CNN On IPv6

i am the waltuss writes "CNN has tackled The Great IP Crunch of 2010 in this article. Its a good overview/intro to the subject that will likely take the place of the Y2K "bug" after January 1. "

Re:Every toaster on the internet?

[Sir+Timothy]

Ostensibly..hrm. In my opinion, just because you can do something like this doesn't mean you should. I'm sure it'd be nice and all to have a cron job set up in your wristwatch to connect to a time server so you never have to set it or a cron in your thermostat that would connect to a weather service, obtain information about the day's weather, and adjust temperature accordingly.

I don't think I'll ever be a fan of that sort of thing, though..maybe I'm just really goofy, but I don't mind not having a fully automatic lifestyle..I'm just not comfortable with having my life controlled to that extent by appliances, I don't mind adjusting the thermostat or manually timing my watch or things of that sort..if everything around me or physically on me is just a node in a vast mechanical network, what does that make me?

Eventually, just a node in a vast mechanical network.

Peace,

Take the place of Y2K?

Don't you know that the solar maximum is what's going to be messing everything up in the new year?

Oy. First El Nino (sorry, no tilde). Then 9.9.99. Y2K is coming up. Then it's going to be either the IP crunch or the solar maximum.

I'm betting on the solar maximum. IP addresses are too much for the hardwired little brains of most end-users...

Re:too much misinformation...

[Silverpike]

You posted some great comments; but since you don't have an email listed, I will respond here and try to keep it brief.

For one thing, allowing an outside entity to control an appliance which you have purchased sounds like a potential privacy issue to me - without some really strict regulations on what a company can do with the information, do I really want a company to know when & how much toast I make? (Slightly more seriously, think DIVX...)
I agree with your fears. However, I feel that this will be inevitable, regardless of the privacy implications.

In any case, I see NAT as a highly desirable way for me to control what is talking on my subnet to stuff outside the subnet, regardless of whether you're talking IPv4 or IPv6.
NAT is not designed for security, it just coincidental that it is more secure than traditional means. If you want security, IPsec is the best way to go (and is much easier on IPv6 anyway).

Why is there some limit of effort @ opening NAT walls to different protocols? If the protocol is simple, then you can communicate through a single connection, and the owner of the NAT box can open that single port & attach it to the proper machine.
The limitation I speak of is a manpower/development limitation. It is not efficient to have someone spend their valuable time fixing the current NAT implementation for the latest and greatest vendor protocol. Often, vendor protocols embed the source/destination address somewhere inside the packet, which is why NAT fails. IPsec is a great example; it needs to embed the source and destination IP inside an encrypted packet. No NAT program will ever be able to route this correctly, which means people running NAT can't use IPsec, which won't fly economically.

Maybe I'm not quite understanding what you mean by "IP expansion" using ports, but as far as I'm concerned NAT is _supposed_ to make your subnet look like a big server on a single IP address, and I can't think of any performance/utilization metrics used by ISPs where this paradigm would cause "Bad Things" to happen.
By "IP expansion" I meant the mapping of unused ports on one host to ports on a different host (NAT), thus virtually giving you "more IP addresses" (bad phrase, sorry).

ISP metrics depend heavily on being able to uniquely identify evey host in the network, internal and external, for a variety of very good and time-tested reasons (I won't go into detail). NAT is designed to obscure this, and thus represents a problem for any network admin.

Here goes my Karma

[fishlet]

Why don't they just switch over to AppleTalk?

Re:Trillions of pennies

You're not. The obvious solution is to make sure you use DNS so you don't have to worry about what the IP is.

Use DNS? Using DNS requires memorizing (ok, a cheatsheet will do) many addresses. I spend a good part of each day trying to either remember or find an address. I'm sure I'm not alone in that I have to use more than 100 different IP addresses on a weekly basis. I'm either going to have to get smarter, carry around a notepad, or actually use my PalmPilot when we switch to IPv6. After all, someone must maintain files for BIND or setup new systems. I just looked at my default setup I type-in to a cisco. I use almost a dozen different IP addresses (3 name servers, TACAS, NTP, TFTP, etc.). In addition, troubleshooting often requires one to use an IP address. Lot's of things have to work, before the magic conversion of a hostname to IP address happens, and a good portion of the time when I have to work on a system, DNS isn't working.

Just use DNS? Bah!

Re:mac addresses?

One of the cool features is that a card's MAC address will automatically map to its IPv6 address. No more DHCP or duplicate address crap.

Re:NAT/Masquerading (Kinda Offtopic)

Exactly. And for most cable modem ISPs, they could stop worrying about people running warez/mp3 servers from their house. Wouldn't be able to run X over it though. That would kind of suck.

Re:WTF 128 bits?

That scares me, and do you really want everyone in the world to be able to determine your MAC address?

Guess you've never ran nbtstat -A ipaddress from a win/9x/NT box. :-)

It's stalling because it CO$T$, guys!

[Ungrounded+Lightning]

To help push IPv6 forward, the Internet Assigned Numbers Authority on July 19 gave regional registries around the world the go-ahead to begin assigning numbers based on the new standard. So far, the majority of the organizations that requested IPv6 numbers are research departments and universities. The only commercial ISPs to ask for such address blocks are two Japanese firms, Internet Initiative Japan and Nippon Telegraph & Telephone.

The regional registries are charging big bucks for blocks of numbers and managing them as if they were as scarce as IPv4 address space - or as if the world was beating down their door and needed to be throttled. Results: Only the big router builders' research departments (garage shops need not apply) and the universities (grant money and need to keep at the cutting edge) are interested.

ISPs aren't going to buy numbers until they roll out the infrastructure. Why tie up even a few grand now, when you're not going to use the numbers until later? There's enough numbers to give one to every hair on every human's head, so they won't run out if you don't jump early. (And they want to encode routing in the numbers, so it might be better to wait.)

What burns me is that price tag. The home experimenters can't get in on this unless they ante up (or do all their work with bogus numbers - which is problematic when you want to start interconnecting with the other guys). So we get to depend on the Cisco/3Com/Ascends of the world.

Microsoft would be proud.

Hmmm... Maybe we ought to pick a block UNofficially and divy it up for playing with. B-)

Copy quoter?

Steve Deering
Lead designer of IPv6 (and self-professed pessimist)

A: "It's quite possible it won't happen. It's conceivable that we will just continue to do short-term hacks and band-aid whatever is required to keep living with IPv4. I think that would be very unfortunate for the health of the Internet."


Rich Draves
Systems and Networking research group leader, Microsoft Research

A: "I would say I'm pretty confident, but not extremely confident [that we'll migrate to IPv6]. There's a possibility that we won't. I think that would be an unfortunate outcome; the Net would end up becoming more fragile and less functional."


Hmmmm.....

Re:Trillions of pennies

[Restil]

Not to mention that this layout is in a 2 dimensional environment. If it was in a 3 dimensional environment, then the time delay problem would be a moot point.

-Restil

IP v6 DNS and memory

[Simon]

>> P.S. How in the hell are we supposed to remember addresses like
>>127.12.255.234.127.123.55.234.124.121.253.231. 227.12.215.134?

> You're not. The obvious solution is to make sure you use DNS so you don't have to worry about what the IP is.

How in the hell are we supposed to remember DNS names like www.toaster.upstairskitchen.myhouse.org.au.earth.s ol.milkyway....?

4 digit area codes or 8 digit numbers?

Or allow the DTMF A, B, C, and D tones, which were defined 20 years ago. All three solutions will mean breaking EVERYTHING. This will be far worse than Y2K could ever be.

Re:The Great Telephone Number Explosion...

[Icepick_]

I work for a wireless phone provider. One of my duties includes the keeping an eye on whether or not we have enough numbers. I also represent my company in matters regarding new areaa codes. Suffice to say, this is a serrious pain in the ass for everyone. Here (Minneapolis/St. Paul) we just split the 612 area code into two, with 651 being the new one, about a year ago. We're already planning to split the 612 again, this time into three pieces. All of these have been/will be geographical splits. All the phone companys are pushing for overlay splits, but the public, and the Public Utilities Commision hate those. A geographical split is where one area has one code, and another has a different one. In a overlay, both codes occupy the same physical areas. IE you and your neighbor may have different area codes. Solution to this? Beats me. But the day is coming where it'll be required to dial 10 digits to make any call. The public will hate it. But there is no way around it. Number Portibility is the new process in which we're hoping to save numbers. You move? Take your phone number with you. No need to issue a new one, or hold your old one for 90 days before reissue. Lots of technical problems involved with this. Not to mention the billing headaches it creates.

Re:proxy server...?

Its me again, the original AC.

Why would your company need more than a minimal number of IP addresses, unless you want every box on your network directly connected to the internet?

Its not that simple. The technique you suggest is, basically, what got us into this mess in the first place. The problem comes when you merge two networks (i.e. two companies). Both have used 10.* addresses, so you wind up with two computers on the network with the same number. Uh oh. Somebody has to renumber their entire network or it just won't work.

So you put a NAT box between the two subnets. Now some applications won't work because they put port numbers and IP addresses in the data packets. Urk.

We'll do it that way if we have to, but we would really rather find something better.

IPv4 and area codes

[Enoch+Root]

Kill two birds with one stone: switch to IPv6, then switch the whole telephone system on it. That way, when you want to call someone, the phone line has an IP address and perhaps a DNS entry. So there you go! You can phone phone.alicebranford.nyc.ny.us

Erm. I guess that's as likely, feasible and practical as running your toasters on in a Beowulf cluster through your kitchen Intranet. :)

"There is no surer way to ruin a good discussion than to contaminate it with the facts."

Re:IPv4 and area codes

[K-Man]

Yeah, and phones will only need two buttons!

Re:IPv4 and area codes

[Vryl]

You have violated some age-old law of the usenet who's name escapes me atm.

Basically, some time soon, perhaps even in this thread, some-one will turn up with a beowulf driven toaster farm running on their kitchen internet. You can put money on it.

-- Reverend Vryl

Re:Every toaster on the internet?

I used to program cash registers. Do you know how much I would have given to be able to telnet to a misbehaving register on the other side of the country?

There are tremendous business uses for this sort of thing.

Do you know what a hassle you would have if every time you had a misbehaving register on the other side of the country, you had to verify that a hacker hadn't telnetted into it and trashed it?

There are tremendous business uses, and also tremendous business liabilities to everything being mapped to a publicly available IP address.

Re:URL for information on IPv6

[NatePuri]

What if we could build a public network built on IPv6? Would it be useful? The benefit to society would be increased privacy the cost would be the need for people to eschew complacency.

Trillions of pennies

[jamiemccarthy]

Imagine 1 trillion Bill Gateses standing in a circle (not a pretty picture, but play along for a moment). Now ask each one to convert his fortune into pennies and toss them in a collective pile.

OK, so I'm a math weirdo, but play along for a moment. If one trillion Bill Gateses were standing in a circle and threw all their pennies in, how tall would the pile of pennies be?

Actually, there wouldn't be a pile at all: the density would only be one penny per 2.5 square cm. Assuming three Gateses per linear meter. Evenly spread out, there's plenty of room to spare. 1*10^12 people -> (1/3)*10^12 m circumference -> 1.06*10^11 m diameter -> 2.5*10^21 m^2 area -> 2.5*10^13 cm^2 per Gates. Each Gates gets to throw his wealth of 1.06*10^13 pennies into a square 50 km on a side.

If all those Gateses were standing in a circle, light would take over five minutes to cross its diameter. The circle would be not quite the size of Mercury's orbit around the sun.

If each penny contained 1 trillion tiny computers and each computer had its own IP address, you'd still have used only a fraction of IPv6's potential space.

To be precise, about 2.9%.

But good luck rewriting the TCP protocol for your penny network -- its end-to-end space-time delay is ten minutes!

Jamie McCarthy

Re:Trillions of pennies

[MindStalker]

Accually I've talked to an old chess oppenent who is a physics science reasearcher at SCRI (super computer research institute) at FSU and he states that the quark thing is a bunch of BS. Suppositivly it has something to do with the fact that a quark in a certain position is defininatly going to do certain things. If you have 2 quarks that are seperated both with continue to go through their patterns generally mindless of the other. But it gives the impression that they are copying eachother. But this is just his opinion, (and this was 2 years ago when he told me that, I haven't seen him in a while, when this theory was just being discovered.. so things may have changed)

Re:Trillions of pennies

[MindStalker]

But good luck rewriting the TCP protocol for your penny network -- its end-to-end space-time delay is ten minutes!
Just use a good setup of seperated bridges and gates along with a few wormholes, and such a network would not be a bit of a problem.

Re:Trillions of pennies

If each penny contained 1 trillion tiny computers and each computer had its own IP address, you'd still have used only a fraction of IPv6's potential space.

To be precise, about 2.9%.

Someone has too much time on their hands... Seriously, 16 address lines are enough (many, many processors), 12-bit number of segments each 12-bits large is more than enough (PDP), 7-bits per character is enough (ASCII), 640K is enough (IBM PC), etc. attitude bothers me. The mind numbing examples of how large IPv6 address space remind me of the mind numbing examples of the size of the IPv4 address space I heard in the mid-80's while in college. Then, the example was that every american could have 16 machines connected to the Internet. All of us laughed at that example, because we knew that no one would ever own 16 machines powerful enough to connect to the Internet, much less need to connect them to the Internet. To quote an 80 year-old friend of my father's (who worked on computers for the military in the early 50's and retired from Cray less than 10 years ago, lot's of varied experience), the most serious problem most systems encounter is lack of address space. Over a 2 hour dinner one night, he spent the entire time listing machines and software that were crippled because they ran-out of address space. Let's not have history repeat itself again. Moving to IPv6 scares me (my livelyhood depends on the Internet), and I don't want to have to move to IPv7 soon, so please let's be frugal.

P.S. How in the hell are we supposed to remember addresses like 127.12.255.234.127.123.55.234.124.121.253.231.227. 12.215.134?

Re:Trillions of pennies

[sinnergy]

AC stated, "P.S. How in the hell are we supposed to remember addresses like 127.12.255.234.127.123.55.234.124.121.253.231.227. 12.215.134?"

You're not. The obvious solution is to make sure you use DNS so you don't have to worry about what the IP is.

However, if you're a glutton for punishment, you could theoretically represent them by 32 hex digits, reducing the maximum number of "digits" you'd have to remember. If you wish to reduce the number of digits to remember more, you could also conceivably represent the IP by 28 letters (letters being defined as the 26 alphabetic characters used in the Enligsh language), or 26 alphanumerics (the alphabet plus the 10 arabic numbers) or, if you really want to get silly, 16 characters (if each dotted quad is represented by one "ASCII" character (ranging from 1 to 256).

Take your pick, I'd rather use DNS. :)

Re:Trillions of pennies

[Jherico]

First off, IPv6 notation is already well defined. The dot notation is dropped and replaced with hex notation, grouped into blocks of 16 bit words and seperated by colons.

For example:
3FFE:8060:0000:0000:0000:0000:0000:0001

Additionally, there will likely be lots of zero's in everone's address for some time to come. Consecutive zero's can be abbrviated with double colons (only once per address to prevent ambiguity). Also, leading zero's in any given block may be dropped.

For example:

3FFE:8060::1

This is the same as the above address.

Again, except for system admins, people will be dealing with DNS names, not numerics.

Re:Trillions of pennies

[ars]

Actually the spec defines IPv6 "addresses" as 20 character case-sensitve alpha-numeric strings with some symbols. Search the RFC's you'll find it.

Anyway it's this address that you will memorize, enter into DNS, in the box to configure IP, whatever is needed. Hmm, it's kinda hard to memorize case.

Re:Trillions of pennies

[Hobbex]

I believe it was Kahn who mentioned concern for the 2^128 limit during the Internet's 30th birthday discussion debate. Of course all limits are stupid, but they are also awfully convenient.

It will take Nanomachines before we break 2^128 nodes,and once Nanotek happens we will have quite a lot of things to consider about the way our world works, of which the number hosts on the Internet does not really rank. I think we can sleep safely knowing that the people we are fucking things up for are not ourselves, but our children (and they deserve it, dog gonnit, the lazy little bastards!)

About the memory thing: Consider that 128 bits is exactly the length you need for a truely safe crypto key (assuming it is your own info you are locking in, it can be symetric). If the world is heading where I think it is, it's about time to start practicing memorizing those...


-
/. is like a steer's horns, a point here, a point there and a lot of bull in between.

Re:Trillions of pennies

Space-time delay of 10 minutes? What about using the rotation of a pair of quarks? They supposedly rotate instantaneously. Given 8 or so pairs of quarks and quark rotator/sensors, you should be able to build a reasonably good synchronous PennyNet with zero latency.

-Derek

P.S. This is really a moot point, since the penny is obsolete.

Re:WRONG!

[Brandon+Hume]

IPv6 may not have been DESIGNED to handle routing table overload, but that will probably be a side effect.

IPv6 is much more geared toward route aggregation. And since its just being rolled out, and people already know the effects of the messy routing setup of today, route aggregation will be encouraged to a much greater degree.

Yes, this could be done with IPv4. But it isn't going to happen. Far too late into the game.
--
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/

Re:Suggestions for corporate Intranet?

We have NAT on the corporate firewall because, basically, that is how the firewall does it. Its a DEC SEAL firewall (AFAIK) with all bells and whistles enabled. Amongst other things this does NAT so as to avoid releasing information about our network to any nasty little sniffers out there. There are good reasons why it was done this way, but network transparency was not one of them.

DHCP has a similar story. It has been looked into, but I gather that there were security problems. Around here, that was enough to scupper the whole idea.

AFAIK we don't currently have NAT within the intranet, but thanks to the various new aquisitions who use 10.* addresses (plus at least some bits of the existing intranet) it has been suggested as the way forwards. I'm looking for better ideas.

Someone else asked if I work for MS. I don't work for MS. Beyond that I refuse to confirm or deny anything. Oh, except that I don't actually work in the IT support department, so don't judge my employer by my comparative ignorance on the subject.

Every car on the internet?

[Geekholder]

An engineer from GM attended one of the IPv6 design meetings at the IETF (a number of years ago). That is GM as in General Motors. He was making the case for a larger IP address space.
Imagine, if you will, GM coming to the IETF every year for 10 million more IP addresses. Because GM is imagining it.

Re:Every toaster on the internet?

[Geekholder]

Imagine this picture in 5 years:

I carry a digital cellular phone. Maybe it uses Voice over IP, or maybe it can just connect to the web to check my email. Either way, it needs its own IP address.

I carry a PDA, hopefully a descendant of my beloved Palm V. I carry it because my phone is a tiny little thing, making its screen so small that I'm willing to carry a separate PDA. My PDA can hotsync itself to my databases, which are on a server on the Internet of course. So my PDA needs an IP address.

My watch synchronizes itself to the atomic clock, using multicasted NTP packets. It also sets its alarm to tell me when its time to take my heart medication. It sets its alarm by checking my medical schedule, which is on a server on the Internet of course. So now we have three IP addresses on my body.

After my last heart attack (brought on by the stress of working 70 hour days in Silicon Valley back in 2003), the hospital gave me a monitor to affix to my ankle which monitors my blood pressure, hydration levels, etc. It collects its data and sends a packet to the hospital once per hour.

At my house, all five of my very expensive cars (the oldest being my old 1999 junker) have a mobile entertainment center which can pull in HDTV broadcasts, connect to whatever the WWW looks like in 2004, etc. So I have 5 more IP addresses.

And of course, the fax machine in my main vehicle is an aftermarket addon which doesn't cooperate with the car's built-in gigabit ethernet network, preferring to use its own wireless net connection. Another IP address.

These are all mobile connections. MobileIP doesn't work with NAT: you have to have a globally unique IP address for the remote proxy to route things to you.

NAT is useful to hook up the 27 computer systems I expect to have in my house by 2004.

Humm

[KoF]

Could someone put up a URl that explains the new things in IPv6?

Re:Humm

[AlphaBrav]

Try http://www.ipv6.org/

It's really neat, there are a few networks that support it (vBNS has some limited support right now). Think ip addys with hex numbers instead of deciaml and you're halfway there :)

vBNS link at http://www.vbns.net/IPv6/index.html for those interested.

Re:Humm

[jd]

I don't have a URL to hand, other than the usual (http://www.ipv6.org and http://www.6bone.net).

I -can- list some of the additions/changes, though.

• Longer hex-based addresses. This makes for more addresses.
• All addresses are calculated. The first part is derived from your provider's IP address, the last part from your MAC address. This guarantees a unique address, in any given space.
• All addresses are dynamic. They are dynamic, not only at time of connection but throughout the time of connection. ie: If you were to move from one ISP to another, your IP address would change on-the-fly. Because of the derivation of the address, the same would be true if any ISP up the heirarchy, for whatever reason, moved from one address space to another.
• Anycasting. You can communicate with the nearest client or server of a given type, without needing to know it's location on the network.
• Simpler header, making for faster routing.
• Compound, stacked headers, making for a clean seperation of data from low-level details.
• Flow-control labels, allowing prioritization of packets.
• IPSec is part of the specification, although it isn't mandatory.
• Heirarchical routing is enforced by the network itself. A router should never need more than 512 entries at most (256 flows downstream and 256 upstream). This makes for faster path searches, cheaper routers, and a network that makes sense.
• No Default Path!!
• No Fragmentation of packets!!
• Absolutely horrible reverse DNS entries
• URLs break, requiring exotic workarounds
• Automagic Configuration - the stack is supposed to automagically configure itself, not only determining it's IP address, but also sensing if the next router out is IPv6 or IPv4, and sending accordingly.
• The IP address is bound tightly to the I/O device, not the machine. Unlike IPv4, where the IP address could be confused with the computer, this is not possible with IPv6.
• Built-in Multicasting! None of this 'orrible patching BSD stacks need, or the codswallop Win9x or NT call multicasting. This is the REAL STUFF!

Re:Suggestions for corporate Intranet?

[Geekholder]

IPv4 and IPv6 can co-exist on the same subnet. In fact, they can co-exist on the same host. You can have a machine which has an IPv4 address and operates as an IPv4 machine, which simultaneously has an IPv6 address and operates as an IPv6 machine.

Every ethernet packet has an ethernet header. There is a two byte field in the ethernet header called the ethertype (also called the SAP in some terminology). The ethertype identfies what kind of packet it is. For example, IPv4 is ethertype 0x0800, which IPv6 is 0x86dd. Thus, you can happily mix IPv4 and v6 packets on an ethernet, your machines will look at the ethertype to figure out what to do with them. Likewise your routers can simultaneously handle IPv4 and IPv6 traffic.
BTW, it isn't just ethernet. Every modern network type, including FDDI, ATM, Token Ring, PPP, etc has a two byte SAP field in its header. The only two network links I can remember which didn't are SLIP and Apollo Token Ring, and I'll wager you aren't using either of those.

How Comforting.

[chromatic]

I'm glad to know that there is at least one more technological crisis to worry about come 1/1/2000.

Seriously, won't the switch require huge changes to existing infrastructure? The big routers on the great big cables -- won't they have to be changed/upgraded/reprogrammed to handle the larger numbers without screwing up the network addresses?

Seems like it to me... but I haven't been following too closely. What are the low level changes we need before we can switch?

--
QDMerge 0.21!

Re:How Comforting.

[the_tsi]

All the more reason to invest in Cisco: the only current tech company that *definately* will still be around in 10 years. No one can displace them.

Just think of the upgrade potential they have... (and people think MS have a corner on a market)

-Chris

Re:How Comforting.

[philsky]

How hard can it be? Really? Dumb hubs shouldn't need any upgrading whatsoever... and "smart" ones and switches... all you need to do is add more memory to the switches to store the longer IP string, and change the variables for holding IP addresses to a bigger value.... I really don't see a huge problem, but maybe that's why I don't do embedded circuits :-)
-philsky

Re:Why IP? Lets Invent a new Protocol...

[PigleT]

IPv6, from what I understand of it, is more than just a wider IPv4. Amongst other things, I think you get end-to-end encryption as standard. Roll on!

And if you were to flip it all to IPX or something as remote, who'd want to rewrite Apache (web servers), netscape (browsers) and IE (market-space) just so that they'd work over the new protocol?

To achieve ipv6 critical mass..

[the_tsi]

I think copyleft or thinkgeek should re-release an updated version of Vinton's classic (legendary?) t-shirt to promote IPv6 and get people more interested in using it...

IP (more) over everything.
-or-
IP over everything from anywhere.

You get the idea. :)

-Chris

Nics and other hardvare don't care.

[The+Creator]

NICs only care about their own protocolls i.e. Ethernet cards only concern themselves with mac addresses etc.(that goes for network topoligies too). But routers on the other hand concern themselves with IP. They wont work unless thei'r IPv6 compatible.
LINUX stands for: Linux Inux Nux Ux X

Not just addresses.

[Matt2000]

As addressed somewhat by the article, it seems to me that the address problem is only the most obvious part of the problems with IPv4. The components of IPv6 to do with intelligent routing will greatly increase our usage of available bandwidth, something we'll need even more if we have an address for "every toaster in the world."

Besides, if I stick knife in my toaster to get out the bread, I'll probably blow the whole Internet.

Hotnutz.com

Re:Why IP? Lets Invent a new Protocol...

[yorkie]

Well Banyan had a 48-bit network address way whenever VINES IP was introduced. Also an intelligent route mangement system that worked most of the time. The only time I saw really broken routing was when a 3rd party router was introduced to the network. Scorpion/Xylogics ISDN devices could mess the routing tables up so badly that they could induce server panics.

Unfortunatly Banyan suffered from a lack of marketing, and a scant regard for quality control in their later years - ever seen BeyondMail 3.0.

I have many tales of Banyan if anyone is interested.

Every toaster on the internet?

[Dast]

Why exactly should every toaster, microwave, dishwasher etc be connected? And even if they are all connected, why in the world do they need their own ip address?

Seems like NAT and IP Masq. are perfect for this kind of thing. What most people do on the internet can be perfectly done through NAT or Masq: web, mail, ftp, ssh, etc.

How does having your own large address space help anything?

(Not to slam on ipv6, tho. I do like build in ipsec).

Re:Every toaster on the internet?

[beme]

Well, wouldn't it be more fun to mess with the program that controls how and when you're thermostat's settings get changed than to mess with the thermostat directly? "I'm cold, let's turn up the thermostat" - where's the challenge in that?? I think you're just lazy! :)
I'm kidding about the lazy comment, of course!

I disagree with the opinion that you would just turn into a 'node' - your life controlled by the other nodes around you. If I start thinking about automation it leads me to a future where I no longer even have to think about many of the mundane tasks that fill up so much of my day currently. All that time can be devoted to more enjoyable things like deep-thinking (some would say philosophy, but I don't have the creds), artistic endeavors, futzing around with the automation software, television-enhanced weight gain, etc.

Re:Every toaster on the internet?

[Sir+Timothy]

Oh, I've been known to be lazy at times, who hasn't been? But, I feel that if you don't have to think about the `mundane tasks', eventually, how will you know they're even being done? You'll just think it's natural to wake up and have a fresh piece of toast at your bedside, for instance, day in and day out..what're you going to do if one day that piece of toast isn't there, and since you have no idea where it came from or how it got there, you either get very upset or call `toast tech support' and hope they're there.."Out of mind, out of sight.."

I don't know about anyone else, but I just don't want to live that way.

Peace,

Re:Every toaster on the internet?

[marnold]

Why exactly should every toaster, microwave, dishwasher etc be connected? And even if they are all connected, why in the world do they need their own ip address?

Once enhanced with "net" access, these appliances will report your usage habits back to the manufacturer. (Anyone remember DIVX?) The theory is that they'll be able to improve their product as they better understand how their products are actually used. Since people are reluctant to have their habits recorded in this manner, expect to see "discounts" and other "perks" from devices that allow your usage to be tracked. (Example: People love those supermarket "value" cards -- you get cheaper prices, and the store gets a profile of your shopping habits.)

In the home of tomorrow, "net" outlets will be as common as electrical outlets. The first devices you'll plug in will be your phone, TV, and computer. But it won't be long before the toasters, microwaves, and others follow suit. And Big Brother will be there to watch each and every device.

IPv6: Putting the 6 in 666.

Re:Every toaster on the internet?

[jkorty]

I'd like to be able to telnet into your cash registers too!!

I used to program cash registers. Do you know how much I would have given to be able to telnet to a misbehaving register on the other side of the country?

Re:Every toaster on the internet?

[Ares]

Excellent point regarding the appliances. Most people wouldn't want others to say, start the microwave, and don't know how to build an effective firewall.

However, you're off on the NAT/Masq issue. Say I've got a couple of machines going out over a cable modem (I don't; I've got DSL). Now, people on both computers want to use NetMeeting and receive incoming "calls" (I know NM is bad, but it illustrates my point, as its something that most home users have). NAT and Masq can't do this. Why, because the effective port-forwarding can't forward a connection to both machines.

Now, say you have machines behind two separate NAT'ed connections. The users can't set up a NetMeeting connection, as neither is directly connected.

Having a larger address space helps by giving each machine its own address so it can accept connections such as NetMeeting directly, because 15 machines won't be trying to use 1 IP.

Re:Every toaster on the internet?

[TheGreek]

Wouldn't a company love it if they could use ip to tell how full a soda machine was?

Coca Cola already does this, but not using IP. They use a different sort of protocol. Dunno how it works exactly, but I know it's implemented widely enough that it made its way up to Northern Maine a couple of years ago.

Re:Every toaster on the internet?

[Anonymous+Shepherd]

That's definitely an exaggeration and hyperbole.

But if every Palm or Visor were networked? Or all the millions of Gameboys? As well as PCs, cell phones, cars, etc?

Ostensibly anything that can use information can/should be connected to the internet.

And the dynamic capabilities of IPv6 should be very useful for such roaming devices as cars, trains, airplanes, Gameboys, Palms and Visors, cell phones, beepers, pagers, e-books, WinCE machines, wristwatches, and whatnot.


-AS

Re:Every toaster on the internet?

[kootch]

well, if you're going to network your toaster, microwave and dishwasher, you're going to need an IP addy, aren't you? Lets say we're becoming the jetsons and you want to be able to turn on the over and have your chicken roasting in the oven before you get home so it's nice and cooked when you step in the door... how would you do that remotely? With radio or infrared? Would be so much easier if you could use your palm or visor, connect through your house's LAN, access the terminal app that controls the oven, and turn it on to the correct temp. To do this, you'll need a network address... so that's why every object in your house will need an IP address :)

Every home will be a LAN and have it's own "domain"... kinda kewl actually... now if only we can find out how to get a toaster not to burn the toast and start a fire while we're still in the shower...

Re:Every toaster on the internet?

[L0rdJedi]

Or, every object will need to be connected to a central server in your house that has its own IP address. This way, you only need one address. Then, you connect to the central server and then you can use any other protocol you wish between that server and the other devices to switch them on.

Re:Every toaster on the internet?

[kootch]

oops, sorry, I was assuming network protocol through java in which I'm pretty sure you'd need an IP for each device/object. oopsies.

Re:Every toaster on the internet?

[ucblockhead]

Every toaster? Nah... Every soda machine, every cash register, every scrolling display sign.

You betchya!

Wouldn't a company love it if they could use ip to tell how full a soda machine was? Wouldn't they love it to change the electronic signs outside their stores?

I used to program cash registers. Do you know how much I would have given to be able to telnet to a misbehaving register on the other side of the country?

There are tremendous business uses for this sort of thing.

Re:Every toaster on the internet?

[Porky+Pig]

Why every toaster on the internet needs to be
connected?

Well, how about my toaster talking to your toaster? ("Oh boy, I"m toasted" - 'Me too').

I agree that private addresses and NAT serve quite
well to aleviate the address shortage. What people don't understand BTW is the complexity of move from IPv4 to IPv6. I work for fairly large first-tier ISP, so I have some rough idea what would it take. MOre than considerable effort. In any case it seems like V. Cerf is the only one who promotes it. Otherwise nothing short of a complete meltodown would force the move to ipv6.

Re:DNS?

[Thomas+Charron]

I guess that's one of the questions.. How does the resolver say, 'Please give me an IPv6 address, not that crappy old IPv4?'?

Re:IPv4 address space subset of IPv6

[Thomas+Charron]

So, hypothetically, we all already HAVE IPv6 IP blocks?

Re:Address selling..

[Thomas+Charron]

You have to support defence in some way.. ;-P

WRONG!

[Signal+11]

Oh bother.. these people didn't do their research.

Hit up this FAQ put out by ARIN. To quote: IPv6 was not designed to address the routing table overload.

Not only that, CIFS is supposed to address this issue for ipv4. The biggest problem IMO is that router tables will simply become too large and cumbersome to maintain. There is a practical limit to how much routing info you can squeeze into a embedded system (router!) before the costs outweigh the benefits.

--

Re:WRONG!

[Ares]

Not only that, CIFS is supposed to address this issue for ipv4.

You mean CIDR (Classless Inter-Domain Routing). CIFS is the Common Internet File System (SMB for the rest of us).

Re:Address selling.. Renting ipv6?

[Thomas+Charron]

Wow, I hadn't looked quite yet. Where the heck does the 'yearly maintenence fee' go? Is this like the DNS name registration 'tax' that NSI came up with?

IPv6 vs IPv4

[Anonymous+Shepherd]

I would imagine, fundamentally, that everyone would *want* to switch, were it that simple.

However, organizations and companies have to tackle issues such as hardware and OS support, software written to recognize and work with *both* IPv6 and IPv4 until the transition has been made, as well as all the little differences in network architecture that may be necessary due to IPv4 vs IPv6.

I had heard that Linux already has support for IPv6; but how about hardware(NICs, routers, network topologies)? And do they work with Linux? And will the software we use, will they work with Linux?

For example take USB. Everything is USB today except for WindowsNT. Linux has better USB support, for crying out loud! Can't use USB mice, keyboards, printers, anything, under WinNT. Will there be a similar situation for IPv6? If the M$s and Suns of the world don't actively try to promote IPv6, and smaller alternatives such as Linux can't/don't/won't step up to the plate, how will anyone ever switch over?

Of course this is just another opportunity for Linux to show it's superiority =)

Linux vs WinNT
Better USB support
IPv6 support
Better low level scalability
Higher efficiencies and runtimes
Better clustering capability(Beowulf)

etc.


-AS

Re:IPv6 vs IPv4

It's my understanding that the Linux TCP/IP stack is the weakest of the three major stacks in present use:

1. the BSD stack that everybody can freely adopt and so most use

2. Microsoft's stack which was derived from the BSD code

3. the Linux stack which was adopted from some other code base because Linus 'didn't like' the BSD stack for some reason).

Since almost everybody else uses either the BSD stack or the Microsoft one, the impression I have gotten is that the Linux stack is the odd man out, and as a result the least robust/compatible of the three. (use Deja.com to do a search on Holger Kruse's writings on Usenet to uncover a discussion of some of the [albeit controversial/flammable] points being made).

The TCP/IP stack is an area of development where a common code base is a valuable thing, enablng all machines on the net to speak a common language. It's an area where the GPL, which tries to act as a crowbar to force all code everywhere wide open, ends up being very divisive. Because Linux ends up always having to play catch-up on it's own implementation, the Linux stack will always be the least compatible with everyone else. This is viewed as a real problem, except, of course, for those people who hope there soon won't be anything on the net except Linux.

Re:IPv6 vs IPv4

[mochaone]

Clues on when to ignore "expert" advice:

It's my understanding that the Linux TCP/IP stack is the weakest of the three major stacks in present use

1) If the sentence starts with "It's my understanding..."

the impression I have gotten is that the Linux stack is the odd man out

2) Toss in comments based upon "the impression I have gotten..."

The TCP/IP stack is an area of development where a common code base is a valuable thing, enablng all machines on the net to speak a common language. It's an area where the GPL, which tries to act as a crowbar to force all code everywhere wide open, ends up being very divisive. Because Linux ends up always having to play catch-up on it's own implementation, the Linux stack will always be the least compatible with everyone else. This is viewed as a real problem, except, of course, for those people who hope there soon won't be anything on the net except Linux.

3) Wrap up with a resounding jackass comment.

Re:IPv6 vs IPv4

So you're an English major?

You certainly didn't refute any of the technical points mentioned.

Of are you majoring in Snide Studies?

Re:IPv6 vs IPv4

It would be hopelessly inefficient to have both protocols supported until everyone has decided to switch when they felt like it. Somehow that reminds me of Microsoft and Intel, both strangled by their addiction to backward compatibility.

In my opinion there should be a "big switch day", announced 10 years in advance to give absolutely everyone plenty of time even to upgrade their embedded systems, and to prepare for some downtime, and then make the switch in one day.

Re:IPv6 vs IPv4

[L0rdJedi]

I had heard that Linux already has support for IPv6; but how about hardware(NICs, routers, network topologies)? And do they work with Linux? And will the software we use, will they work with Linux?

As far as I am aware, and please correct me if I'm wrong, but I don't think a NIC knows or cares about the difference between IPv4 and IPv6. In other words, the software is just telling the hardware what to do and the hardware doesn't really care about the software. Of course, I might know what I'm talking about, but not know what words to use to express it :)

Routers on the other hand, yes, will need to be upgraded to handle the different addressing scheme. I don't know about network topologies though.

Re:It's all about widespread acceptance

[miquels]

> I hate to say this, but: Are you listening, Microsoft? IBM? Cisco?

See http://ftp-eng.cisco.com/pub/IPv6/ for IOS images for a lot of Cisco routers

Telephone # problems similar to IP address issue

[Raul+Acevedo]

There is indeed a growing problem of running out of telephone numbers. Here in Massachusetts they've already had to create several new area codes recently, and they're talking about doing it again.

However, the problem isn't really cell phones, pagers, and finding new phone numbers for them, in the same way that the IP address problem is not about exactly about new computers needing IP addresses. The problem is inefficient allocation; IP addresses, like phone numbers, are allocated to the people that need them blocks at a time. Unfortunately those blocks are not granular enough, and lots of numbers end up getting wasted.

IP example: many companies need only slightly more than a class C address space (255 IPs), but nowhere near a class B address space (65536). So they get a class B IP, but end up wasting thousands of IPs. Now imagine this with class A vs. class B addresses, where you are potentially wasting millions of addresses.

Telephone example: with all the new local telephone companies offering service, they are assigned phone number blocks they can distribute by exchange (i.e. first three digits of a seven digit local number). You now basically have potentially thousands of wasted numbers depending on how successful they are in signing up customers.

In any case, I am sure I'm off on a few technical details on the above, but the gist of it I'm pretty sure is correct.
----------

Re:It's all about widespread acceptance

[Brandon+Hume]

Solaris 8 should contain IPv6 support. Its been in the experimental stages with Solaris 7 and before that, Solaris 2.5.

Check the rumors on http://www.sunhelp.org/
--
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/

It's already happening in San Jose

[DiningPhilosopher]

San Jose is overlaying a new area code (669) over 408 and is making 10 digit dialing mandatory for both area codes starting October 2nd of this year. We've had area code splits here in the Bay Area but as far as I know this is the first overlay.

There's a quick explanation over at Pac Bell. There are even commercials on television to make people aware that they have to start dialing 10 digits.

I too foresee LOTS of problems with the shortage of numbers in the near future.

Re:It's already happening in San Jose

[TheGreek]

San Jose is overlaying a new area code (669) over 408 and is making 10 digit dialing mandatory for both area codes starting October 2nd of this year.

When NYNEX bought New England Telephone, ten-digit dialling became mandatory up here in Maine (only one Area code--207--for the whole state still) for all non-local (i.e., toll) calls. People complained, so when Bell Atlantic bought NYNEX and wanted to raise rates, the Maine Public Utilities Commision told them that they'd have to reallow state-wide 7-digit dialling.

They want to make a new area code soon, though. People are complaining about this too. It'll be entertaining to see how it turns out.

Re:It's already happening in San Jose

There's a quick explanation over at Pac Bell. There are even commercials on television to make people aware that they have to start dialing 10 digits.

Commercials don't do enough. Here in Atlanta, for no apparent reason, Hell$outh started requiring 10 digit dialing. I know of more than one ISP that went under when their customers could no longer connect to them, and Hell$outh advertised their own Internet service when the customers called Hell$outh for help. Not only did Hell$outh piss off the ISP customers with their reckless actions, they also used it as an oportunity to steal them. There was a mini-crime spree also, because the vast majority of monitored alarm systems quit working. I was working on software for an alarm monitoring company when this happened, so I saw from inside how Hell$outh's policy put a company out of business. Because Hell$outh does not allow 10 digit calling where they do not require it (there is no technical reason for it, just their hatefulness), you can't setup an alarm system, computer, or even a simple speed dial so that it will work both before and after Hell$outh's change. This means that after Hell$outh starts requiring 10 digits in an area, many people spend the next few days or weeks quickly converting all of their systems, and there will be some downtime.

Re:The Great Telephone Number Explosion...

[zmooc]

I live in the Netherlands. Here we've had the whole telephone-system (which is controlled by a single company) renumbered. Most numbers used to be 9 digits (except for Amsterdam and Rotterdam which already had 10 digits). Now we all have a 10 digit-phone number. It all went rather flawlessly; they gave nearly everybody a new areacode. They chose those new areacodes in such a way that the new ones did not exist in the old system (luckily there were enough area-codes). They also added a digit to the phonenumbers, and voila...there are about 10 times as much numbers. They kept the old and the new system working together for a few months and then dumped the old system. A funny thing was that suddenly I got a free new-number-calculator with everything I bought:)

Only blow the internet if you run Windows.

If Microsoft had it's way and ran a windows toaster, putting bread into the toaster would blow the internet.

Well, once we all are over the Y2K crisis and the IPV4 crisis, then we have to timestamp crisis of 2036 to deal with. I'd better start working on my fallout shelter.

Injured software engineer wins against Mattel!

Re:Returning some of the 16.7 million...

[tialaramex]

Yes, AFAIK most of the really large chunks of IP space which weren't being used have been returned.

Re:IPv4...

[tialaramex]

I love NAT as much as the next man, but it's fundamentally a bad hack.

You lose transparency, flexibility and ultimately performance from doing this kind of thing. For a $100 student house network, it's great to use NAT, for a $100M company it gets ugly really fast.

Look more closely at your NAT box some time, it has Application-Level protocol handlers, because otherwise apps like Quake, CuSeeMe, FTP etc. wouldn't work correctly.
As time passes, and users demand more sophisticated services, it gets harder for NAT to work properly, and the implementation gets more and more fragile.

Supporting NAT because it's cheaper than upgrading is a false economy, like sticking with Win16 to save on NT licenses. You'll feel the pain later.

Re:Telephone # problems similar to IP address issu

[Christopher+B.+Brown]

Possible technical quibbling aside, that sounds not too distant from reality.

The wastage of numbers via ineffective use of exchanges does indeed suggest another vector via which "name space" may vapor away. The only good news is that cell phones and pagers are likely to "pack in" more effectively as they are not forced into a tiny geographic zone as would be the case for a local exchange.

The merely makes the "crunch" happen quicker; as the numbers of phone numbers per person grow, the population of needed numbers is still growing pretty rapidly.

The issue is not, in this case, one where there is a sudden date when everything breaks (as with Y2K, but rather something more like a ``brown-out'' where it becomes increasingly difficult to manage systems, and where new subscribers cannot be admitted, which will hit some geographic areas before others...

It may result in businesses moving to ``economically depressed'' areas where there are exchanges with space free :-).

Re:Address selling.. Renting ipv6?

[LWolenczak]

I have no idea

Re:It's all about widespread acceptance

Vint Cerf came over to the UK a while back and a Presentation was set up so that he could talk about why MCI Worldcom should seize the Internet. It was mostly board level marketroid people but I managed to sneak in. In between talking about Interplanetary Internets, he said that basically everyone was waiting for Microsoft to implement IPv6 in it's OS...

Re:WTF 128 bits?

[Brandon+Hume]

Well, first thing... 128 - 64 - 48 is not 32, its 16.

Secondly, MAC addresses may be 48 bits now, but there's rumblings about making them 64 bits. There's a specific process to make a 48 bit MAC address into a 64 bit link-local address (split on the 24 bit boundary, insert 0xfffe, add 0x02 to the first byte). So 16 bits are NOT being "thrown away".

So that top 64 bits is everything, including subnet id, and the bottom 64 bits are GUARENTEED to be unique within that subnet. And believe it or not, but your IP changes depending on which upstream you go through to get to the destination.
That top 64 bits varies all over the place.

I also have no doubt that IPv6 addresses CAN be assigned manually, having nothing to do with the ethernet address, if you choose not to do Neighbor Discovery. But otherwise, who cares? Guess what, my MAC address is 08:00:20:77:88:d1. What are you going to do to me with that? If you use authentication, the other end ALREADY knows who you are. If not, how does that differ from IPv4? You track me down via my upstreams, which anybody can do via IPv4 ANYWAY. And how do you know whether I've moved location, or I'm simply going out a different link to get to the end station? How do you know its me sitting at the station? How do you know that I haven't given/sold my laptop NIC to someone else? How do you know I'm using in.ndpd or an ethernet card at ALL?

If you're going to get worked up over something, get pissy over online phonebooks which give out your home address, or websites which publish your email address to spammers. Worry about that stuff associated with your name, rather than someone writing down 3ffe:b00:1802:1:a00:20ff:fe77:88d1 every time they see it.
--
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/

Even nanotech not a problem with 128-bits...

[LinuxParanoid]

...at least if you use a non-ethernet addressing scheme for those bottom 64 bits and get a full 128-bit space. I once wondered about whether nanotech would present problems for 128-bit addressing and did some back-of-the-envelope calculations to examine the issue. A little math to satisfy one's "what-if geek" tendencies:

earth's surface area = 5.099*10^11 m2
earth's land area = 1.4835*10^11 m2

That's surface area, but we live in a volumetric space; let's define that space as 1 km high above/below earth's land-mass(part of that 1km being underground, part being in the air.) Thus the volume of human space above/below land is 1.48*10^14 m3. With 10^6 cubic centimeters per cubic meter, and approximately 10^23 atoms per cubic centimeter, we get 1.48*10^43 atoms in our human-habitable slab of space on earth.

Now, how many IP addresses for that space? Well, 2^128 = 3.4*10^38th.

Ergo we have enough IP addresses for nanotech devices of 43,600 atoms each, in a human-habitable volume completely covering the land-mass of Earth and extending to fill a volume of space above and below the earth's surface for a full 1 km. Sure, you might get nanodevices smaller than that, but would they be independent enough and sensing/generating enough information to communicate via IP?

Well, if that isn't a problem for 128-bits, what is? Let's check a few other test cases that your friendly sci-fi reader might imagine...

Well, that was just land-mass. What if we filled the sea with nanodevices, would that exhaust it?
The sea is 11km deep at worst, 3.8km on average. Water surface area is little over double land. Thus water basically requires a factor of 10x more devices. Given that you probably won't have more than 10% of the volume of any space being nanodevices (and this would seem to remain an extreme upper bound), this probably isn't an issue.

So what about interplanetary colonization? Still not too much of an issue for this solar system (ignoring the latency issues.) At least the first few planets (Mars/Venus/Mercury) which only add a factor of 3-4x expansion once 100% colonized form due to the roughly similar size of available nanodevice space on those planets as earth. True, a colonized Jupiter might pose problems down the line...

And if you used nanoprobes to fill/convert entire atmospheric systems, you end up covering a lot more volume (99% of earths' atmosphere fills approx 8.6*10^19 m3 by my calculations, five orders of magnitude more space than our 1 km slab.) Of course, any nanodevice design on that scale would probably use its own non-IP protocol.

Ah, but what other assumptions could be misleading us? For example, what is the efficiency of the 128-bit name space? Can we really use all those addresses? Well, I admit, I'm less an expert on this. The issue that Ethernet MACs will typically be your bottom 64-bits definitely chews up a lot of space, but if Ethernet doesn't make sense for nanodevices, we'll probably be using something else, or our self-assembling nanoprobes will build and configure themselves so that they share 1 higher-level IP but under the covers each have an colony-wide (not globally) unique ethernet address. How efficiently allocated is the rest of that (non-Ethernet) space? Well, I think CIDR-like tweaks can squeeze a fair amount out.

Still, even in the case where 128-bits isn't quite enough(!), I suspect reverting to NAT-type approaches in IPv6 will be workable. Certainly inter-stellar communications which will be limited to a relatively small number of transmitters will scale up with NATs for quite a while, assuming photon-based communications. ;-)

So I suspect the 128-bit addressing scheme of IPv6 will last us at least another 200 years, not just "decades" as the IPv6 committee conservatively claims.

Of course, they probably know more weaknesses in that timeframe than I. Pretty hard to extrapolate out that far. For example, will the 4-bit header for IP version numbers be sufficient? Only 255 (8bit) hops? Who knows? Maybe IPv6's optional extension headers will even let us kludge around those issues.

Still, I think 128-bit IPv6 addressing will last us through nanotech and intra-planetary travel. Perhaps it will even last as long as our 4-digit field Y2K fixes!

--LP ;-)

Re:Even nanotech not a problem with 128-bits...

[Hobbex]

I had a bunch of these ready, the most apparent is that at one Nanogram a piece, 2^128 devices would still have a mass something like 10^5 times as much as the earth. But then I realized it was this sort of examples that the guy I was replying to complained about.

The IETF did the write thing by choosing to go to 128 bits rather than 64, and given that I don't think we have to much to worry about.

But then consider the flip side, if we think that getting the entire terrestrial Internet to move to ipv6 (with only 2 billion or so Nodes) is a big task, imagine moving the entire Wormhole-Switched MilkyNet, spanning a million planets with 2^108 Nano-sized nodes each, in a few hundred years...


-
/. is like a steer's horns, a point here, a point there and a lot of bull in between.

6bone

[jd]

CISCO, Bay and Telebit hardware routers work extremely well with IPv6. 3COM is also working on IPv6 routers, and I believe is coming along well with them. Nobody else really matters, in this game, as IPv6 is designed for a gradual, rather than big crunch, transition.

As far as software routers go, GateD and MRT work well with IPv6. I believe that there are others, too, but those seem to be the main ones.

Software - Sendmail, Inetd, Telnet, FTP, Traceroute, Ping, Fetchmail, INN, various news readers, and BIND work with IPv6. Mail readers only need to talk to the local Sendmail, so mail to/from IPv6 networks does NOT require any change to mail reader software.

Very little software actually -needs- to get ported. eg: Web Browsers don't =NEED= any special IPv6 capability. Just modify a proxy, like Squid, and you'll be able to access IPv6 web servers without problems.

To port software, though, requires a bit of work. Not actual EFFORT, as the change is largely one of altering the structure you use, and the socket type from AF_INET to AF_INET6. Oh, and you need to remember that IP addresses need not be entered in a fixed-length format. Yes, there are other details, but those are really trivial.

Linux will interoperate with all other IPv6 stacks, and has been able to do so since the experimental patch for 2.0.20 came out. :)

Hardware doesn't care about the protocol, so any hardware will work with any stack. Microsoft isn't pressing IPv6, yet, but MOST of their publicity surrounding Windows 2000 touts the very things that adding the IPv6 stack gives it. My guess is that we're going to see Microsoft push IPv6 in a BIG way, to maximise publicity.

Re:too much misinformation...

[mOdQuArK!]

" Wrong, a firewall is the means to do that. You're relying on obscurity to protect you, which, as we all know, is no security at all. "

It appears that I'm misusing the terminology - I usually lump NAT/firewall functionality together - being able to ignore or transform packets based on selection/rejection criteria and knowledge of protocols. In my following comments, when I talk about a NAT server, I also mean firewall functionality.

This has nothing to do with obscurity (and I'm not even sure how you managed to bring that up w/respect to my previous reply!) - the whole point is that the owner of the "gateway" has total control of the flow of information through it.

" You're relying on the upper layer protocols to make assumptions about the lower levels of network. This isn't proper. The network should be the network. The applications shouldn't have to know and shouldn't have to care what boxes they travel through to get to the end station. NAT breaks that. "

I don't see why this is so. As I stated before, properly implemented, on the outside the NAT server looks like a single host. Any applications running on the outside won't be able to tell the difference (logically, although performance-wise might be another issue). Applications on the inside will think they're talking directly to the network through a gateway.

The only problem you have is when you try and use a protocol which requires active participation by the NAT server. *You* think this is a problem - *I* think this is a good way to control who is talking to what, and what they're saying, from my subnet.

" NAT, most frequently, tends to break low traffic datagram protocols. I'm pretty sure what you envision is a network using nothing but TCP, and proxy upon proxy upon proxy to pick up the slack. Sorry, but I find that a bit shortsighted. It may be great for you, but your situation is just that... yours. "

NAT only breaks low traffic datagram protocols which it doesn't understand. I do *not* envision a network with nothing but TCP - I envision a network where I have control over which protocols are allowed through my gateway to the net.

Being able to upgrade a NAT server to understand new protocols is a technical issue which I am not addressing, but which doesn't (to me) seem to be a big deal to solve.

" Just as an example, a local ADSL provider in my area used to do just that... running their entire ISP behind a single NAT-overloaded IPv4 address. It was a dismal failure. Users couldn't play games like Diablo. One person would piss off an IRCOp, and the k-line would ban EVERYBODY. The NAT box would get overloaded and crash, and suddenly nobody had connectivity. "

This points out the stupidity of that ISP provider rather than anything particularly wrong with a NAT implementation. An ISP is supposedly to provide relatively uncontrolled access to the net - a NAT server is going to, because of its nature, "filter" out any protocols it doesn't understand.

ISP service provided by the IT department of a corporation might find a NAT server arrangement quite desirable, since they might not want people to easily play games like Diablo or access IRC. Without the NAT server, they would have a difficult time blocking attempts by people to do these things.

As far as overloading & crashing is concerned, that's just a matter of systems-analysis & load-distribution - the fact that the ISP couldn't handle that just indicates their incompetence.

" A NAT'd IP can never provide the full, unrestricted functionality of a real IP address. End of story. "

A NAT'd IP provides ENHANCED functionality over a "real IP address" - the ability to control how any packets are accepted/rejected/transformed. Your "end of story" is not very final.

Re:The Great Telephone Number Explosion...

[mprinkey]

As someone in the industry, maybe you can answer this? Why haven't phone companies develop dial-out-only phone lines for Internet usage. You could attach the secondary line billing to the standard primary phone line. You would not be able to recieve calls on the second line, but all of the phone lines permanently connected to modems wouldn't care. Perhaps there are routing and network issues that I am not aware of, but it would seem that the local telco switch would be able to handle such this situation with a simple software upgrade. Just wondering...

Re:Telephone # problems similar to IP address issu

I've spewed this here before, but the US isn't the only place this happens. We just happen to be on the front page, so to speak, because we're splitting so often. My uncle is the head inter-office communication geek at his company, which has offices in Malaysia. Over there, they tend to give business blocks of 10000 numbers, despite the fact that they may need 20 or 30. And these are to businesses, not alternative phone carriers (who I'm sure must get numbers by the 100000's).

OT: Since we're all on the subject of phones, anyone know how to get USWorst to set up a hunt group on a collection of residential lines?

mac addresses?

[xpro_]

sorta like mac(media access control) addresses?

Re:mac addresses?

[Markvs]

Not as such. Theoretically, MACs are specific to each individual interface and (should)never change. TCP/IP addresses can be dynamically assigned to a controller.

The main idea, of course, will be to free up addresses.

In my opinion, I think that what will happen is that the big boys with class "A" addresses (AT&T, GE, et cetera) and maybe some "B"s will change over and free up enough v4 addresses, thuse starving off the problem for a few more decades. (Or indefinately, if folks keep moving over...)

-Markvs

..."You must never run away from something immortal. It attracts their attention."

What about better security?

[Croaker]

Does IPV6 do anything about better authentication/security? Having more addresses is nice an all, so I can have my toaster on the Internet, but the last thing I want is to get a call about my toaster having cracked the Bank of America's system 'cause a script kiddie pulled it's IP out of a hat.

It seems to be there some sort of sane routing rules could be put into place with a new IP system, so a router could spot spoofed packets (then again, in some cases this could be done now, and I sort of doubt anyone does, probably based on the overhead).

Also, when they defined this sort of thing, did they give any consideration to the various attack methods that would be possible via IPv6? I suspect some of the issues we've seen in the past (i.e. Ping of Death) were caused because the protocol didn't suggest what to do in cases where the packet was malformed, or intentionally busted.

Re:What about better security?

[ardran]

>Does IPV6 do anything about better authentication/security?
Yes. IPsec, IP-level authentication and encryption, is included in IPv6. It is available for IPv4 as well. Several free implementations (KAME, FreeS/Wan, etc) are under development.

Re:What about better security?

...the last thing I want is to get a call about my toaster having cracked the Bank of America's system 'cause a script kiddie pulled it's IP out of a hat.

That's a might big hat!

Seriously, hopefully your toaster will be secured in the same way DOS is. Through inability. Security through obscurity does not work, but inability will protect you everytime. Lack of a telnet client (you can still have a telnet server, you just can't connect-out to other toasters from your toaster) can help protect you. Hopefully, the toaster will have a rather limited macro language that doesn't allow arbritrary packets to be created. Hopefully, the toaster (or your can opener) won't have a general purpose OS, or if it does, hope that its open source. I don't foresee toasters with Internet connections being a problem, unless Microsoft wrote their software ... nevermind, I see your point now.

Re:The Great Telephone Number Explosion...

[Quack1701]

The answer is simple. Add one more digit to the phone number. Its happened before. It'll happen again. However, this time we could make a realitively easily switch if the phone company just required all new mail systems to accept both 10 digit numbers and 11 digit numbers. Then give people five years to upgrade thier hardware/software. So what if it costs money. That is why we pay bills. Anyways, it will cost more if we wait.

Quack

Re:The Great Telephone Number Explosion...

[Quack1701]

The answer is simple. Add one more digit to the phone number. Its happened before. It'll happen again. However, this time we could make a realitively easily switch if the phone company just required all new phone systems to accept both 10 digit numbers and 11 digit numbers. Then give people five years to upgrade thier hardware/software. So what if it costs money. That is why we pay bills. Anyways, it will cost more if we wait.

Quack

Re:Address selling..

Wanna buy 6.9.6.9 or 6.6.6.6? Oh wait www.arin.net/whois says those belong to the US Army. Rats.

Re:Address selling.. Renting ipv6?

[LWolenczak]

I'm supprised that nobody has brought up the price for renting ipv6 space, and yes i did say renting, you cant buy ipv6 address space, and you halfto pay yearly fees for it maintained, all ARIN and its buds want is MONEY.

At those prices, it will compleatly come out of end users to implament, and hell, you halfto rent.

Im supprised nobody has had a problem with this or Brought it up, but this is not good, i mean, with all thows addresses, one would logicly think, that it would be Free, or atleast a whole lot cheeper, like 100 bucks.

i wonder if the 6bone is still up and running

Re:Humm (Why is this redundant?)

Not that it really matters too much but I believe that some moderators really
need to look up the word redundant in a dictionary. This is post #1. How the heck could
this person's statement/question be redundant?

Just to help people along, here is a good definition of it:

Redundant
1a: exceeding what is necessary or normal
1b: characterized by or containing an excess; specifically : using more words than necessary
1c: characterized by similarity or repetition (a group of particularly redundant brick buildings)
1d: no longer needed for a job and hence laid off
2: PROFUSE, LAVISH
3: serving as a duplicate for preventing failure of an entire system (as a spacecraft) upon failure of a single component

Possibly, just possibly, the redundancy here may apply to 1a but I really don't think it deserves it.
Then again, what do I know, I'm only an AC.

Why IP? Lets Invent a new Protocol...

[starvo]

True.. We could Run out of IPv4 Space By 2010...
But since we're going to have to freaking upgrade every router, adn networked piece of software.. do we really want to stick with IP?

I mean, I wonder if there's Some folks out there.. working on a good replacement protocol.. something that does all that Ip does.. But faster, Lower on memory, and easier?

Maybe IPv6 Isn't the answer.. Maybe We'll end up using Some weird Child of Banyan Vines.. Oor Ipx.. Or maybe there will be an open sourced Protocol.. Or maybe We will all fall under the Sway of Mr. Gates. and us MicrosoftIP-2000

-Warning I'm too lazy to spellcheck---
-And I could be making all of this up-
-So Take it all with a grain of Salt.-

Re:Why IP? Lets Invent a new Protocol...

[Jherico]

And what would constitute "A new protocol" exactly? IPv6 isn't just an expansion of the address fields, Some fields in the protocol have been dropped, others added, and some renamed to have slight different functions.

How many more changes would it take to make it a new protocol in your opinion? Or is the name all you care about?

For what its worth, IP has served the internet very well for its lifetime. Completely scrapping it and going back to the drawing board without looking at IP for what made it so great would be throwing out the baby with the bathwater.

And just because something is old doesn't mean its not good anymore. We have new demands that IP can't cope with, so IP needs to be modified. But on the other hand ethernet is something like 20 years old and serves its needs perfectly well, so its left alone.

Re:running out of IPs

[Ainis]

I bet that in the near future, cars will have IPs, so that they can remotely talk to the mehanics' computers. And while we're at it, have a thing, where if someone steals your car, they can find out where the IP is located at.

I don't think it will stop car steeling, but dumb thieves will have to go away. Then only hackers will be competent enougth to steel cars.

SOCKS

With SOCKS on a router/firewall/NAT box you can avoid ugly protocol kludges.

Assuming, of course, that your software is Open Source (tm), so you can add socks support to it -- I can't understand why people never do it.

Re:SOCKS

SOCKS is only so useful. If you are running internal to your network multiple applications that all require listening on the same port of the server, no cigar. A good example of this is Starcraft. No NAT will allow you to run multiple Starcraft instances behind a single IP address. I'm sure there are plenty of network games for which the same holds true.

No

Sorry "Signal 11", but Harald is right. I can't believe you're telling an IESG board member that he doesn't know what he's taking about.

I've attended every IPng (and ngtrans) working group meeting held for the past couple of years. Let me assure you that:

(A) IPv6 was designed to increase the available address space.

(B) IPv6 was designed to allow for better heirarchical prefix assignments, thus reducing the problem of route table explosion in the default-free routers.

Re:No

[Signal+11]

... Then ARIN is lying. Unless I see some credentials or a link, I'm going to stick with what ARIN said in their FAQ...

--

Re:too much misinformation...

"It involves a code load change, not a hardware upgrade.It involves a code load change, not a hardware upgrade."

Of course, if you buy a lot of Cisco products,
you realize that the software costs as much as
the routers.

Re:IPMasq to [your toaster's] rescue

Why can't your future IPv6 firewall simply filter out all packets coming from the outside to your toaster?

Bzzzt! WRONG!

Microsoft's stack which was derived from the BSD code

Absolutely not true! Microsoft Research's IPv6 support was written from scratch. I know this for a fact since I wrote a good deal of it. The source code is available here. Feel free to download it and compare it to the BSD IPv6 stuff. I've never even looked at the BSD code, so I really doubt it's even remotely similar.

There are enough bogus anti-Microsoft rumors already, no reason to start another.

Re:IPv6 Myth Debunking

[TheGreek]

Here is a good document that cleared up a number of false things I was told about IPv6.

I would like to clear up a false thing that article states about IPv4: The IANA, NOT the InterNIC, hands out IP address blocks. What a gauche statement. You'd expect Bay Networks to know better.

IPMasq to [your toaster's] rescue

[Cycon]

Why would every client in the so-called technological home of the future even require it's own internet IP address?

Except for the appliances that one might need to gain access to from the outside world (security system, garage door opener, etc) you wouldn't even need (any in many cases you specifically wouldn't want) any incoming connections from the outside world. If i'm surfing the web with my toaster, all I need is an internal IP address and an IP Masquerading firewall between me and the rest of the internet. Simple port redirection would suffice for gaining access to most other appliances.

This is how I handle computers at my own place, I have an @Home cable modem, with a single IP address attached to a 486 box with two NIC cards running debian. This box acts as an IPMasq'ing firewall/dhcp server for the rest of the computers in my house. I use port redirection to ssh or ftp into the rest of the machines, and save myself having to pay for all of those extra IP's.

There's no reason that I can think of why every machine on the net needs its own IP address anyway, it's far more secure to have a firewall sitting in between you and the rest of the world, and IP Masquerading works with everything that a typical user would need (http, ftp, instant messenger, icq, quake, realvideo, etc.) and as far as latency is concerned, my 486 only has 8 megs of ram, and both NICs are old ISA NE2000 clones, but I get an average of 50-100 pings for quake2, and have downloaded up to 180 KB/s (which is darn near the max for my cable connection anyways), with room to spare - certainly more than my toaster needs to tell me that it's done or for my X10 server to tell my coffee maker to start brewing in the morning.

RIGHT. (Re:WRONG!)

[hta]

While IPv6 was designed chiefly to support larger addresses, the address allocation strategy for IPv6 and the VERY heavy emphasis on ease of renumbering in IPv6 engineering WERE designed to address the routing table overload.

How I know? I was on the IESG when we approved most of those documents.

Re:RIGHT. (Re:WRONG!)

[Signal+11]

... Go back and re-read the ARIN FAQ I posted. I just got done telling you that ipv6 was not designed to increase the available address space. You are confusing routing with addressing. IPv6 was designed primarily to help ease path discovery in embedded systems (routers!).. not increase the amount of addressable space.

--

IPv4 address space subset of IPv6

Every IPv4 address is a valid IPv6 address. So the old global Internet will fit comfortably inside the new Internet. The only real problem is that a huge number of IPv4-only devices will only be able to talk directly to other IPv4-only devices. To access the rest of the internet, those devices will have to be hidden behind NAT or its equivalent.

Re:It's all about widespread acceptance

[ardran]

The problem is, no one wants to. In particular, the people who are building the routers. Routing tables are huge under IPv4, but memory is cheap. No one wants to handle the extra work that the routers would have to shoulder under 6. Getting the world to run at line rate is not easy, especially after looking at all the stuff that's packed into IPv6...

Building a good IPv6 router requires IPv6 (obviously), but also extensions for RIP, OSPF, BGP4 (ack!), ISIS, ... to handle the bigger name spaces. I believe that many of these extensions are floating around in drafts. But they're not very widely deployed (if they are at all). And until the backbone routers all speak IPv6 (or some other solution, like MPLS tunnels to keep the "good" IPv6 traffic away from "bad" IPv4 routers), IPv6 traffic will be restricted to sketchy IPv4 tunnels.

What about using reserved IPs and proxies?

[soldack]

I don't understand why each device needs a full IP. At my house I have one dial-up connection that is shared by all my boxes. The IP changes each time I connect. I use a reserved IP space for my local network. Why wouldn't other devices work this way? Perhaps there are a few applications where it wouldn't work but for most of the little devices that people are worrying about, this type of network makes sense.

Re:It's all about widespread acceptance

[kramer]

Trumpet Winsock version 5.0 implements IPv6 on a Win95 / 98 platform.

Re:proxy server...?

"Somebody has to
renumber their entire network or it just won't work."

Yep. How you handle this depends on whether you
are the acquiree or the acquiror.
If you are the latter, your IT guys go there and
do it. If you are the former, you have it done
TO you.

Or you can flail about and piss and moan about not
wanting to do it, but that won't fix your problem.

Re:It's all about widespread acceptance

Maybe we can get Microsoft to Innovate IPv6.
Are there patents involved?

IPSec is REQUIRED for IPv6

For an IPv6 stack to comply with the IETF specs, it MUST implement IPSec. This is another great advantage of IPv6, since you're guaranteed that IPSec will be available. Since IPSec will always be just an optional add-on to IPv4, you'll won't be able to count on it being present on IPv4-only machines.

Re:The Great Telephone Number Explosion...

[jafac]

I remember when it was all 312. Then came 708 (and they said, "that ought to do it for now"), "now" lasted approx. 12 months, then it was 630.

I got fed up.
I moved.

"The number of suckers born each minute doubles every 18 months."

IPv6 routers do less work

Actually, IPv6 is nicer on routers than IPv4. An IPv6 router is never called upon to fragment packets, since IPv6 mandates path MTU discovery. Having to fragment packets is a real chore for IPv4 routers.

Also, as far as routing table lookups go, this problem is essentially solved. There were two papers presented at SIGCOMM '97 that described (independent) ways of performing very efficient routing lookups (for both v4 and v6).

Re:There is still an overflow...

" This doesn't break the phone system itself, but it breaks systems that track telephone numbers. "

There might be more of those than there are Y2K
problems. And there are a lot of switches and other equipment that can't deal with anything but
10 digit numbers.

Re:The Great Telephone Number Explosion...

[fishbowl]

>>IE you and your neighbor may have different area >>codes

In Dallas, there is a certain amount of prestige
associated with the 214 area code. If you're out
in 972, you might as well be living in a trailer
park in the boondocks, in some people's opinion.

Believe it or not, there are people who can assert
prestige based on their ZIP code or Area Code!!!

Don't underestimate the strength of this factor in
setting policy...

Link

Here's a link to IETF's IAB document called The Case For IPv6. Section 2.2 spells the design goals out pretty clearly.

I realize you were just repeating bad info, so nothing personal.

URL for information on IPv6

[EggDye]

This is something a of no-brainer, but you can find out a great deal about IPv6 by checking out

http://www.ipv6.org/

If you just want a in-depth understanding of why you should use IPv6 instead of Ipv4 take a look at

http://www.ie tf.org/internet-drafts/draft-ietf-iab-case-for-ipv 6-04.txt

Address selling..

[Thomas+Charron]

I predict that eventually, companies who own entire class A networks, and perhaps some class B networks, will end up getting into the access buisness when they find out that they have this TREASURE trove of IP numbers that are scarcer and scarcer. This could lead to a whole new outlook on things ISP's.. ;-P

Re:Address selling..

[bmetzler]

I predict that eventually, companies who own entire class A networks, and perhaps some class B networks, will end up getting into the access buisness when they find out that they have this TREASURE trove of IP numbers that are scarcer and scarcer. This could lead to a whole new outlook on things ISP's..

Whoa! It's going to be even bigger then domain name squatting. You want an IP address? I've got this one here that's easily rememberable. Let's see, I can let it go for a paltry $10,000.

-Brent
--

NAT/Masquerading (Kinda Offtopic)

[GW+Hayduke]

I was just wondering if anyone else has had any luck with this theorem... Whilst upgrading one of my POP's my co-worker and I thought of using NAT to run some of our RAS units... I started shooting this down, thinking of tracking IP's to Users who are spamming/hacking, and just being a general luser. As we looked into it,there are lots of other ways to track them down. But just something to ponder, imagine running a block of 396+modems off a single IP???? you could literally tie up a class C to run ALL of your RAS/WAN equipment ( for even a decent sized ISP) then leave another Class C for virtual hosting... I'm going around to some of the schools that we host now, and setting up NAT on their Pipelines after they were tying up an entire class C for 25-30 workstations! WHAT A WASTE!!!! So I guess I'm just wondering if anyone else out there has had similar ideas, and if they've had any luck with them....

It's all about widespread acceptance

[El+Volio]

IPv6 (which, as the article pointed out, offers more than just a larger address space) won't achieve widespread acceptance until (strangely) it has widespread acceptance. In other words, nobody wants to move to a standard until everyone else is.

As I understand it, IPv6 devices can still handle IPv4. So what we really need is for a few of the real leaders to come out and boldly adopt IPv6. I hate to say this, but: Are you listening, Microsoft? IBM? Cisco? Transition your products and services to IPv6, and the world will follow.

Now if we can just get everybody to strongly encrypt ALL IPv6 traffic...

Suggestions for corporate Intranet?

Please excuse the AC posting, but I don't want to reveal who I work for.

This was a good article on a technical subject. I've looked into this a bit already, and this article agreed with what I already knew and confirmed a few things I'd only suspected.

This is of more than passing interest to us. My employer has recently aquired some other largish companies, and we need to set up a corporate Intranet. Problem is, we don't have enough IP addresses.

(Well, maybe we do. There are rumours of a class B address owned by some research lab somewhere in the company. People are currently trying to track it down. Failing that, we might just have to buy a company that already owns one.)

So now what do we do about IPv6? Everyone in the company is using IPv4, often with 10.*.*.* addresses hidden behind firewalls that do NAT. We need to integrate all these networks into one corporate Intranet, and the idea of having lots of NAT boxes playing games with IP addresses does not sound good. Neither does the prospect of renumbering all those boxes by hand. We don't run DHCP anywhere (someone once talked about security issues as the reason for that, I don't know anything more).

One idea is to create an IPv6 backbone for the Intranet with IPv4 subnets hanging off it, and use protocol translation routers to connect the subnets. That way we can get the subnets on with minimum hassle, and upgrade them as and when it becomes feasible.

As far as upgrading goes, our favoured solution would be to just buy new machines with IPv6 stacks installed. We certainly don't want a flag day. Reading the IPv6 site, it looks like IPv6 and IPv4 machines can co-exist on the same Ethernet spur or whatever. Am I right about this?

Any information would be gratefully received.

Re:Suggestions for corporate Intranet?

I'm facing more of the same thing at various sites. I've got an IPv6 migration plan. Push your vendors for support.

DNS?

[Thomas+Charron]

Something occured to me while I was reading this. They are now accepting registrations for IPv6 namespace, but how are they going to deal with the fact that domain names are already registered for IPv4 addresses? Aka, will slashdot have an 'IPv6' address, AND an 'IPv4' address? It's not like someones going to switch a light on and 'POOF', we're all on IPv6..

Re:DNS?

[Bobort]

I don't know about other nameservers, but BIND has support for the AAAA record, which is like an A record but for an ipv6 address. So if you're using a recent version of BIND, you can have it serve up ipv4 and ipv6 addresses for the same name, depending on what the resolver asks for.

IPv6 Consultants: the Next Growth Industry

[dpdx]

It occurs to me that if I was to be at least an early learner of the subtle nuances of IPv6, I could make a buttload more money than I do right now, slinging web for the BLM.

Just don't steal my idea and beat me to it, OK? :)

IPv6, USB, NT

[PenguiN42]

NT 5 (w2k) can do USB. I don't know if there's an add-on way of doing it in NT4 (like there was for win95)

And Microsoft has an "unsupported" ipv6 stack for NT for download here: http://research.microsoft.com/msripv6/

-------------
The following sentence is true.

Re:The Great Telephone Number Explosion...

[_Splat]

Why not just add an extra digit to the front of the area codes/local numbers, with a single digit, for example, 2, added to all existing numbers. So, (213) 673-4332 would become (213) 2-673-4332 Poof.. ten times the numbers, no need to cause painful area code switches. Sure, some databases and other software might need some work, but this is definatly easier than trying to call an old number somewhere across the country whose town you don't know.

WTF 128 bits?

[redelm]

128 bits for an IPv6 IP address? Why _4_ times bigger? Since each packet's header needs both a destination and the source, that's 32 bytes vs 8.

If we say the average packet is 500 bytes (?), then IPv6 is imposing at least an additional 5% overhead on bandwidth limited lines. Like a tax--what are _we_ getting for it?

I'm sure the extra bits will be rapidly stolen to help routing (ie, a couple of bits for continent, a couple more for region (state), or the network topographical equivalents.

I have privacy concerns about this (static IPs) plus I wonder if Cisco isn't doing this to scr*w their competition (Linux routers?).

-- Robert

Re:WTF 128 bits?

[Brandon+Hume]

In most cases, the lower 64 bits of the IPv6 address will actually be the MAC address (for ethernet cards, that is) of the end station - the link local address. So, in a very general sense, its the top 64 bits that will be thrown around by ISPs. Your link local address will travel with you.

As for your other concerns... remember to take your lithium. IPv6 was implemented on Linux long before Cisco got serious into it. IPv6 isn't a "Cisco" thing.
--
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/

Re:WTF 128 bits?

[64 bits for the network ... 48 for the MAC address]

You need to think about it... You suggest a plan to divide the space like so, 128 bits total - 64 to denote provider - 48 for MAC = 32 bits left for use by the provider. Your plan uses 65,536 times as many addresses to sparsely hold the MAC address than it leaves for the ISP. In a previous post, I mentioned a few systems that "hit the wall," because of running out of address space (8086, ASCII, etc.), and you suggest throwing away 37.5% of the address space?Look at some textbooks from the mid 80's and earlier that talk about the Internet. They say things like "every person on the planet can have a machine connected to the Internet" or "it's more addresses than we will use in several lifetimes." Study other failed systems. Quite often, they were fine for a while, but later, built-in limitations greatly reduced their usefulness or lifetime.

[privacy] remember to take your lithium.

You make fun of the previous poster for being concerned about privacy, but yet you suggest tagging a globally unique identifier to every address? That scares me, and do you really want everyone in the world to be able to determine your MAC address?

Re:IPv6 vs IPv4 - it's already there

IPv6 support is available for :

NT (yes kids, even chairman bill has a stack, but there's more than one, trumpet have one also)
Solaris (it'll be released in solaris 8, available as a (buggy!) patch for 7)
Win9x
Linux
xxxBSD
AIX
Cisco
Bay/wellfleet
Nokia
etc etc etc

www.ipv6.org is a good place to start

too much misinformation...

[Silverpike]

Seeing some discussion of IPv4/v6 in this forum is starting to scare me, so I thought I'd try and clear up some major misunderstandings.

I see a lot of posts saying that IPv4 is just fine and we should stick to it. Wrong, wrong, wrong. I realise that people on this group don't design routers every day, but I think you would be amazed at how much protocol hacking goes on under the covers. The vast majority of routers out there do some amazing things to try and hack together things like quality of service (QoS) and NAT that IPv4 just isn't designed to do.

Yes, IPv4 is working. But the amount of time now spent in the design phases to kluge together ways for NAT and QoS to work is becoming way more than most design houses will stomach. Features like VoIP, VPN, and QoS have major cash potential for ISP's, and they in turn will pay to get capable equipment. Doing this with IPv4 is a bitch, and a lot designers secretly wish IPv4 would go away and use IPv6 instead, because VPN and QoS are much easier to do.

One other major piece of misinformation here is that all boxes need to be replaced for this to happen. Not so. The vast majority of routers, hubs, switches, and all desktop computers are perfectly capable of running IPv6 right now. It involves a code load change, not a hardware upgrade. On a related point, most ISPs completely replace all their network boxes every 2 years anyways, so the threat of scrapping all hardware for IPv6 won't faze them much anyway (it's part of their cycle).

The last point is that people don't think that their toasters need IP addresses. This is also not so! Yes, in the next 10 years your toaster will need an IP address. Why? Because ToasterCompany will want you to do a firmware upgrade on your toaster because their have been field problems (like toasters burning operators). You will go across the wire, flash your firmware, and now your microprocessor-controlled toaster has CrispyToaster(tm) v1.16b firmware. We've already seen web servers implemented in ~4mm PIC processors, so expect them to become popular in the near future in your favorite household appliance.

To do this, you need an IP address (to speak IP of course). Please don't tell me how great NAT is... yes, I also run a Linux ipMasq box which works fine, but NAT fundamentally breaks many of the underlying IPv4 mechanisms. We can't keep dumping more patches to the NAT engine every time someone wants to NAT some new protocol; eventually we are going to reach a limit of effort.

Also note that using ports as a means of "IP expansion" is also a Very Bad Idea. A port is specifically designed (in TCP/IP spec) to represent a different service on a given host, not across different hosts. Yes, you can use this technique in NAT, but it tends to make performance/utilization metrics used by ISP's blatantly wrong, which leads to Bad Things.

Please also read Singal11's message above, he is right about the routing table issue. There is no current proposal (beyond CIDR) which can solve this problem. Also, see jd's post, it is a good summary of why IPv6 is needed.

Re:too much misinformation...

[mOdQuArK!]

" Seeing some discussion of IPv4/v6 in this forum is starting to scare me, so I thought I'd try and clear up some major misunderstandings. "

I didn't understand your fear, and I didn't really agree with some of the comments you've stated in your article. See my comments below.

" The last point is that people don't think that their toasters need IP addresses. This is also not so! Yes, in the next 10 years your toaster will need an IP address. Why? Because ToasterCompany will want you to do a firmware upgrade on your toaster because their have been field problems (like toasters burning operators). You will go across the wire, flash your firmware, and now your microprocessor-controlled toaster has CrispyToaster(tm) v1.16b firmware. We've already seen web servers implemented in ~4mm PIC processors, so expect them to become popular in the near future in your favorite household appliance. "

While it might be nice for a lot of people to receive automatic upgrades to the firmware in their appliances, a lot of other people are going to want some pretty strict control over what their appliances are talking to & why.

For one thing, allowing an outside entity to control an appliance which you have purchased sounds like a potential privacy issue to me - without some really strict regulations on what a company can do with the information, do I really want a company to know when & how much toast I make? (Slightly more seriously, think DIVX...)

On another note, just imagine if somebody figures out how to hack the authentication protocol for such a firmware download. "Let's just download a little program to their new digital water heater which turns it on full blast & disables the emergency blowout valve..."

In any case, I see NAT as a highly desirable way for me to control what is talking on my subnet to stuff outside the subnet, regardless of whether you're talking IPv4 or IPv6.

" To do this, you need an IP address (to speak IP of course). Please don't tell me how great NAT is... yes, I also run a Linux ipMasq box which works fine, but NAT fundamentally breaks many of the underlying IPv4 mechanisms. We can't keep dumping more patches to the NAT engine every time someone wants to NAT some new protocol; eventually we are going to reach a limit of effort. "

I don't completely understand this - properly implemented, a net running through a NAT server should just look like one really busy server. Routers OUTSIDE the NAT server should only have to treat it as such - they don't need massive routing tables to describe the machines BEHIND the NAT server.

INSIDE the subnet is another matter - I understand the problems with protocols like active FTP, but with regards to my concerns that I described above, I don't really WANT a protocol which I haven't "approved" going through my gateway to the net.

Why is there some limit of effort @ opening NAT walls to different protocols? If the protocol is simple, then you can communicate through a single connection, and the owner of the NAT box can open that single port & attach it to the proper machine.

If the protocol is more complex, then if there's some sort of standard on how to describe the protocol to a NAT engine, then each person who develops the protocol can generate a formal spec. which can be used to tell the NAT how to handle that protocol - if the owner of the NAT box so desires.

" Also note that using ports as a means of "IP expansion" is also a Very Bad Idea. A port is specifically designed (in TCP/IP spec) to represent a different service on a given host, not across different hosts. Yes, you can use this technique in NAT, but it tends to make performance/utilization metrics used by ISP's blatantly wrong, which leads to Bad Things. "

Maybe I'm not quite understanding what you mean by "IP expansion" using ports, but as far as I'm concerned NAT is _supposed_ to make your subnet look like a big server on a single IP address, and I can't think of any performance/utilization metrics used by ISPs where this paradigm would cause "Bad Things" to happen.

Re:too much misinformation...

[Brandon+Hume]

In any case, I see NAT as a highly desirable way for me to control what is talking on my subnet to stuff outside the subnet, regardless of whether you're talking IPv4 or IPv6.

Wrong, a firewall is the means to do that. You're relying on obscurity to protect you, which, as we all know, is no security at all.

You're relying on the upper layer protocols to make assumptions about the lower levels of network. This isn't proper. The network should be the network. The applications shouldn't have to know and shouldn't have to care what boxes they travel through to get to the end station. NAT breaks that.

NAT, most frequently, tends to break low traffic datagram protocols. I'm pretty sure what you envision is a network using nothing but TCP, and proxy upon proxy upon proxy to pick up the slack. Sorry, but I find that a bit shortsighted. It may be great for you, but your situation is just that... yours.

Just as an example, a local ADSL provider in my area used to do just that... running their entire ISP behind a single NAT-overloaded IPv4 address. It was a dismal failure. Users couldn't play games like Diablo. One person would piss off an IRCOp, and the k-line would ban EVERYBODY. The NAT box would get overloaded and crash, and suddenly nobody had connectivity.

A NAT'd IP can never provide the full, unrestricted functionality of a real IP address. End of story.
--
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/

will ipv6 be enough?

[Haven]

I don't think 16,000 gigaillion ip's will be enough... I am planning on purchasing some ip's in the future and I'm afraid that 16,000 gigaillion won't be enough to satisfy my needs... (I might be wrong on my math or even the spelling of gigaillion... whatever... I am just making fun of stuff in general...)

There is still an overflow...

[Christopher+B.+Brown]

Adding an extra digit is a slick idea, in a way, but enters its own problems.

After all, there are doubtless lots of software packages out there that assume that telephone numbers are exactly ten digits long.

This doesn't break the phone system itself, but it breaks systems that track telephone numbers.

The upshot is that this breaks just any sort of "business" system that uses telephone numbers...

Happily, one of these systems that breaks will be the Circuit City systems that track who you are based on your telephone number. Customers may be quite happy about this, but Circuit City doubtless won't be...

Re:The Great Telephone Number Explosion...

[mOdQuArK!]

In Oregon, they're going to be requiring soon that people dial the area codes for local phone calls. This is so they can start using phone numbers with a different area code in the same geographic area - in essence, they will be forcing people to use 10-digit phone numbers to make calls.

Ack - three more digits to remember for every phone number - I wonder if my brain buffer is large enough to deal with the issue, or will it "overflow" and cause memory corruption?

Internal IP vs External IP

[Dast]

Every toaster will have its own IP--its own internal IP, choosen from the list of IP's that are set aside for internal use (I can't recall the RFC number atm). Only one external IP is needed.

ipv6 and 2010

[Porky+Pig]

yes, just what we need: more hype and hysteria.
as we weren't fed up with Y2K already.

Ten Digit Dialing Is Not A Solution

[Christopher+B.+Brown]

In the the most recent two regions in which I have lived, Toronto and Dallas, it is already pretty much required that people dial all 10 digits.

The problem is not that.

The problem is that even ten digits may not be enough...

Are forgetting somebody?

[Hasdi+Hashim]

How were Vint Cerf, Jon Postel and Danny Cohen supposed to know that the system they sketched out on a piece of cardboard would one day be carrying everything from international currency transactions to Marilyn Manson videos?

Shouldn't Al Gore share some of the blame too? -Hasdi

P.S. sorry, i couldn't resist. ;-)

The Great Telephone Number Explosion...

[Christopher+B.+Brown]

Note that there's another likely crisis, namely that North America is liable to run out of area codes some time soon.

After all, there are only a theoretical billion numbers, which get cut down due to positional issues ( e.g. can't start either an area code or a local number with a 0 or 1, amongst other constraints).

When you count up telephone numbers used by home phones, business phones, fax machines, pagers, cell phones, and start tossing in Internet usage, the system will be running out of room at some point.

I hear rumor of some ideas the Telcos are working on to consolidate numbers; it won't be trivial...

Re:The Great Telephone Number Explosion...

[el+bastardo]

Off topic, but I can't resist :-)

Here in Illinois, it's the state Commerce Commission that's mandating changes, not the telcos. The current proposal is that the state will no longer hand out blocks of 10000 numbers to telcos (ie. 555-XXXX is a block of 10K numbers, and is a huge waste when only 50 numbers are needed); telcos will get only as many numbers as they can prove they need. I'm not sure if this is certain yet, but according to what I've read in the papers, this should forestall the next upcoming area code split (we have 5 already in Chicago) from 6 months to 6 years or so.

At least my business cards will be good for a while yet...

running out of IPs

[DGregory]

The y2k problem was a known problem with a known date, yet so many companies are waiting till the last minute to do anything about it. I think that this will be the same with the "running out of IPs" problem. If the forecasted date of sometime in 2010 is true, then I bet come late 2009, people will be frantically trying to think of a quick solution. That's just how people are, anything that requires added cost, will be done as late as possible. Hell, the oil reserves are supposed to run out in 30 years (AFAIK) and what are we doing about it now? Not a whole hell of a lot.

As for toasters,cars,coffeepots, all having their own IPs... I can see it happening with cars. Think about it, your car has a computer inside it that monitors the system, and -today- you can take your car into a mechanic, and with their own kind of computer, can hook up with your car's computer and find out what is wrong. I bet that in the near future, cars will have IPs, so that they can remotely talk to the mechanics' computers. And while we're at it, have a thing, where if someone steals your car, they can find out where the IP is located at. There are a hell of a lot of cars on the planet, aren't there?

And then there is the connectivity of cell phones, PDAs, people having dedicated lines to their computers in their home (eg. cable modems - connected all the time, so always have an IP). You have to remember that the IPs are not just for the USA, but for the rest of the world as well... the LDCs are beginning to be more connected, and as this develops, more IPs will be needed. With 6 billion people, if even half of them had at least one device that had an IP, it's easy to see that the 4 billion limit can run out very quickly.

It's going to eventually be like the area code problem, and have to punch in 10 digit numbers for local calls. Gawd, hopefully they won't run out of area codes...

IPv6 Myth Debunking

[AlphaBrav]

Here is a good document that cleared up a number of false things I was told about IPv6. I don't kno how these spread, but I know I was wrongly told many of them to be true.

The best new thing I am waiting for IPv6 to to do is force everyone to upgrade their routers to include multicasting. The large address spaces of IPv6 multicasting should have some extrememly interesting effects on internet broadcasting. I can't wait :)

proxy server...?

[DGregory]

I have a home intranet, and all my computers can access the internet and only have one IP address assigned to me. They just go through the proxy, and the proxy routes the traffic to the correct recipient. It doesn't matter that the internal IP addresses are more than likely the same as someone else's IP because no one else sees it but the proxy server. Why would your company need more than a minimal number of IP addresses, unless you want every box on your network directly connected to the internet?

IPv4...

[Graymalkin]

can easily be revised to handle a few more than 4 billion addresses without a completely new infrastructure and more to the point, why the hell does my microwave need an IP address? IPv6 might have trillions upon trillions of addresses available, but it's overly complex IMO and needs too much work done in the background before it's even viable. IPv4 has 4 billion available addresses but thats assuming every address only uses a single port to connect with. You have the option of 65500 some ports to connect through which raises the potential number of addresses greatly. This shouldn't be new information to anyone. The NAT boxes are great because you can have hundreds of computers all on the same IP address and if you wanted to give each their own individual identity you could always assign each node a port that the outside user can connect to that node with now every IP address can have 65500 or so individual identities.
Lets say IPv6 was made a standard tomorrow and everyone had five years to convert or even ten years. Every router would have to be replaced with the cost being put now on the major backbone providers. Then every server and embeded system on the internet would have to be replaced by people like MCI and Aletnet. That means high speed access companies and ISPs who rent their services have to pay higher prices, and all the people that utilize their services have to pay a higher fee to make up for it. It comes down to a 40$ monthly dialup bill. My suggestion? Keep your microwave and toaster off the internet and think up more effective uses for NATs and network configurations.

Re:IPv4...

[Brandon+Hume]

Yes, you can map through the 65535 ports available for NAT'ing connections. However, did you think to remember that most machines run multiple services on multiple ports? And, that each connection has a sending AND receiving socket? And beyond that, most applications open multiple connections... your web browser probably fired up at least four just to load the webpage you're viewing this on. All those sockets get eaten up pretty damned fast.

IPv6 isn't hard to upgrade to. Its a software upgrade. And machines can run both stacks simultaneously. Pick up R. Stevens' network programming text, volume two, he gets heavily into coexisting IPv4 and IPv6 stacks. 10.0.0.1 is ::ffff:10.0.0.1. Boom, easy, no fuss, no muss. This stuff about "everything will break when we upgrade!" is a pure fairy tale.

And IPv6 isn't near as complex as it looks. Sure, perhaps if you're implementing a stack, but for the most part its plug in and go. Neighbor Discovery is a Good Thing. And for the programmer, the library functions are cleaner and more direct.
--
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/

Switches

'Switches' in the ethernet world work on layer-2 and thus are unaware of IPv6 vs IPv4. Layer-3 'Switches' are routers implimented in hardware (Very fast) and they do NOT have a IPv6 upgrade path. Argh. My predicesor left me with 5 accelar 1200s, and the boss is asking for full IPv6 support by this time next year.

What should I care about?

I'm about to start work at what is basically your average e-commerce site. I'm going to be a systems/network/security administrator. Potentially I'm going to be there for the next 4 years. What parts of the network should I really care about moving to IPv6? Should I be making sure that all the home-grown networking code is IPv6-compliant? Should I be waiting impatiently for a block of IPv6 addresses from our ISP and start serving AAAA DNS records as soon as possible? Presumably the big benefit is going to be when the rest of the world starts to impliment IPv6, in which case having the website do IPv6 will be necessary, and probably also pretty trivial to impliment (just make sure the routers and gateways and webhosts and webservers grok IPv6 and all will be well). I've basically bought the hype, but I need a better non-hype roadmap on how to get from IPv4 to IPv6. And now would be a great time to start since this company is just getting started and there isn't that much in-house code to modify.

Possible temporary workaround?

[blazer1024]

"Imagine 1 trillion Bill Gateses standing in a circle (not a pretty picture, but play along for a moment)"

Now that's funny. That gives me an idea. Clone Bill Gates. Then we'd see how M$ get's handled.

But anyway, couldn't we do something like, rather than having 20 machines with their own IP's, why not split them into groups with high-bandwidth front end type things? If you split it into 5 box groups, you'd free up 16 IP's. Could they reclaim unused IP's, and other such things? At the least, we could gain some time if they're so worried about getting it switched over before we run out. I have no idea if it would work in the real world, but it's a thought.

Returning some of the 16.7 million...

[Jesse+Becker]

Has anyone approached any of the Class A address holders (AOL, MIT, IBM, etc), and asked to have some of them back? I suppose that there would be some seriou opposition to this, and it may not even be technically feasible... Just a thought.