fuzzel writes "Even though Slashdot has run a number of articles about IPv6 (1|2|3) it apparently isn't reachable over IPv6 directly.
But for the people that do already have IPv6 they can use http://slashdot.org.sixxs.org and they will be automaticaly gatewayed. This trick works for most sites by simply appending .sixxs.org to the domain part of a url, eg http://www.google.com.sixxs.org, the gateway will the rewrite url's to have it appended automatically so that everything goes over IPv6. Full information is available on http://ipv6gate.sixxs.net. Oh and yes if you don't have IPv6, those domains under sixxs.org won't work :)"
This happens occaisnaly. U see IpV6 has A.I. Embedded Logic cone addressing data pump. Today its not in a good mood dues to slashdotting.
Question: But are their enough/. users on Ipv6 to/. the network.
Answer: Dosentmatter buddy, even though I dont have v6, I tried clicking on it twice just to see what happens.
Tomorow is a weekend. So the network will be in a good mood.
Question: But are their enough/. users on Ipv6 to/. the network. Answer: Dosentmatter buddy, even though I dont have v6, I tried clicking on it twice just to see what happens.
Dont underestimate the power of a stubborn slashdotter, if i have learned anything from time here, it's that you must click every link several times to try and sneak a lucky page load in.
I probably clicked the slashdot and google V6 links 3 or 4 times a piece thinking there was no possible way slashdot or google had been/.'d;)
I'm not entirely clear on why IPv6 such a cool/neccesary thing. As far as I, in my limited knowledge, know, IPv6 will allow for more IP address, but is that it? I'm not questioning its usefullness, but am simply curious if there are any other benefits that come along with IPv6.
There are several other benefits to IPv6 IETF [ietf.org] is implementing while they are updating the protocol. They don't wish to do it too often for obvious reasons and will try to get as much useful stuff in the new version while they're at it.
IPv6...
-... will support IPSec intrinsically to provide end-to-end security on protocol level.
-... eliminates the need of NAT with special "local" addresses.
-... supports QoS features.
-... supports multihomed devices and load balancing, since an IPv6 address specifies a network interface, not a computer as in IPv4.
-... uses "modularized" headers where only the necessary fields are used. This essentially makes IPv6 more optimized than IPv4. For example, if the payload of a packet is larger than 64KB, IPv6 will attach another field for "jumbo payloads" and set the 16-bit value to 0.
-... contains improved multicast support (as an extension header), support for an authentication header (also an optional extension header), and an encryption header (also an optional extension header).
-... provides enhancements for DNS.
-... provides automatic neighbor discovery which is especially useful for ad hoc networks and wireless devices.
-... has a completely rewritten adress autoconfiguration.
-... uses "modularized" headers where only the necessary fields are used. This essentially makes IPv6 more optimized than IPv4. For example, if the payload of a packet is larger than 64KB, IPv6 will attach another field for "jumbo payloads" and set the 16-bit value to 0.
Now, the first thing I thought of when I read that was: "What happens when someone finds out a that a major vendor can't handle it when the 16-bit length is 0 but there is no "jumbo payload" in the packet?"
Okay, perhaps not the best example, but are they looking to try to avoid (as much as possible) spots in the protocol that might in the future be exploited? 'Cause I'm sure lots of people here know better than I many ways to abuse IPv4...
-... eliminates the need of NAT with special "local" addresses.
Just a question on this one. I do agree that there will be enough IP addresses that there is no need to use special local addresses. Bit i actually find it very useful. It makes it easy to see where I am located, is it behind NAT, behind a firewall or just through a proxy ?. Currenty I can figure some of this out just by looking at my IP address, but without local IP subnets, things will get more confusing.
And furthermore, i'd say the "end of NAT" is a bit too much. I find it very useful to use a NAT gateway/firewall and put insecure clients behind that. It reduces the need to think secure on the local network. I can for instance export my fileserver data rw onto 192.168 without much consern. Wouldn't wanna do that if they were all "real" IP's.
IPv6 is great and it will allow those who DONT want to be behind NAT to get a "real" IP address, but its not the end of NAT.
So does IPv4 -- it's just that no one actually *uses* them.
The main thing that I *really* don't like about IPv6 is that, while it isn't a mandated part of the protocol, it seems that the overwhelming direction being pushed is to make the last 48 bits of your address your MAC address. Which *really* has nasty privacy implications -- 'slike a universal cookie, visible to everyone, that anyone can see (not just http servers).
IPv6 will allow for more IP address, but is that it? I'm not questioning its usefullness, but am simply curious if there are any other benefits that come along with IPv6.
For one thing I've understood that IPv6 will make routing possible without keeping track crazy amounts of addresses in huge routing tables. IPv& addresses are hierachical, and in a simplified sense work something like this:
country.state.city.area.house.etc.etc...
NOTE: this is not the actual layout... I don't remember the details. But the point is a backbone router only needs to look at the start of the address, and then send the packet "in the right direction" so to speak. The same thing applies longer down the chain.
Would someone who is more enlightened care to explain this in an official manner?;)
country.state.city.area.house.etc.etc...
NOTE: this is not the actual layout... I don't remember the details. But the point is a backbone router only needs to look at the start of the address, and then send the packet "in the right direction" so to speak. The same thing applies longer down the chain.
Would someone who is more enlightened care to explain this in an official manner?;)
Actually, this is done with IPv4 now as well. Originally, IPv4 was split into Class A,B, and C networks. Class A networks were larger blocks of addresses than Class B and C. Class A networks were allocated pretty quickly. So all there are left are Class C network blocks.
If an organization gets a Class C network block, they have to use stuff like NAT and subnetting to uniquley identify each machine in there network and make routing manageable.
These Class C network blocks are dished out geographically now. But the Class A network blocks that were dished out earlier are not being utilized well, because organizations don't have enough machines to fill them out.
That's a pretty shitty explanation. Partly because I forget the number of bits in an IPv4 address that identifies the network and the number that identifies a host. So I can't come up with a good example. But my IPv4 address looks like so: 142.179.xxx.xxx (I'm not gonna give you my exact address)
And my subnet mask: 255.255.248.0
So my (Class C) network is (probably) identified by the first 21 bits. (If my conversion is correct).
You're right about a 21-bits part, but you're butchering the rest of it.
For starters, classful routing on the Internet has gone the way of the Dinosaurs, and good riddance. CIDR saw to that (Classless Inter-Domain Routing), and when BGPv4 became the standard, all was right in the world (Because it implemented CIDR, by carrying Netmask along with the route entries).
In casual conversation today, we still use terms like Class B, or Class C address space, but they don't refer to the actual Classful network boundaries of yore. Today, when someone refers to a Class C address space, they simply mean a 24-bit address space. Likewise, a Class B means a 16-bit (/16) address space.
You say your netmask is 255.255.248.0. This represents a larger address space than a Class C, which has a mask of 255.255.255.0 (or/24).
Your address space is the aggregate of 8 Class C networks. Your network is configured to utilize the first and second octets, and the first 5 bits of the third octet as the network address, leaving the remaining 3 bits of the third octet, and the entire fourth octet as the host address.
That represents a network segment consisting of up to 2048 hosts (Ok... 2046 since you toss the first and last as the network address and the broadcast address.).
In short, your network engineering staff ought to be shot, because damn, that's a really big subnet. There's just no good reason to have that many hosts on a segment.
It's possible that you guys don't have anywhere near that many hosts, but if you do, without even looking, I can tell you that your network is a bit of a show. I hope you have your highly-loaded servers on their own segment, because the number of broadcasts must be tremendous. Even in a switched environment, those broadcasts must be propegated everywhere, and every machine in the network has to stop briefly to examine each and every one.
Your organization should look at some Layer-3 segmentation...
The only solution available to provide Internet access to the hosts on the LAN was to use a private non routable subnet and to masquerade it behind the edge router. NAT also allowed some of these hosts to expose services to the outside world. But this solution has a major drawback : it breaks end to end connectivity and thus complicates the offering of many services that the Internet was meant for. Used like that, NAT is an evil kludge.
IPv6 provides a way out. There certainly are many other advantages in the use of IPv6, but end to end connectivity for the masses is what could have the deepest impact. Think about is : when every single workstation has a routable IPv6 address, everyone will have the potential to serve. This is is what the Internet was meant to be, and actually was in the early days.
the gateway will the rewrite url's to have it appended automatically so that everything goes over IPv6.
I think I get the general idea, but it took me some time. Funny how a couple of spelling mistakes can lead to a quite obfuscated sentence. Anyway, here is what I now think (after checking the site: boggled at that sentence in vain!:) ) that it meant:
the gateway will then rewrite URLs on the pages sent back to your browser, appending automatically the ".sixxs.org". This way, all the links will still go through the IPv6 gateway, letting you transparently surf the web over IPv6!
My OS supports IPv6, but my router doesn't. Doubt that my ISP does either. Apparently this will only be truly possible for people with direct pipes (T1, etc.) Or does anyone know of ways around these problems other than nagging my ISP and router manufacturer?
My OS supports IPv6, but my router doesn't. Doubt that my ISP does either. Apparently this will only be truly possible for people with direct pipes (T1, etc.) Or does anyone know of ways around these problems other than nagging my ISP and router manufacturer?
Use a tunnel broker. It lets you tunnel ipv6 connections over ipv4 to another endpoint. Two of the most popular are Freenet6 [freenet6.net] and Hurricane Electric [he.net]. Hurricane Electric requires a static ipv4 IP, but Freenet6 works with dynamic IPs.
How does your router not support it? all it has to do is pass the protocol 41 which is the IPv6 gif tunnel, and the vast majority of routers do this fine. No ports need forwarding, and infact on my home router and a number of other routers ive set ipv6 up on, needed no configuring at all to get the tunnel working.
Disclaimer: i help run ipng.org.uk, a UK tunnel broker
This whole discussion and the support of IPv6 is completely pointless. There are 101 ways to bridge your IPv6 to IPv4 and the other way round. There is no chicke and egg problem. The real reason why IPv6 is not widely deployed is that nobody really needs it.
This is just like HDTV, yes, it's better, cooler, has nifty features, but the old thing does most of the job for much less money/effort.
With IP this situation 'might' (not necessarily 'will') change with the vanishing IP address space, but I am convinved it's perfectly safe to wait till we get there.
If any ISP really thinks he needs v6 he will just install it. Why should I (as a user) try to convince any ISP to use v6. It's just nothing that matters to me. (Multicast?? ha!) I can tell you, that I (as an ISP) don't even know why I should convince anybody. This whole discussion is probably sponsored by cisco's PR department.
This is not true, there are real problems getting ip address from Ripe The result is that where I live we got 500 Computers behind a single nat gateway because we can't get an ip to each use. The result is a lousy network.
but I am convinved it's perfectly safe to wait till we get there.
Good point. Also, I see no reason why we should bother researching renewable forms of energy until we actually run out of oil. After all, the perfect time to solve a problem is when our infrastructure depends on the solution - solving a problem before it's a catastrophe is just wasted effort.
The best way currently to use IPv6 is via tunnel brokers, who give you a range of ips (/64 or/48, both of which will vastly outnumber any number of electrical components in your house).
These work by creating a ipv6 GIF tunnel over ipv4, to a server which has either further tunnels to the 6bone or native connectivity. Once you have this setup (and its preety easy to do on Linux, Windows, and very easy to do on the BSDs) then any ipv6 traffic can be routed automatically. This way you dopnt need to use a gateway, and you can use pretty much any app over ipv6, including ftp, ssh, www, email etc.
Disclaimer: I help run ipng.org.uk, which is a UK tunnel broker, who gives you a/64 (thats 18,446,744,073,709,551,616 distinct ips:) ) and delegates full forward and reverse DNS to you for this range.
For a complete matrix of ipv6 ranges right down to a/16 and the nubmer of ips in each range, check out powersource [powersource.cx], who has a fantastic representation of the scope of ipv6.
These work by creating a ipv6 GIF tunnel over ipv4...
That is just so stupid and typical. Why oh why do we have to put up with this recyling of old and broken technologies, and patent issues to boot? You would have thought that if they are making a fresh start with a new so-called modern protocol, they would at least use a new and modern specification such as, let's say, PNG? Duh!!!!
>Disclaimer: I help run ipng.org.uk, which is a UK tunnel broker,
>who gives you a/64... and delegates full forward and reverse DNS to you
Great! And for those of us in the States (especially California), Hurricane Electric offers a free tunnel broker [tunnelbroker.net] with these characteristics that I would recommend [slashdot.org].I have been using it for more than 6 months, and find it quite stable. You do lose your/64 if HE can't ping you for 24 hours, but a new one is only a mouse click away. And what kind of geek would leave their computer inaccessible for that long anyway?;). Initial activation does take a day or so.
-Fyodor
Concerned about your network security? Try the free Nmap Security Scanner [insecure.org]
Great. Every goddamn atom in your computer has its own bloody IP address. Tell me again why this is important?
It means that every subnetwork in your site can have the same size network. By convention, end customers ("subscribers" is the ipv6 term) are assigned a/48, meaning you get 128-48=80 bits of address space to do with as you please. By convention, the first 16 of those bits are used for your subnet addresses, and the remaining 64 are individual host addresses on those subnets.
To put it in more familiar IPv4 terms, imagine if there were so many IP addresses available that even the smallest sites could be given a class B. Now instead of having to subnet your network into efficiently sized CIDR blocks (eg, the lab upstairs gets 10.123.5.224/28, the billing dept gets 10.123.5.128/27, tech supports dept gets 10.123.5.32/29), you can just say everyone gets a class C (eg, the lab upstairs gets 10.123.5.x, the billing dept gets 10.123.6.x, tech supports dept gets 10.123.7.x). Much easier for humans to work with that way.
To put in in IPv6 terms again, every site gets assigned a/48 (say, 2002:6f2d:9ffe) because the address space really is that big now. By convention, the next 16 bits are for your subnets (eg, the lab upstairs gets 2002:6f2d:9ffe:0001:x:x:x:x, the billing dept gets 2002:6f2d:9ffe:0002:x:x:x:x, tech supports dept gets 2002:6f2d:9ffe:0003:x:x:x:x). When assigning subnets within your site, you only have to keep track of 4th group of bits in the address. See how much easier this makes your life as a network administrator? You can still used small CIDR blocks if you wanted to, but you don't need to. Just giving everyone the same sized subnet is easier for you to work with,
There's also the autoconfiguration thing (host addresses can be assigned based on their NIC hardware addresses, since the IPv6 subnet space is bigger than ethernet address space)...
My limited understanding of IPv6 is that you can deploy v6 addresses locally, and advertise them globally via DNS using AAAA records. You can then talk over the larger Internet using a 6-over-4 tunnel.
Assuming this is correct, why doesn't Slashdot simply advertise an AAAA record, then accept connections through a 6-over-4 tunnel (or natively, if their bandwidth provider can speak it)? What are the technical considerations preventing this from working?
But for the people that do already have IPv6 they can use
What exactly does it take to 'have' IPv6? What stuff neds to be upgraded? Application software? OS? Router? Does your ISP need to 'have' or 'support' it? It also seems a hell of a lot more complex to type in an IPv6 address than an IPv4 one, but I guess that only matters if you're not using a domain. Then again, with so many IP addresses available with IPv6 this may be the case, as there won't be nearly enough domains to hold everyone's IP!
I'm sorry that this will sound ignorant, but if I'm asking the question and I'm not exactly dumb, it's no wonder all the AOLers aren't using IPv6! I don't even know how you use it, and there are barely any servers using it either, no?
What exactly does it take to 'have' IPv6? What stuff neds to be upgraded? Application software? OS? Router? Does your ISP need to 'have' or 'support' it?
OS and applications. Many operating systems already do support IPv6, as do many applications (Mozilla does, at least, as does many IRC clients because there's distinct benefits.)
Router/ISP level support is Nice To Have, but there are tunneling servers [freenet6.net] that enable IPv4 sites to talk IPv6.
As far as setup woes go, my setup was as easy as 'apt-get install freenet6' =)
I have a few machines at home and things like a tivo and a Zaurus that need IP addresses. Ideally they all should have proper routable IP addresses so the internet can be used as it is intended. Luckily my ISP (Andrews & Arnold) provide as many IP adresses for my ADSL as I want for no extra cost. But I'm still limited to 5 usable addresses.
But they also provide Ipv6 access to the internet and give you a range of addresses. But instead of five addresses I get a whole/64 range which is 2^64 usable addresses.
Anyway, if anyone in the UK wants ADSL and to use IPV6 I can recomment A&A as an ISP for this
Everyone knows the Chicken and the Egg story (which came first), with IPv6 it's the same:
*) IPv6 is ready to deploy, however not much ISP's are supporting IPv6. *) ISP's are not supporting IPv6 because there are no customers who uses it. *) Customers aren't using IPv6 because there are no applications who uses it. *) Software developers aren't creating software because nobody uses it.
As you can see there's a loop. The main thing is to break this loop and this project is a step in the good direction.
I'd like to encourage all ISP's to actively implement and promote IPv6. And you as 'consumer' can also promote IPv6, play with it even when you ISP doesn't support IPv6 yet (with IPv6 Tunnels for example).
Even if your local network infrastructure does not support IPv6, all installations of MacOSX 10.2 have and IPv6 stack. The following is taken from doing an 'ifconfig' at the command line:
From what I can tell MS-Windows is still a little behind, as can be seen from this page [microsoft.com]. As for other OSs I am not aware of their support status. If you do know, a reply to this post would be handy to most.
From what I can tell MS-Windows is still a little behind, as can be seen from this page.
There is an experimental IPv6 stack for Windows 2000 Service Pack 1 (which will not install on 2 or 3), but there will never ever ever in a million billion years be a production-quality stack for Windows 2000, because of issues with people not spending $200 on XP.
XP comes with a development IPv6 stack included on the CD, and Service Pack 1 comes with a production-quality IPv6 stack. Windows 2003 will include a production-quality stack as well, as will CE XP and.NET and any of their other newer OSen.
As much as I disapprove of MS for not bothering to support IPv6 in 2k, and despite knowing why they did it, I still encourage people to upgrade if the choice arises, if for no other reason than you won't have to upgrade again later to support IPv6.
Because IPv6 numeric addresses use colons as opposed as part separators, the URL [ietf.org] syntax has had to be ammended [ietf.org]. The following is now a legal URL (the squared bracket isolates the numbered IP addresss, so the port number is not confused with the IP addresss):
http://[66.35.250.150]:80/
Last time I checked this worked with Mozilla but failed will MS Internet Explorer 6.0 on Windows.
Bad! Many sites go through painstaking effort to be compable with all sorts of user agents, giving plain HTML when one is not recognized. By re-writing the user agent these people prevent this magic. Not good. Instead it should add it's own key/value pair, much like SQUID or other cache/gateway.
Its fully usable, and is no longer experimental. There are a number of practical uses, although they vary from person to person. I use a ipv6 range for a number of different reasons, one of which is to protect me from attack when on irc (a ipv6 tunnel is a lot easier and more convenient to drop than your ipv4 connection:) ). The other reason is that you can assign IPv6 ips to machines behind a NAT gateway, and have fully routable addresses, which is handy if your broadband providor doesnt issue you with multiple ips.
Disclaimer: i help run ipng.org.uk, a UK tunnel broker.
An IPv6 address is 128 bits long. Of these 128 bits, 64 bits are reserved for the host part. Usually it's a somewhat mangled version of your ethernet MAC address (a router will broadcast a prefix, and client machines will simply append the mangled version of their MAC to the prefix -- this is called autoconfiguration).
This means you need a/64 subnet on each segment.
Usually providers will assign you a/48 addressspace, giving you roughly enough space for 65000 subnets.
Of course these addresses are routable: you don't need NAT and your machines are reachable from the internet.
That's weird.. (Score:2)
Re:That's weird.. (Score:2)
You learn something new every day.
Dont worry (Score:2)
Question: But are their enough /. users on Ipv6 to /. the network.
Answer: Dosentmatter buddy, even though I dont have v6, I tried clicking on it twice just to see what happens.
Tomorow is a weekend. So the network will be in a good mood.
Re:Dont worry (Score:2)
Answer: Dosentmatter buddy, even though I dont have v6, I tried clicking on it twice just to see what happens.
Dont underestimate the power of a stubborn slashdotter, if i have learned anything from time here, it's that you must click every link several times to try and sneak a lucky page load in.
I probably clicked the slashdot and google V6 links 3 or 4 times a piece thinking there was no possible way slashdot or google had been
either I don't have IPv6, or.. (Score:2, Funny)
I don't know.
Oh great... (Score:5, Funny)
I'll guess I'll admit it.. (Score:2, Interesting)
Re:I'll guess I'll admit it.. (Score:5, Informative)
Parent
Re:I'll guess I'll admit it.. (Score:5, Informative)
IPv6...
-
-
-
-
-
-
-
-
-
See also:
IPv6: The Promise, The Problems, The Protocol [extremetech.com]
RDC 2373 [rfc-editor.org]
Parent
Re:I'll guess I'll admit it.. (Score:2)
Now, the first thing I thought of when I read that was: "What happens when someone finds out a that a major vendor can't handle it when the 16-bit length is 0 but there is no "jumbo payload" in the packet?"
Okay, perhaps not the best example, but are they looking to try to avoid (as much as possible) spots in the protocol that might in the future be exploited? 'Cause I'm sure lots of people here know better than I many ways to abuse IPv4...
Re:I'll guess I'll admit it.. (Score:5, Interesting)
-
Just a question on this one. I do agree that there will be enough IP addresses that there is no need to use special local addresses. Bit i actually find it very useful. It makes it easy to see where I am located, is it behind NAT, behind a firewall or just through a proxy ?. Currenty I can figure some of this out just by looking at my IP address, but without local IP subnets, things will get more confusing.
And furthermore, i'd say the "end of NAT" is a bit too much. I find it very useful to use a NAT gateway/firewall and put insecure clients behind that. It reduces the need to think secure on the local network. I can for instance export my fileserver data rw onto 192.168 without much consern. Wouldn't wanna do that if they were all "real" IP's.
IPv6 is great and it will allow those who DONT want to be behind NAT to get a "real" IP address, but its not the end of NAT.
Parent
The dark lining (Score:3, Insightful)
So does IPv4 -- it's just that no one actually *uses* them.
The main thing that I *really* don't like about IPv6 is that, while it isn't a mandated part of the protocol, it seems that the overwhelming direction being pushed is to make the last 48 bits of your address your MAC address. Which *really* has nasty privacy implications -- 'slike a universal cookie, visible to everyone, that anyone can see (not just http servers).
Re:I'll guess I'll admit it.. (Score:2, Informative)
For one thing I've understood that IPv6 will make routing possible without keeping track crazy amounts of addresses in huge routing tables. IPv& addresses are hierachical, and in a simplified sense work something like this:
country.state.city.area.house.etc.etc...
NOTE: this is not the actual layout... I don't remember the details. But the point is a backbone router only needs to look at the start of the address, and then send the packet "in the right direction" so to speak. The same thing applies longer down the chain.
Would someone who is more enlightened care to explain this in an official manner?
Re:I'll guess I'll admit it.. (Score:5, Informative)
Actually, this is done with IPv4 now as well. Originally, IPv4 was split into Class A,B, and C networks. Class A networks were larger blocks of addresses than Class B and C. Class A networks were allocated pretty quickly. So all there are left are Class C network blocks.
If an organization gets a Class C network block, they have to use stuff like NAT and subnetting to uniquley identify each machine in there network and make routing manageable.
These Class C network blocks are dished out geographically now. But the Class A network blocks that were dished out earlier are not being utilized well, because organizations don't have enough machines to fill them out.
That's a pretty shitty explanation. Partly because I forget the number of bits in an IPv4 address that identifies the network and the number that identifies a host. So I can't come up with a good example. But my IPv4 address looks like so: 142.179.xxx.xxx (I'm not gonna give you my exact address)
And my subnet mask: 255.255.248.0
So my (Class C) network is (probably) identified by the first 21 bits. (If my conversion is correct).
Parent
Stop the madness! (Score:5, Informative)
For starters, classful routing on the Internet has gone the way of the Dinosaurs, and good riddance. CIDR saw to that (Classless Inter-Domain Routing), and when BGPv4 became the standard, all was right in the world (Because it implemented CIDR, by carrying Netmask along with the route entries).
In casual conversation today, we still use terms like Class B, or Class C address space, but they don't refer to the actual Classful network boundaries of yore. Today, when someone refers to a Class C address space, they simply mean a 24-bit address space. Likewise, a Class B means a 16-bit (/16) address space.
You say your netmask is 255.255.248.0. This represents a larger address space than a Class C, which has a mask of 255.255.255.0 (or /24).
Your address space is the aggregate of 8 Class C networks. Your network is configured to utilize the first and second octets, and the first 5 bits of the third octet as the network address, leaving the remaining 3 bits of the third octet, and the entire fourth octet as the host address.
That represents a network segment consisting of up to 2048 hosts (Ok... 2046 since you toss the first and last as the network address and the broadcast address.).
In short, your network engineering staff ought to be shot, because damn, that's a really big subnet. There's just no good reason to have that many hosts on a segment.
It's possible that you guys don't have anywhere near that many hosts, but if you do, without even looking, I can tell you that your network is a bit of a show. I hope you have your highly-loaded servers on their own segment, because the number of broadcasts must be tremendous. Even in a switched environment, those broadcasts must be propegated everywhere, and every machine in the network has to stop briefly to examine each and every one.
Your organization should look at some Layer-3 segmentation...
Parent
Re:I'll guess I'll admit it.. (Score:5, Informative)
The only solution available to provide Internet access to the hosts on the LAN was to use a private non routable subnet and to masquerade it behind the edge router. NAT also allowed some of these hosts to expose services to the outside world. But this solution has a major drawback : it breaks end to end connectivity and thus complicates the offering of many services that the Internet was meant for. Used like that, NAT is an evil kludge.
IPv6 provides a way out. There certainly are many other advantages in the use of IPv6, but end to end connectivity for the masses is what could have the deepest impact. Think about is : when every single workstation has a routable IPv6 address, everyone will have the potential to serve. This is is what the Internet was meant to be, and actually was in the early days.
Parent
Slashdotting... (Score:3, Informative)
IPv6 Slashdotting? (Score:4, Funny)
If not, then shame on us.
the ironies (Score:5, Funny)
so maybe we will finally be able to slashdot slashdot, or at least the IPv6 gateway,
BUT maybe there are not enough slashdotters using IPv6 to be able to connect to the IPv6 slashdot in order to slashdot slashdot's IPv6 gateway,
and... [head explodes]
the rewrite url's what? (Score:5, Insightful)
I think I get the general idea, but it took me some time. Funny how a couple of spelling mistakes can lead to a quite obfuscated sentence. Anyway, here is what I now think (after checking the site: boggled at that sentence in vain!
Damn. (Score:2)
Re:Damn. (Score:5, Informative)
Use a tunnel broker. It lets you tunnel ipv6 connections over ipv4 to another endpoint. Two of the most popular are Freenet6 [freenet6.net] and Hurricane Electric [he.net]. Hurricane Electric requires a static ipv4 IP, but Freenet6 works with dynamic IPs.
Parent
Re:Damn. (Score:2)
Disclaimer: i help run ipng.org.uk, a UK tunnel broker
IPv6 - Chicken and egg ? - no! (Score:3, Insightful)
This is just like HDTV, yes, it's better, cooler, has nifty features, but the old thing does most of the job for much less money/effort.
With IP this situation 'might' (not necessarily 'will') change with the vanishing IP address space, but I am convinved it's perfectly safe to wait till we get there.
If any ISP really thinks he needs v6 he will just install it. Why should I (as a user) try to convince any ISP to use v6. It's just nothing that matters to me. (Multicast?? ha!) I can tell you, that I (as an ISP) don't even know why I should convince anybody. This whole discussion is probably sponsored by cisco's PR department.
Cheers.
Re:IPv6 - Chicken and egg ? - no! (Score:5, Informative)
Parent
Re:IPv6 - Chicken and egg ? - no! (Score:5, Insightful)
Good point. Also, I see no reason why we should bother researching renewable forms of energy until we actually run out of oil. After all, the perfect time to solve a problem is when our infrastructure depends on the solution - solving a problem before it's a catastrophe is just wasted effort.
Parent
Damn Irresponsible (Score:2, Funny)
Tunnel Brokers (Score:5, Informative)
These work by creating a ipv6 GIF tunnel over ipv4, to a server which has either further tunnels to the 6bone or native connectivity. Once you have this setup (and its preety easy to do on Linux, Windows, and very easy to do on the BSDs) then any ipv6 traffic can be routed automatically. This way you dopnt need to use a gateway, and you can use pretty much any app over ipv6, including ftp, ssh, www, email etc.
Disclaimer: I help run ipng.org.uk, which is a UK tunnel broker, who gives you a
Re:Tunnel Brokers (Score:2)
Re:Tunnel Brokers (Score:2)
Re:Tunnel Brokers (Score:4, Interesting)
For a complete matrix of ipv6 ranges right down to a
Parent
Re: Tunnel Brokers (Score:5, Funny)
That is just so stupid and typical. Why oh why do we have to put up with this recyling of old and broken technologies, and patent issues to boot? You would have thought that if they are making a fresh start with a new so-called modern protocol, they would at least use a new and modern specification such as, let's say, PNG? Duh!!!!
Parent
US Alternative Tunnel Broker (Score:5, Informative)
>who gives you a
Great! And for those of us in the States (especially California), Hurricane Electric offers a free tunnel broker [tunnelbroker.net] with these characteristics that I would recommend [slashdot.org].I have been using it for more than 6 months, and find it quite stable. You do lose your /64 if HE can't ping you for 24 hours, but a new one is only a mouse click away. And what kind of geek would leave their computer inaccessible for that long anyway? ;). Initial activation does take a day or so.
-Fyodor
Concerned about your network security? Try the free Nmap Security Scanner [insecure.org]
Parent
Re:Tunnel Brokers (Score:2)
Great. Every goddamn atom in your computer has its own bloody IP address. Tell me again why this is important?
Re:Tunnel Brokers (Score:5, Funny)
You're going to need a way to address them aren't you?
Parent
Re:Tunnel Brokers (Score:3, Informative)
thats 18,446,744,073,709,551,616 distinct ips
Great. Every goddamn atom in your computer has its own bloody IP address. Tell me again why this is important?
It means that every subnetwork in your site can have the same size network. By convention, end customers ("subscribers" is the ipv6 term) are assigned a
To put it in more familiar IPv4 terms, imagine if there were so many IP addresses available that even the smallest sites could be given a class B. Now instead of having to subnet your network into efficiently sized CIDR blocks (eg, the lab upstairs gets 10.123.5.224/28, the billing dept gets 10.123.5.128/27, tech supports dept gets 10.123.5.32/29), you can just say everyone gets a class C (eg, the lab upstairs gets 10.123.5.x, the billing dept gets 10.123.6.x, tech supports dept gets 10.123.7.x). Much easier for humans to work with that way.
To put in in IPv6 terms again, every site gets assigned a
There's also the autoconfiguration thing (host addresses can be assigned based on their NIC hardware addresses, since the IPv6 subnet space is bigger than ethernet address space)...
Re: Tunnel Brokers (Score:3, Informative)
Why the Weird Gateway? (Score:5, Interesting)
My limited understanding of IPv6 is that you can deploy v6 addresses locally, and advertise them globally via DNS using AAAA records. You can then talk over the larger Internet using a 6-over-4 tunnel.
Assuming this is correct, why doesn't Slashdot simply advertise an AAAA record, then accept connections through a 6-over-4 tunnel (or natively, if their bandwidth provider can speak it)? What are the technical considerations preventing this from working?
Schwab
'Have' IPv6??? (Score:4, Insightful)
What exactly does it take to 'have' IPv6? What stuff neds to be upgraded? Application software? OS? Router? Does your ISP need to 'have' or 'support' it? It also seems a hell of a lot more complex to type in an IPv6 address than an IPv4 one, but I guess that only matters if you're not using a domain. Then again, with so many IP addresses available with IPv6 this may be the case, as there won't be nearly enough domains to hold everyone's IP!
I'm sorry that this will sound ignorant, but if I'm asking the question and I'm not exactly dumb, it's no wonder all the AOLers aren't using IPv6! I don't even know how you use it, and there are barely any servers using it either, no?
Re:'Have' IPv6??? (Score:5, Informative)
OS and applications. Many operating systems already do support IPv6, as do many applications (Mozilla does, at least, as does many IRC clients because there's distinct benefits.)
Router/ISP level support is Nice To Have, but there are tunneling servers [freenet6.net] that enable IPv4 sites to talk IPv6.
As far as setup woes go, my setup was as easy as 'apt-get install freenet6' =)
Parent
Ipv6 is great (Score:5, Informative)
IPv6 is like the Chicken and Egg story (Score:3, Interesting)
*) IPv6 is ready to deploy, however not much ISP's are supporting IPv6.
*) ISP's are not supporting IPv6 because there are no customers who uses it.
*) Customers aren't using IPv6 because there are no applications who uses it.
*) Software developers aren't creating software because nobody uses it.
As you can see there's a loop. The main thing is to break this loop and this project is a step in the good direction.
I'd like to encourage all ISP's to actively implement and promote IPv6. And you as 'consumer' can also promote IPv6, play with it even when you ISP doesn't support IPv6 yet (with IPv6 Tunnels for example).
Just my 2 cents.
MacOS X and IPv6 and other OSs (Score:5, Informative)
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MUL
inet6 fe80::230:65ff:fed6:b164%en0 prefixlen 64 scopeid 0x4
inet 192.168.1.100 netmask 0xffffff00 broadcast 192.168.1.255
ether 00:30:64:d6:b2:64
media: autoselect (100baseTX <full-duplex>) status: active
From what I can tell MS-Windows is still a little behind, as can be seen from this page [microsoft.com]. As for other OSs I am not aware of their support status. If you do know, a reply to this post would be handy to most.
Re:MacOS X and IPv6 and other OSs (Score:3, Interesting)
There is an experimental IPv6 stack for Windows 2000 Service Pack 1 (which will not install on 2 or 3), but there will never ever ever in a million billion years be a production-quality stack for Windows 2000, because of issues with people not spending $200 on XP.
XP comes with a development IPv6 stack included on the CD, and Service Pack 1 comes with a production-quality IPv6 stack. Windows 2003 will include a production-quality stack as well, as will CE XP and
As much as I disapprove of MS for not bothering to support IPv6 in 2k, and despite knowing why they did it, I still encourage people to upgrade if the choice arises, if for no other reason than you won't have to upgrade again later to support IPv6.
Oh, and write your ISPs.
--Dan
Modified URL format (Score:3, Interesting)
Gateways/caches should _NOT_ change the user agent (Score:5, Insightful)
SixXS-IPv6Gate/1.0 (IPv6 Gateway; http://ipv6gate.sixxs.net; info@sixxs.net)
Bad! Many sites go through painstaking effort to be compable with all sorts of user agents, giving plain HTML when one is not recognized. By re-writing the user agent these people prevent this magic. Not good. Instead it should add it's own key/value pair, much like SQUID or other cache/gateway.
Re:IPv6 today? (Score:4, Interesting)
Disclaimer: i help run ipng.org.uk, a UK tunnel broker.
Parent
Re:IPv6 today? (Score:4, Informative)
An IPv6 address is 128 bits long. Of these 128 bits, 64 bits are reserved for the host part. Usually it's a somewhat mangled version of your ethernet MAC address (a router will broadcast a prefix, and client machines will simply append the mangled version of their MAC to the prefix -- this is called autoconfiguration).
This means you need a /64 subnet on each segment.
Usually providers will assign you a /48 addressspace, giving you roughly enough space for 65000 subnets.
Of course these addresses are routable: you don't need NAT and your machines are reachable from the internet.
Parent
Re:IPv6 today? (Score:5, Informative)
Parent
Re:IPv6 Quick links.. (Score:4, Informative)
Parent