IPv6

ddrueding

Fixture
Joined
Feb 4, 2002
Messages
19,315
Location
Monterey, CA
0/10, but I suspect the score would be higher if I enabled IPv6 on my workstation and router. I see no reason to at the moment.
 

Tannin

Storage? I am Storage!
Joined
Jan 15, 2002
Messages
4,432
Location
Huon Valley, Tasmania
Website
www.redhill.net.au
As I wrote elsewhere some time ago:

IPv6 is the Windows Vista of networking. Or possibly the Windows 8. Yep, it's got all the features, yep, it is technically miles ahead of what went before, yep, it is very clever, yep, it's got loads and loads of gee-wiz new features, and yep, everybody hates it because it doesn't work the way they expect it to and it breaks stuff.

IPv6 has failed in the market the way Vista failed. If it was anything remotely like what people wanted, it would have been a huge success by now, but hardly anybody uses it or wants it. Everybody understands IPv4, even your granny can get her mind around it if you make analogies with street addresses and post box numbers. Above all, IPv4 has those non-routable address blocks and with readily available $30 NAT boxes, with only a very basic skill set, anyone can make sure that packets which belong inside the building stay inside the building. Simply, the market does not want IPv6, it wants IPv4 with extra numbers.

To the IPv6 Committee: piss off.

We, the rest of the world, don't want your bloated, over-complicated, intrusive Vista of a product. That's why we have been assiduously avoiding it for longer than we have been laughing and pointing at Windows ME. It's been around and been "about to become the future" since before most teenagers were born, since HTML 4 was an RFC awaiting official approval (never mind XML, let alone HTML 5), since OS/2 was a not uncommon operating system, since Netscape Navigator was high-tech and popular, since search meant Yahoo or Alta Vista, since nine years before the very first iPhone was released, and it still hasn't caught on. That's what we people in the trade call a "hint".

(Sorry for cross posting.)
 

CougTek

Serial computer killer
Joined
Jan 21, 2002
Messages
8,692
Location
Québec, Québec
Well, IPv6 is there and we'll have to live with it, like it or not. With the complete depletion of IPv4 addresses in North America, infrastructure guys like me, Handruin, Howell and Dave won't have a choice but to learn it (already done in my case) and eventually implement it. We can keep using IPv4 in our local domains, but we'll at least have to learn how to program an IPv4-in-IPv6 tunnel for between-sites communication. Anyone working in a datacenter has no choice but to learn it too.

And it's really not that complicated once that you've figured out that each letter or number is simply a number in hexa-decimal, so 4-bit per symbol. Anything starting with FE80 is the link-local address, to be used only within the local network. The other address is the public address. Those addresses are unique and there's no NATing necessary with IPv6 (except if you have an IPv6-in-IPv4 tunnel).

The 128-bit address is also split in two parts: the last 64-bit part being the private address while the first 64-bit is the public part. The last 12-bit of the public part can be used to create additional subnets for your private segments. There's a bunch of other stuff to know about this, but I took the class in French and I'm not too sure I use the right terms to describe each part, so to avoid any confusion, you should read the wikipedia page about IPv6.
 

ddrueding

Fixture
Joined
Feb 4, 2002
Messages
19,315
Location
Monterey, CA
It is the future, and I will have to learn it at some point, but not this year. Next year I'm bringing in fiber directly to my office and will need to know more about all the assorted networking/routing bits. I suspect that knowing IPv6 will be necessary to be able to do a job like mine in about 5 years.
 

Chewy509

Wotty wot wot.
Joined
Nov 8, 2006
Messages
3,094
Location
Gold Coast Hinterland, Australia
@Tannin, why are you worried about IPv6? Australia won't be seeing widespread IPv6 deployment for a long time yet since NBN Co have basically abandoned IPv6 as part of the supplied residential product to RSPs. (IPv6 addresses are only made available on request for business connections and some residential products).

Personally, most of the devices on my home LAN are IPv6 enabled, the main exception being the main TV (older Sony Smart TV) which we do all the Smart TV stuff via ChromeCast now anyway... I'm ready, so it's now up to my ISP to enable it on their end....
 

Clocker

Storage? I am Storage!
Joined
Jan 14, 2002
Messages
3,552
Location
USA
I score 10/10 when I have IPV6 support enabled on my router. I do currently disable IPV6, though, because I like to use the filtering capabilities of OpenDNS (their filtering does not work with IPV6 right now).
 

Tannin

Storage? I am Storage!
Joined
Jan 15, 2002
Messages
4,432
Location
Huon Valley, Tasmania
Website
www.redhill.net.au
Not worried about it, Chewy, not as such. It's just a damn shame to see such a dogs breakfast of a system being implemented when we could have had a much simpler, more effective one instead. It should have been canned years ago the same way the brain-dead proposed HTML -> XHTML transition was canned, and for the same reasons: clumsiness, lack of transparency, and over-complexity leading to much wasted effort.
 

Howell

Storage? I am Storage!
Joined
Feb 24, 2003
Messages
4,740
Location
Chattanooga, TN
At home, I have no idea. At work...I have no idea. I'll look into it when the number of urgent projects gets below 10,
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
20,329
Location
I am omnipresent
Website
s-laker.org
So my old hardware will support IPv6?
Maybe. Probably even. IPv6 has been around for quite a while now. Most consumer networking hardware doesn't seem to support it, even if it's technically capable of doing so. My cable modem, for example, has no user interface options for IPv6, even though the hardware manufacturer (SMC, in my case) says that it can handle it.

Coug is right though. IPv6 isn't all that different. The numbers and notation just look funny (and there's some new records for your DNS servers, if you care). I suppose not wanting to change is just a matter of inertia and institutional knowledge of IPv4.
 

Tea

Storage? I am Storage!
Joined
Jan 15, 2002
Messages
3,720
Location
27a No Fixed Address, Oz.
Website
www.redhill.net.au
Lunar, because IPv6 is such a dreadful dog's breakfast of a system, it takes more time, technology, and training to work around the various committee-design idiocies it contains. It will work just fine, but - just as with many other bad designs made good by extra effort - the cost will be spread thin all over the industry. You won't see that cost, it won't be added to your invoice, but it will be there.
 

blakerwry

Storage? I am Storage!
Joined
Oct 12, 2002
Messages
4,203
Location
Kansas City, USA
Website
justblake.com
I was recently describing to a guest at my work how to logically address a network, using a small ISP with a handful of sites as an example, and found it much simpler to explain using IP6. Once all the vendors settle on which standards to use (SLAAC/ND vs DHCP6) and the bugs get worked out, I imagine folks are going to like IP6 much more than IP4. Us old folks will get to complain about problems like NAT (and all the hacks to work around it), discontinuous IP allocations, having to justify IP space, etc, etc.
 

ddrueding

Fixture
Joined
Feb 4, 2002
Messages
19,315
Location
Monterey, CA
I don't know enough to speak intelligently about it yet, but I really like NAT and non-routable IP addresses. This is the simplest thing a firewall can do, and I'm not looking forward to being without it.
 

ddrueding

Fixture
Joined
Feb 4, 2002
Messages
19,315
Location
Monterey, CA
I think you are under the misconception that NAT provides security. It does not: http://security.stackexchange.com/questions/8772/how-important-is-nat-as-a-security-layer
The responses to that post make the same statements I'm about to.

The default assumption in an IPv4 Firewall/NAT setup is to deny all incoming traffic. This is the assumption because with NAT enabled you would have to specify to which NATed computer the traffic would go to. Similarly, giving computers a real, routable IP address typically means that rules would need to be actively put in place to prevent traffic. Because of these defaults and quite reasonable assumptions I find the statement "NAT offers no security" a bit pedantic.

Of course, I have zero experience with IPv6 firewalls, and they likely have default rules to block all incoming traffic as well.
 

Howell

Storage? I am Storage!
Joined
Feb 24, 2003
Messages
4,740
Location
Chattanooga, TN
When I was in/worked for Uni, we only had public IPs to work with. The principles are the same.
 

blakerwry

Storage? I am Storage!
Joined
Oct 12, 2002
Messages
4,203
Location
Kansas City, USA
Website
justblake.com
I'm ordering a 100/100 fiber connection and they just gave me 128 addresses without even asking.
Many providers (my employer for example) used to provide a /24 with each dedicated connection as a matter or course; Those were T1's generally. We also offered ISDN, but IP addresses had to be requested. A class C per (business) customer was pretty typical, regardless of connection type.

In a recent fiber connection, one of our upstream providers included 1 IP4 address on a point to point /31 subnet and 1 IP6 address on a point to point (configured as a /64) subnet. I asked about IP addresses and was able to get a IP4 /29 which provided a few IPs for testing/monitoring.

Some of my ISP clients currently pay a nominal fee (maybe a few cents/month per IP4 address) from their upstream providers. I imagine this will change soon as I've heard quotes as high as $0.25 per IP per month from Tier1/2 providers recently. That's a pretty good return on something they were given for free from ARIN.
 
Top