Slashdot Mirror
America Runs Out of IPv4 Internet Addresses
FireFury03 writes: The BBC is reporting that the American Registry for Internet Numbers (ARIN) ran out of spare IP addresses yesterday. "Companies in North America should now accelerate their move to the latest version of the net's addressing system. Now Africa is the only region with any significant blocks of the older version 4 internet addresses available." A British networking company that supplies schools has done an analysis on how concerned IT managers should be. This comes almost exactly 3 years after Europe ran out.
Out of IP addresses? Sounds like a good time to invade somewhere where they mine them!
And just when I finally won the internet yesterday.
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
I just looked at my open wireless router, and I think I've got all the IP addresses.
You are welcome on my lawn.
At this point, ISPs need to mandate that customers use SNI where possible; too many IP addresses are allocated just for an SSL certificate. I think we'll start seeing more Let's Encrypt-type Subject Alternate Name management tools, too.
So far the day is going smoothly. I am comparing before and after photos but have detected no anomalies thus far.
Having no ipv4 allocations available is like that very first day when the folks pumping gas at the filling station filled your tank but did not clean your windshield or check the oil. There was great deal of anxiety at first, but (thankfully) people kept arriving for gas and the country slowly adjusted to this 'new normal'.
Then gas station attendants disappeared altogether.
No one knows where they've gone.
So if you work in IT, tie a string to yourself so we can follow it if you go poof.
<blink>down the rabbit hole</blink>
or this wouldn't be such a big deal.
Don't you dare touch my 192.168.0.0/16! I have claims in 169.254.0.0/16, 10.0.0.0/8 and 172.16.0.0/12 too!
You'll have to pry them from my cold dead routers!
Yeah, whatever, man. Slashdot runs this same story every few months, and has been doing so for years. Previous one is from July: North America Runs Out of IPv4 Addresses. The story never mentions that there are actually other pools that still contain a goldmine of addresses. I also suspect that companies own big blocks that can be freed when the going gets tough. So probably we're still good for a long time.
>> America Runs Out of IPv4 Internet Addresses
Again? ...
http://arstechnica.com/informa...
http://www.zdnet.com/article/n...
As most people do not type these number and do not need to remember these numbers, I do not see any problem with longer numbers. Especially when there are methods to write them shorter than that: 0000::0000::0000::0000::0000::0000::0000::0000
For example zeros ca be omitted. see also https://en.wikipedia.org/wiki/...
If you are typing or using IP addresses for ANYTHING other than you primary DNS servers, you're doing something wrong.
Seriously - set statics on your DNS servers (which can even be IPv4!), plug that into your DHCP etc. servers. Done.
This is the problem with IPv6 - those people whining about it aren't in charge of networks where it could be an issue anyway.
P.S. likely your mobile phone and maybe even your cable setup has been using IPv6 addresses for a few years now. They are specified and necessary in related standards. Did you notice? No. Because nobody types in IP addresses any more, not even on their home networks, work networks, thousands of servers, etc.
To be honest, MAC addresses are much more problematic to me, but I barely ever have to type those either.
Bring on the rush of IPv4 squatters now...
seems like we see one of these every few months. maybe its true, but its hardly a problem we cant as americans drag our feet on. There are numerous practical reasons we have poor ipv6 penetration. not the least of which are:
understanding: greybeards and young guns alike in IT share an almost religious fear of IPv6 sometimes. Its a poltergeist most companies would care to avoid as well, as it would require hiring people who understand ipv6 as well as 4. not just the address, but how to route it, how to firewall it, and how to handle its DNS addressing. unless youre a firmly bunkered BOFH, youll have gaps in your understanding.
infrastructure: ipv6 has been in place at comcast and time warner for a while, but it requires DOCSIS 3 capable modems to handle the traffic and ipv6 capable wireless ap's in many cases. most americans who dont bask in the warm green glow of slashdot havent rushed out to buy a new modem when their current one is just as good. most cable companies were loathe to provide a free or subsidized upgrade (thats probably changed now that theyre common-carrier status) but it doesnt change the meat of the problem. To fix modems would require an upgrade not seen since we switched from analogue to digital broadcast television.
the web.: AWS sites still dont support ipv6. hosting providers like GoDaddy and Dreamhost have done a magnificent job of building out support but dedicated hosting solutions may still include legacy apache and nginx that dont speak 6. vendors like ironport speak ipv6 about as fluently as a slavic tourist, and in many cases proxy software and antispam actually reject ipv6 transported email as they cant handle reverse ipv6 lookups. many appliances rely entirely on hurricane or other public 6-2-4 proxes to maintain any semblance of support for the protocol. other companies like F5 networks have glorious support for ipv6, but few customers that care about it outside of cloud hosting providers.
do yourself a favour, learn it. Learn what it is and how it works, and make it a weekend project at home. youd be surprised how many people raise an eyebrow when you put 'ipv6' on your resume. For my countrymen here in the states, its coming. you cant stop it, and dual stack implementations already exist in your cellphones and public hotspots.
Good people go to bed earlier.
I just checked my IP address and it's 192.168.1.102. Whew, I'm glad I got one before they ran out. No one else can have my IP address!
No, that's just an artifact of the different policies for assigning the last addresses. RIPE (the European registry) throttled assignments by making the requirements much more strict. That change of policy was considered the point when RIPE ran out of IPv4 addresses, because the remaining addresses are not given out just for asking. Unlike the other registries, ARIN did not institute a policy to extend the availability of IPv4 addresses for transitioning purposes, so they burned through the last 16 million addresses like no tomorrow and are now truly out of IPv4 addresses to assign. They are in fact the first registry without IPv4 addresses in stock. RIPE still has almost a full /8, APNIC has two thirds of an /8, LACNIC has one seventh of an /8, and AFRINIC still has 2.3 /8 blocks.
According to google's ipv6 stats, about 21% of its American visitors access the site via ipv6.
https://www.google.com/intl/en/ipv6/statistics.html#tab=per-country-ipv6-adoption&tab=per-country-ipv6-adoption
That is not as high as Belgium (almost 36%), but it is a start.
The problem with switching is IMHO three fold, 1.- It is gonna cost probably a couple hundred million in routers and modems that cannot support IPV6, in fact if you look at places like Amazon and Newegg there are more routers being sold that doesn't support IPV6 even today than not, 2.- Years of treating IT workers as disposable means we simply do not have enough workers that can support all the headaches that are gonna happen with the switch, I know in my area most of the greybeards simply went into other fields because they were tired of being fucked by the MBAs, and my own personal beef 3.- Assigning everyone a unique IP means it will be trivial to track everyone, its gonna be meat on the table for your *.A.As and copyright trolls.
So you can see why switching hasn't bee a priority for most, its gonna cost a mint, shit is gonna break everywhere, and I wouldn't be surprised if it will end up with a shitload of requests from the *.A.As spamming the ISPs as they will be able to argue that "IP address does not equal individual" no longer applies.
ACs don't waste your time replying, your posts are never seen by me.
This is actually a good study in human nature. A resource exhaustion (with a solution already in place) we could see from a mile off, but will do nothing about until it becomes absurdly painful to continue. Already we see monstrosities like carrier grade NAT which breaks many applications, rather than moving to IPv6 which nearly every device supports.
We'll see this same procrastinating with AGW, fossil fuels, everything else - we won't do anything about it until the economic damage is already being done and the pain level becomes extreme.
Oolite: Elite-like game. For Mac, Linux and Windows
Twice as many as IP4? Just one bit!
Time for bed, said Zebedee - boing
P.S. likely your mobile phone and maybe even your cable setup has been using IPv6 addresses for a few years now. They are specified and necessary in related standards.
This was the insightful part of your comment. So pretty much everyone is using IPv6 at least on mobile devices... which is pretty much everyone. It is just on older wired networks where you see IPv4 addresses only.
It will be somewhat important to keep the cost of web hosting/DNS low to make sure that registrars are supporting IPv6 only DNS registrations. All the relevant technology and infrastructure should be in place though. More like making sure that web forms on registrars websites accept IPv6 registrations and such.
exactly as prophicised. I knew this was coming when Gene Ray went into hiding.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
Well it sucks for the minority of people who do type these numbers or would like to remember them. And who cares if zeros can be omitted if most addresses in the wild are incompressible?
as they will be able to argue that "IP address does not equal individual" no longer applies.
No they won't. It will make no difference. The ISP will (presumably) assign a /64 (or bigger). I hope ISPs assign at least a /60 otherwise we're likely to end up with a huge mess of hacks in the linux kernel to allow subnetting of a /64 and also some form of autoconfig.
If you use the privacy extensions then it will make zero difference. The RIAA will be able to tell that the traffic came via your router but not from which machine. And if you don't keep logs of which machine used which IP when then nobody will be able to tell which machine was involved.
It may well make things harder for the *AAs. At the moment, ARIN requires that all your existing IPv4 allocations are in use (and hence documented in whois) before they'll give you more (so the data tends to be accurate to within about a 6 months timescale). When ipv6 comes along it's likely that registries will NEVER go back for any more addresses so will have no incentive to update those records. At the moment the RIAA can always tell which ISP an IP belongs to. That may well change in the future and there will be an extra step for them even to locate the ISP so that they can identify the subscriber.
In fact, should more addresses be required from ARIN in the future, it may well be easier to setup a new company to request a new block rather than go back and update years, possibly decades, of records to show that you need that second block.
God said, "div D = rho, div B = 0, curl E = -@B/@t, curl H = J + @D/@t," and there was light.
Maybe no one listened last time - but this is not the first time this has been announced. http://www.theguardian.com/tec...
No thanks. IPv6 addresses are a mouthful, typically 3x as long when printed. We should move to a version that makes them 1 byte longer.
IPv6 was a poor decision. It's like someone who ran out of toilet paper once so they went and filled their entire basement full so they won't accidentally run out again. 192.168.23.17 compared to AB34:34ED:AB34:34ED:AB34:34ED:AB34:34ED
As we're now pretty much stuck with ipv6, they would be better off locking out all the later bits until the transition is complete and make the ipv4 directly translatable. I.e. 192.168.25.25 becomes just FFFF:C0A8:1919 and all other ipv6 numbers are off limits until the transition is complete.
FFFF:C0A8:1919 isn't much more difficult than 192.168.25.25 and would make the transition much simpler than giving everyone a ipv4 number and a completely different ipv6 address.
Doing it this way, everyone could still access the websites via either their ipv4 or ipv6, it would only be the higher order ones that you would need to upgrade in order to access. Similar things have happened with phones and websites. When new area codes were introduced or new top level domains, a few people had problems accessing the new areas with older equipment if the older equipment was hardcoded somehow.
They can't. For lots of legacy/legal reasons those organizations outright *own* those /8s, as opposed to just having been "assigned" or "allocated" to them.
- What are we running out again? I thought we ran out last month! They are crying wolf!
- IP addresses are assigned by region we only just ran out.
- NAT makes this a non issue. Just use NAT!
- NAT is a broken concept that breaks end-to-end connectivity!
- I won't move to IPv6 they are too hard to type.
- Why are you typing IPv6?
- I can't NAT on IPv6 so it breaks my firewall and its insecure.
- NAT is not a firewall, you can firewall IPv6
- Why don't we just steal some of HP's IP addresses? They have some spare.
- Break the internet by splitting up routing tables even further.
- But NAT has protected us for many years everything works on NAT.
- Everything now needs to connect to a command server. No end-to-end connectivity and nasty workarounds in routers to make applications work.
- But DHCP doesn't work for IPv6!
- DHCP isn't needed, and if it is needed yes it does.
- But we can NAT the NATTING NAT NAT!
- Go fuck your NAT.
Sure because nat64 does not exist. You can get along quite well single stack.
No sir I dont like it.
But you'll never take my 127.0.0.1
Lots of private companies have Class A's and I just don't think Ford needs a Class A. Just like I don't think Apple needs one, nor HP needs two class A's.
Sure that won't have any negative impacts at all
So just use ::ffff:192.168.25.25 or DNS. Problem solved.
Yup. This.
A particular telecom company I know of is currently in the midst of switching out ALL of the routers / switches they purchased many years ago in order to diversify vendors. Fast forward a decade and they discover that none of the new hardware supports IPV6 at all. :|
So, all that gear is getting ripped out and being replaced with newer gear that does support it. Probably been burning 2-3 Million / year for the past several years doing so. Have many more years to go before the project is complete.
If we just shut down all the porn sites on the Internet, I'm sure we'd get back a good 98% of those IP addresses...
Incipiamus, fratres, servire Domino Deo, quia hucusque vix vel parum in nullo profecimus.
I have Comcast Business as my ISP and I still only get IPv4.
Copy/paste them. Or use DNS, it's hardly a new technology.
And if you really can't do either, then pick your addresses better. If you pick addresses like 2001:db8:42:a57e:a92f:2c3d:30c5:7562 rather than 2001:db8:42:1::2 and refuse to use DNS for them, then you can't complain about how hard they are to remember.
use to advertise their web site on the Daily Planet by saying out their IP address, well that was in 1995.
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
$ ping6 localhost
unknown host
LOL. But there is an ip6-localhost. :
Also
$ ping ::1 ::1
ping: unknown host
That makes sense.
The problem with this is that some of the original recipients of those really big blocks like GM and HP were given those addresses, not leased them. They, for all practical purposes, own that address space.
I know the organization I work for is a part of the problem. Before ARIN existed, a group of three schools (I work for one of them) were granted a /8 as a part of our research status. We have no relation with ARIN, and there isn't even a way to really give back 100 of the /16's we don't use.
I don't trust the BBC, but ARIN's own site does confirm this: ARIN IPv4 Free Pool Reaches Zero
I hope ISPs assign at least a /60 otherwise we're likely to end up with a huge mess of hacks in the Linux kernel to allow subnetting of a /64 and also some form of autoconfig.
You can already subnet a /64. MAC addresses are 48 bits leaving plenty of room for multiple subnets and you can go even smaller if you use static IPs or DHCPv6.
I hate technicalities, but the RIR for Latam is LACNIC. Oh, poorly chosen demonyms.
Open Source Network Inventory for the masses! Kuwaiba
refuse to use DNS
There's always the hosts file.
[ducking and running]
Have gnu, will travel.
No thanks. IPv6 addresses are a mouthful, typically 3x as long when printed. We should move to a version that makes them 1 byte longer.
The reason that they weren't done that way was that down the road, there's be another occasion when every piece of networking gear in the world would have to be replaced, thereby causing every business to spend thousands, if not millions, of $$$. That's why the IETF came up w/ a solution that would presumably last if not eternity, at least a few centuries.
However, the way IP addresses have been split, and a huge /64 assigned to the subnets makes me think that that would run out a lot sooner than they planned. Unless they at some point redefine it as 96:32 instead of 64:64
That's funny.
Usually, self important jackasses make comments as Anonymous Cowards.
There are two types of people in the world: Those who crave closure
A lot of the concepts in IPv6 are new in that one need not remember them. Unlike in IPv4 where they have to be requested by the hosts, in IPv6, they are automatically assigned by the Router Advertizements and Neighbor Discovery. And most of them never need to be remembered or copied or anything. Also, in IPv6, each node can take multiple IP addresses, so one can always assign a static easy to remember address as one of the addresses if remembering is what is required.
There's the equivalent of over 3000 full class Cs on the waiting list for supplying by ARIN right now. (OK, there are currently no requests for a class C as any request that could be satisfied by a class C was, until yesterday, being filled from the available pool)
Recently they got given (IIRC) a /15 and two /16 which were immediately filled from the waiting list.
The problem with giving you (and anybody else) a /28 is that unless it's aggregated at the ISP, the global routing tables are going to explode (they're already pretty bad unfortunately)
So if you want that /29 then you're going to have to find someone who can use the rest of the /24 who will route that subset to you.
God said, "div D = rho, div B = 0, curl E = -@B/@t, curl H = J + @D/@t," and there was light.
No thanks. IPv6 addresses are a mouthful, typically 3x as long when printed. We should move to a version that makes them 1 byte longer.
You know that's not much longer and it will not break anything, well at least that's what marketing told me. The engineers keep on telling me that even 1 extra bit will break everything, but what dot they know? Something about assumptions of 32-bit fixed size. Whatever that means? Aren't they paid enough to do their magic and satisfy the business requirements set out by marketing, instead of pushing back?
Jumpstart the tartan drive.
Because now they're valuable?
There are two types of people in the world: Those who crave closure
IPv6 was a poor decision. It's like someone who ran out of toilet paper once so they went and filled their entire basement full so they won't accidentally run out again.
There's technical reasons for the length as by assigning humongous blocks at a time routing is greatly simplified.
But again why are you typing IP addresses? This is 2015! IPv6 even includes stateless auto-configuration so you don't even need to figure out which IP addresses to type into your DHCP server anymore.
You're talking as if these are given out by hand. Giving a computer an IPv4 address or 2, or 5, should be absolutely no different in complexity, not for an administrator and not for an end user.
Well, there is always the alternative - try continuing to use things that just ain't there. Like IPv4 addresses. IT workers would hate having to resolve multiple layers of NAT even more than going to IPv6.
This will be like the Y2K problem, except that whereas everybody treated Y2K seriously so that come 1/1/2000, it wasn't an issue, in this case, issues will start cropping up at random
I think it has varied. On Verizon, they have been using IPv6. But on AT&T, the evidence seems otherwise
0000::0000::0000::0000::0000::0000::0000::0000
You can only have one double colon in there... As per the very rule you're educating us about.
CLI paste? paste.pr0.tips!
If you have trouble remembering IPv6 addresses, you can write them in a text file, like this :
1234:5678:9ABC:DEF0:1234:5678:9ABC:DEF0 mycomputer1
1234:5678:9ABC:DEF0:1234:5678:9ABC:DEF1 mycomputer2
Let's call this file "hosts". But I understand that copy-pasting can be annoying, it would be so much better if the system could use it natively...
But we can go even further! Instead of copying this file between computers we could make some kind of way to synchronize and distribute these files so that it could be always up to date and accessible from anywhere, like some kind of distributed naming scheme (we could call this DNS). If only we had this...
How can you be so ignorant of how IPv6 works and still have the hubris to propose a modification that supposedly fixes it?
Oh silly me, this is Slashdot.
I just provisioned a new phone on Ting, and in the GSM setup you have to do, you specify ipv6 on several settings in the configuration. Since Ting is an MVNO on Tmobile, I expect this would also mean Tmobile is also using ipv6 on the 3G/4G internet connectiion..
THANK YOU, Edward Snowden!! Americans owe you a debt of gratitude (whether they know it or not..)
Some of the options DNS, mDNS and I am sure Windows has its own native approach.
The truth is, IPv4 addresses are probably too many numbers for the average person anyhow. For a tech, they are probably remembered in a limited context/time period anyhow. Names are what is easiest to most people. The whole 'IPv6 addresses are too long' argument, is only valid when you don't have the right services on your network and even then is not a good argument for not moving to IPv6, instead it is just a hard reality of dealing with more resources. The argument is almost like not to growing a company, because you won't be able to remember everyone's name - accept change that progress requires or risk becoming irrelevant.
Jumpstart the tartan drive.
I'm using an HE tunnelbroker 6to4 to get ipv6, cuz CoxHSI... Using the fancy automatic shit to assign v6 addresses give you strange unrememberable addresses. So I set my machines to use a static v6 address and just use my /64 prefix AND the machine's v4 address.. Of course, since I only have a few machines on my home network, this is trivial, and certainly would NOT scale to anything larger.. Its kinda cool to post to a forum that shows your ip address on the bottom of your post and see an ipv6 addresss...Had to remember to mess with ip6tables to default deny on inbound.... I wonder how long it will take Cox and the other big cable guys to get their act together... Not holding my breath
THANK YOU, Edward Snowden!! Americans owe you a debt of gratitude (whether they know it or not..)
Ah, four class Cs. That should satisfy demand for a good 2 minutes or so.
v4's problem isn't that parts of it are unused. It's that it's just too small. Returning little blocks here and there won't fix that.
IPv6 was a poor decision. It's like someone who ran out of toilet paper once so they went and filled their entire basement full so they won't accidentally run out again. 192.168.23.17 compared to AB34:34ED:AB34:34ED:AB34:34ED:AB34:34ED As we're now pretty much stuck with ipv6, they would be better off locking out all the later bits until the transition is complete and make the ipv4 directly translatable. I.e. 192.168.25.25 becomes just FFFF:C0A8:1919 and all other ipv6 numbers are off limits until the transition is complete. FFFF:C0A8:1919 isn't much more difficult than 192.168.25.25 and would make the transition much simpler than giving everyone a ipv4 number and a completely different ipv6 address. Doing it this way, everyone could still access the websites via either their ipv4 or ipv6, it would only be the higher order ones that you would need to upgrade in order to access. Similar things have happened with phones and websites. When new area codes were introduced or new top level domains, a few people had problems accessing the new areas with older equipment if the older equipment was hardcoded somehow.
The stuff you are describing was initially contemplated, which is why we had IPv4 compatible addresses (::192.168.2.5) and IPv4 mapped addresses (::ffff:192.168.2.5). Problem was that that wasn't a simple way to resolve the addresses due to NAT in IPv4 among other things, which is why you have different transition mechanisms. Some of them have been used, like 6rd, Dual-Stack lite, Teredo, et al.
The toilet paper analogy is not quite correct. Rather, it's more like a case of discovering a new fuel that's a million times cheaper than gasoline, doesn't emit greenhouse gases, but which would require all engines worldwide to be changed. Since that would be an expensive process, the guys who design the replacement engines are working w/ the fuel engineers to ensure that the engines would never need to be redesigned again. In the case of IPv4, even making it 33 or 40 or 64 bits would have required an overhaul of all the world's networking gear, which is why the jump was made to 128 bits.
NAT was something they had to do in IPv4. It's voluntary in IPv6, since you now have NAPT. This does things that people want, like abstracting internal networks from external ones and enabling multi-homing, while avoiding port consumption by making NAPT a 1:1 instead of a many:1 loading of addresses.
Yes, and my inability to provide a syntactical correct address example invalidates my argument? Nope.
Yes, take them back. And... then what?
Before RIRs started running out, we were consuming over one /8 per month. What good is an extra month going to do us? Clawing back those /8s is a waste of time and effort, both of which are better spent on just deploying v6, which you'll still have to do anyway.
It's not a question of what they need. A lot of them have legacy equipment built w/ those, which perhaps at the time they were set up didn't even support NAT in IPv4. So those are legacy things locked down. Some organizations like Stanford have returned pools of addresses, but when companies refuse to do that, it's more b'cos the cost of releasing them could break other things within the organizations that work
It is gonna cost probably a couple hundred million in routers and modems that cannot support IPV6
...if you attempted to replace them all at once today. No one does that. Instead, IPv6 support will become a bullet point for purchasing replacements for EOL hardware and we'll transition to it naturally as IPv4-only hardware falls by the wayside.
Dewey, what part of this looks like authorities should be involved?
IANA should start charging 1 $ /year / IPV4 address; next year should double the price. The year after the price should be doubled again and so on.
This should force the hoarders to let go of the addresses.
At some point , it would be to expensive to stay on IPV4 and people would migrate to IPV6.
The people who really need and can not move to IPV6 would have the option to keep IPV4 and pay.
At least one vps vendor in Holland (http://http://vds6.net/) charges $2/MONTH for one ipv4 address on their vps offerings..
THANK YOU, Edward Snowden!! Americans owe you a debt of gratitude (whether they know it or not..)
Like you didn't?
Do you have accounts on all those sites, you sound butt-hurt. Maybe you should tweet about it
I largely agree w/ this, but suggest that instead of $1 per address, charge $X where X is the #NAT connections behind that address. Make that the annual rate, while on the IPv6 side, make it a lot cheaper for a /60.
This makes me wonder.. The company I worked for up to 2010, was a government contractor, and prior to around 2007 or so, every user machine on the network had a routable dhcp assigned address. I recall when we changed to a NAT''ed scheme for all of the workstations. I wonder if the several Class C assignments we *had* been using were reassigned or are *still* sitting out there unused.. I'm betting the latter..
THANK YOU, Edward Snowden!! Americans owe you a debt of gratitude (whether they know it or not..)
This is a huge opportunity for IP address brokerage.
You mean like ? They already exist, and have for a long time.
IPv4 addresses seem to be going for about $8 to $9 at the moment, in blocks of 256 or larger. That makes a class-C allocation worth less than $2,500. So I doubt there's a crisis just yet. Not even worth the trouble of pursuing it - and the hassle of retweaking your routers and ISP relations - if you happen to have some you could part with.
But it will be interesting to watch the prices now that the US registry has announced that it is "officially out" of address. That will tell us if/when reshuffling is insufficient to hold off a real crunch but IPv6 adoption is still inadequate to mitigate the need.
It will also be interesting to see if a new digital divide develops, with some people still without IPv6 connectivity and stuff they want only available via IPv6. (Again, I doubt it will be an issue.)
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
You, or your equipment, is doing something wrong, because v6 is far easier to set up and maintain than v4 is.
Also, you sounded sarcastic, but v6 does indeed improve the routing table situation. "Being really big" is all it needs to reduce fragmentation; that allows ISPs to get a single, contiguous allocation that covers all their needs, compared to v4 where they need to keep getting tiny allocations from all over the place. You can look at Comcast's announcements for an example: they have an order of magnitude fewer v6 prefixes, and the v6 prefixes are mostly empty at the moment, compared to their v4 ones that will be mostly full.
Did I say it would? Nope. /64 split, so even "short" ip6 addresses are still significantly longer than ip4 ones..
If I wanted to invalidate your argument I'd have pointed out that you normally don't get to double-colon away more than two or three components of the address, thanks to the universally recommended and implemented
CLI paste? paste.pr0.tips!
Actually my IPv6 address is:
2a00:7660:349::
Notice how it is _exactly_ the length of your proposal? I also happen to be able to remember it...
Ok, it is the address of my router, from where I can do port forwards etc, just like we used to do. So if you ssh into that, you will get to my server.
My other devices have longer addresses. Such as 2a00:7660:349::2. Yes there is a thing called DHCPv6 that allows one to assign short addresses to devices.
And because the ISP only controls the first 48 bits of the address, every device of mine gets to have an IP address and I was the one that decided the parts that might need to be remembered (the "2" from before).
It is true that most people will just let their network do auto configuration, which will then result in random and long addresses. That is because these days people generally do not care about IP-addresses. But it is your option - you can get it nice and clean if you are one of the few that cares.
Why does it matter? v4 is too small. It doesn't matter if some companies could potentially squeeze into smaller allocations; it won't change the fact that we still need something bigger than v4.
Eeep. I never thought of that; a number longer than Jacob Marleys' chain of boxes, following you forever. It's starting to feel like ipv6 was a collaboration between the NSA and Satan (beast numbers!).
So what happens when your ISP changes your 2a00:7660:349 to something else?
All your shit like 2a00:7660:349::2 is fucked.
I don't agree with the analogy, there's technology in place that is more versatile yet more complicated and there's the stop gap measure of forcing more and more NAT.
Oh you mean the technology that dare not speak its name (IPv6?)? I dare not speak of it.
The US built the Internet and we can take it all back with a tantrum! At any given time less than 18 million of us actually give a damn. Presently there are ~8 million unemployed persons living behind NAT firewalls, forgotten and uncounted, who could really use some help. Toss in some veterans too, especially those having trouble getting health care. Let us give them each a public IP address. Not one of those worthlessly fiat "exceeds the number of molecules in the Universe" IPv6 addresses either. They deserve something of real estimable value tied to the 'gold' IPv4 standard. But where could one obtain, say, almost 18 million IP addresses?
You do it by breaking all the rules at once, so no one can fault anyone because we're all busy being swept away by a flood. You know, like the rules and procedures for immigration you thought were there all along? And then you woke up one day and the government, all those border agents and paper-stampers were just, simply, missing? Or maybe they are hiding in New Jersey pumping gas. If you were a smart and dedicated alien who was applying for a visa and following those rules you'd feel really foolish then, to see them just come on in while you are still on a waiting list.
Just like the immigrants, it's time to make everyone on the ARIN waiting list feel foolish. It's time to open the gates.
RFC1918 is the first target. It's time to nationalize so-called 'private enterprise' address space and return it to the public, in happy glorious peoples' revolution. Let's begin to roll back the network bits for 10/8, 172.16/12 and 192.168/16 and 169.254/16 (Windows 98 rulez!) one bit at a time, one bit per hour. Starting tomorrow. Better look for the IOS password, you're going to need it! Or hell, let's just roll it all back at once. Remove those bogon filters and BGP blackholes and let it all leak out, let's have a democratic slate-wiping Internet version of thermonuclear war, and from the ashes there will rise a glorious dawn of reallocation... a new era of /32 advertisements followed by a presidential election where every candidate is an independent.
NUTS TO NAT !!!
<blink>down the rabbit hole</blink>
We've had IPv6 and 100 Gbps Internet2 for years now.
Grow up and stop connecting your toaster to the Internet IPv4. Nobody wants to see pictures of your toast.
-- Tigger warning: This post may contain tiggers! --
You CAN subnet a /64 but it won't work for SLAAC anymore. You definitely need a /64 for every subnet.
BTW, MAC-based addresses have fallen out of fashion (see IPv6 privacy extensions).
There's technical reasons for the length as by assigning humongous blocks at a time routing is greatly simplified.
OTOH by discouraging NAT they encourage people to apply for PI space. PI space is the enemy of efficient routing.
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
Or, you know, technology upgrades. My ISP finally switched from ADSL to VDSL and they have to replace all CPEs (about two million of them) anyway.
You use a DNS server. No one calls it a BIND server.
No, you don't need a "bind" server on each machine (good lord, it proves you know nothing about networks)
IPV6 stateless basically picks a COMPLETELY RANDOM address for your PC.
and yes, all devices can and do work like that.
you really think we will "soon" run out of 2^64 networks? /64s /64 hosting 4 billion times 4 billion CURRENT INTERNETS...
that's 4 billion times the NUMBER OF AVAILABLE IPs nowadays.
it means if the planet has 8 billion people, each PERSON can have TWO BILLION
each
Windows XP, Windows Server 2003, and Android 2.x no longer receive security updates. This means they are likely vulnerable to "forever day" exploits that surreptitiously install malware that adds other means of exfiltrating data from a system. An attaker doesn't need to Firesheep a victim's session cookie if he can install a keylogger that captures a whole password. Heck, an attacker could just install a keylogger that captures a victim's keystrokes when entering a credit card number. So if Windows XP is insecure in this manner, why even try to offer "secure" services to an insecure client?
They can't. For lots of legacy/legal reasons those organizations outright *own* those /8s, as opposed to just having been "assigned" or "allocated" to them.
Well they can own them as much as they want. No one is technically forced to route their IPs to them. But it doesn't matter, that wouldn't solve anything. IPv6 is the only way forward and nothing that I've seen changes that.
They wont because my ISP makes static allocations to every customer. But if you have another ISP with a poor policy, then you can use a private range such as fd00::/64 for your internal network.
fd00::2 is shorter than 192.168.1.2 if we are still at that...
Yes you are supposed to put in something random in the fd00 style address. But nothing stops you from ignoring that. It is just so that your VPN to your employer does not collide unnecessary with your home network, but if both of you choose to use the same range, you are no worse off than if the same thing happened on IPv4.
For the average customer this is no issue however. They are in don't care about IP-addresses boat. If the ISP changes your prefix, your internal network will just renumber too and nobody notices.
What's wrong with a reverse proxy handling all the HTTPS work in front of a bunch of application servers on their own VMs?
Multicast DNS you fucking cunt.
And if your router doesn't support IPv6 you're an idiot. Upgrade it to DD-WRT or get a new one.
You're a dense motherfucker, you don't know shit around networking, and you're trying to lecture everyone about problems that HAVE BEEN SOLVED FOR AGES.
Fuck off.
You are wrong. My router does have DHCPv6 and so does every OS (Linux, Mac and Windows) on my network.
You will find that basically 100% of the new generation routers (those with 802.11ac radios) come with full fledged IPv6 support these days. Including DHCPv6 support.
As to the ISP that seems to depend entirely on what country you live in. Some countries have very high penetration now. The rest of the world will follow.
Also you "didn't need" a IPv4 dns because you have like 5 devices in your network. But i know idiots like you, idiot's who don't believe in DHCP or DNS, and who just static address everything.
And then wifi comes along, with DHCP almost mandatory for mobile devices, and struggle to figure out how the hell they're going to handle the mess of fragmented IPv4 addresses they have in hand right now.
Fucking amateur.
Ha!
Yeah, I'd like to see an ISP try to stop routing Apple's traffic without an F-5 class Shit-Storm from their customers.
I just get skipper to yell for him. KOWALSKI!
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
i suggest you start reading on ipv6. it's really not that hard. you're making it overly complicated and assuming things simply because YOU DONT KNOW STUFF.
just start reading on networking: ipv4 and ipv6, both.
fe80 is called a link-local address. it's a complicated concept. it's not the same as an autoconfigured (SLAAC) address which is global and can be created by EUI-64 (based on your MAC) or a temporary IPv6 addres, which is also autoconfigured by SLAAC but it's temporary (lasts for 1 hour or so) and it's used to keep your privacy on the internet. it's a completely random IP.
and you can get a tunnel working NOW with www.tunnelbroker.net for FREE.
this has been available since AT LEAST 2002 when i first tried it.
You use the DNS server built into your internet router.
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
Tell me again what the benefit of PI space is compared to PA space in a world where we have more IP addresses than atoms? I would expect my PA address to change precisely once in the life of the network, when I first connect, and that's it. If I move house or change providers than it follows I'll have a different address, but why would that affect me? So my network devices end up with a different set of first x number of bits, big deal.
The reason they discourage NAT is the same reason that PI becomes irrelevant.
scp your_username@laptop:foobar.txt /some/local/directory
No different from how I do it right now. Not typing IP addresses has nothing to do with IPv6, it has to do with it's 2015 and we have many technologies that make it seemingly irrelevant what IP address you have. I don't know what my IP address is right now but I can SCP to it. I can't even tell you by which mechanism the IP resolves. It may be DNS, it may be a WINS server, it may be via netbios broadcast. The only thing certain is that its not using a hosts file.
But I still need a DNS server.
Why? I don't have one yet I still see all the devices on my network by name and not number.
Welcome to 2015. No ... welcome to 2001.
You do that so well, it is almost like you have had management training.
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
The only place I can see needing to know the address is when plugging it into a server to get a static address (DHCP is very bad for servers for numerous reasons), and also plugging it into the router to pipe ports to servers. But in both of those places, copy and paste works great!
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
Big reason for that would be that at the time they did it, it was on equipment that used IPv4 as it was then - without NAT. NAT was only something that came later to 'address' the shortage of addresses. But at the time that these networks were set up, the protocol didn't have that, and therefore, they had to use public IP addresses for both their internal LANs as well as their outward facing boxes.
Maybe we should all be assigned a /64 from birth and have it tattooed on our arms.
APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
Why would the ISP change your address? It's not like they are running out of IPv6 addresses. Heck I've had the same static IPv4 address for the last 6 years on my cheap arse (as in cheapest available in the country) consumer ADSL plan.
Maybe if your ISP is changing your IPv6 address then you chose a wrong ISP and should tell them to return to the zoo from which they escaped.
Good. No really good. IP addresses are designed to be issued in blocks to networks with sub-blocks to be issued to groups within the networks. Not doing that results in bloat of the routing tables which are experiencing exponential growth and are already quite close to the point where things start breaking (due to the hardware limits of the size of some routing tables)
Splitting up a /8 into 100 other components and distributing them across different networks around the world is NOT a solution, or at least it is a very temporary solution which at the same time creates a far worse problem.
This one is easy. Let's say you are Acme International, Inc w/ divisions in Santa Clara, Kyoto, Bangalore, Johannesburg, Netanya and Rio. Your company has to buy address blocks from ARIN, APNIC, AFRINIC, RIPE and LACNIC. In short, your IT department has to deal w/ 5 organizations to get something that it can get from one and distribute among all 6 branches. Note that allocation policies vary - while ARIN liberally distributes /48s, RIPE and APNIC dole it out in /56s. Different pricing structures w/ each agency.
With PI addresses, your IT department simply goes to ARIN, gets a single block and goes from there. Let's say they get 2001:db8:ace::/48. They can assign 2001:db8:ace:1::/52 to Santa Clara, :2::/52 to Kyoto and so on. That way, they also have Netanya and Bangalore within the same network, albeit connected by the ISPs servicing them in both places. From a budgetary standpoint, it's straightforward, and from IT's standpoint too. They have 1 block of addresses, and each office decides how to assign subnets and so on.
However, like Peter said, that makes routing tables a bitch, since now, under 2001:db8:ace, you have, depending on the subnets, one network in the US, another in Israel, another in India and so on. The ideal goal of IPv6 would have been to have a hierarchical setup whereby the first 2 words of the address would have given you the geography of where that address is. For routing tables, they would then just have to drill down. But that's not how it can be if PI addresses are used.
There is one thing I don't understand (please enlighten me): who tells my DNS server what IPv6 address was autoconfigured for a particular machine?
Internet Stream Protocol. Always experimental, but not used for IP addressing purposes.
It's not the function of anything physical. Rather, shortages happen when one tries to lend structure to it, as was originally conceived when they contemplated using, for instance, hierarchical routing to simplify routing tables (which was a major reason it was blown from 64 to 128 bits). Once you try to say something like 2610 should mean ARIN, then the next word, say 2a4f should mean Charter Spectrum in Alpharetta, then the next word cae would be Deloitte and then next thing would mean whatever Deloitte's IT assigns it, that rapidly narrows down the number of options to 2610:2a4f:cae::/48.
Actually, my criticism here has been about 64 bits being assigned to the interface ID. Overkill even for something like auto configuration. Instead, global network address should have been left the full 64-bits, and from the remaining 64-bits, split should have been done - maybe 16:48 or 32:32. That way, any organization that needed either a lot of subnets or a lot of structure in their subneting could have something like a51a:65:1a2b:3c4d, while optimal routing tables could have determined the global address assigned to it.
More importantly, things like DAD, ND and RAs will stop working
Had to remember to mess with ip6tables to default deny on inbound
Don't you have a stateful firewall that blocks all incoming traffic by default?
who tells my DNS server what IPv6 address was autoconfigured for a particular machine
Your client should be telling the DNS server directly. DDNS.
Grammer Nazis - I mod you "troll" unless you actually add something on-topic. Yes, I know I have mispellings in my sig.
As we're now pretty much stuck with ipv6, they would be better off locking out all the later bits until the transition is complete and make the ipv4 directly translatable. I.e. 192.168.25.25 becomes just FFFF:C0A8:1919 and all other ipv6 numbers are off limits until the transition is complete.
They did do this, it's a standard already. Not to mention dual-stack. http://www.tcpipguide.com/free...
My ISP does change my address occasionally, for no reason.
It's not a question of "why" (because they're stupid, that's why everybody does everything), but a question of "when".
Using a private range is the "solution", but to be externally reachable, you need to employ some sort of translation of the network addresses, and poke holes as appropriate. I propose will call this "Translation for Addresses on Networks", or TAN.
[lintel@cisc] ~% ping6 google.com ::1 --> ::1 ::1, icmp_seq=0 hlim=64 time=0.146 ms ::1, icmp_seq=1 hlim=64 time=0.185 ms ::1, icmp_seq=2 hlim=64 time=0.189 ms ::1, icmp_seq=3 hlim=64 time=0.195 ms ::1, icmp_seq=4 hlim=64 time=0.207 ms ::1, icmp_seq=5 hlim=64 time=0.163 ms ::1, icmp_seq=6 hlim=64 time=0.224 ms ::1, icmp_seq=7 hlim=64 time=0.233 ms ::1, icmp_seq=8 hlim=64 time=0.207 ms ::1, icmp_seq=9 hlim=64 time=0.211 ms
ping6: UDP connect: No route to host
[lintel@cisc] ~% ping6 localhost
PING6(56=40+8+8 bytes)
16 bytes from
16 bytes from
16 bytes from
16 bytes from
16 bytes from
16 bytes from
16 bytes from
16 bytes from
16 bytes from
16 bytes from
^C
--- localhost ping6 statistics ---
10 packets transmitted, 10 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.146/0.196/0.233/0.025 ms
[lintel@cisc] ~%
...Europe ran out." I'd be more impressed if I'd heard anything about this in Europe. If people are suffering there, nobody's talking about it...
They loosened the rules on IPv6 addresses and allow multihoming via more than one ISP.
"DNS" works on my network without a DNS server. Has worked this way for at least a decade. I can even result my printer by name without a DNS server. They have had local subnet multicast P2P DNS protocols for a long while now.
The majority of internet service providers will give you a /48 prefix. Meaning that you decide what to do with the remaining 80 bits. If you make them all zero, your IPv6 address can indeed be shorter than the typical IPv4.
Example:
2001:db8:123:: (that would be your router)
2001:db8:123::2 (that would be your web server or whatever).
2001:db8:123::3 (that would be your mail server or whatever).
Compare to:
198.51.100.250 (that would be your router - and also your web/mail server because it is all you got).
Nope, all three protocols will work fine with any prefix size. Only SLAAC need a /64 prefix
If you did a /120 you would use RA to tell your network about it. You would then need to set the managed config flag, so your devices can use DHCPv6 to acquire an address. After getting an address through DHCPv6 the devices will use the DAD process to check that the address is unused. And they will use ND to be able to communicate with other devices.
It will also be interesting to see if a new digital divide develops, with some people still without IPv6 connectivity and stuff they want only available via IPv6. (Again, I doubt it will be an issue.)
Just start a rumor that Google gives preferential page rank to IPv6, then everybody and everything will be on it!
Apocalypse Cancelled, Sorry, No Ticket Refunds
Try "Network Prefix Translation" instead: https://tools.ietf.org/html/rf...
"This document describes a stateless, transport-agnostic IPv6-to-IPv6
Network Prefix Translation (NPTv6) function that provides the
address-independence benefit associated with IPv4-to-IPv4 NAT
(NAPT44) and provides a 1:1 relationship between addresses in the
"inside" and "outside" prefixes, preserving end-to-end reachability
at the network layer."
Although personally I believe it is seldom needed. In practice a IPv6 home network can renumber every device within 30 seconds of the ISP changing the prefix on you. That is less time than it takes for your CPE router to reboot.
Do they still have it in windows 8-10? Seems like the only time I type an IP address is when I'm trying to ping the name server anyway.
Apocalypse Cancelled, Sorry, No Ticket Refunds
There is also some big sites that are available:
baldur@ballerup1:~$ for i in google.com facebook.com www.netflix.com akamai.com cloudflare.com rackspace.com wikipedia.org; do ping6 -c1 -n $i | grep bytes; done
PING google.com(2a00:1450:4005:801::1000) 56 data bytes
64 bytes from 2a00:1450:4005:801::1000: icmp_seq=1 ttl=50 time=28.8 ms
PING facebook.com(2a03:2880:20:4f06:face:b00c:0:1) 56 data bytes
64 bytes from 2a03:2880:20:4f06:face:b00c:0:1: icmp_seq=1 ttl=43 time=191 ms
PING www.netflix.com(2a01:578:3::36e4:ea94) 56 data bytes
64 bytes from 2a01:578:3::36e4:ea94: icmp_seq=1 ttl=46 time=38.0 ms
PING akamai.com(2a02:26f0:103:186::22df) 56 data bytes
64 bytes from 2a02:26f0:103:186::22df: icmp_seq=1 ttl=54 time=22.3 ms
PING cloudflare.com(2400:cb00:2048:1::c629:d59d) 56 data bytes
64 bytes from 2400:cb00:2048:1::c629:d59d: icmp_seq=1 ttl=57 time=10.6 ms
PING rackspace.com(2001:4801:1221:101:1c10:0:f5:116) 56 data bytes
64 bytes from 2001:4801:1221:101:1c10:0:f5:116: icmp_seq=1 ttl=43 time=127 ms
PING wikipedia.org(2620:0:862:ed1a::1) 56 data bytes
64 bytes from 2620:0:862:ed1a::1: icmp_seq=1 ttl=52 time=20.7 ms
The CDNs in there means that you will get some content over IPv6 even from sites that are not IPv6 enabled as such.
A new digital divide can only be due to IPv4 scarcity. There won't be any scarcity of IPv6 addresses to anyone anywhere. Only problem may be a place not having IPv6 supporting equipment, but that's not something that one can't shop around for
$ ping6 ip6-localhost
PING ip6-localhost(ip6-localhost) 56 data bytes
64 bytes from ip6-localhost: icmp_seq=1 ttl=64 time=0.028 ms
64 bytes from ip6-localhost: icmp_seq=2 ttl=64 time=0.034 ms
64 bytes from ip6-localhost: icmp_seq=3 ttl=64 time=0.036 ms
^C
--- ip6-localhost ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1998ms
rtt min/avg/max/mdev = 0.028/0.032/0.036/0.007 ms
$ ping ip6-localhost
PING ip6-localhost (127.0.0.1) 56(84) bytes of data.
64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.024 ms
64 bytes from localhost (127.0.0.1): icmp_seq=2 ttl=64 time=0.029 ms
^C
--- ip6-localhost ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.024/0.026/0.029/0.005 ms
Forgot this one
$ ping6 google.com
connect: Network is unreachable
The ideal goal is the same for IPv4. I'm still struggling to see what the practical difference between 4 and 6 is in the cases you've mentioned. By all accounts it looks like the situation continues as it does now, namely: Providers give IP pools and the company then adjusts routing accordingly, (presumably they would have a VPN between their networks anyway so right now they would need to take this connection into account via routing), or ARIN gives them a pool and the entries need to go into the internet's core routing table?
Isn't this the same for 4 and 6? And if you really feel like killing a kitten you could always NAT IPv6.
It's not a question of when, it's a question of getting a competent ISP. Some ISPs are tight and chop and change IPs at a whim because they don't have enough. That should change with IPv6. Many ISPs offer a service with a guaranteed static IP address. It sounds like you want to run a critical service on cheap consumer grade connections. Don't do that.
And, thus, people like yourself don't understand enough to be worried about having to plug in an IPv6 address anyway.
Seriously, do you sit and hand-craft your local DNS zones for each individual machine? That's where you're going wrong, not having to put in a long IPv6 address.
Who is going to do it on my LAN if not me?
No, I run a DHCP server that dynamically updates my DNS server. However with IPv6 we are supposed to do away with DHCP and can use something like radvd. With that however the address is created by the client and the client has to update the DNS server. That means that rather than keeping the DHCP server up to date and keeping the DDNS signing key secure on one machine, I have to do that now on all clients. Mhm, perhaps DHCPv6 still isn't such a bad idea ... um ...
Perhaps people like yourself could do a better job explaining it to the noobs like me?
Theoretically, maybe, but practically, given the shortage of IPv4 addresses, PI addresses are generally out of the question, unless you are an HP or IBM or AT&T who got those Class A's somewhere in the 80s. So in the above example, each of Acme's branches would need to get a handful of IP addresses from their ISP, and then NAT the fuck behind it. If Acme was lucky enough to have, say, a Class B from yesteryear, they could subnet it and assign it to each branch. But that would only be if they were one of the lucky ones. Whereas in IPv6, you now have a level playing field.
I remember something along the lines of those guys reserving like half the address space ...
Reason we need IPv4 is that that's what most websites and other services currently are. But that's solved by going w/ one of those transition mechanisms, such as Dual Stack, Dual Stack lite, 6rd, et al. If our ISPs gave us IPv6 connections, most of us would be able to get our computers on that. Unless you still happen to be on XP or OS/2 or something ancient. Every laptop and tablet OS now - Windows 7-10, Android, iOS, OS-X, Linux, BSD et al support IPv6.
Why are you hard-coding the prefix? Why are you changing the prefix?
You pick up the interfaces you want, and move on. You don't need to type it out. And by the time you get to a firewall with multiple externally visible IP's, plus VLAN's, plus rules, plus routers, etc. then you hand it off to an IT guy who will a) put in a config not based on hard-coded, hand-typed IP's, b) put it behind routers and services that have GUI or database management.
Seriously, people, you should no more be sitting there entering IP's than you ever have before. And once you get past a small handful, you never type them again anyway.
I mean, honestly, have you guys never heard of copy/paste either? I deal with hundreds of IP's, I even have the prefix on autocomplete and the externals etc. are kept in a database or in a spreadsheet depending on the task.
This is honestly the WORST argument against IPv6 that I've ever seen. Hell, as far as I'm concerned, the second a user has to read-out, or type in, some IP address on your system, you've already failed.
You don't NEED to do it on your LAN. You're choosing to. I have an IPv6-capable router. It picks up an IP range from the external ISP, then offers it - with sensible defaults - to the network. It's the default, power-on configuration. The same as it was for IPv4.
Use RA only for routing, use DHCPv6 for address and DDNS.
Yes, address configuration is a mess with IPv6 because of the number of competing services. But there are only a handful of combinations that work and do everything you need. And they invariably involve one-off daemon setup and then forget-about-it.
So when will the cloud providers FINALLY start really supporting IPv6? My company, as many do, uses Amazon EC2, RDS, S3, etc.., and the closest Amazon gets to IPv6 is their load balancers, which can't support the domain apex unless you also use their DNS. I refuse to pay per query for their DNS, so that means I can't use their load balancers for my websites and my client's websites. So no IPv6 for me.
And as far as I can tell, Google's and Microsoft's clouds still don't support IPv6 either.. :(
. Define sqrt(x) as something really evil like (x / rand()), and bury it deep. Watch your coworkers go nuts.
Comment removed based on user account deletion
Longer packets are inevitable when you want to elongate the size of addresses. It's just a matter of how much. 128 bits was a good call, but they should have given more weight to hierarchical routing than autoconfiguration (which would still have been possible, just not as simple).
Exactly. Also, at the current, increasing, consumption rate reclaiming those large blocks would only add a few months to the exhaustion deadline. Most likely it will take more time to free them than it takes to use them up.
IPv4 is simply too small, no matter how we hand out the addresses. It's time to switch to IPv6. Those few blocks won't make a difference.
Hello User: Thank you for contacting WOW! Internet, Cable , and Phone via email. My name is Sherri. I apologize for the delay in responding to your email. I apologize for the inconvenience but at this time there is no information about when we will start utilizing the IPv6 protocol. Please let us know if there is anything else that we can do to assist you. If you have an issue that requires immediate attention, WOW! Customer Service is available 24/7 for your convenience at 1-866-496-9669. Respectfully, Sherri - C6671 Advanced Support Specialist, Tier II WOW! Internet, Cable and Phone