×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Military Pressuring Vendors On IPv6

Soulskill posted more than 3 years ago | from the small-arms-fire-can-be-a-powerful-motivator dept.

Networking 406

netbuzz writes "US military officials are threatening IT suppliers with the loss of military business if they don't use their own wares to start deploying IPv6 on their corporate networks and public-facing Web services immediately. 'We are pressing our vendors in any way we can,' says Ron Broersma, DREN Chief Engineer and a Network Security Manager for the Navy's Space and Naval Warfare Systems Command. 'We are competing one off against another. If they want to sell to us, we're asking them: Are you using IPv6 features in your own products on your corporate networks? Is your public Web site IPv6 enabled? We've been doing this to all of the vendors.'"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

406 comments

Say it! (4, Funny)

Anonymous Coward | more than 3 years ago | (#34623174)

Say you love IPV6, damn you! Say it!

Re:Say it! (4, Insightful)

c0lo (1497653) | more than 3 years ago | (#34623988)

I never thought I'll be agreeing with the idea of "army applying pressure" would bring anything good... until now.
(note to myself: seems like I'm growing old faster than I thought).

Well (4, Insightful)

zero.kalvin (1231372) | more than 3 years ago | (#34623212)

I'll be pretty suspicious if Steve jobs tried to pitch me a mac while he is running fedora on his personal laptop. Point taken, good job I suppose.

Re:Well (5, Insightful)

ushering05401 (1086795) | more than 3 years ago | (#34623372)

Yeah, good job and more please.

Whoever writes the speeches @ 1600 Penn ought to make sure this one at least gets some lip service. While not a big deal for the general public, it is something that shows some common sense due diligence and proactive thinking from a widely vilified branch of our Federal machinery.

How long will IPv6 last? (3, Funny)

Anonymous Coward | more than 3 years ago | (#34623214)

Based on current rates of growth and industry trends, how long will it be before the IPv6 space is exhausted? Given how hard this transition is, would it be better to go directly to IPv8 or some kind of variable-length scheme?

Re:How long will IPv6 last? (2, Funny)

TheDarAve (513675) | more than 3 years ago | (#34623236)

640k of address space should be enough for anyone.

Re:How long will IPv6 last? (0)

Anonymous Coward | more than 3 years ago | (#34624254)

It is. The problem is that it is not enough for everyone.

Re:How long will IPv6 last? (3, Insightful)

Nethead (1563) | more than 3 years ago | (#34623240)

You try to design a router ASIC with variable length addresses!

Re:How long will IPv6 last? (0)

Anonymous Coward | more than 3 years ago | (#34623646)

Ethernet frames are bad enough. ATM for final victory.

Re:How long will IPv6 last? (5, Informative)

zero.kalvin (1231372) | more than 3 years ago | (#34623244)

2^128 unique address. I don't think we'll be exhausting them any time soon. That's like each person on earth have access to roughly 10^38 unique address.

Re:How long will IPv6 last? (0)

Anonymous Coward | more than 3 years ago | (#34623290)

2^128 unique address. I don't think we'll be exhausting them any time soon. That's like each person on earth have access to roughly 10^38 unique address.

Doesn't matter. I want IPv6-NAT... And anyway, IPv6 addresses are ugg-ly.

Hell, maybe the whole IPv6 thing should be thrown out and something else designed, that is more compatible with the existing IPv4 network.

Re:How long will IPv6 last? (4, Insightful)

Nethead (1563) | more than 3 years ago | (#34623358)

We're down to the last 5 IPv4 /8 netblocks. A little late for that.

Re:How long will IPv6 last? (1)

Aqualung812 (959532) | more than 3 years ago | (#34623530)

Doesn't matter. I want IPv6-NAT...

You want to learn about security. There is nothing good about IPv6-NAT, and security through obscurity isn't security.

And anyway, IPv6 addresses are ugg-ly.

Learn DNS. You should only be looking at a IPv6 address if you are a network engineer.

Re:How long will IPv6 last? (1)

Anonymous Coward | more than 3 years ago | (#34623698)

I'm honestly curious about this question, not looking to get into a flame-war. I've been searching for a while now for the answer: How does IPv6 handle IP address abstraction? What I mean is, I don't want to be switching my internal networks IP addressing around every time I switch ISP's. With IPv4, I have a private addressing scheme which gives everything a logical home and doesn't have to be re-done when I switch ISP's for a location. So far, no resources on IPv6 that I've found tell me how this feature of NAT has been replaced.

Re:How long will IPv6 last? (1)

segedunum (883035) | more than 3 years ago | (#34623814)

Oh God, please don't let sensible practicality get in the way of this. You should know by now that private addressing and NAT is completely evil and there are absolutely no reasons at all why you should be doing this.

Re:How long will IPv6 last? (0)

Anonymous Coward | more than 3 years ago | (#34623848)

See that's what I'm afraid the thinking has been so far. I've got many hours in on searching for this and so far, nothing. The resources I come up with keep demonstrating networks that appear to require me to stay on one ISP forever at each of my locations.

Re:How long will IPv6 last? (0)

MichaelSmith (789609) | more than 3 years ago | (#34623890)

In my intranet I want each node to have a hostname so that I can reach it to access services. For this to work I need to give each node a static IP address. So how can I do that without private addresses?

Re:How long will IPv6 last? (1)

asdfghjklqwertyuiop (649296) | more than 3 years ago | (#34624040)

Do what without private addresses? Assigning static addresses or setting up A or AAAA records works about the same with public or private addresses.

Re:How long will IPv6 last? (0)

Anonymous Coward | more than 3 years ago | (#34624142)

You can use the fc00::/7 prefix for your internal network... called a Unique Local Address. It's defined in the RFCs. Another range may be used for that, if it hasn't been deprecated (fec0::/10).

I just took the /64 that HE assigned me and assigned internal IPv6 addresses to everything, based on their IPv4 addresses... only one machine has a tunnel set up though.

Re:How long will IPv6 last? (1)

Rising Ape (1620461) | more than 3 years ago | (#34624192)

You can have private addresses with IPv6. You can also have multiple addresses per interface, so you could advertise/withdraw the appropriate route advertisements for public addresses as needed, in addition to the static, private one, with the public ones being used for external communications. So all your internal communications work with fixed addresses.

Whether the tools have been implemented to make the administration of that practical is another matter entirely, but is rather the key issue.

Re:How long will IPv6 last? (-1, Troll)

segedunum (883035) | more than 3 years ago | (#34623794)

You want to learn about security. There is nothing good about IPv6-NAT, and security through obscurity isn't security.

Nobody wants to expose all their internal addresses. Period. Which part of that can you dumb fucks not understand? No organisation is going to want to implement that.

Learn DNS. You should only be looking at a IPv6 address if you are a network engineer.

I'm afraid that IP addresses are a very real part of working on networks today, and making them relatively easy to remember is pretty important. Mixing numbers and letters together in hexadecimal (a numbering system humans don't use) was something cobbled together by some tit who had no idea about the practicalities of maintaining a network.

Re:How long will IPv6 last? (2)

vijayiyer (728590) | more than 3 years ago | (#34623878)

There are large corporations with whole class A blocks that expose all their internal addresses because it has nothing to do with security. So much for your "no organisation" argument.

Re:How long will IPv6 last? (1)

asdfghjklqwertyuiop (649296) | more than 3 years ago | (#34623950)

Nobody wants to expose all their internal addresses. Period. Which part of that can you dumb fucks not understand? No organisation is going to want to implement that.

Exposing your internal addresses should be irrelevant to security unless you're doing something else wrong. Those of us that understand that are OK with our internal addresses being exposed and want them to be. A lot of organizations already do implement that even with IPv4. Which part of that do you dumb fucks not understand?

Re:How long will IPv6 last? (0)

Anonymous Coward | more than 3 years ago | (#34624152)

Windows Firewall with "Advanced Features" is AWESOME!!!!111!!

Re:How long will IPv6 last? (4, Insightful)

CyprusBlue113 (1294000) | more than 3 years ago | (#34624286)

You should refrain from lumping the rest of the world in to your little delusions, the rest of the internet that actually works in networking, do not in fact, share your paranoid view of "OMG PEOPLE SEE MY IPS! THEY CAN HACK ME!" and are actually quite comfortable in the significant distinction between stateful fire-walling and IP masquerading / Network Address Translation.

You may have actually had a smidgen of an argument if you had brought up PI space as opposed to using assigned space in your uninformed rant due to portability issues when switching carriers or multihoming, but unfortunately, you avoided even the one tiny hope of an argument you could have made in your favor.

As to your DNS vs IP comment, (although this applies to your previous ranting as well) To quote a favorite movie of many:
What you just said is one of the most insanely idiotic things I have ever heard. At no point in your rambling, incoherent response were you even close to anything that could be considered a rational thought. Everyone in this room is now dumber for having listened to it. I award you no points, and may God have mercy on your soul.

Thank you for warning the rest of the internet of your ignorance, I have as such, marked you as -1 in my list, and appreciate the gracious warning so that I may avoid your drivel in the future. Have a nice day =)

Re:How long will IPv6 last? (1)

mark-t (151149) | more than 3 years ago | (#34623824)

You presume that people might want NAT for security... when they may simply want it for its notion of compartmentalization. Many devices in your home may be able to benefit from internet connectivity, for example, but not all of them would benefit from being visible on the global Internet, and neither would it be desirable for them to be... again, not from an issue of security, but simply from an issue of what would make any sort of sense (of course, the same reasoning could apply to why some devices should not have IP addresses at all).

Re:How long will IPv6 last? (1)

asdfghjklqwertyuiop (649296) | more than 3 years ago | (#34624006)

So "compartmentalize" them all you want with public addresses. It really doesn't matter if your air conditioner is at 192.168.74.91 or 206.221.38.55. You're just losing NAT and non-unique addresses and gaining more work when you renumber (which IPv6 makes easier).

Re:How long will IPv6 last? (0)

Anonymous Coward | more than 3 years ago | (#34624020)

Rewriting my firewalls rules each time I switch ISP's doesn't sound very safe or fun to me. How does IPv6 allow me to set up an internal addressing scheme independent of what my ISP is allocated?

Re:How long will IPv6 last? (1)

asdfghjklqwertyuiop (649296) | more than 3 years ago | (#34624076)

What kind of firewall? If it is something with a textual sort of configuration you can just set your prefix once in a variable and use the variable throughout the configuration.

Re:How long will IPv6 last? (0)

Anonymous Coward | more than 3 years ago | (#34624202)

Cisco ACL's, for example. I've not seen variables mentioned before, I'll have to go read up on them.

Re:How long will IPv6 last? (1)

RapmasterT (787426) | more than 3 years ago | (#34623964)

Doesn't matter. I want IPv6-NAT...

You want to learn about security. There is nothing good about IPv6-NAT, and security through obscurity isn't security.

There's a lot more to NAT than security. You might want to read up on it.

And anyway, IPv6 addresses are ugg-ly.

Learn DNS. You should only be looking at a IPv6 address if you are a network engineer.

You do know where you are right? "only if you are a network engineer" is going to be a significant part of the Slashdot population. Also, "learning DNS" without learning the underlying protocol (IPv6) is not learning anything, you're just using an app.

Re:How long will IPv6 last? (0)

Anonymous Coward | more than 3 years ago | (#34624038)

There's a lot more to NAT than security. You might want to read up on it.

Yep.
The same security as a stateful firewall, with all the "fun" of port forwarding.

Re:How long will IPv6 last? (1)

Yvanhoe (564877) | more than 3 years ago | (#34623996)

Actually DNS appearing to be the pressure point that censors will use to switch down website, I say it is interesting to be able to memorize a few or to write them down quickly.

Re:How long will IPv6 last? (1)

Nursie (632944) | more than 3 years ago | (#34624264)

Not having machines publicly addressable is most definitely a security advantage.

I hear this all the time, that it's insecure, but I have yet to hear an actual good reason, do you have one?

Because NAT is perfect for plug-n-play devices with questionable per-device security. Why on earth should consoles and internet-aware appliances at my folks house need a public address? They don't know much about security and getting rid of in-home NAT just exposes them to far more risk.

NAT == BAD seems to be a religious expression more than anything actually practical.

As for DNS... are we going to have a DNS server in every home now too? Every device is going to agree on the same WINS-style home-DNS registry protocol?

Until nanotech networks need addresses. (1)

Ungrounded Lightning (62228) | more than 3 years ago | (#34623326)

2^128 unique address. I don't think we'll be exhausting them any time soon. That's like each person on earth have access to roughly 10^38 unique address.

Huh?

That's not enough to address the cells of one human body.

(Of course putting your medical nanobots on the internet would be a pretty dumb move. DoS attacks would sink to a new level - about six feet under, while BSoD would become quite literal.)

Re:Until nanotech networks need addresses. (1)

Anonymous Coward | more than 3 years ago | (#34623404)

double huh...? there are on the order of 10^27 *atoms* in an "average" human body, and the number cells is far fewer still. that's just a wee bit smaller than 10^38...

Oops. Off by a few orders of magnitude. B-( (1)

Ungrounded Lightning (62228) | more than 3 years ago | (#34623452)

Oops. Need to check my math BEFORE posting. B-(

About 47 bits to address the cells of one body (if you only have one device with one port each and nothing for other stuff). Another 33 for the current population. That's only about 2/3 of the bits.

Still, IMHO that's starting to get a little tight. You'll probably want more than one bot per cell, one port per bot, and that's not even counting things like the intestinal bacteria (which out-count the body cells by enough to reduce the body cells to a footnone.) More significantly, there are a LOT of things besides people's guts that could use such molecular-machine attention.

So IMHO ipv6's address space is only adequate for macro machines on one planet.

Re:Oops. Off by a few orders of magnitude. B-( (0)

Anonymous Coward | more than 3 years ago | (#34623660)

Well, if you want to access each and every bacteria in your body from the Internet, you may as well write a higher level protocol just for this purpose. Your body can get a IPv6 address, and then you layer a Body Protocol on top of it. You can store a Body Address in the IP payload just fine. An since your application will be speaking this protocol, while everyone else won't give a shit, it should be perfect.

Re:How long will IPv6 last? (0)

Anonymous Coward | more than 3 years ago | (#34623338)

What's the population growth rate of the earth? What's the growth rate of devices per person? Sure ipv6 has big numbers, but big numbers is what exponential growth is all about

Re:How long will IPv6 last? (3, Informative)

Junta (36770) | more than 3 years ago | (#34623374)

Though things aren't likely to exhaust any time soon, that's a fairly naive perspective on it.

2^121 addresses are knocked out by ULAs, 2^118 knocked out by link-local addressing, 2^120 are only available for multicast. In aggregate, a small chunk, but sizable.

Then, there is the inefficiency of distribution. Nothing smaller than /64 is ever supposed to be given to any single network segment. Currently, nothing smaller than a /48 is supposed to be given to an entity allowed to do routing (e.g. houses), though some have proposed allowing /56. Just like some places have 16.7 million IP addresses that don't need them, similar inefficient allocations will be made in IPv6 world.

In order to do a competent assessment, a more complex projection is required.

Re:How long will IPv6 last? (2)

Gerald (9696) | more than 3 years ago | (#34623430)

There are 2^125 *global* addresses, you resource-hogging Earthist pig.

Re:How long will IPv6 last? (1)

Nethead (1563) | more than 3 years ago | (#34623536)

Er, which globe are you talking about then?

Let me know when you get that fiber drop in the Jupiter system. I'll need to add Europa to my bogon list so I don't accidentally send traffic there.

Re:How long will IPv6 last? (1)

Charliemopps (1157495) | more than 3 years ago | (#34624246)

I remember someone saying the same general thing to me when I bought my first 80Mb hard drive. You could practically install every piece of software ever written for a PC on that one drive! Why would you ever need anything bigger.

Re:How long will IPv6 last? (1)

Arancaytar (966377) | more than 3 years ago | (#34624314)

Yeah, but if nano-scale computers are ever mass-produced...

(...it would still take longer than the age of the universe to run out of addresses.)

Re:How long will IPv6 last? (2)

Nethead (1563) | more than 3 years ago | (#34623304)

Why IPv8? Why not IPv9?

http://www.rfc-archive.org/getrfc.php?rfc=1606 [rfc-archive.org]

Hmmm??? (1)

Anonymous Coward | more than 3 years ago | (#34623340)

Maybe we should just go all the way to IPv11! That's what I'm talkin' 'bout! All Your Base Are Belong to US!

Re:Hmmm??? (0)

Anonymous Coward | more than 3 years ago | (#34623592)

"this internet protocal goes to eleven, its one more than 10!"

Re:How long will IPv6 last? (1)

Relic of the Future (118669) | more than 3 years ago | (#34623402)

Think of it this way: each current IP address could have its own private entire IPv4 address space... and then each of THOSE private addresses could have its own private entire IPv4 address space... and then each of THOSE addresses could have its own private entire IPv4 address space.

It'll last a while.

Re:How long will IPv6 last? (1)

Bucky24 (1943328) | more than 3 years ago | (#34623444)

I'm not entirely sure if you're being sarcastic, or if I'm completely misunderstanding your post, but isn't that how NAT already works?

Re:How long will IPv6 last? (1)

mattventura (1408229) | more than 3 years ago | (#34623504)

Not quite. The nat network would only have a (relatively) small private address space, not the whole IPv4 address space. GP is correct, since the raw IPv4 space is 2^32 and the raw IPv6 space is 2^128.

Re:How long will IPv6 last? (0)

Anonymous Coward | more than 3 years ago | (#34623676)

"Not quite"? Try "not at all".

With NAT, you are hiding a subnet, and other groups can reuse the same subnet - you cannot address a device on a different NATed subnet. So, it's four layers deep instead of just one or two, each layer is (as you pointed out) the size of the entire ipv4 address space instead of just a chunk of it (which together mean the number of possible addresses is absurdly higher), but also - importantly! - devices on the subnet are actually addressable which cannot be the case with NAT and is a huge change in functionality.

Re:How long will IPv6 last? (1)

icebraining (1313345) | more than 3 years ago | (#34623598)

No, parent is not saying IPv6 works that way, but that IPv6 will give you the equivalent number of addresses.

But if you use the entire address space for your local network, you won't be able to access the internet at all; you can only use reserved IPs, which aren't used on the Internet, or else you might not be able to access some services.

Re:How long will IPv6 last? (1)

Bookwyrm (3535) | more than 3 years ago | (#34623408)

Going to a variable-length scheme is one possible (if tricky) solution.

The major problem is that 'end-to-end' has become blind ideology rather than useful design methodology. As a result, people keep fighting tooth and nail against the very idea of NAT and encouraging development of applications that are tightly coupled to the underlying network.

Instead of pushing for IPv6, there should be an effort towards developing against a more abstract network model such that applications do not care if they are using IPv4 or IPv6 or IPv42, such that protocol translation between different network families can be implemented where necessary.

Or, to answer you question, if networks globally all transition to IPv6, it will last forever because it will bring innovation in the network protocol family to a grinding halt. Even if someone came up with a truly amazing and brilliant network protocol that was provably better than IPv6, it would never get implemented in a world were every toaster oven and garage door opener is built with an IPv6 stack and, due to dead-end-to-dead-end ideology, is unable to communicate with anything but IPv6. Just look at the transition from IPv4 to IPv6 and how long "IPv6 has been just around the corner", then imagine the inertia on migrating from IPv6.

Re:How long will IPv6 last? (1)

Nethead (1563) | more than 3 years ago | (#34623578)

Instead of pushing for IPv6, there should be an effort towards developing against a more abstract network model such that applications do not care if they are using IPv4 or IPv6 or IPv42, such that protocol translation between different network families can be implemented where necessary.

You mean something like the OSI model?

http://en.wikipedia.org/wiki/OSI_model [wikipedia.org]

Re:How long will IPv6 last? (1)

sjames (1099) | more than 3 years ago | (#34623490)

Take every single network interface ever created from the very beginning. They will all fit into just 1 /64 with room to spare. Now, have every machine currently on the Internet replaced with every network interface ever created. Repeat that 4 billion more times and we'll have to start changing standards around a bit to conserve space.

We could give each human cell it's own IPv6 address and still not run out. Not even if we expand to a million other planets.

We have a few to spare...

Re:How long will IPv6 last? (4, Informative)

bcmm (768152) | more than 3 years ago | (#34623572)

Based on current rates of growth and industry trends, how long will it be before the IPv6 space is exhausted?

(Deep breath)
When we have colonised the entire observable Universe (at a (hugely over)estimated one habitable planet per star), our descendants* will be able to own about three-quarters of a million cellphones each.** [wolframalpha.com]

Given how hard this transition is, would it be better to go directly to IPv8

If you mean we should skip a step while we're at it, we are: we're going straight from 32-bit to 128-bit, rather than 64-bit.

* In before "this is Slashdot".
** 715,925 cellphones should be enough for anyone!

Re:How long will IPv6 last? (2, Insightful)

j-beda (85386) | more than 3 years ago | (#34623938)

But, man, is it going to be a pain to switch to IPv8 at that point!

Re:How long will IPv6 last? (1)

marcosdumay (620877) | more than 3 years ago | (#34623644)

Based on current rates of growth, it won't last until the heat death of the universe. But, for the required number of clients to come into reality, we'd have to be displaced through the biggest part of our galaxy, and IPv6 copes very badly with interestelar communication, so we'll need another protocol anyway.

Re:How long will IPv6 last? (1)

Yvanhoe (564877) | more than 3 years ago | (#34623982)

I remember someone actually calculating the density of nanobots you would need per cubic meter in the whole atmosphere to fill the IPv6 address space. You can do it, but that day we will have some more serious concerns...

Dren? (0)

Anonymous Coward | more than 3 years ago | (#34623228)

DREN Chief Engineer? I don't think that means what you think it does [wikia.com] .

No they aren't. (0)

Anonymous Coward | more than 3 years ago | (#34623314)

I work for a military contractor. I can confirm that we a.) have no orders from on high to move to ipv6, and b.) have no plans to move to ipv6. This is most likely just one tiny section of the military - it's by no means across the board.

Re:No they aren't. (0)

Anonymous Coward | more than 3 years ago | (#34623548)

Well.. I'd say that the DREN are. This appears to be a DoD usa-wide engineering research network. By their own admission, DREN is the "official DoD long-haul network for computational scientific research, engineering, and testing [hpc.mil] " -- doesn't sound like they're the military operations type people though.

So... yeah. Given that DREN explictly say they support ipv4 and ipv6, they're almost certainly insisting on ipv6 support on equipment they buy and want a show of good faith from vendors that their ipv6 solutions are good enough that the people selling them actually use them themselves. Makes sense - everyone knows that ipv6 is coming; and a research network can afford to be an early adopter. They're probably big enough to have some clout.

Broade, for example, met the demands by putting some of their own gear in front if its website

Brocade put a pair of its ADX load balancers in front of its Web site to allow incoming IPv6 users to access its IPv4-based content. This pair of load balancers – which would cost around $26,000 -- allowed Brocade to IPv6-enable its Web site, DNS services and mail server.

For them, not a huge cost to land what is probably a fairly decent contract.

However, this does appear a way off from being a US DoD-wide mandate.

Re:No they aren't. (1)

Cwix (1671282) | more than 3 years ago | (#34623838)

What kind of military contractor? If you sell sights for guns, I doubt they care what version IP you use. If you sell software or computer hardware, then apparently they are interested. Either that of your just not important enough to know what the military says to your boss.

I'm okay with this (4, Insightful)

Byzantine (85549) | more than 3 years ago | (#34623324)

As long as they're applying this across the board and not playing favorites (at least not without a damn good in-writing reason), I'm okay with this. I fact, I don't really see IPv6 being adopted soonish absent measures like this.

Re:I'm okay with this (1)

dasdrewid (653176) | more than 3 years ago | (#34624052)

It is kind of funny. I rail and rail against the power and might of the military-industrial complex. Then things like this happen and I am thankful for the DoD for advancing the state-of-the-art in ways that the general market is incapable/unwilling too. It's...frustrating. Why do they have to make things so complex!

Adding IPv6 is not difficult (1, Interesting)

The_Dougster (308194) | more than 3 years ago | (#34623414)

I upgraded my systems to ipv6 even though I just have IPv4 by signing up for a free tunnel broker service. I recommend SixXS [sixxs.net] if you are serious, or one of the others if you just want to flirt around with IPv6. Basically, you open a tunnel on one of the machines, it starts radvd which activates ipv6 on every machine on your LAN automagically, and thats all you do. Perhaps edit a config file here or there to turn on ipv6 if its lacking for some reason. The radvd machine broadcasts on your net and provides something like DHCP for all your ipv6 enabled machines which usually just pick it up on the fly with no reboot or anything required.

What's the big deal? (2)

DeathSquid (937219) | more than 3 years ago | (#34623426)

Anyone with IPv4 addresses can use 6to4 right now to provide IPv6 connectivity. Software support for IPv6 is common, e.g. apache, postfix, etc. Operating system support is widespread, e.g. linux, *bsd, etc.

There are no real barriers to having IPv6 public facing services for vendors except rank incompetence.

Re:What's the big deal? (1)

Bucky24 (1943328) | more than 3 years ago | (#34623462)

Most of the backbone providers haven't fully upgraded their networks to ipv6 because the massive routers and switches that they use are quite expensive.

Re:What's the big deal? (2)

DeathSquid (937219) | more than 3 years ago | (#34623582)

You missed the bit where anyone with v4 connectivity can use 6to4 right now. No need for massive router upgrades or ISP cooperation, etc. Just turn it on. If you plan for a 10 minute upgrade, you'll have time to make a coffee as well. Assuming basic sysadmin competence.

I'm mystified as to why you think switches (which are layer 2) would need upgrading to support IPv6,

Of course, in the longer run, native v6 support from your ISP is highly desirable for optimal routing. But end users don't need to wait for this.

Re:What's the big deal? (1)

Bucky24 (1943328) | more than 3 years ago | (#34623638)

I'm mystified as to why you think switches (which are layer 2) would need upgrading to support IPv6

You're right, for a switch it wouldn't matter.

If you plan for a 10 minute upgrade, you'll have time to make a coffee as well. Assuming basic sysadmin competence.

I imagine most people with basic sysadmin competence have already upgraded. It's the people who a) don't really understand how IPv6 is better, and b) wouldn't know how to upgrade even if they did know that haven't switched over.

Re:What's the big deal? (2)

Nethead (1563) | more than 3 years ago | (#34623812)

You're right, for a switch it wouldn't matter.

Management stack.

Also, most "switches" these days also do layer three. Hell, the Juniper EX-4200 does BGP and it's sold as an enterprise top-of-rack switch.

Re:What's the big deal? (2)

beanpoppa (1305757) | more than 3 years ago | (#34624206)

Not to mention, even my lowly access switches have multicast snooping functionality, which would require IP6 capability to continue function. And non-access distribution and core switches tend to be layer 3 'switches'.

Re:What's the big deal? (2)

segedunum (883035) | more than 3 years ago | (#34623856)

You missed the bit where anyone with v4 connectivity can use 6to4 right now. No need for massive router upgrades or ISP cooperation, etc. Just turn it on. If you plan for a 10 minute upgrade, you'll have time to make a coffee as well. Assuming basic sysadmin competence.

You know, I despair at people who say utterly brainless shit like this because they obviously have not a clue about how large some organisations are and how long it's taken to get their existing network infrastructure sorted and working. You cannot do this in ten fucking minutes.

I'm mystified as to why you think switches (which are layer 2) would need upgrading to support IPv6,

A lot of switching equipment can be protocol aware.

Re:What's the big deal? (1)

Cwix (1671282) | more than 3 years ago | (#34624190)

Go to google and type in layer three switch.

I found this though if it helps you. Emphasis mine.

"Some MLS's are also able to route between VLANs and/or ports like a common router. The routing is normally as quick as switching (at wirespeed). According to Cisco, Level 3 switches are basically routers that switch based on Layer 3 information , the basic difference being processing speed and/or the way they do the switching; Level 3 switches use ASICs/hardware instead of the CPU/software that a router would."

https://secure.wikimedia.org/wikipedia/en/wiki/Multilayer_switch [wikimedia.org]

Re:What's the big deal? (1)

DeathSquid (937219) | more than 3 years ago | (#34624284)

As you quote "Level 3 switches are basically routers". Actually, by definition, using level 3 information *is* routing. Calling them level 3 switches because it is a hardware rather than software implementation ignores basic computer science. But that's no surprise from a marketing department.

Re:What's the big deal? (1)

Bengie (1121981) | more than 3 years ago | (#34624182)

you missed that most backbones have been supporting IPv6 for years. It's ISPs that are dragging their feet.

Now if only the government would do that elsewhere (-1, Offtopic)

erroneus (253617) | more than 3 years ago | (#34623522)

I'm presently in a web developer course -- mostly because my company is paying for it and I will get some paper that can maybe help me change careers -- we don't need to talk about that unless you're just interested. But as I am in Northern Virginia, I meet a lot of people who work for government or contract for and around government. One of my classmates works for the department of state. This person has to deal with sharepoint. Not only does it depend on MSIE but it even breaks MSIE in some ways. (A site created to work with MSIE suddenly becomes weird when loaded into a Sharepoint server... yeah, I am sure a little knowledge and understanding could smooth the problem through, but damn! It's a web page. Should implementing HTML really require special knowledge of a special server? HTML was supposed to be a standard.) Anyway, the MSIE centric nature of government is beyond sickening to me. If the web development classes have taught me one thing, it's that Microsoft is harming the internet and the desktop in ways that people will simply never comprehend fully. It won't be until people finally overcome their dependency on Microsoft that people will begin to see... we're still a long way from that point, but we've made significant progress.

Only half the fight (1)

bwindle2 (519558) | more than 3 years ago | (#34623674)

IPv6-enabled content is the first half... now to get a big ISP to enable it across all their systems (someone like Comcast, but more competent)

Re:Only half the fight (1)

gnapster (1401889) | more than 3 years ago | (#34624144)

Actually, Comcast is currently conducting trials of IPv6 [comcast6.net] with their subscribers. I am not participating right now because I had to cancel my service, but I was very close to participating six months ago.

IPv6 is a Failure (-1)

segedunum (883035) | more than 3 years ago | (#34623898)

I keep hearing this "Oh, you must move to IPv6 now!" as if this can be done with a wave of a wand and completely ignoring the current economic realities of the chicken and egg situation we are in. I've also seen some wankers who think that giving lists of network equipment that supports IPv6 and that they've converted their basement office to IPv6 means that we can all magically start using it.

IPv6 is completely incompatible with IPv4. Don't give me any of that tunnel crap because organisations are going to have to maintain two different network systems within their infrastructure, and to be practically usable it has to be largely forwards compatible as well. Just take a look at the hair-pulling in mixed IPv4 and 6 networks with things like Windows Server. The hard requirement should have been a direct addition to IPv4 that would be as backwards compatible as possible, but no, the IPv6 weenies decided that we should be 'saved' from all of the mistakes of IPv4. This is where computer people are derided in other industries because they won't do what is necessary to keep the systems going we have now, warts and all. You don't rip out sewer systems and replace them with something you think is far better.

Solutions? There's a few and they are just unpalatable things we are going to have to swallow:

1. Auditing of all public facing systems and as much IP address sharing as possible.
2. Much IP address usage on the web has been brought about by SSL. SNI virtual hosting will help there.
3. IP addresses will get much more expensive and any unused IP addresses will simply be taken off you.
4. Far, far greater use of NAT and the sharing of external services via as few IP addresses as possible.
5. Beyond that we will probably have some sort of DNS extension where you can find a particular service on a port on an IP address with systems behind NAT.

IPv4 is here and is not going away. IT and computing people need to learn the hard way what is required in building and keeping infrastructure that is heavily relied on going.

Re:IPv6 is a Failure (2)

PsykoDemun (1785890) | more than 3 years ago | (#34624092)

Following your argument: I live in Northern Virginia. They are constantly doing road construction here. Why? Why didn't they just plan out for today's traffic needs thirty years ago? That is the argument you are using. A technology that was designed in the 70's was supposed to miraculously anticipate the explosion of the internet and net enabled/connected devices that we are seeing today. That is a logical fallacy. That's like saying the roads that they built in the early 1900s should have been ready to rock when automobiles hit the big times in the late 40's to early 50's. Humans have consistently failed to accurately predict even thirty years in the future since the industrial revolution. It will only get worse as progress continues to accelerate.

Re:IPv6 is a Failure (4, Insightful)

Xugumad (39311) | more than 3 years ago | (#34624130)

IPv6 has been around since 1998 ( http://tools.ietf.org/html/rfc2460 [ietf.org] ). That's Windows '98/NT territory. If Windows Server can't handle it, it's not because it hasn't had long enough to be tested in that configuration.

To address your ideas in turn:

1. Auditing by who? The first crisis with IPv4 allocation is the inability to allocate new chunks. Organisations with enough IPv4 addresses already aren't going to be bothered by this for a long time.

2. So... you're avoiding the cost of configuring networks to be dual protocol, by re-configuring servers... why is that necessarily cheaper?

3. Reclaiming IP addresses is akin to solving a lack of phone numbers for the NY area by claiming back some from a less populated state. It would rapidly lead to routing tables that are infeasibly complicated.

4. Again, you're suggesting an alternative way of investing time to solve a problem instead of solving it properly, and I'm not sure why this is inherently faster.

5. Possibly some variation on the SRV records, but... again, why is replacing every OS world-wide (absolutely nothing supports that, so everything will need upgrading) cheaper than enabling IPv6 on systems that are already out there?

Sticking with IPv4 means constructing an ever more elaborate set of workarounds on top of each other. For a while it will work, but I can't see the result remaining workable, or being cheaper in the long term.

Re:IPv6 is a Failure (0)

Anonymous Coward | more than 3 years ago | (#34624170)

Of course IPv4 isn't going away. The IPv6 address space is a superset of IPv4.

Re:IPv6 is a Failure (1)

Bengie (1121981) | more than 3 years ago | (#34624234)

Nearly all infrastructure has supported IPv6 for A LONG TIME. All major OS's have supported IPv6 transparently for the past 1-2 years. The only thing left is ISPs to set aside some of their huge cash flow and upgrade. If a company hasn't been preparing for IPv6 over the past 6 years, that's their own fault. Seems to me that any competent network admin thinks IPv6 is cake. It's all the people who are scared of learning something new that spread FUD.

IPv6 is almost the same as IPv4, except with IPv6, you don't have to worry about IPs, you can logically group IPs together and waste ranges to make things more logical.

Re:IPv6 is a Failure (0)

Ultra64 (318705) | more than 3 years ago | (#34624262)

NAT is a desperate kludge that breaks end to end network connectivity thus preventing things like Skype, et. al from working without a centralized server.

NAT is bad and you are Hitler for suggesting it.

I'll move to IPv6 (1)

AVryhof (142320) | more than 3 years ago | (#34624118)

....as soon as Consumer/SOHO routers that support it are in the right price range.

Right now, the lowest priced item on Newegg that comes up for IPv6 is a cable modem, which I don't need, and that's $77.

Then there is the Cisco router starting at ~$133 on sale.

OpenWRT does it, and it looks nice, but I don't have the time to fiddle with flashing a router right now.

When are we going to see a company hack something together with inexpensive chips, and flash that is dedicated to just running OpenWRT, then sell it?

Re:I'll move to IPv6 (2)

blueg3 (192743) | more than 3 years ago | (#34624146)

...but I don't have the time to fiddle with flashing a router right now

Ten minutes of your time is that expensive?

Re:I'll move to IPv6 (4, Informative)

Drakino (10965) | more than 3 years ago | (#34624276)

Newegg doesn't sell them, but the Apple Airport Express (and any 802.11n based Apple router) supports IPv6. $99 and up. Buffalo had one out in 2007, before their WiFi lawsuit, and has a few more out now. DLink does too.

http://www.sixxs.net/wiki/Routers [sixxs.net] has a good list.

It will be interesting to see what router manufacturers decide to be nice and offer IPv6 formware upgrades, and which ones push people towards new equipment.

Too little, too late... (4, Insightful)

bertok (226922) | more than 3 years ago | (#34624148)

There might be some pressure in the States to push IPv6 adoption, but there's none here in Australia.

Every consulting project I've been on in the last two years, I've asked this standard question: "Do you have a business requirement or mandate to deploy IPv6 now or in the future?"

Inevitably, the answer is "No."

Here in Australia, at both private enterprise and government, nobody has even begun to think about IPv6 at any level. Nobody requires IPv6 capability when purchasing software or equipment, and even when the capability is available, nobody turns it on. The more "IPv6 aware" clients turn it off to avoid compatibility issues. Even when I offer to implement IPv6 for some new system ("no extra cost, I'll just turn it on"), nobody wants it.

Pure IPv6 networking will be particularly hard to implement. I've tried experimental setups with products from various vendors. The usual result is that with IPv6 only most things work, but some things break. Stop and think about this for a moment: imagine if that sentence was: "the usual result is that with IPv4 addresses most things work, but some things break." That would be totally unacceptable for any enterprise software, yet it's "perfectly acceptable" for every major vendor to ship software where that's the situation with IPv6, because... nobody cares. The failures are often quite pathetic too, like dialog boxes that require an IPv4 address to be entered, even if it's never used or needed, or only accept IPv4 address for things like DNS servers. Clearly vendors have never tested their products in pure IPv6 environments, or did test them and decided it's too much effort to fix for something nobody cares about.

Let me whip out my crystal ball and predict that when IPv4 addresses run out and organisations scramble to implement IPv6, it's going to be a rush job, and we'll start hearing horror stories of incompetent admins that inadvertently bypass or break firewall rules by enabling IPv6 and cause major issues. These reports in turn are going to scare off management, who'll assume "IPv6 is bad", because they "read about some horror story of how Incompetent-r-Us Pty Ltd was hacked when they turned IPv6 on, hence, IPv6 must be insecure". Combined with stories of broken software and issues like IPv6-connected browsers waiting 30-60 seconds for IPv6 requests to time out, I'm certain that nobody is going to start using it until absolutely forced to.

It's a bad, bad sign that all the major websites like Google and Facebook have "ipv6.normalurl.com". That's because practical IPv6 implementations are often broken, and if enabled it on the main website, it breaks it for a huge fraction of users. If Google and their like can't implement IPv6 transparently without issues, and are forced to create "experimental" websites, then what hope does the typical admin have?

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...