Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comcast Begins Native IPv6 Deployment To End Users

Unknown Lamer posted more than 2 years ago | from the 18-quintillion-addresses dept.

The Internet 326

First time accepted submitter Daaelarius writes "Comcast has begun deployment of Native IPv6 access to end users. The deployment is starting out small with a single market, but is expected to expand rapidly. They have provided ... more in depth technical details." Finally; native dual-stack IPv6 for home customers. Perhaps we can avoid a post-exhaustion future of NAT-upon-NAT and use restrictions.

cancel ×

326 comments

Sorry! There are no comments related to the filter you selected.

Yeah right (1)

bugs2squash (1132591) | more than 2 years ago | (#38001350)

until every light switch and toaster has its own /64

Re:Yeah right (2, Interesting)

nepka (2501324) | more than 2 years ago | (#38001446)

Personally I think not being directly connectable (ie., behind NAT) is good security wise. It acts as a nice and easy firewall.

Re:Yeah right (2, Interesting)

characterZer0 (138196) | more than 2 years ago | (#38001496)

Unless you want to be directly connectable.

Re:Yeah right (-1)

Anonymous Coward | more than 2 years ago | (#38001538)

And why would anyone but an idiot want to be directly connectable to others on the Internet at large?

Re:Yeah right (0, Redundant)

Anonymous Coward | more than 2 years ago | (#38001580)

Maybe if you know what your doing securitywise and would like to connect to your own devices at home without the assistance/knowledge/intrusion of your ISP or third party intermediary?

Re:Yeah right (1)

nepka (2501324) | more than 2 years ago | (#38001706)

What does NAT have to do with ISP? Just forward the ports you need to.

Re:Yeah right (0)

Anonymous Coward | more than 2 years ago | (#38002012)

If I have multiple computers on my home network, how do I connect to the one that I want?

Re:Yeah right (1)

Eggbloke (1698408) | more than 2 years ago | (#38002042)

Surely port forwarding can forward to a specific IP address?

Re:Yeah right (2)

Grishnakh (216268) | more than 2 years ago | (#38002170)

Exactly, this is really quite trivial, and AC seems to be rather ignorant. Just set up port 23 for computer A, port 24 for computer B, port 25 for computer C, etc. Then ssh to 111.222.333.111:24 when you want to connect to computer B.

Re:Yeah right (-1)

Anonymous Coward | more than 2 years ago | (#38001582)

1) being able to serve content
2) easy remote desktop

Re:Yeah right (0)

Anonymous Coward | more than 2 years ago | (#38001650)

So protocols like bittorrent actually work.

Exactly! (0)

Anonymous Coward | more than 2 years ago | (#38001760)

And why would anyone but an idiot want a phone number or postal address that can be reached by the public at large??

Re:Exactly! (1)

0123456 (636235) | more than 2 years ago | (#38001898)

And why would anyone but an idiot want a phone number or postal address that can be reached by the public at large??

Exactly. Who wants to have to deal with idiot marketing calls all the time?

Re:Yeah right (2)

neonKow (1239288) | more than 2 years ago | (#38002084)

I agree. There's almost nothing you need to do right now that requires you be directly connected, even in a commercial environment, much less a home environment. You don't need to be directly connected to the internet to host webpage or for bittorrent to work. You only need a single port for each of those, and sticking those behind a gateway/bastion host is fantastic.

Maybe if IPv6 takes off, we'll want to be able to configure all our devices remotely, but that is not the case for most home users today. We're suffering from too much access to machines, not too little.

Re:Yeah right (5, Insightful)

vlm (69642) | more than 2 years ago | (#38001604)

not being directly connectable (ie., behind NAT)

WRONG.

on ipv4 NAT is generally implemented as a stateful firewall that also rewrites addresses.

There is absolutely nothing preventing a firewall on ipv6 that is stateful, that leaves addresses alone.

The security gain comes from the stateful firewall, not the rewriting addresses.

Re:Yeah right (1)

JDG1980 (2438906) | more than 2 years ago | (#38001766)

Do you really think the average end-user has any idea what a stateful firewall is? Hell, I work in the IT field, but generally don't deal with this side of things and couldn't give a detailed breakdown on the difference between a stateful and non-stateful firewall.

Currently, non-technical users can get reasonably decent protection just by plugging in an off-the-shelf router, since it does NAT and this requires a firewall by default. If IPv6 leads to users plugging unsecured devices directly into the public Internet, it will be step backward in security, not forward. Technobabble doesn't change that.

Re:Yeah right (3, Insightful)

tchuladdiass (174342) | more than 2 years ago | (#38001906)

And what makes you think that the IPv6 off-the-shelf routers won't default to a stateful firewall? In fact, I can't see any vendor not enabling that by default, and advertizing it in big bold letters (not the techno-jargon, but "Buy this box and keep the hackers out"). And the ISPs are likely to include such functionality in their cable/DSL modem, since they could benefit from fewer zombies on the network.

We already have the problem with IPv4 (3, Informative)

zerofoo (262795) | more than 2 years ago | (#38002048)

I've seen plenty of people plug their cable modems right into the back of their computer with no firewall of any kind. Thankfully, most operating systems ship with a software firewall - it's better than nothing. Most of these types of customers bought a nat box, not due to security concerns, but to get wireless connectivity.

IPv6 direct connectivity will be a problem ONLY if end users plug all of their devices into a switch and those devices lack a software firewall. I don't know of any "non-technical" home users that have such a switch. Everyone seems to have a "nat box" simply for wireless connectivity. I suspect people will not go buy a dumb switch and access point, simply because they do not know what they are.

I suspect most people will go buy an "IPv6 capable" firewall/switch with built in access-point. End users will have no idea that they no longer use nat - hell most probably don't even know they have it now.

-ted

Re:Yeah right (2)

silas_moeckel (234313) | more than 2 years ago | (#38002196)

They still need a box at there end just like the box they use for nat now. IPv6 will not lead to bridged networks to you ISP. You you have two options plug one pc directly into the box or get a CPE router this is the exact same choice they have now IPv6 is changing nothing. Hell in some ways it's better since the newer telco CPE gear is generally configured as a router with firewall and moving to IPv6 will require new cpe gear for most. One of the big reasons for giving customers more than one public subnet is so they can have multiple routed subnets that just work. Ever seen that scary friend that plugs a netgear into a airport into an AT&T dsl box? 3 distinct layers of nat sometimes overlapping IP address ranges 192.168.0.x plugged into 10.0.0.x plugged into 192.168.0.x and wonders why things do not work? Tried finding a straight wired switch of a wireless bridge? 5 port + wireless cpe routers are dirt cheap, you average clueless customer buys those they have statefull firewalls.

Re:Yeah right (1)

Anonymous Coward | more than 2 years ago | (#38001836)

More importantly, the most common implementation of NAT in front of end user networks, the Linux kernel, cleanly separates the NAT functionality from the firewall functionality. NAT does not prevent packets from being addressed directly to the local hosts with private addresses. Without the firewall configured, most routers will happily allow external hosts to connect straight through to inside hosts. If you can route these packets to the external interface, NAT is not going to get in the way.

Re:Yeah right (3, Interesting)

dch24 (904899) | more than 2 years ago | (#38001932)

Mod parent up.

Additionally, many other carriers are already seeing IPv4 exhaustion (due to their own wastefulness in the RFC1918 address space). They are co-opting DoD /8's within their network to try to overcome the problem. [source [ycombinator.com] ]

I'll skip the obvious stupidity of "stealing" IPv4's from the DoD. But instead of deploying Carrier-Grade NAT, they're divvying up the internet. In one place, 28.0.0.0/8 takes you to one machine, in another place it takes you somewhere else.

It sounds like the IPv4 internet is going to fall apart simply due to negligence. How's that for an IPv6 killer app?

Re:Yeah right (0)

Anonymous Coward | more than 2 years ago | (#38002054)

I upmodded two of vlm's posts today. Am I having a stroke?

Re:Yeah right (1)

Anonymous Coward | more than 2 years ago | (#38001626)

Personally you think that, and as a good person that should be good enough, right?

You should -- personally, that is -- reconsider that position. NAT was just a horrible horrible crutch until we got to IPv6. NAT does *not* provide *any* security that other solutions can't provide better.

To provide for typical home-user level NAT security with IPv6, all a firewall needs to do is allow outgoing connections and deny incoming connections. Very simple. Heck depending on the tradeoffs you want to make, such a firewall can be stateless (read: you can power cycle it all day long and your download won't be interrupted).

You can have BOTH security *and* not break TCP/IP networking with NAT-free IPv6. All we need to do is re-educate the brainwashed masses who presume NAT == security.

Re:Yeah right (2)

gman003 (1693318) | more than 2 years ago | (#38001632)

That relies on security through obscurity. If you rely on not being publicly visible, you're doing it wrong. Shut down or secure any unneeded port-bound services, and install a basic firewall on the router to only let the ports you need out (just port 80 may be enough).

Plus, just finding a device on IPv6 can be hard. Given a 64-byte ICMP packet and a gigabit ethernet connection, it would take just under 300,000 years to ping every potential host in a /64. You want security through obscurity? Set your DHCP server to spit out addresses from some random offset instead of from ::1.

Re:Yeah right (0)

Anonymous Coward | more than 2 years ago | (#38001742)

You do know that IPv6 uses autoconf, not DHCP, right?

Re:Yeah right (1)

0123456 (636235) | more than 2 years ago | (#38001962)

That relies on security through obscurity. If you rely on not being publicly visible, you're doing it wrong.

How are you going to hack into my webcam when it has no publically visible IP address? In order to hack it you need to already be on my internal LAN, so my security is already toast.

Re:Yeah right (0)

Anonymous Coward | more than 2 years ago | (#38001720)

NAT is never good. A default firewall rule that only allows in established connections is the proper way.

Re:Yeah right (1)

silas_moeckel (234313) | more than 2 years ago | (#38002036)

And anything that can do nat can do state-full fire-walling. I'm tunneled ipv6 at my home it's just as secure as my comcast connection since it's using the same firewall rules. Just because nat requires a firewall to function does not make it a good idea. Lets also remember where nat has one IP thats exposed to be attacked, a ipv6 user is given 1*10^24 IP's finding IP's to attack at random is neigh impossible if the firewall has any intelligence. Sure you can attack IPv6 boxes by finding the IP via other methods. There are already standard being developed so that desktops can grab lots of random IP's used for a short time for there outbound connections to help thwart that.

Re:Yeah right (-1)

Anonymous Coward | more than 2 years ago | (#38002118)

Fuck you, you're the problem. Use an outbound-only firewall if you want a firewall. Don't break end-to-end connectivity because you read a oneliner in an online security article.

Re:Yeah right (5, Insightful)

GPLHost-Thomas (1330431) | more than 2 years ago | (#38002176)

That's reverse thinking. If you need a firewall, setup a firewall, don't setup NAT instead.

Re:Yeah right (5, Informative)

BlueParrot (965239) | more than 2 years ago | (#38001526)

People underestimate the address space in IPv6 when they make remarks like this.

In principle IPv6 could hold more than 10^38 addresses. Now due to structuring and various reservations and so on there is considerably fewer. So for the sake of argument, let's say it is "only" 10^20. That's still enough that for every present IPv4 address you could add an entire internet and still have addresses left over.

What this means is that even if ISPs were incredibly wasteful and basically trashed 99.9% of the address space due to bad practices, you'd still have millions of addresses for every person in the world.

Re:Yeah right (2)

Fujisawa Sensei (207127) | more than 2 years ago | (#38001646)

Don't worry, the'll find a way of fucking this up too. It my take awhile, but you should never under estimate an idiot, idiots are too inventive.

Re:Yeah right (1)

digitalsushi (137809) | more than 2 years ago | (#38001892)

What does that even mean?

Re:Yeah right (0)

Anonymous Coward | more than 2 years ago | (#38001950)

Read the Darwin Awards sometime, they you'll see how absolutely brilliant some idiots can be. They're always finding ways to work around safeguards getting themselves evicted from the gene pool.

Re:Yeah right (1)

noems (942524) | more than 2 years ago | (#38002200)

lol

Re:Yeah right (0)

Anonymous Coward | more than 2 years ago | (#38002220)

What does that even mean?

I won't get into what that means (it seems pretty obvious to most, I'd say), but what YOUR reply means is that you clearly don't deal with people much at all, ever, up to and including the point where you cloister yourself away from the real world and only ever converse with a very limited set of people who share all your interests and talents.

In short, you're the sort of person who gave internet users a bad name. In the 90s.

Re:Yeah right (2)

jc42 (318812) | more than 2 years ago | (#38002066)

Don't worry, the'll find a way of fucking this up too. It my take awhile, but you should never under estimate an idiot, idiots are too inventive.

Nah; the ISPs already know just how to do it, and it doesn't require an idiot. All they need to do is use the same method they've used with IP4: They only accept one address at your site, and discard any packets that didn't come from that address or is sent to that address. If you want N addresses, you'll have to pay N x $X, where $X is their current price for a routable address.

It really doesn't matter how many gazillions of addresses IPv6 makes available, you will only get one. Addresses are a commodity, to be leased for a profit.

The phone system has worked this way since the beginning of phone numbers, and nobody ever complained. The phone system also has "extension" numbers, which in the IP world are called "port" numbers. But the ISPs have caught onto this, and most of them now block lots of your port numbers. They can do the same with IPv6, with the code they already have. So if they like, they can also charge you extra for not blocking a port. They do this with IPv4 around here, where you have to pay double for a "home business" account if you want ports 21 or 25 or 80 or anything >1023 unblocked.

Can you think of any reason they can't implement exactly the same limits with IPv6 that they currently have with IPv4?

(It is sorta funny that the old phone companies never caught onto this. They could have signed you up for a phone, and then when you complained about blocking, they could say "Oh, you didn't say you wanted to accept incoming calls. That'll be another $45/month. Shall I sign you up?")

Re:Yeah right (1)

cayenne8 (626475) | more than 2 years ago | (#38002244)

They can do the same with IPv6, with the code they already have. So if they like, they can also charge you extra for not blocking a port. They do this with IPv4 around here, where you have to pay double for a "home business" account if you want ports 21 or 25 or 80 or anything >1023 unblocked.

Hmm...I only pay $70/mo for my 'business' account I have at home. I get static IP, no ports blocked, no data caps, can run any servers I want...etc.

I think its a pretty good deal....with decent speeds. $70 is double what most people pay for normal consumer access at home these days? I thought it was a bit more than $35/mo.....?

Re:Yeah right (-1)

cyborg_monkey (150790) | more than 2 years ago | (#38002190)

you are a complete moron.

Re:Yeah right (1)

bugs2squash (1132591) | more than 2 years ago | (#38001654)

Well that's my concern in a nutshell. That this huge address space will be fragmented to the point where it will be unable to cope with demand for the next generation of networks, not a rehash of the internet that we know and love, but a new world with new and radically different requirements. It's all well and good having a new system that does a much better job of what we do today, but suppose I want a network for each item of clothing I wear, or each particle in my intelligent dust cloud.

Re:Yeah right (0)

Anonymous Coward | more than 2 years ago | (#38001746)

If you personally had 4B IP addresses and had 100,000 articles of clothing, each article could have 40,000 IP addresses. I don't forsee a problem.

Re:Yeah right (1)

Hognoxious (631665) | more than 2 years ago | (#38002018)

I do. What if you allocated 3,999,999,999 IP addresses to one sock?

IIRC this happened in the early days of the internet, except the sock was MIT.

Re:Yeah right (1)

Bookwyrm (3535) | more than 2 years ago | (#38001902)

The bigger problem is because of the ideological dead-end-to-dead-end design, when every one's toaster and light bulb have an IPv6 address, and the anti-NAT zealots have one, is that upgrading to the next generation of networks will be impossible. The inertia caused by having to have everyone upgrade every light bulb and toaster to a new standard will block any advancement in networking technology.

Re:Yeah right (2)

BlueParrot (965239) | more than 2 years ago | (#38001678)

I should add, that my "for the sake of argument" of 10^20 is an EXTREMELY conservative estimate. In practice the IPv6 address space has an amount of addresses that is greater than the number of stars in the universe.

Re:Yeah right (0)

Anonymous Coward | more than 2 years ago | (#38001978)

And for the sake of argument, how much more expensive will searching that address space be? And don't tell me LISp is going to fix it.

Re:Yeah right (4, Funny)

Tuan121 (1715852) | more than 2 years ago | (#38002210)

So what you are saying is that we'll have to do a NAT behind the Sun once ipv6 is allocated to every solar system in the universe?

Fuck.

Re:Yeah right (0)

Anonymous Coward | more than 2 years ago | (#38001826)

My ISP assigned a /48 IPv6 subnet to my home DSL: that's wasting at least 99.9999999999999999999 %

Re:Yeah right (1)

digitalsushi (137809) | more than 2 years ago | (#38001930)

It seems wasteful, but it's a convenient boundary to assign to a customer. v6 makes heavy use of 64 bit subnets. An ISP dolling out 48 bit prefixes can expect their customers to use 16 bits for subnetting information, so customers can reasonably have 65,000 networks to do with as they please.

Look at a 6to4 address: 2002 + your v4 address + ABCD (whatever the heck you want) + 64 bits chosen by your computer.

Re:Yeah right (0)

Anonymous Coward | more than 2 years ago | (#38001566)

Wouldn't you want to have your Android/Iphone alert you via SMS while you are in the shower (with phone on the sink counter) that your toast is about to burn? :)

Re:Yeah right (3, Funny)

Klync (152475) | more than 2 years ago | (#38001630)

If you can't cook toast, then you probably shouldn't be bringing your phone in the shower with you, either.

Re:Yeah right (1)

dpilot (134227) | more than 2 years ago | (#38001662)

No, I'd want my toaster to alert me, not my phone. I'd want my phone to alert me that YOU are trying to call me while I'm in the shower, giving me the pleasure of knowing that I'm not answering your call.

Old-tech solution (1)

SuperKendall (25149) | more than 2 years ago | (#38001714)

My solution has always been to bring the toaster into the shower with me so I do not require a notification.

Or at least that's my plan now, I'll implement that right awaZORCH

Re:Yeah right (3, Insightful)

Bill, Shooter of Bul (629286) | more than 2 years ago | (#38001774)

If my toaster is smart enough to realize that the toast is burning, and communicate that fact to another device, it should be capable of not burning the toast in the first place.

Re:Yeah right (1)

Grave (8234) | more than 2 years ago | (#38001942)

Sorry, union regulations prohibit the toaster from ejecting until the timer gives approval.

Re:Yeah right (2)

Hognoxious (631665) | more than 2 years ago | (#38002034)

I like my toast burnt, you insensitive clod!!!!

Curious what else will accompany it (-1)

ackthpt (218170) | more than 2 years ago | (#38001356)

So you get a new box .. does it have anything sponsored by *IAA or DHS to keep tabs on your traffic?

Of course I'm paranoid - I read Slasdot!

Re:Curious what else will accompany it (1)

digitalsushi (137809) | more than 2 years ago | (#38001588)

Well, Dual Stack Lite is going to be their long term IPv4 availability, which removes NAT from the CPE and shifts it up into the ISP layer. So all of your transactions will be manipulated inside the ISP's AFTR element, which would be a very convenient place to mine your data stream for goodies. But that would be paranoid to think they would do that. Especially when they could do it anywhere else just as easily!

So, as an end user... (1)

cayenne8 (626475) | more than 2 years ago | (#38001362)

...what all do I have to do and change to use this?

I'll not still use NAT for my home network for all my devices that I authorize to use the wireless router...etc?

What does the regular user have to do to use this...and what exactly is going to push him to change his whole home network along with all the devices he currently has on there (tv's, ipads, laptops, desktops, toasters...etc)?

Re:So, as an end user... (3, Informative)

tuffy (10202) | more than 2 years ago | (#38001530)

The idea is that the end user is still going to keep all his devices behind a firewall so everybody on the internet can't probe them. But since your toaster has its own actual address, it can connect directly to the Online Toasting Database server without having to kludge all that traffic through a NAT.

Re:So, as an end user... (1)

scubamage (727538) | more than 2 years ago | (#38001996)

Most modern OS's already have dual stack support (windows vista forward on the windows side, I know red hat had it as far back as version 5) so there shouldn't be any change there. But because it is a dual stack deployment, your average home user wont have any issues or need to swap out any equipment - at least for the time being.

Timing (-1)

rednip (186217) | more than 2 years ago | (#38001376)

That's what I call timing, I just swapped back to Comcrast from Fios, Yay!

It's a start (1)

talexb (223672) | more than 2 years ago | (#38001410)

Kudos for Comcast for finally getting the ball rolling on IPv6. A /128 address gets their foot in the door, and as their post says, they can expand it later.

Available in my area? (1)

tmc3 (2504144) | more than 2 years ago | (#38001482)

When is it going to be available nationally instead of a couple of markets?

Re:Available in my area? (4, Funny)

chill (34294) | more than 2 years ago | (#38001514)

Right after they test with the current demographic -- people with one computer that is directly connected to the cable modem.

This should go quickly, since every one of those people is already a zombie spam-bot.

Kudos (1)

IamTheRealMike (537420) | more than 2 years ago | (#38001524)

It's rare to see companies take such a long term view of their business, but Comcast sure is doing it now. I know from seeing it being done at work, huge IPv6 deployments are not trivial things!

Re:Kudos (1)

characterZer0 (138196) | more than 2 years ago | (#38001992)

Rolling out IPv6 could have been considered taking a long term view a decade ago. With IPv4 exhaustion looming, starting the roll-out now is just short of required. Sadly, looking out past the end of the current quarter is considered "long term" nowadays.

Static IP? (1)

timeOday (582209) | more than 2 years ago | (#38001528)

With IPv6 addresses being so plentiful, does that mean it should never have to change? I've been running a webserver and mailserver on my Comcast account since it was an @Home account (10+ years) and my IP rarely changes, but occasionally it still does.

Re:Static IP? (1)

digitalsushi (137809) | more than 2 years ago | (#38001616)

IPv6 addresses change all the time. They're really good at it. You should learn how DNS works, because it's going to be your new best friend if you ever want to find your needle in the v6 haystack. Even better, you can have a pile of v6 addresses on a single interface, instead of the paltry one v4 address.

Re:Static IP? (1)

Karl Cocknozzle (514413) | more than 2 years ago | (#38001882)

Even better, you can have a pile of v6 addresses on a single interface, instead of the paltry one v4 address.

Who told you an interface could only have one ipv4 address? This is just flat-out incorrect.

Re:Static IP? (2)

Wonko the Sane (25252) | more than 2 years ago | (#38001888)

Who told you an interface could only have one ipv4 address?

Windows 98

Re:Static IP? (1)

digitalsushi (137809) | more than 2 years ago | (#38002024)

How do you do it without aliasing the interface?

One IPv4 address per interface? (1)

janeuner (815461) | more than 2 years ago | (#38001904)

Must be a relic of an operating system.

Re:One IPv4 address per interface? (1)

Ant P. (974313) | more than 2 years ago | (#38002094)

Yeah... even something as brain-dead as Windows 2000 supports multiple IPv4 assignment.

Re:Static IP? (1)

laffer1 (701823) | more than 2 years ago | (#38001686)

You could always get a business class account like I did. Then you get 5 static IPs allocated to you that never change. I've even moved and they ported the IPs with my account. Not to mention it's faster and you get more upstream bandwidth.

Yea! (1)

twmcneil (942300) | more than 2 years ago | (#38001558)

IPv6 deployment - Yea! Wait, it is Comcast. Ok, what's the catch?

Re:Yea! (0)

Anonymous Coward | more than 2 years ago | (#38001624)

The catch? It's comcast. That's the catch!

At least it isn't verizon, though...

Loved FiOS, hate verizon.

Re:Yea! (1)

digitalsushi (137809) | more than 2 years ago | (#38001668)

The catch is that they ran out of 10/8 space for their Internal network and weren't stupid enough to overload it. They deployed v6 to manage the cable modems, and then cable modems needed to be v6, and that was convenient since they're starting to run out of public space addresses, too. Those addresses can't be helped, and they're going to get sucked back into the ISP on the NAT level. Yes, all that malarkey about sharing public v4 addresses with your neighbors is a mathematical inevitability. Read through some current RFCs for a public conversation they are having on the topic of how many customers can you fit on a single v4 address.

Re:Yea! (1)

Anonymous Coward | more than 2 years ago | (#38002068)

The catch is that they ran out of 10/8 space for their Internal network and weren't stupid enough to overload it.

We also ran out of 172.16 :(. You have no idea how much of a PITA it is to get an internal adress around here. And yes Comcast has been a huge pusher for IPv6 for quite some time now, both through cable labs and directly thought our vendors.

Re:Yea! (1)

janeuner (815461) | more than 2 years ago | (#38001808)

I've been using Comcast's IPv6 6rd since it launched over a year ago. In the first few months, there were several instances with parts of the IPv6 global network were down, but those problems were corrected within a couple days.

All said, Comcast has been out in front of this compared with the other US ISPs. They should be commended (on this issue, at least).

How are they going to charge for this? (1)

JonahsDad (1332091) | more than 2 years ago | (#38001596)

Extra charge for allowing you access to IPv6?
Extra charge for staying with IPv4?
Extra charge for keeping your IPv4 if you also want IPv6?

Re:How are they going to charge for this? (1)

Samantha Wright (1324923) | more than 2 years ago | (#38001692)

All three! Think of it less as an extra charge and more like "a way to customize what your new, bigger bills say". :)

$5-$8 Per IPV6 IP just like cable boxes (0)

Anonymous Coward | more than 2 years ago | (#38001734)

$5-$8 Per IPV6 IP just like cable boxes

Re:How are they going to charge for this? (1)

janeuner (815461) | more than 2 years ago | (#38001858)

IPv6 6rd has been freely accessible since early 2010.

Re:How are they going to charge for this? (0)

Anonymous Coward | more than 2 years ago | (#38002028)

Here is the link to setup 6to4 on the Comcast network

http://www.comcast6.net/6to4-config.php

From another perspective... (1)

dpilot (134227) | more than 2 years ago | (#38001694)

It's lock-in. Once you've gone IPV6, who's going to want to go back. You'll be a Comcast customer until FIOS, DSL or whatever other competition might actually exist catches up.

Re:From another perspective... (1)

Wonko the Sane (25252) | more than 2 years ago | (#38001730)

Once you've gone IPV6, who's going to want to go back.

Do you think a significant proportion of their users actually would know or care what the difference is?

Re:From another perspective... (1)

Anonymous Coward | more than 2 years ago | (#38001822)

Providing a better service with an open standard is not lock-in: it's being better. Lock-in would be doing IPv6 some sort of Comcast-only way.

Re:From another perspective... (1)

janeuner (815461) | more than 2 years ago | (#38001940)

Charter was about a year behind with IPv6 6rd, but they are likely to catch up quickly.

There will be no IPv6 transition (1, Flamebait)

RoLi (141856) | more than 2 years ago | (#38001736)

The problem is that there is no benefit in using IPv6 as long as there are no IPv6-only services.

Therefore, it is unlikely that IPv6 can be rolled out successfully [in-other-news.com] .

Re:There will be no IPv6 transition (1)

neiko (846668) | more than 2 years ago | (#38001794)

Just like there weren't any IPv4-only services in the beginning? What kind of an argument is that?

Re:There will be no IPv6 transition (1)

Karl Cocknozzle (514413) | more than 2 years ago | (#38002186)

Just like there weren't any IPv4-only services in the beginning? What kind of an argument is that?

A good one. It's your response that isn't a good argument... There were no IPv4 services prior to the Internet. But there ARE legacy services prior to the IPv6 internet. And the popularity of these legacy services mean implementing a forklift-upgrade to IPv6 is simply economically impossible for the reasons listed in the linked article, specifically:

  • Just Internet Infrastructure is 40,000 man-years of work to complete.
  • Internetal business networks could run into the trillions of man-years to complete.
  • Even if we did all of this, end-users still don't have a clue what we're talking about, and don't want to change their internal networks that they worked so hard to make work in the first place. Until you can get the end-users changed over, the infrastructure and business network changes will never happen.

Re:There will be no IPv6 transition (1)

Karl Cocknozzle (514413) | more than 2 years ago | (#38002134)

The linked article echoes what I've been saying for years now: IPv6 is lab technology, cool, interesting but essentially pointless as anything other than a conversation piece in real life. Converting all of the internet would require 40,000 man-years of labor to complete... Conservatively. And that doesn't count even a second of work for changes to internal networks to get to an "All IPv6" network so we can actually have "end-to-end" connectivity. Honestly, who wants it? Who needs it? If I need end-to-end connectivity between two sites I use a VPN or use a private WAN service. Even if I could flip a switch instantly turning the entire internet into perfect IPv6 harmony, and every workstation/laptop/mobile device on earth instantly into perfect configuration, we still wouldn't have "end-to-end" connectivity because nobody in their right mind actually wants that.

IPv6 (0)

Anonymous Coward | more than 2 years ago | (#38001758)

I always have mixed feelings about it. On paper, it's amazing and blows IPv4 out of the water.
However, while sure now your (everyone keep saying toaster so why not) toaster can now connect directly to the web, now also your ISP can see exactly how many devices you're attaching to the internet.
ISPs (or at least the ones in America) do anything and everything they can to squeeze more money out of the customer. I'm willing to bet it's only a matter of time before you're paying for internet per device.

Re:IPv6 (1)

nurb432 (527695) | more than 2 years ago | (#38001960)

now also your ISP can see exactly how many devices you're attaching to the internet.

And since comcast is really just a cable TV company at its core, they will charge you per device.

I'm assuming that something like PFsense or a timecapsule will still work as a NAT device?

Re:IPv6 (1)

digitalsushi (137809) | more than 2 years ago | (#38001998)

That notion is very alarmist and 1990's era. An ISP can make a pretty good guess of how many lan devices you have using million dollar stat boxes, like sandvine makes. They dont care. ISPs are all media providing machines on another face and they know all your lan devices are just media consuming vehicles with credit card slots strapped on the side. They really don't care. They'll just do metered billing someday and we'll all crab together.

Re:IPv6 (1)

characterZer0 (138196) | more than 2 years ago | (#38002014)

So set your firewall up so that your ISP cannot see your toaster.

New route for exploits (-1)

Anonymous Coward | more than 2 years ago | (#38001876)

I find IPv6 to be very annoying with all its routing and discovery packets and such, it makes it difficult to secure because you're not sure what to let through and what can pose security problems.

I ran my primary public web server on IPv6 for a while but after having multiple attacks come in through that vector I decided to just shut it all off. Both the machine and the daemons running on it need to be carefully examined for how they behave on IPv6. I'm going to have to sit down and really go through everything to make it secure on IPv6 which is very annoying because I don't have time for that BS. I figure this is going to be a problem for many other administrators too and is probably why we're not already on IPv6 across the board. Plus the whole deal with those long hex addresses and counting colons takes a lot more mental effort to juggle than the short little IPv4 addresses. It's just a lot of work.

Awesome (1)

jandrese (485) | more than 2 years ago | (#38002130)

Did you hear that Verizon? Your "next generation optical network" is now behind the clunky old cable modem guys on this issue. Where is your update? Hmmmm?
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>