Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Linux Foundation Says All Major Distros Are IPv6 Compliant

Soulskill posted more than 5 years ago | from the getting-things-done dept.

Networking 241

ruphus13 points out news from the Linux Foundation, which announced that all major Linux distributions meet certification requirements for the US Department of Defense's IPv6 mandates. The announcement credits work done by the IPv6 Workgroup, whose members include IBM, HP, Nokia-Siemens, Novell and Red Hat. Quoting: "Linux has had relatively robust IPv6 support since 2005, but further work was needed for the open source platform to achieve full compliance with DoD standards. The Linux Foundation's IPv6 workgroup analyzed the DoD certification requirements and identified key areas where Linux's IPv6 stack needed adjustments in order to guarantee compliance. They collaboratively filled in the gaps and have succeeded in bringing the shared technology into alignment with the DoD's standards."

cancel ×

241 comments

Sorry! There are no comments related to the filter you selected.

Embedded Linux does ipv6 too (4, Insightful)

dattaway (3088) | more than 5 years ago | (#25933045)

Many embedded linux devices are IPV6 compliant. Even my AXIS webcam can talk ipv6.

Unfortunately, my ISP, RoadRunner is stuck in dark ages.

Re:Embedded Linux does ipv6 too (-1)

Anonymous Coward | more than 5 years ago | (#25933103)

Linux is a kernel.

Re:Embedded Linux does ipv6 too (-1, Flamebait)

Anonymous Coward | more than 5 years ago | (#25933137)

Posted AC because it's major boring shit, and will get modded as such?

Re:Embedded Linux does ipv6 too (3, Funny)

mrsteveman1 (1010381) | more than 5 years ago | (#25933549)

Water is a liquid.

Your turn

Re:Embedded Linux does ipv6 too (5, Funny)

mqduck (232646) | more than 5 years ago | (#25933813)

GNU is not UNIX.

Re:Embedded Linux does ipv6 too (3, Funny)

Daimanta (1140543) | more than 5 years ago | (#25934025)

GIMP is an utterly stupid name.

There, I said it.

Re:Embedded Linux does ipv6 too (5, Funny)

Gorgonzolanoid (1394311) | more than 5 years ago | (#25934059)

EMACS is a decent operating system, but it could use a better text editor.

Re:Embedded Linux does ipv6 too (5, Funny)

dadragon (177695) | more than 5 years ago | (#25934663)

Water is a liquid.

I'm Canadian, you insensitive clod!

Re:Embedded Linux does ipv6 too (0)

Anonymous Coward | more than 5 years ago | (#25933629)

This is possibly either:
1) Worst troll ever
2) Someone who is incredibly dumb, beyond all belief, and should go have a look at Digg.

Re:Embedded Linux does ipv6 too (0)

Anonymous Coward | more than 5 years ago | (#25934133)

Linux is a monolith kernel = Operating System
Microkernel is just a kernel != Operating System

Re:Embedded Linux does ipv6 too (-1, Troll)

Anonymous Coward | more than 5 years ago | (#25933131)

Dark Ages? The IPv6 people wouldn't listen to common sense and because of that the protocol has failed in the market. The only compelling reason to upgrade has been the depletion of IPv4 space. With the US auto industry going down the shitter, some /8s could be reassigned real soon.

Viva IPv4!

Re:Embedded Linux does ipv6 too (5, Funny)

PolygamousRanchKid (1290638) | more than 5 years ago | (#25933215)

With the US auto industry going down the shitter, some /8s could be reassigned real soon.

Viva IPv4!

You mean, they are going to be ".gov" domains, real soon, at your expense.

Re:Embedded Linux does ipv6 too (0)

Anonymous Coward | more than 5 years ago | (#25934639)

Or .cn domains when they get bought out, as Congress seems completely disinterested in funding industries that produce some type of actual product, other than derivatives and other dodgy financial "securities".

Re:Embedded Linux does ipv6 too (3, Informative)

ArbitraryConstant (763964) | more than 5 years ago | (#25933541)

We're going through a /8 about every month. Even if several of these are freed up it doesn't push the exhaustion date back very far.

Re:Embedded Linux does ipv6 too (0)

Hal_Porter (817932) | more than 5 years ago | (#25933725)

What happens if NAT is used all over the place? You could imagine a bunch of subnets that use one address to the outside world but have hundreds or thousands of machines internally.

Actually come to think of it, NATted routers would allow ISPs to transition to IPv6 on the backbone. Users would still see IPv4 on their side of the router though. I mean even in an IPv4 backbone the ISP doesn't have to support all modems and routers, they can require ones that support PPPoA or PPPoE, certain ADSL parameters and so on. There's nothing stopping them requiring IPv6 support too. Not technical users just buy a package of a cheap router and ADSL, more technical ones will find out what's the best third party router that supports the DSL network they are connected to. I'd guess if ISPs deployed IPv6 networks, new DSL routers would support IPv6.

There's a lot to be said for NAT from a security point of view too. Since you need to open up holes manually for incoming services, incoming connections for anything else will be blocked which makes it impossible for people to exploit most security flaws on the machines behind the router.

If you read the Wiki page on NAT it contains very strange comments like this

http://en.wikipedia.org/wiki/Network_address_translation#Drawbacks [wikipedia.org]

Some Internet service providers (ISPs) only provide their customers with "local" IP addresses.[citation needed]Thus, these customers must access services external to the ISP's network through NAT. As a result, the customers cannot achieve true end-to-end connectivity, in violation of the core principles of the Internet as laid out by the Internet Architecture Board.

Benefits

In addition to the convenience and low cost of NAT, the lack of full bidirectional connectivity can be regarded in some situations as a feature rather than a limitation. To the extent that NAT depends on a machine on the local network to initiate any connection to hosts on the other side of the router, it prevents malicious activity initiated by outside hosts from reaching those local hosts. However, the same benefit can be achieved with a firewall implementation on the routing device.

The greatest benefit of IP-masquerading NAT is that it has been a practical solution to the impending exhaustion of IPv4 address space. Networks that previously required a Class B IP range or a block of Class C network addresses can be connected to the Internet with as little as a single dynamic or static IP address. The more common arrangement is having machines that require true bidirectional and unfettered connectivity supplied with a routable IP address, while having machines that do not provide services to outside users tucked away behind NAT with only a few IP addresses used to enable Internet access.

Some[6] have also called this exact benefit a major drawback, since it delays the need for the implementation of IPv6, quote:

"... it is possible that its [NAT] widespread use will significantly delay the need to deploy IPv6. ... It is probably safe to say that networks would be better off without NAT, ..."

Oh noes! The gubermint needs to regulate now! Ban NAT and force everyone to use IPv6 so that the principle of end to end connectivity laid down by the Internet Architecture board is respected! Maybe this will be part of the Network Neutrality bill.

Reading between the lines it seems like IPv6 was a revolutionary solution to running out of address space. NAT was an evolutionary one. As usual the market has picked the evolutionary solution and more purist types are whining about it.

Re:Embedded Linux does ipv6 too (0)

Anonymous Coward | more than 5 years ago | (#25933791)

I always thought NAT was a good solution from a security perspective for most homes and organizations. A single Internet exposed address with any number of networked devices attached behind the access point/router/switch. Does my toaster really need its own IP address so I can command it to make me toast? Who is going to put the bread in the toaster and check that the bread is fresh before hand?

Re:Embedded Linux does ipv6 too (2, Informative)

kasperd (592156) | more than 5 years ago | (#25934159)

I always thought NAT was a good solution from a security perspective for most homes and organizations.

It does help against some security problems, but it also introduces new security problems (for example DNS is sometimes done from a random port to help against poisoning, but if that goes through a NAT the random port is replaced with a non-random port). And the workarounds needed because of NAT are not improving security either. They make software more complicated for no good reason, and more complicated means more bugs, including security vulnerabilities.

NAT forces the router to do connection tracking, and it is also forced to filter out incoming packets that don't match a known connection. The security it provides is just by coincidence, not by design. You can do all the connection tracking and filtering without translation, that way you'd get the benefits without the drawbacks. The vendors just have to start making routers that support IPv6 and does connection tracking and filtering by default. Apple already makes routers that will do 6to4 tunneling by default, I don't know if they also do connection tracking and filtering on IPv6 by default.

Re:Embedded Linux does ipv6 too (2, Insightful)

Gorgonzolanoid (1394311) | more than 5 years ago | (#25934207)

Why was that modded troll? Someone with enough mod points who disagreed but couldn't come up with a good argument?

The success of IPV4, and the reason it survived so long, has always been its simplicity. The right way would have been to extend the address space while still obeying to the KISS principle (Keep It Simple, Stupid).

IPV6 is such an example of bloat that you'd almost believe Microsoft wrote the specs.
The OSI model splits things up in levels for a reason. Trying to stuff too many levels into a single protocol is a stupid idea. IPV6's biggest fault is that it tries to go grab land up to the presentation layer, jumping two levels above the two that IPV4 was already doing.

That's no attempt to troll, it's simply my view on why IPV6 still hasn't taken over.
And just wait until it does, then you'll see the result: more complexity only leads to more problems.

Re:Embedded Linux does ipv6 too (1)

Corrado (64013) | more than 5 years ago | (#25933589)

I lease a T1 from Speakeasy and while I'm generally satisfied with the service they still don't offer IPv6.

On a T1?!

Talk about dark ages. :(

Re:Embedded Linux does ipv6 too (1)

Tony Hoyle (11698) | more than 5 years ago | (#25934429)

The T1 itself is pretty dark ages, after all that's only 1.5Mbps... slower than most home connections.

Embedded Toilets do ipv6 too (1)

Ostracus (1354233) | more than 5 years ago | (#25933659)

"Unfortunately, my ISP, RoadRunner is stuck in dark ages."

It's a bummer when your toilet can't get it's own IP address.

Re:Embedded Toilets do ipv6 too (1)

peragrin (659227) | more than 5 years ago | (#25933895)

No but I am using 6 computers plus VOIP phone service and things would be a lot better if they did. I could eliminate the second switch inside my home.

as it is now I have 6 different hops(4 local) my computer has to take before I even get to the gateway, and DNS servers.

Re:Embedded Toilets do ipv6 too (3, Funny)

Teun (17872) | more than 5 years ago | (#25934009)

Why the whole toilet?

The large AND small flush want their own, just like the lid and seat!

Don't get me started about the light switch, extraction fan and deodorant dispenser...

so i see talk of ipv6 more and more.... (2, Interesting)

wjh31 (1372867) | more than 5 years ago | (#25933115)

is it something i as an end user of some linux distro or other ipv6 supporting OS can make use of, some option i can toggle in some options somewhere to improve something, or is it all just something in the backbone for admins and people with servers to worry about? i want to know what ipv6 means to your average jo

You'll see IPv6 . . . (2, Insightful)

PolygamousRanchKid (1290638) | more than 5 years ago | (#25933185)

. . . when you see IPv6.

Until your ISP starts offering it, don't worry about it.

Everything that is worth buying has been IPv6 compliant for years.

The only thing that is missing for IPv6, is well, how about an IPv6 net, to the end user.

Re:You'll see IPv6 . . . (4, Interesting)

treuf (99331) | more than 5 years ago | (#25933417)

A major French ISP - Free (second largest ISP after Orange) - is offering IPv6 to anyone asking for it (it's an option in their control pannel, disabled by default).
It would be interesting to see how much peoples activated that option :)

Another smaller one here have been offering IPv6 since ages (can't remember its name though)

A major mass-hosting facility - OVH (doing buiness in France and doing massive deployment currently in europe) is providing IPv6 to all its servers (hosted or housed).

They are both new-commers (compared to the country operator / old hosting facilities) - which may explain such massive deployment (they have only new hardware everywhere)

Re:You'll see IPv6 . . . (0)

Anonymous Coward | more than 5 years ago | (#25933797)

Another smaller one here have been offering IPv6 since ages (can't remember its name though)

You're probably thinking of Nerim

Re:You'll see IPv6 . . . (2, Informative)

jonbryce (703250) | more than 5 years ago | (#25933941)

Except for routers. I've not seen an IPv6 compliant router yet. I'm sure they must exist, but you don't see them in the likes of PC World.

But, until ISPs start offering IPv6, an IPv6 ready router isn't going to be much of a selling point.

Re:You'll see IPv6 . . . (1)

dattaway (3088) | more than 5 years ago | (#25934285)

I've not seen an IPv6 compliant router yet.

You should install ddwrt or openwrt on your router. Much more than ipv6, you'll have a great router.

Re:You'll see IPv6 . . . (1)

Tony Hoyle (11698) | more than 5 years ago | (#25934545)

Cisco 800 series, if you don't mind learning IOS (cisco SDM is not ipv6 compliant yet so you can't set it up with the GUI).

The apple Wifi routers - time machine, etc. are compliant but alas they don't offer one with a DSL port.

Plus you can do a homebrew linux solution with certain routers.. that's not really end user friendly though.

It's a pretty sad situation... router manufacturers won't do ipv6 until there's demand from ISPs, ISPs won't do it until there's demand from users, and users won't demand it until they can buy hardware that supports it...

Re:You'll see IPv6 . . . (1)

Teun (17872) | more than 5 years ago | (#25934055)

Except there are still no good IPv6 capable load balancers, that'll stop most serious ISP's.

Re:You'll see IPv6 . . . (3, Interesting)

Tony Hoyle (11698) | more than 5 years ago | (#25934501)

Everything that is worth buying has been IPv6 compliant for years.

Hmm..

iphone - nope.
xbox 360 - nope.
PS3 - nope.

That's 3 things worth buying that definately aren't.. and I'm not even including home routers on that list which are a glaring example of 'not ipv6 compliant'.

Re:so i see talk of ipv6 more and more.... (2, Insightful)

Morth (322218) | more than 5 years ago | (#25933313)

The advantage is you get rid of your NAT. You can for example use it to access your computer remotly with ssh or file sharing, or get IP telephone provided separately from your ISP.

You can turn on 6to4 in your OS, it will give your whole home network global IPv6 addresses with your IPv4 connected computer as router. Some OSes might require further configuration.

Around here (Sweden) many ISPs actually have a local 6to4 router so the speed is the same, but in some locations you will get a longer route if you do this though.

Re:so i see talk of ipv6 more and more.... (5, Interesting)

Dolda2000 (759023) | more than 5 years ago | (#25933393)

I, too, am using 6to4 at home in order to get rid of NAT, but lately I've been having great trouble when traveling around with my IPv6-enabled laptop (running Debian).

See, whenever I get to a public access point (which uses public IPv4 addresses, rather than a private 192.168.x.x net) it turns out that any Vista computers connected to the same link auto-configure themselves to use 6to4 and then advertise over ICMP that they are willing to route traffic through their 6to4 net. However, it turns out that they just drop the traffic! My laptop, not knowing that, though, will try to route IPv6 traffic through them nevertheless, which just makes every IPv6 site (including my own) stop working. Viva Vista!

Does anyone know why Vista does this, and whether it's possible to prevent or work around it somehow?

Re:so i see talk of ipv6 more and more.... (2, Interesting)

kasperd (592156) | more than 5 years ago | (#25933931)

Vista computers connected to the same link auto-configure themselves to use 6to4 and then advertise over ICMP that they are willing to route traffic through their 6to4 net. However, it turns out that they just drop the traffic!

That is an interesting case. I wish I could point out what you should be doing differently, but it isn't obvious to me. When you have a public IPv4 address, you could run your own 6to4 gateway. But of course if you have a network with public IPv4 addresses to multiple machines, you usually don't want each and every one of them to run a 6to4 gateway. It would be more appropriate to have one machine being the 6to4 gateway, and your machine seems to be trying to find it, and fail at that.

So that leaves us with two questions. Why are those Vista machines behaving the way they do? And what can you do to make your own laptop work under those circumstances? You could get your laptop to ignore advertisements of 6to4 routers if it already has a public IPv4 address, and then just setup your own 6to4 gateway in that case (but don't announce it on the network unless you intend to forward packets in both directions). Doing that should work as long as the network you are on does not filter away the 6to4 packets. Possibly that is what is going wrong for the Vista machines. It is plausible that they are actually working correctly, and the network is at fault. It would be worth setting up your own 6to4 gateway just to find out if that is the reason.

The other question to ask is when there is a bunch of gateways all announcing an 6to4 segment, how do you find out if there is one among them, that works correctly. I don't have any better suggestion than just trying to send a handcomputerful of pings through each of them to servers known to respond.

What do you do when all you are provided by the network is an RFC1918 address? Are you using a tunnel broker? Perhaps you could have a white list of good 6to4 gateways and if you receive announcements from any 6to4 gateway not on your list, just pretend it does not exist, and do whatever you would do in that case.

Re:so i see talk of ipv6 more and more.... (1)

sjames (1099) | more than 5 years ago | (#25934409)

It may be necessary to filter out the route announcements from Vista in iptables. Vista REALLY shouldn't be sending router announcements unless it has been specifically configured to be a router (but, being a MS product, sensibility and spec compliance are too much to ask for).

Re:so i see talk of ipv6 more and more.... (-1, Troll)

Anonymous Coward | more than 5 years ago | (#25934119)

Does anyone know why Vista does this, and whether it's possible to prevent or work around it somehow?

Step 1: install Linux

Re:so i see talk of ipv6 more and more.... (0)

Anonymous Coward | more than 5 years ago | (#25934319)

On other people's computers? Without their permission? That's probably illegal.

Re:so i see talk of ipv6 more and more.... (2, Funny)

berend botje (1401731) | more than 5 years ago | (#25934703)

Not when I'm in the jury, it isn't.

Re:so i see talk of ipv6 more and more.... (1)

Tsujiku (902045) | more than 5 years ago | (#25934375)

On someone else's computer?

Re:so i see talk of ipv6 more and more.... (0)

Anonymous Coward | more than 5 years ago | (#25933653)

"The advantage is you get rid of your NAT."

And that's a point NOT to deploy IPv6. Bellovin stated, back in the days when the concept of a network firewall was born, that you might control the choke point of your network (the perimetral firewall) but that you wouldn't hope to control the miriad internal devices that would be deployed out of your control, maybe even without notice. If an internal box is to "talk" to the wild outside, I must know, I must approve and I must log, so the "direct access to the Internet" is something I definetly won't buy into.

Re:so i see talk of ipv6 more and more.... (1)

growse (928427) | more than 5 years ago | (#25934417)

How does a properly managed firewall not control devices inside the network, known or otherwise?

Re:so i see talk of ipv6 more and more.... (1, Interesting)

WillKemp (1338605) | more than 5 years ago | (#25933679)

The advantage is you get rid of your NAT.

That's a disadvantage for 99% of internet users. NAT blocks direct access to your computer from the internet - which is a very good thing in most cases. Only a small proportion of geeks are likely to know what to do with direct access, or care about it - and most of them can get public IP addresses now, if they want them, anyway.

The hideous mess of viruses and spambots that comprises the vast majority of internet connected computers can surely only get much worse if anyone can get direct access to them. Yeah, i know a firewall will make it more secure, but antiviruses should have prevented the mess we've got today!

Re:so i see talk of ipv6 more and more.... (1)

headbulb (534102) | more than 5 years ago | (#25933933)

ipv6 is so large that scanning the net for computers is extremely impractical. I know security through obscurity. There is also the consideration that most routers will still be setup to only connections to be initiated from the inside. NAT is a horrible way of getting computers on the internet. It breaks more things then it fixes.

Re:so i see talk of ipv6 more and more.... (1)

growse (928427) | more than 5 years ago | (#25934427)

And if they employed their routers as simple packet filters, they'd achieve exactly the same result as NAT, but without the annoyingness and without using the wrong tool for the job.

Re:so i see talk of ipv6 more and more.... (1)

harry666t (1062422) | more than 5 years ago | (#25934435)

> (...) That's a disadvantage for 99% of internet users.
> NAT blocks direct access to your computer from the internet (...)

No, you DO NOT want a NAT. You want a properly configured firewall.

It'd give you the same advantages with NO disadvantages.

Re:so i see talk of ipv6 more and more.... (1, Informative)

Anonymous Coward | more than 5 years ago | (#25934711)

NAT blocks direct access to your computer from the internet

No, it doesn't. A firewall does that. The NAT/Firewall pair is pretty convenient, but there's no reason an IPv6 firewall wouldn't be just as effective.

Re:so i see talk of ipv6 more and more.... (1)

schnikies79 (788746) | more than 5 years ago | (#25933777)

I don't want to get of NAT. Instead of having to firewall each device, I have a single point (the router).

NAT makes it easy.

Re:so i see talk of ipv6 more and more.... (1, Informative)

Anonymous Coward | more than 5 years ago | (#25933849)

Thought about just configuring your router appropriately?

A NAT box is a statefull firewall that re-writes packets that go through it to masquerade as if the whole internal network was one machine.

Why not just use a statefull firewall that doesn't re-write packets?

Re:so i see talk of ipv6 more and more.... (3, Insightful)

sjames (1099) | more than 5 years ago | (#25934695)

NAT for firewalling is really an abuse of the protocol. Instead, dump it and use IPv6, then have the router filter the packets. That way, instead of having to rewrite the packets, the router just has to make a drop or forward decision.

If you make DROP the default decision and then add specific ALLOW rules, you'll get the same semantics as NAT with a lower load on the router

AN added benefit (FOR NOW anyway) is that most ssh dictionary attacks are against IPv4 addresses. If your internal machines can only be reached through v6, you won't have to worry about those.

Even if the crackers update to use v6, they won't be nearly as successful since they would first have to guess which dozen or so v6 addresses out of the possible billions on your 6to4 prefix actually have something listening. Sending out a few billion probe packets wouldn't really be a good option for them, especially when someone might have a honeypot assigned hundreds of IPs (making it by far the most likely machine to be attacked).

Maybe (3, Insightful)

Midnight Thunder (17205) | more than 5 years ago | (#25933681)

In reality IPv6 is about infrastructure, so if it is all done right then your average Joe shouldn't see much of an impact. In most cases the average user leaves their setting in automatic mode, so as long as the OS and corresponding application are already IPv6 aware then they won't notice until they need to use a numerical address. If they have a home router, then they may find that they need to buy a new one as the manufacturer is only releasing IPv6 aware firmware for routers manufactured after a certain date.

There are still plenty of issues before everything is working right on both the client and server front. Issues still in place:
  - network hardware not IPv6 compliant (the only compliant home router for the moment is the Apple Airport)
  - network administrators oblivious to IPv6
  - ISPs not preparing for IPv6
  - libraries for popular computer programming languages not IPv6 ready. Take Perl libwww for example.
  - people saying that no one else is doing anything, so they won't do anything either - the classic sheep mentality

I would like to see stuff like Zeroconf (aka Bonjour, Avahi) become common place on all OSs (this include Windows), or at least if these routers could add the names of computers in their DHCP table (including themselves) in their DNS directory, so typing in numerical IP addresses should not be necessary.

That a $20 gets you a hooker tranvestite transexua (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#25933127)

Not my idea of fun ... hooker tranvestite transexual wanabe

Catching up on the competition (0, Redundant)

heffrey (229704) | more than 5 years ago | (#25933143)

Only 5 years later than MS and Apple, not bad really

Re:Catching up on the competition (1)

mattMad (1271832) | more than 5 years ago | (#25933249)

I tend to believe your statement - but a link to a source verifying this would have been nice anyway...

Re:Catching up on the competition (1)

pha7boy (1242512) | more than 5 years ago | (#25933259)

maybe, but IPv6 is still not fully adopted by the market, and certainly 5 years ago had only very small adoption rates. That they are compliant now makes more sense.

Re:Catching up on the competition (5, Informative)

UnknowingFool (672806) | more than 5 years ago | (#25933287)

Well Apple and MS has had some IPv6 support for a while but they are shades to the amount of support. I believe that IPv6 has been available in Linux before MS or Apple (since 1996). However it was deemed "experimental" until 2005 even though it worked well enough for most people and distros. MS has had limited IPv6 starting with Win2K and has had some IPv6 support with XP in 2002. As for DoD compliance, only Vista with SP1 is partially compliant [disa.mil] and OS X does not to appear to have been tested.

Re:Catching up on the competition (2, Informative)

Bert64 (520050) | more than 5 years ago | (#25933763)

The support in win2k was an experimental addon published by microsoft research, it was never an official feature.
It was XP which first introduced support in the base distro, but it was not turned on by default and if autoconfig didn't work you had to use the cli tools to configure it. Also it wouldn't do DNS over ipv6 so you still need ipv4 connectivity for your dns at least.

Linux had support a lot earlier as you pointed out, as did digital unix (aka tru64 unix), the bsd's got support fairly early too. It was only market experimental because there was really no other reason to use it, you could pretty much only get tunneled ipv6 from a free tunnel broker with no guarantee you would keep the addresses etc. In terms of functionality, the stack worked great even in the 2.2.x kernel, ipv6 has long been popular on IRC because you can create more vanity hostnames more easily, and its a little harder for some of the script kiddies to dos you.

Re:Catching up on the competition (1)

Tony Hoyle (11698) | more than 5 years ago | (#25934627)

WTF? XP autoconfig works just fine.. every XP machine here has a working ipv6 stack and I wouldn't even know what the cli commands were as I've never had to use them.

Re:Catching up on the competition (2, Informative)

Gorgonzolanoid (1394311) | more than 5 years ago | (#25934361)

There's support and support. The first OS to have certified DOD compliant IPV6 support (what this topic is about) was Vista. Solaris 10 came second. Neither had IKEv2 capability. Then came Novell and RedHat, both with IKEv1 and IKEv2.

So it's not only a neck-to-neck race, but you can also be first, and you can be first (with IKEv2).

You can find the list, with certification dates, here [disa.mil] .

Re:Catching up on the competition (1)

fuhrysteve (1310621) | more than 5 years ago | (#25933291)

MS and Apple have wasted a lot of resources on a lot of systems for the past 5yrs then, since IPv6 hasn't been used on ~99.9% of the systems it has been installed on.

Re:Catching up on the competition (5, Informative)

TheRaven64 (641858) | more than 5 years ago | (#25933421)

Apple didn't spend much at all. They use the KAME stack, which was developed by a consortium of Japanese companies for BSD-family systems. It was started in 1998 and achieved full compliance in 2006. Apple just pulled in the code and merged it. Since it already ran on BSD/OS, FreeBSD, NetBSD, OpenBSD and DragonflyBSD, this was not a huge undertaking.

Re:Catching up on the competition (1)

Midnight Thunder (17205) | more than 5 years ago | (#25933723)

Apple didn't spend much at all. They use the KAME stack, which was developed by a consortium of Japanese companies for BSD-family systems. It was started in 1998 and achieved full compliance in 2006. Apple just pulled in the code and merged it. Since it already ran on BSD/OS, FreeBSD, NetBSD, OpenBSD and DragonflyBSD, this was not a huge undertaking.

While the OS itself is IPv6 compliant, stuff like the Finder and certain GUI based applications (Network Utility) is still oblivious to IPv6. Although not an Apple product, Samba the last time I tried did not seem to be IPv6 ready - if anyone knows otherwise please correct me. Other than the Finder and Network Utility, are there any other Apple provide applications that are failing IPv6 compatibility?

Re:Catching up on the competition (2, Interesting)

Tony Hoyle (11698) | more than 5 years ago | (#25934661)

Samba works on ipv6 but I think the OSX version doesn't. Things go *really* screwy if you use an ipv6 enabled samba in a Win2003 domain, so they probably disabled it to avoid problems.

Re:Catching up on the competition (0)

Anonymous Coward | more than 5 years ago | (#25934015)

Apple just pulled in the code and merged it. Since it already ran on BSD/OS, FreeBSD, NetBSD, OpenBSD and DragonflyBSD, this was not a huge undertaking.

They didn't have to pull in anything, they go IPv6 "for free" when they chose to use the FreeBSD for their userland and POSIX layers.

Re:Catching up on the competition (1)

kasperd (592156) | more than 5 years ago | (#25933975)

MS and Apple have wasted a lot of resources on a lot of systems for the past 5yrs then, since IPv6 hasn't been used on ~99.9% of the systems it has been installed on.

I wouldn't say Apple's time spent on this has been wasted. After all more than 50% of the client machines on the IPv6 network are Macs [slashdot.org] .

Re:Catching up on the competition (0)

Anonymous Coward | more than 5 years ago | (#25933317)

I think that they are compliant just to catch up.. really, does your isp support ipv6, probably not... so why would I want to use another protocol to do ipv4's job?

Re:Catching up on the competition (0, Troll)

Yfrwlf (998822) | more than 5 years ago | (#25933325)

Not that I care about such things, especially that aren't requirements for computer users quite yet but...

A) So since Linux had it stabilized but not DoD-approved in 2005, you're saying MS and Apple had it...stabilized?...in 2000? Were theirs DoD approved back then? Or maybe you're saying in 2005 theirs were DoD approved but Linux's wasn't? B) Linux is open source and driven only by developers who code when there is a need, and there still isn't a need for it so I still don't care about it unlike software which is a bigger target for government administrations like the DoD so those companies might care about implementing it a little more, C) I'm sure Linux had the beginnings of support way before 2005, D) are you claiming the MS or Apple stacks were stable in 2000? I wouldn't be surprised if there were the beginnings of development for it back then in all OSes but I wouldn't think it would have been anywhere near stable back then, but did anyone care enough to actually try it out? Probably not, because again, don't care. E) don't care, F) my epenis is bigger than yours. :D

Re:Catching up on the competition (1)

Yfrwlf (998822) | more than 5 years ago | (#25933347)

I mean seriously, what idiot would tell their developers to push ipv6 as early as 2000 when there was utterly no reason to do so other than a threat from DoD about compliance or something.

But yeah, here come the history I-did-it-before-you wars, look in the thread below you, someone already said BSD did it first before MS.

Oh snap. :D

Re:Catching up on the competition (1, Informative)

Anonymous Coward | more than 5 years ago | (#25933379)

http://en.wikipedia.org/wiki/IPv6#Major_IPv6_announcements_and_availability
'nough said.

Re:Catching up on the competition (1)

Bert64 (520050) | more than 5 years ago | (#25933799)

I believe DEC were doing a lot with ipv6 early on too, they had ipv6 support in digital unix and even had an ipv6 enabled version of altavista available.

Re:Catching up on the competition (2, Informative)

Tweenk (1274968) | more than 5 years ago | (#25933387)

Until Vista, SMB/CIFS didn't support IPv6, so sharing resources over an IPv6 local network didn't work. On top of that, 2005 is the year the "experimental" status was removed. In fact this status is rather conservative and many distros routinely ship kernels with experimental options enabled (e.g. tickless kernel, the WMI drivers, etc.)

Re:Catching up on the competition (1)

Bert64 (520050) | more than 5 years ago | (#25933729)

Linux had IPv6 long before either MS or Apple, it was present by default in the 2.2.x kernels which came out last century, and was probably available as patches long before that.

Let's not forget (1)

DaMattster (977781) | more than 5 years ago | (#25933191)

The BSDs had full support for IPv6 long before M$

Re:Let's not forget (3, Interesting)

mwoliver (688853) | more than 5 years ago | (#25933289)

Yup. In fact, back in the day, the IPv6 support in FreeBSD was the determining factor in my choice to run FreeBSD rather than any then-current distribution of GNU/Linux. Being focused on networking, I didn't have a dog in the OS race, I just needed IPv6 support, and FreeBSD won hands-down. I have enjoyed the blessings of FreeBSD ever since. Even so many years later, IPv6 support on my DD-WRT (Linux) access point is quite non-intuitive and hackish.

Big shout-out to the fine KAME team, especially the late Itojun.

Re:Let's not forget (0)

Anonymous Coward | more than 5 years ago | (#25933355)

Why exactly do you feel the burning desire to turn this into an OS pissing contest? Back under ye bridge, troll

Re:Let's not forget (2, Insightful)

TheRaven64 (641858) | more than 5 years ago | (#25933633)

Possibly because the Linux Foundation has a history of running press releases saying 'Linux can now do something that *BSD could do ages ago!' only without mentioning the fact that Linux is late to the party, and in some cases not mentioning the fact that the code that they are so proud of was ported to Linux from one of the BSDs.

Anything they release should be mentally tagged troll.

I'd say IPv6 is vaporware (0)

Anonymous Coward | more than 5 years ago | (#25933239)

It's in the pipes for a decade, and will probably be deployed after the dust settles over the 2nd coming.

Re:I'd say IPv6 is vaporware (1)

gmuslera (3436) | more than 5 years ago | (#25933345)

Vaporware is when some software is promised and is not programmed/available yet. In this case, the programming is already all over there, is available for all major platforms and probably involved hardware too, you just need the world to actually use it.

Exist a migration roadmap for it? or there are still showstoppers?

Re:I'd say IPv6 is vaporware (0)

Anonymous Coward | more than 5 years ago | (#25933373)

So, once Obama has been in office a year or two?

For those who want to DISABLE ipv6 (1)

greenash (757071) | more than 5 years ago | (#25933263)

And for the majority of users, for whom ipv6 is at best useless and at worst an annoyance, blacklist the ipv6 module. E.g. in Debian / Ubuntu add the line

blacklist ipv6

to /etc/modprobe.d/blacklist

While you're at it, you might also want to blacklist pcspkr (get rid of annoying console beeps), lp, parport and parport_pc (parallel port printer) and joydev (unless you have a joystick of course).

Re:For those who want to DISABLE ipv6 (0)

Anonymous Coward | more than 5 years ago | (#25933349)

And for the majority of users, for whom ipv6 is at best useless and at worst an annoyance, blacklist the ipv6 module. E.g. in Debian / Ubuntu add the line

blacklist ipv6

to /etc/modprobe.d/blacklist

While you're at it, you might also want to blacklist pcspkr (get rid of annoying console beeps), lp, parport and parport_pc (parallel port printer) and joydev (unless you have a joystick of course).

Or you could build your own kernel and include only the items you want. Personally I like that much better than everything-plus-the-kitchen-sink and then disabling what you don't want. While you might initially think that the custom kernel doesn't satisfy the point-and-drool crowd, well, neither does editing blacklist entries for kernel drivers.

Re:For those who want to DISABLE ipv6 (1)

Midnight Thunder (17205) | more than 5 years ago | (#25933757)

And for the majority of users, for whom ipv6 is at best useless and at worst an annoyance

In what way is it an annoyance?

Re:For those who want to DISABLE ipv6 (1)

pablomme (1270790) | more than 5 years ago | (#25934131)

And for the majority of users, for whom ipv6 is at best useless and at worst an annoyance, blacklist the ipv6 module. E.g. in Debian / Ubuntu add the line

blacklist ipv6

to /etc/modprobe.d/blacklist

While you're at it, you might also want to blacklist pcspkr (get rid of annoying console beeps), lp, parport and parport_pc (parallel port printer) and joydev (unless you have a joystick of course).

I've done all of this in Ubuntu for a computer with 256MiB of RAM to recover as much memory as possible. Guess what, the gain is negligible, in terms of both memory and boot time. Upgrading to Intrepid helped much more than blacklisting modules.

So not a useful piece of advice, IMHO. YMMV.

IPv6 has been known to be needed since 1991 (2, Interesting)

apathy maybe (922212) | more than 5 years ago | (#25933303)

Kapor is in his element now, fluent, thoroughly in command in his material. "You go tell a hardware Internet hacker that everyone should have a node on the Net," he says, "and the first thing they're going to say is, 'IP doesn't scale!'" ("IP" is the interface protocol for the Internet. As it currently exists, the IP software is simply not capable of indefinite expansion; it will run out of usable addresses, it will saturate.) "The answer," Kapor says, "is: evolve the protocol! Get the smart people together and figure out what to do. Do we add ID? Do we add new protocol? Don't just say, we can't do it."

Source: http://www.mit.edu/hacker/part4.html [mit.edu]

So why the fuck hasn't it been adopted yet?

------

Anyway, does anyone have any sources as to know the other "big" OS's (MS Windows, Mac OS, the BSD's etc.) were able to speak IPv6 (if they are able to at all?)?

Also, I've tried to find information about whether FreeDOS can do IPv6, but couldn't. Could anyone help there?

-----

Finally, the beauty of FLOSS.

Re:IPv6 has been known to be needed since 1991 (1)

drinkypoo (153816) | more than 5 years ago | (#25933399)

So why the fuck hasn't it been adopted yet?

Because that's your job. Get the fuck over here and migrate my network, stat.

Re:IPv6 has been known to be needed since 1991 (2, Interesting)

TheRaven64 (641858) | more than 5 years ago | (#25933453)

Anyway, does anyone have any sources as to know the other "big" OS's (MS Windows, Mac OS, the BSD's etc.) were able to speak IPv6 (if they are able to at all?)?

The KAME stack was completed in March 2006. It implements IPv6 and IPsec and is used by FreeBSD, BSD/OS, OpenBSD, NetBSD,DragonFlyBSD, and OS X. Linux achieved a comparable degree of support around a year later. KAME snapshots were incorporated in these operating systems before the project was completed, and enough of the protocol to be useful has been supported by them since around 2000. Linux does not use KAME, but I don't know how much (if any) code they borrow from it.

Itojun did some really amazing work with KAME. It's sad that he didn't live to see worldwide IPv6 deployment.

DoD Standards? (0)

Anonymous Coward | more than 5 years ago | (#25933343)

Wasn't it those standards that left huge doors open to the Russian, and perhaps Chinese military, buying machines all of the same type, same OS, and so on?

IPv6 for Linux: yip, yip, yahoo! But much like the Nobel Peace Prize, it'll take a while until it earns back my respect.

Linux Foundation Says All Major Distros Are IPv6 (0)

neonux (1000992) | more than 5 years ago | (#25933369)

I am Captain Obvious and I approve this FA.

Re:Linux Foundation Says All Major Distros Are IPv (1)

egr (932620) | more than 5 years ago | (#25933433)

and I am a General Disagree and I totally disagree with you

Re:Linux Foundation Says All Major Distros Are IPv (1)

Hal_Porter (817932) | more than 5 years ago | (#25933565)

I am General Failure, reading your hard disk.

Re:Linux Foundation Says All Major Distros Are IPv (1)

cp.tar (871488) | more than 5 years ago | (#25933623)

I am Colonel Panic, halting ur systemz.

Re:Linux Foundation Says All Major Distros Are IPv (1)

Hal_Porter (817932) | more than 5 years ago | (#25933751)

Corporal Punishment is sending Major Pain to ur Private Parts.

Re:Linux Foundation Says All Major Distros Are IPv (0)

Anonymous Coward | more than 5 years ago | (#25933801)

I am Tzar Soviet Russia and my Private Parts inflict Major Pain to YOU!

Re:Linux Foundation Says All Major Distros Are IPv (1)

cp.tar (871488) | more than 5 years ago | (#25933817)

That's Private Perks. Private Oliver Perks.

Re:Linux Foundation Says All Major Distros Are IPv (1)

j79zlr (930600) | more than 5 years ago | (#25934109)

I am Colonel Mustard and I am waiting in the study with a candlestick.

How about a report on ISPs? (4, Interesting)

Midnight Thunder (17205) | more than 5 years ago | (#25933389)

Now that I know Linux joins the ranks of IPv6 compliant OSs, I just need an ISP that supports IPv6. The problem is, in North America at least, is that there are still few to no ISPs providing IPv6 addresses. Instead I have to resort to tunnel providers (some listed here [wikipedia.org] ). What we need is a list of major internet service providers in North America and an indication of their IPv6 readiness and what they excuse is for not starting the migration.

In order to get ISPs moving we could each mail the one we use and ask them when the plan to offer IPv6 addresses.

Some 'cool stuff' using IPv6: https://www.sixxs.net/misc/coolstuff/ [sixxs.net]

NetBSD (0)

Anonymous Coward | more than 5 years ago | (#25933489)

I believe NetBSD was an early with its IPv6-support. But you can't tell from the NetBSD users. Try going into an NetBSD IRC channel, and mention you want to set up IPv6.

You will be met by fear. And long speeches about how we'll never need anything but IPv4 - which may or may not be true. But IPv4 was not made with real-time VoIP in mind. IPv6 was.

if IPv6 is the Vista of the TCP/IP stack... (0)

Anonymous Coward | more than 5 years ago | (#25934197)

then maybe we should wait for Cert and Ballmer to pre-announce the packaging of IP version 7 with Windows version 7.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>