anywhere even close to 4 billion users. Yeah, we could have used just the bottom 24 bits of the address for the Interface ID and gotten 16M nodes (to match a Class A classful network), or the bottom 16 and gotten 65536 nodes, and it still would be plenty for a single subnet. Well, let's say that we assigned the bottom 32-bits to the Interface ID, and that would have been enough. 4 billion is an adequate size to pick a number that has a low enough probability of matching anything else within the same subnet, and in the event that it did clash, ND and DAD would eliminate that choice and assign something else.
In the meantime, RIRs and ISPs have had varied policies about allocation - some allocating /48s, some /56s and some going all the way down to /64. So while the Interface ID is bloated - and hence your lightbulb example - there ain't too many global prefixes to distribute. Which is why I suggested that the Interface ID should be locked at the 96th bit, while the global prefix should end at the mid point. The RIRs can then assign either /32 or /48s to the ISPs, who then have to assign /64s to their customers. That would also enable things like hierarchical subneting or lending structure to both subnet addresses as well as Interface IDs. Ultimately, that is what's more likely to burn up addresses than the actual physical entities using them.
The biggest obstacle to that will be that in order to be conformant w/ the standard as it stands today, providers would have to provide /64s. Once they do, the subscriber would be paying for all those 18,446,744,073,709,551,616 addresses anyway. If they try to charge more for actually using per device, they'll run into net neutrality laws.
Yes - try explaining both to a "normal person". If they can get one quickly they'll get both quickly, and both will initially appear equally arcane. Longer isn't harder, it's just longer. The only thing likely to throw them for a loop is the hex, and I did that in grade school along with Roman numbers. It may be high school now but I'll bet a lot of people still know it on sight.
doesn't use closed source software from a Ferengi!
Perhaps these veks have something to hide and maybe we should dig deeper...
And also I dout oracle a clearly Taran company has any jurisdiction in the Klingon Imperial Empire.
And also you can't copyright a language per se. There is no way I can copyright English (ie the language) it's very remotely possible I can decide that how English is used must follow certain rules.
and more importantly:
20 fucking years? This pissing contest between oracle (giant dick) and google (shady dick) doing on for 20 god damn years? I think by now they've both spent more money on Ted From legal then they could possible get in any kind of compensation-
And people wonder why if you want a app to genuinely have a snowballs chance to run anyplace and be kept around:
It goes at least shareware, probably GPL, it might also use a Creative Commons human readable licence that says: don't be an asshole and steal this.
At this point you probably want to use at least JavaScript for NodeJS only because web browsers at the moment are very ubiquitous
You may need DOTNET (GPL'd btw) vPython is quite readable
In English that meens with that type of licinecing scheme you can use my doodad (expected) heres a tip jar(expected) but if you want techsupport drop us 20 bucks.(expected as well)
However by me having a built in contigency plan knowing software is on a contract to contract basis after John Cool moves on his code is required to be transparent and human readable
Only in this case: Stop using Googles Java run apps in androids browser. Because googles a dick. and so is oracle.
By this point, even the luminaries at the IETF have realized that the design for IPv6 as a replacement for IPv4 is fatally flawed. How flawed? Flawed enough that there is a high probability that a worldwide transition to IPv6 will never actually happen.
Now sure, there are technical advantages to a clean slate design, but a clean slate design is also unfortunately almost useless as a replacement for IPv4 in the real world. There is no incremental advantage and extraordinarily high costs to adding a separate numbering plan to an existing network, so no cost conscious organization ever does it unless they are forced to, and probably never will.
At this point I would lay odds on an IPv7 eventually being developed that is a revision of IPv6 with the incorporation of the IPv4 address space in a routeable fashion, and which assigns each IPv4 address a network prefix that an entire subnet of devices may eventually be directly addressed behind, in addition to the default.
Why? Because doing anything else would be one of the biggest wastes of resources the world has ever seen.
Any downsides? An IPv7 router would have bigger routing tables than an IPv6 only router, but the routing tables could be used to route IPv4 packets, and as it is not likely IPv4 is going away anytime soon, the same overhead is there one way or another.
A wide scale deployment of IPv7 would require hardware upgrades in some cases, but for most people it could be deployed silently, without them ever needing to know or care. A simple software update would be all that was necessary, and a few years down the road nearly all IPv4 capable devices would handle the expanded address space in a usable fashion without any renumbering or other configuration changes. That would save billions of dollars a year in unnecessary administration costs worldwide.
All those mapping apps - Google Maps, Bing Maps, Apple Maps, et al. They need those ports for the various segments of the maps so that those can get downloaded together. When you have IPv4 Port Address Translation already eating up the ports, you have fewer ports to spare, and that's why when you open a map, you see only parts of the map get revealed one square at a time. Under IPv6, none of that would happen, since the ports ain't getting used for mapping to private addresses, and therefore, they're available for the mapping application.
I've seen EUI-64 used only for link-local addresses - fe80::/10. That is never routed - in fact, it's not even used within a private network. Other things, like GUAs (2001::/16) or ULAs (fd00::/8) - are what are used in networks. Anybody who knows how to do DHCP6 could come up w/ a way to assign IP addresses - a few static for apps like Skype, but most transient - and everything would be just fine. In fact, for internal networks, is there a strong reason why the Interface ID for your fd00::/8 address has to be different from your 2001::/16 address?
For prefix generator, I'd think the GUA would be the perfect prefix. Like if your GUA is 2001:db8:bead::/48, then your ULA prefix could be fd06:2001:db8:bead::/64. I'm assuming there that there ain't a reason to have separate subnet prefixes for ULAs the way there might be for GUAs, since the entire organization would be under that umbrella.
Actually, this scenario gives me even more reasons to disagree w/ marking the partition b/w the Global Prefix and Interface ID at the halfway mark. The split should have been 96:32 rather than 64:64
I had IPv6 access for years via native IPv6 tunneling over IPv4 (protocol 41) and it worked great however a couple years ago AT&T decided to block protocol 41 from leaving (or entering?) their network cutting off external tunnel endpoints. Then I used the multicast protocol 41 endpoint until they blocked that also. At this point they block at least incoming protocol 41 in all cases so I am left with three options: drop AT&T which is now the only DSL provider in my area, tunnel IPv6 within some other protocol like UDP, or live without IPv6. At this point I think the best option is to setup an encrypted VPN for the tunnel carrying IPv6.
AT&T's customer support give various reasons for blocking IPv6 including "otherwise our users could get a static IP address without paying us" and "security".
Whatchoo talking about Willis? I read this a few days ago, but revisited it today... I have to comment. The max address that I'm talking about would be 255.255.255.255.255, just one octet is added, This effectively increases the number of available addresses by 255 times (not 256, because one is the same as the preexisting 4 octet addresses). So doing the math, 2^32 is approximately 4.3 x 10^9. That times 255 is: 1.1 x 10^12. if u ask me, that's more than we'll ever need
Ok, so you'd have to add 16 bits to the address, making it a 40 bit address. So now, make processors that handle 40 bits of data. There is a reason CPUs are integral powers of 2 - so that you don't need extra logic to weed out anything which in this case would be potential bits 40-63. Your solution is even uglier, but then again, some in this thread have suggested that the address should have been 64-bit, rather than 128.
Also, your solution too would be unreadable by existing IPv4 gear that cannot read more than 32 bits of source or destination address, since that's how the header is defined.
Also, it would be multiplying by 256, not 255. 1-255 is 255 numbers, and 0 is the 256th or the first number, depending on how you choose to count it.
48 bit, sorry, not 40
I see what you're saying, but I don't agree (respectfully)...
1) Nothing says that the number of bits that a processor can address has anything to do with the number of bits in an IP address. For example, when you get down to the nitty gritty, 64-bit processors don't even fully address a full 64-bits of memory space address. x64 architecture currently uses only 48-bits of the 64 for storing data to memory. Kernel space is from 0xFFFF8000 00000000 to 0xFFFFFFFF FFFFFFFF, and user space virtual addresses go from 0x00000000 00000000 - 0x00007FFF FFFFFFFF. Thus, I don't really see any reason why the processor bitness has anything to do with the amount of bits in an IP address. Also, any network drivers that I have ever written - I don't see where they'd care.
2) What I like about my solution is - you reserve one number - say zero, for IPv4 backward compatibility. Thus, the IPv4 address 10.136.77.139 would be the sane as the address 0.10.136.77.139. Any entity that knows that it's communicating with IPv4 only hardware would just drop the 0. If it were anything besides a 0, it'd be unroutable. Anyway, that leaves 255 usable multipliers to add on to IPv4 addresses,
I dunno - I haven't thought it out extraordinarily well, and i'm too tired to do so now... I _think_ it makes sense though, nite!.