Feds Say They're Ready For Monday's IPv6 Deadline 120
netbuzz writes "By all indications and against all odds, it appears as though most, if not all, federal agencies will have met the mandate issued back in 2005 that their network backbones become capable of passing IPv6 packets by June 30, 2008. NetworkWorld quotes Pete Tseronis, chair of the IPv6 working group of the Federal CIO Council, saying, 'I have not heard of anybody who is not going to make the IPv6 deadline.' Those involved are calling this a significant milestone in what has been an extensive effort to bring IPv6 into widespread deployment."
One huge caveat (Score:5, Informative)
The thing they're not talking about here is that to meet the mandate, the gov't networks have to be *capable* of passing IPv6, and have tested that they can. Turning IPv6 back off as soon as they confirm that test is totally within the bounds of compliance (and many agencies are doing exactly that).
In short, don't expect this to actually drive IPv6 adoption...this was a paperwork exercise.
Re:Not to supprised. (Score:5, Informative)
If you really believe that anything that doesn't support IPv6 at this point is "legacy" you clearly haven't tried to implement it. A few things off the top of my head:
* Cisco IOS will route IPv6, but it does doesn't do it in hardware (it forces the packet up to the totally underpowered CPU of the router), so the packet rates are pathetic compared to IPv4.
* Until fairly recently, the Cisco PIX and ASA would route IPv6, but several major features (like failover) weren't available.
* Running NAC? I have yet to talk to a NAC vendor who supports IPv6.
* Many of the Security Information Manager products don't do IPv6, either (or they didn't the last time I checked).
* Heck, let's talk Windows XP. It theoretically supports IPv6, but it will only do DNS over IPv4.
Vendor support for IPv6 has been pathetic.
Re:Classic 5-step (Score:5, Informative)
Update all clients to IPv6 capable systems (i.e., junk Windows)
Vista runs IPV6 by default and everyone was hoping that this would help to drive adoption. IPV6 can be installed in a few clicks on an XP machine. You harboring much of an agenda there, boss?
Re:FUD! (Score:5, Informative)
Yeah, I actually work for GE, we have the entire friggin 3.x.x.x range, 16 *million* IP's, for roughly 300K real employees (and a ton of contractors) plus servers.
I mean, being realistic here, unless we have a server for every employee/contractor, and they each have 8 machines on their desk.. I'm betting we don't use more than a million of those.
And of that, virtually *none* (a handful) are actually on the public internet. 99% of them (at least) are behind firewalls and proxies, so *not* using a 10.x subnet internally is just a waste.
Sadly, 5 years and I've heard it mentioned *once*, but haven't actually seen any motion towards changing (like configuring switches for both 3.x and 10.x routing, etc). While, yes, I comprehend the scale of it, realistically a simple 3.x->10.x one-to-one mapping wouldn't be all *that* hard, and a per-site/per-business cutover.
But like most of corporate america, we talk about a lot of things, but not much really happens.
Re:Dump IPv6 (Score:5, Informative)
Correct me if I'm wrong, but it is my understanding that IPv6 adresses are not a superset of IPv4 ones. That means, that absolutely no current internet site is reachable by IPv6.
...
IPv6 address should be a superset of IPv4 ones. (or example : 1.2.3.4 is IPv4, 1.2.3.4.5.6.7.8 would be IPvX. you type the former in IPvX, it gets padded to 1.2.3.4.0.0.0.0 and still works). I fail to understand why it isn't so.
Well, it would be hard to expect old software to be able to send and receive packets in a new format automatically--the packet header would at least require a longer address field, but probably other changes as well that will improve performance and flexibility. On the other hand, it should be possible for programs that use the new version of the networking API to communicate with machines on IPv4. And this is possible using IPv4 mapped IPv6 addresses [wikipedia.org] (RFC reference [ietf.org]).
Re:Not to supprised. (Score:3, Informative)
Windows 2k8 NAC fully supports IPv6
Re:IPV6 here we come... (Score:2, Informative)
Re:FUD! (Score:5, Informative)
Hey IANNA, why not free up some of the "LEGACY" Class-A allocations (see below) That would free some 650 MILLION addresses!!! Some 15% of the address space.
http://www.iana.org/assignments/ipv4-address-space [iana.org] [iana.org].
That'll do us for what? Another 10-15 years or so? Plus if the US gov wants to release a bunch too since they are going IPv6.
This whole "OMG! We're going to run out of addresses (and ponies)" scare is starting to be more pathetic and fake than Nostradamus predictions!
Take a read of this blog post to find out what's really happening:
/8 per month in 2007, so even if they did recover all 650 million addresses from the allocations you mentioned (very unlikely), it would not buy us another 10-15 years. It would buy us about 3 years assuming the demand for IP addresses doesn't increase.
http://blog.icann.org/?p=271 [icann.org]
They allocated more than one
Reclaiming address space doesn't solve the problem, it just delays it. And it doesn't even delay it by that much.
Re:Classic 5-step (Score:1, Informative)
4. Bitch at Google, and install intermediate IPv6-IPv4 gateways
ipv6.google.com [google.com]
Zeronf: Bonjour, Avahi (Score:3, Informative)
We've had a decade of people trying to ram this product down our throats, and yet, the best we get is that we should appreciate having an IP address that looks like:
http://20010db885a308d313198a2e03707348/ [20010db885...2e03707348]
That -sucks-. ok? it sucks. It may be great for network people, except those that use the addresses, but it suks.
To nit pick, that URL is wrong, it should be of the form:
http://20010db87348/ [20010db87348]
Note that the number is between brackets and has colons. Longer numbers are a side affect of making more addresses available. You should be happy they decided to use hexadecimal to represent the address and not base 10, since it would have been a lot more painful. Also note that any series of zeros can be dropped and just push the colons together:
http://20010db8000000007348/ [20010db8000000007348] becomes http://20010db87348/ [20010db87348]
Then again although you can access a machine this way, solutions as zeroconf [wikipedia.org] are the way to go. Two implementations are Bonjour [wikipedia.org] (default on the Mac, available for MS Windows) and Avahi [wikipedia.org] on Linux. For me this is like ISBN numbers, in that sure you can refer to a book by its number, but it is far more convenient to refer it by name.
Re:Not to supprised. (Score:4, Informative)
Plenty of Cisco hardware handles IPv6 in hardware. The 12000 and 10000 both do, the 7600/6500 does, the 3750 and 3560 switches do, etc. I don't know why you think Cisco stuff doesn't handle IPv6, since it has for years.
Re:IPV6 here we come... (Score:5, Informative)
Furthermore, I believe that GP was not complaining about censorship and/or limit of access by government authorities, but rather using that to preface the technical reason they have one ISP that routes through China.
The best? Then you've not been reading. (Score:5, Informative)
In addition to the extensions, the following benefits are also present:
Only a few of these points mention addressing at all, and none refer to the specific length of IPv6 addresses.