Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Government Networking The Internet United States News

Feds Say They're Ready For Monday's IPv6 Deadline 120

netbuzz writes "By all indications and against all odds, it appears as though most, if not all, federal agencies will have met the mandate issued back in 2005 that their network backbones become capable of passing IPv6 packets by June 30, 2008. NetworkWorld quotes Pete Tseronis, chair of the IPv6 working group of the Federal CIO Council, saying, 'I have not heard of anybody who is not going to make the IPv6 deadline.' Those involved are calling this a significant milestone in what has been an extensive effort to bring IPv6 into widespread deployment."
This discussion has been archived. No new comments can be posted.

Feds Say They're Ready For Monday's IPv6 Deadline

Comments Filter:
  • More IP's (Score:2, Funny)

    by Wowsers ( 1151731 )

    More IP numbers for government. As if proof were needed that the size of government is growing out of control.

  • by antirelic ( 1030688 ) on Saturday June 28, 2008 @07:18AM (#23979855) Journal

    Or not. While the federal government of the USA may have backbones capable of running IPV6, they seriously lack the ability to effectively make the switch without a great amount of pressure. Lets face it, with NAT and other technologies, the need to migrate to a new standard has been severely reduced. Not saying that it is not needed, I am sure the "rest of the world" outside of the US and the EU would like some IP space all of their own, but market forces have already relegated that individuals have no need for unique IP space and NAT is good enough for the unwashed masses.

    Having had a little bit of experience working with big networks based on IPV4, the migration to IPV6 is going to be pretty awesome... like the titanic sinking, or an entire city being leveled by an earth quake.

    • by rxmd ( 205533 ) on Saturday June 28, 2008 @07:45AM (#23979989) Homepage

      NAT is good enough for the unwashed masses.

      I am currently in Uzbekistan. Our Internet uplink goes through China (because of a domestic Internet monitoring policy that allows for only one country-level Internet provider). On the IPv4 block allocation generosity scale we are at the lower end, twice. Depending how things are configured there I am usually behind one or two layers of NAT already from the provider, not counting our own internal network. Something as simple as Skype usually goes through 4 to 8 relays, and getting a server working reliably here can be a challenge.

      Market forces have decided that in the US, and slightly less so in Europe, where IPv4 block allocation was comparatively generous, NAT is enough for your own unwashed masses. Everywhere else NAT is an abomination and an administration headache that has to go away. NAT is like deodorant for the unwashed mashes where what they really need would be a good decent shower.

      Since implementation of IPv6 routing elsewhere is picking up steam, we can only hope that the same market forces that have allowed the US to stick to their comfy IPv4 couch will eventually force the US to adopt it as well. Since it looks like the non-US market is growing, things are looking good here, and the story confirms it.

      • by Cheeze ( 12756 ) on Saturday June 28, 2008 @08:26AM (#23980213) Homepage

        You go through several NAT devices because that is what your government wants. With IPV6, you would go through the same networks, you would just have a longer NAT ip address.

        IPV6 will not make the routing table that IPV4 enforces go away, it will just give it the ability to have QOS and a few other features. If your government wants to limit your access, they will still have that ability.

        • by mixmatch ( 957776 ) on Saturday June 28, 2008 @01:10PM (#23983255) Homepage
          You do understand that the need for NAT stems from the inability to assign everyone a public IPV4 address right? With IPV6, the routing may be similar, but it will not be the same. To quote from the TCP/IP Guide:

          • Complexity: NAT represents one more complexity in setting up and managing the network. It also makes troubleshooting more confusing due to address substitutions.

          • Problems Due to Lack of Public Addresses: Certain functions won't work properly due to lack of a âoerealâ IP address in the client host machines.

          • Compatibility Problems With Certain Applications: I said above that NAT was only mostly transparent. There are in fact compatibility issues with certain applications that arise because NAT âoetinkersâ with the IP header fields in datagrams but not in the application data. This means tools like FTP, which pass IP addresses and port numbers in commands, must be specially handled, and some applications may not work.

          • Problems With Security Protocols: Protocols like IPSec are designed to detect modifications to headers and commonly balk at the changes that NAT makes, since they cannot differentiate those changes from malicious datagram âoehackingâ. It is still possible to combine NAT and IPSec, but this becomes more complicated.

          • Poor Support for Client Access: The lack of a public IP address for each client is a double-edged sword; it protects against hackers trying to access a host but also makes it difficult for legitimate access to clients on the local network. âoePeer-to-peerâ applications are harder to set up, and something like an organizational web site (accessed from the Internet as a whole) usually needs to be set up without NAT.

          • Performance Reduction: Each time a datagram transitions between the private network and the Internet, an address translation is required. In addition, other work must be done as well, such as recalculating header checksums. Each individual translation takes little effort but when you add it up, you are giving up some performance.

          Furthermore, I believe that GP was not complaining about censorship and/or limit of access by government authorities, but rather using that to preface the technical reason they have one ISP that routes through China.

          • by Cheeze ( 12756 )

            Furthermore, I believe that GP was not complaining about censorship and/or limit of access by government authorities, but rather using that to preface the technical reason they have one ISP that routes through China.

            This part of the GP tells me different:

            Our Internet uplink goes through China (because of a domestic Internet monitoring policy that allows for only one country-level Internet provider).

            • I don't think he was really complaining about the censorship, he was just explaining why their connection goes through China. He mentioned that because it's one of the reasons why he's behind so many layer of NAT.

              China doesn't have a lot of assigned IPv4 space to begin with, and if they're your Internet provider, they're probably not going to give you a lot. Hence, he's catching the short end of the addressing stick twice. One was China getting shafted, the other was China doing the shafting.

              Although IPv

      • Since implementation of IPv6 routing elsewhere is picking up steam, we can only hope that the same market forces that have allowed the US to stick to their comfy IPv4 couch will eventually force the US to adopt it as well.

        O.k. - right after we switch over to the metric system...

      • "NAT is like deodorant for the unwashed mas[s]es where what they really need would be a good decent shower."

        Sheer poetry. I love it. You win the internet for the next millisecond.

        I've been meaning to dredge up some comprehensible documentation on setting up an IPv6 network - guess now's a good time to get to work on it.

    • by jsebrech ( 525647 ) on Saturday June 28, 2008 @07:55AM (#23980027)

      Not saying that it is not needed, I am sure the "rest of the world" outside of the US and the EU would like some IP space all of their own, but market forces have already relegated that individuals have no need for unique IP space and NAT is good enough for the unwashed masses.

      NAT is only good for networks. Every ISP subscriber still gets a unique IP, and with people leaving their PC's on 24/7, those might as well be unique IP's (my ISP does not charge that much extra to get a fixed IP).

      I read a statistic that by 2010 half of the global population is going to have a cell phone (currently it's 4 out of 10), with most of the growth in asia and the middle east. Currently 1 in 6 cellphone users globally has an internet-enabled subscription (even if they don't use it), but this is going to grow considerably. We could be talking about up to a billion new internet users over the next decade, in asia and the middle east, the majority of them on cheap mobile devices. NAT is not going to be the answer, and IPv6 will become a necessity to reach those markets.

      The NYT did an interesting article about cellphones and the third world. What's driving the adoption is economic necessity. The cost of doing business in a globalized world is that you have to be connected. http://www.nytimes.com/2008/04/13/magazine/13anthropology-t.html [nytimes.com]

      • NAT is good for home and businesses as you don't each system to it's own out side IP and ISP like COMCRAP would love to make you pay $5+ per pc for a IP.

    • Re: (Score:2, Informative)

      by Nathonix ( 843449 )
      not to mention the fact that its only the backbones, and they only need to be capable of passing ipv6 data, which is why for once everything is on schedule to be complete. were they to also require that all the governments computers actually use ipv6, it would be a totally different matter altogether.
    • market forces have already relegated that individuals have no need for unique IP space and NAT is good enough for the unwashed masses.


      With BitTorrent, no it isn't. At least not without some cooperation from the ISP. In my case, for instance, I've never been able to set up the UDP port for DHT.

      • by Lord Crowface ( 1315695 ) on Saturday June 28, 2008 @10:57AM (#23981675)

        I'm at least partly convinced that the ability to block "unauthorized" services using the fact that it's such a pain to run any kind of server from a machine behind a NAT router is one of the main reasons that the commercial internet industry has stuck with IPv4. If they moved to IPv6, their old "We can't give each of your computers a real IP address because we don't have enough to go around" excuse would fall apart and they would have to either start letting people run their own servers or they'd have to move to doing actual port blocking, which would look really bad.

        • If they moved to IPv6, their old "We can't give each of your computers a real IP address because we don't have enough to go around" excuse would fall apart and they would have to either start letting people run their own servers or they'd have to move to doing actual port blocking, which would look really bad.

          Good! Fuck 'em! If they can't be bothered to offer quality service, what right do they have to look good for treating their customers like shit?

    • by Just Some Guy ( 3352 ) <kirk+slashdot@strauser.com> on Saturday June 28, 2008 @12:08PM (#23982585) Homepage Journal

      Lets face it, with NAT and other technologies, the need to migrate to a new standard has been severely reduced.

      Not even close. NAT breaks networks horribly by its very nature, and voids the original Internet ideal of a collection of peers. Consider that with NAT it's impossible to connect to another machine which is also behind NAT without going through a third party. While governments might love the idea of forcing you to funnel traffic through a central, easily-tappable server, it sucks for end users. Not only is it bad for privacy, but for reliability: now you can't talk to your friend's machine if the helper server is down or out of bandwidth. That's not acceptable!

      Having had a little bit of experience working with big networks based on IPV4, the migration to IPV6 is going to be pretty awesome... like the titanic sinking, or an entire city being leveled by an earth quake.

      Having apparently a bit more, I don't think it's going to be that bad. You don't have to start with a complete cutover, or even make a complete transition at all. Right now, today, odds are that you could start using link local addresses on your LAN for testing. You can get an IPv6 allocation and start with little things: configure your mailserver to use it and start publishing DNS to it. Once you're convinced it's up, try again with your webserver. Maybe configure a couple of workstations for the geeks in your company and let them bang away at it. If any of that fails, no big deal! You're still live with IPv4.

      • > NAT breaks networks horribly by its very nature, and voids
        > the original Internet ideal of a collection of peers.

        You are so wrong. Next thing you're going to tell me is that Al Gore invented the internet.

        > While governments might love the idea of forcing you to funnel traffic
        > through a central, easily-tappable server, it sucks for end users.

        I'm in my late fifties, old enough to remember the early days of the internet. I am not part of the 90% of North American

        • Re: (Score:3, Insightful)

          by Just Some Guy ( 3352 )

          The early internet consisted of a bunch of mainframes operated by a bunch of BOFH (Bastard Operators From Hell). The only guys (usually male) allowed to log on were military types or civilian employees of defense contractors, who had a whack of security clearances.

          For liking to pretend that you were there when it all started, you don't seem to understand what a peer [wikipedia.org] is.

          ARPANET and the Internet were built around the idea that computers could talk to each other. NAT breaks that. QED, NAT is not what the Internet was meant to be like.

  • One huge caveat (Score:5, Informative)

    by gclef ( 96311 ) on Saturday June 28, 2008 @07:36AM (#23979953)

    The thing they're not talking about here is that to meet the mandate, the gov't networks have to be *capable* of passing IPv6, and have tested that they can. Turning IPv6 back off as soon as they confirm that test is totally within the bounds of compliance (and many agencies are doing exactly that).

    In short, don't expect this to actually drive IPv6 adoption...this was a paperwork exercise.

    • Re:One huge caveat (Score:5, Insightful)

      by hal9000(jr) ( 316943 ) on Saturday June 28, 2008 @08:29AM (#23980229)
      It's more than that. It mandates a first step toward IPv6 conversion. The mandate also stated that dual stack (running Ipv4 along with IPv6) was OK too. The fundamental problem is that all the other network devices that run only IPv4 still have to supported.

      This is fundamentally no different than when companies had to run IP and IPX on computers during Novells transition in the 90's.
    • by imipak ( 254310 )
      Just to back this up, here's a quote from an earlier NetworkWorld story (just click thru the links on the page to find the original):

      The mandate requires federal backbone networks to be capable of transmitting IPv4 and IPv6 traffic and supporting IPv4 and IPv6 addresses. However, the OMB mandate doesnâ(TM)t require agencies to turn IPv6 on or to use it by the end of June 2008. Agencies have to support IPv6 on their backbone networks only, not on their desktops or peripherals. Nor do their applications need to be IPv6-enabled by the target date. Experts say the OMB mandate is easy to meet. Agencies must upgrade the software on their core routers to support IPv6 and then show they can carry IPv6 traffic through their service providers.

    • I remember that the government was not fully Y2K compliant and overnight they became 100% compliant. The reason: any system which was not compliant was declared secret, thereby leaving the only reported systems those that were Y2K compliant.

  • Not to supprised. (Score:5, Insightful)

    by jellomizer ( 103300 ) on Saturday June 28, 2008 @07:37AM (#23979959)

    Being that IPv6 has been around for over a decade, meaning most legacy hardware has been replaced by then that used IPv4 only as well many systems even ones older then 10 years old that support TCP/IP are often new enough to get a software patch for IPv6 and what is left are so old and legacy that they are not available on the internet or you can just put a Linux box on them before the network and connect via IPv6 it does an IPv4 direct communication to the system and passed the data threw.
    However most systems that cannot support IPv6 probably needed to be upgraded anyways and offered federal IT employees a law to point to get funding for a much needed upgrade.

    • Re:Not to supprised. (Score:5, Informative)

      by gclef ( 96311 ) on Saturday June 28, 2008 @08:08AM (#23980097)

      If you really believe that anything that doesn't support IPv6 at this point is "legacy" you clearly haven't tried to implement it. A few things off the top of my head:

        * Cisco IOS will route IPv6, but it does doesn't do it in hardware (it forces the packet up to the totally underpowered CPU of the router), so the packet rates are pathetic compared to IPv4.

        * Until fairly recently, the Cisco PIX and ASA would route IPv6, but several major features (like failover) weren't available.

        * Running NAC? I have yet to talk to a NAC vendor who supports IPv6.

        * Many of the Security Information Manager products don't do IPv6, either (or they didn't the last time I checked).

        * Heck, let's talk Windows XP. It theoretically supports IPv6, but it will only do DNS over IPv4.

      Vendor support for IPv6 has been pathetic.

      • Re: (Score:3, Informative)

        by Anonymous Coward

        Windows 2k8 NAC fully supports IPv6

      • > If you really believe that anything that doesn't support IPv6 at this point is "legacy" you clearly haven't tried to implement it. A few things off the top of my head:
        >
        > * Cisco IOS will route IPv6, but it does doesn't do it in hardware (it forces the packet up to the totally underpowered CPU of the router), so the packet rates are pathetic compared to IPv4.
        >

        Is that true of CISCO layer 3 switches? I'm just curious. It was my impression that layer 3 switches did their routing in hardware.

      • by IAN ( 30 )

        Cisco IOS will route IPv6, but it does doesn't do it in hardware

        Sup720 + PFC3 + DFC3 routes IPv6 in hardware. It's not exactly new.

      • by Mousit ( 646085 )
        And hell, if you want to venture into consumer space, try every internet-enabled game console, TiVos, consumer IP phones, etc. I have never seen any of these that support IPv6, and I have a suspicion that the network chipsets in them don't have lower-layer support for it either. These could perhaps be upgraded via software patches, but it would be a question of whether they could handle it (re: like the underpowered Cisco router CPUs).

        Home routers that support it are few and far between, with Apple's Ai
      • Re:Not to supprised. (Score:4, Informative)

        by sabaco ( 92171 ) on Saturday June 28, 2008 @11:46AM (#23982319) Homepage Journal

        Plenty of Cisco hardware handles IPv6 in hardware. The 12000 and 10000 both do, the 7600/6500 does, the 3750 and 3560 switches do, etc. I don't know why you think Cisco stuff doesn't handle IPv6, since it has for years.

      • Oddly enough, this sounds a lot like USB...

        <voice mode="Creaky old man sitting in rocking chair on front porch of retirement home">I remember a time when for years, motherboards included USB ports, but they were always unused because there really weren't any USB peripherals. We still had two serial ports so why the heck would we pay extra for some newfangled USB mouse? I think there were a few USB sound devices floating around too, which always struck me as kind of odd given that the built-in SB16 c

  • Ping & Unplug (Score:4, Interesting)

    by Anonymous Coward on Saturday June 28, 2008 @07:38AM (#23979965)

    I've heard this referred to as "ping and unplug" by two different network vendors that we've worked with. I don't think this will be much more than a very limited proof of concept.

  • Wrong requirement... (Score:3, Interesting)

    by Bert64 ( 520050 ) <.moc.eeznerif.todhsals. .ta. .treb.> on Saturday June 28, 2008 @07:56AM (#23980031) Homepage

    This just requires that the backbone passes ipv6, which any backbone routing device made in the past 10 years will be easily capable of doing.

    What they really should do, is require that any service offered to the outside world be available with both ipv6 and ipv4 connectivity, starting with any new deployments/upgrades and gradually rolling out to existing sites.

    • by imipak ( 254310 )

      This just requires that the backbone passes ipv6, which any backbone routing device made in the past 10 years will be easily capable of doing.

      It's much less than that. Effectively the directive's minimum requirements are *one device* capable (not necessarily configured or connected) to route IPv6. So, BFD.

    • This just requires that the backbone passes ipv6, which any backbone routing device made in the past 10 years will be easily capable of doing.

      By backbone, the mandate means the network as a whole as opposed to your applications and hosts (workstations and servers). It doesn't mean your network backbone proper in your facility such as your core and distribution devices. It includes your entire network down to the access switch. And when you start investigating Cisco equipment as well as other vendors network devices and appliances you see that IPv6 is not 100% supported yet so it won't be totally easy. The best that can happen is that for devices

    • > What they really should do, is require that any service offered to the
      > outside world be available with both ipv6 and ipv4 connectivity, starting
      > with any new deployments/upgrades and gradually rolling out to existing sites.

      You'll know that IPV6 has arrived, when hurricane victims will only be able to apply online for aid via an IPV6 connection

  • Classic 5-step (Score:3, Insightful)

    by kamochan ( 883582 ) on Saturday June 28, 2008 @07:57AM (#23980039)

    This is good news. The IPv6 transition must happen in stages, the whole world cannot convert at the same time. In order to beat the chicken-and-egg problem, someone simply has to go first.

    1. Deploy IPv6-capable infrastructure to area X (which has now provably happened for a good part of US)
    2. Update all clients to IPv6 capable systems (i.e., junk Windows)
    3. Notice that you can't access any services, since the services do not support IPv6
    4. Bitch at Google, and install intermediate IPv6-IPv4 gateways
    5. X = X+1, goto 1
    6. I'm sure someone will profit.
    • by Fleeced ( 585092 ) <fleeced@@@mail...com> on Saturday June 28, 2008 @08:08AM (#23980095)

      6. I'm sure someone will profit.

      They won't be able to profit at step 6 - they hit an infinite loop at step 5!

    • Re:Classic 5-step (Score:5, Informative)

      by OnlineAlias ( 828288 ) on Saturday June 28, 2008 @08:24AM (#23980195)

      Update all clients to IPv6 capable systems (i.e., junk Windows)

      Vista runs IPV6 by default and everyone was hoping that this would help to drive adoption. IPV6 can be installed in a few clicks on an XP machine. You harboring much of an agenda there, boss?

      • Nah, just clueless :)

        The last time I've needed to touch windows was xp some years ago, when the IPv6 add-on package was mostly for entertainment purposes. It's good to hear it's improved to something usable.

        • I don't think a network "engineer" who hasn't had to deal with Windows boxes in the past five years is very practiced. Imagine if I claimed that Linux didn't support any modern hardware or SMP because the last version I touched was Red Hat 5 ten years ago.
      • by imipak ( 254310 )

        Vista runs IPV6 by default

        No, it really doesn't. Try connecting a couple of Vista machines via IPv6 only out of the box.

      • Vista runs IPV6 by default and everyone was hoping that this would help to drive adoption. IPV6 can be installed in a few clicks on an XP machine. You harboring much of an agenda there, boss?

        No, but you are, if you think XP supports IPv6 in any usable form. Go ahead, disable IPv4 in XP and see how many hostnames you can look up.

        • Or even better.. disable ipv6 on Vista and try to log onto your domain :p

          Win28k allegedly supports AD over IPV6 but the average company is looking at years before that's deployed.

          • Crap. I meant disable ipv4.

            Stupid Slashdot. Let me f...ing post dammit!

          • Win28k allegedly supports AD over IPV6 but the average company is looking at years before that's deployed.

            By that time, they will have lost anyway, so kind of a moot point.

    • 2. Update all clients to IPv6 capable systems (i.e., junk Windows)

      Windows XP SP2 and Vista both support IPv6. Vista even has it on by default.

      But you already knew that, and just wanted to bash MS again.

    • Re: (Score:3, Funny)

      by pablomme ( 1270790 )

      X = X+1, goto 1

      Every time someone writes goto [wikipedia.org], a kitten dies.

      Damn, I've done it.

    • Re: (Score:1, Informative)

      by Anonymous Coward

      4. Bitch at Google, and install intermediate IPv6-IPv4 gateways

      ipv6.google.com [google.com]

      • Useless. It's one page - all the links go back to www.google.com. google don't index ipv6 anyway, so there's no point.

        So you still need ipv6->ipv4 gateways, or maybe just forget about the ipv6.

    • There is (or at least used to be) an http://ipv6.google.com/ [google.com]
  • FUD! (Score:4, Insightful)

    by Adeptus_Luminati ( 634274 ) on Saturday June 28, 2008 @08:21AM (#23980173)

    Hey IANNA, why not free up some of the "LEGACY" Class-A allocations (see below) That would free some 650 MILLION addresses!!! Some 15% of the address space.

    http://www.iana.org/assignments/ipv4-address-space [iana.org] [iana.org].

    That'll do us for what? Another 10-15 years or so?
    Plus if the US gov wants to release a bunch too since they are going IPv6.

    This whole "OMG! We're going to run out of addresses (and ponies)" scare is starting to be more pathetic and fake than Nostradamus predictions!

    003/8 General Electric Company
    004/8 Level 3 Communications, Inc.
    006/8 Army Information Systems Center
    008/8 Level 3 Communications, Inc.
    009/8 IBM
    011/8 DoD Intel Information Systems
    012/8 AT&T Bell Laboratories
    013/8 Xerox Corporation
    015/8 Hewlett-Packard Company
    016/8 Digital Equipment Corporation
    017/8 Apple Computer Inc.
    018/8 MIT
    019/8 Ford Motor Company
    020/8 Computer Sciences Corporation
    021/8 DDN-RVN
    022/8 Defense Information Systems Agency
    025/8 UK Ministry of Defence
    026/8 Defense Information Systems Agency
    028/8 DSI-North
    029/8 Defense Information Systems Agency
    030/8 Defense Information Systems Agency
    032/8 AT&T Global Network Services
    033/8 DLA Systems Automation Center
    034/8 Halliburton Company
    035/8 MERIT Computer Network
    038/8 Performance Systems International
    040/8 Eli Lily & Company
    043/8 Japan Inet
    044/8 Amateur Radio Digital Communications
    045/8 Interop Show Network
    047/8 Bell-Northern Research
    048/8 Prudential Securities Inc.
    051/8 Deparment of Social Security of UK
    052/8 E.I. duPont de Nemours and Co., Inc.
    053/8 Cap Debis CCS
    054/8 Merck and Co., Inc.
    055/8 DoD Network Information Center
    056/8 US Postal Service
    057/8 SITA

    Adeptus

    • Re:FUD! (Score:5, Informative)

      by Anonymous Coward on Saturday June 28, 2008 @08:41AM (#23980313)

      Yeah, I actually work for GE, we have the entire friggin 3.x.x.x range, 16 *million* IP's, for roughly 300K real employees (and a ton of contractors) plus servers.

      I mean, being realistic here, unless we have a server for every employee/contractor, and they each have 8 machines on their desk.. I'm betting we don't use more than a million of those.

      And of that, virtually *none* (a handful) are actually on the public internet. 99% of them (at least) are behind firewalls and proxies, so *not* using a 10.x subnet internally is just a waste.

      Sadly, 5 years and I've heard it mentioned *once*, but haven't actually seen any motion towards changing (like configuring switches for both 3.x and 10.x routing, etc). While, yes, I comprehend the scale of it, realistically a simple 3.x->10.x one-to-one mapping wouldn't be all *that* hard, and a per-site/per-business cutover.

      But like most of corporate america, we talk about a lot of things, but not much really happens.

    • Re: (Score:3, Funny)

      by gbjbaanb ( 229885 )

      This whole "OMG! We're going to run out of addresses (and ponies)" scare is starting to be more pathetic and fake than Nostradamus predictions!

      Century 12, Quatrain 5 says:

      Gore, of old, would tell that six is all
      on the day the silver tubes stopped passing;
      terrible anguish would ensue
      as tube of you could not be contacted.

      See. We're doomed.

    • Re:FUD! (Score:5, Informative)

      by aos101 ( 1068068 ) on Saturday June 28, 2008 @09:32AM (#23980715)

      Hey IANNA, why not free up some of the "LEGACY" Class-A allocations (see below) That would free some 650 MILLION addresses!!! Some 15% of the address space.

      http://www.iana.org/assignments/ipv4-address-space [iana.org] [iana.org].

      That'll do us for what? Another 10-15 years or so? Plus if the US gov wants to release a bunch too since they are going IPv6.

      This whole "OMG! We're going to run out of addresses (and ponies)" scare is starting to be more pathetic and fake than Nostradamus predictions!

      Take a read of this blog post to find out what's really happening:

      http://blog.icann.org/?p=271 [icann.org]

      They allocated more than one /8 per month in 2007, so even if they did recover all 650 million addresses from the allocations you mentioned (very unlikely), it would not buy us another 10-15 years. It would buy us about 3 years assuming the demand for IP addresses doesn't increase.

      Reclaiming address space doesn't solve the problem, it just delays it. And it doesn't even delay it by that much.

    • Hey now, the building I live in at MIT has its own Class B and that's the way I likes it!

      If you ever see someone from 18.238.*.* make sure to say hello.

    • Hey IANNA, why not free up some of the "LEGACY" Class-A allocations (see below) That would free some 650 MILLION addresses!!! Some 15% of the address space.

      While a good idea, it is probably easier to simply migrate to IPv6. I say this reckoning that the amount of bureaucratic paper work amounts for most of the effort. If you are going to be doing the paper work, then it might as well be done for a solution moving forward, than trying to temporarily fix a bad allocation. At least this way the paper work is d

    • by PKFC ( 580410 )

      I work for IBM (well the network services got sold to AT&T, but whatever.. the transition just happened June 1) and IBM uses its 9 address space as one big company wide NAT. Every IBMer in the world gets a 9 IP when they VPN or at a company site. It's a pretty cool setup from what I know of it, but then again: when you go to the internet, I'm at a 32.x.x.x IP which is AT&T. Now I don't know how it works, but a VPN into AT&T's network gives you a 135 ish /32 address. But pretty sure IBM could jus

  • We've had a decade of people trying to ram this product down our throats, and yet, the best we get is that we should appreciate having an IP address that looks like:

    http://20010db885a308d313198a2e03707348/ [20010db885...2e03707348]

    That -sucks-. ok? it sucks. It may be great for network people, except those that use the addresses, but it suks.

    IPv6 : Proud sponsors of unusable addresses.

    • We've had a decade of people trying to ram this product down our throats, and yet, the best we get is that we should appreciate having an IP address that looks like:

      http://20010db885a308d313198a2e03707348/ [20010db885...2e03707348]

      Learn DNS. :-) My Windows Vista machine and my Macs resolve just fine after pulling an automatic network address, tyvm. And I'm running BIND, not Win2kX on the server side.

      That -sucks-. ok? it sucks. It may be great for network people, except those that use the addresses, but it suks.

      IPv6 : Proud sponsors of unusable addresses.

      Your URL won't work because you forgot your brackets and your semicolons.

      And if you have to remember addresses, in a lot of circumstances it's not a lot different than an IPv4 address, because you can truncate a lot. My home netblock is 2001:4830:####b::/48 (digits on the third set baleeted for obvious purposes). I can remember it fin

      • And if you have to remember addresses, in a lot of circumstances it's not a lot different than an IPv4 address, because you can truncate a lot. My home netblock is 2001:4830:####b::/48 (digits on the third set baleeted for obvious purposes)

        Obscurity is not security. Never confuse the two like you have.

    • We've had a decade of people trying to ram this product down our throats, and yet, the best we get is that we should appreciate having an IP address that looks like:

      http://20010db885a308d313198a2e03707348/ [20010db885...2e03707348]

      That -sucks-. ok? it sucks. It may be great for network people, except those that use the addresses, but it suks.

      To nit pick, that URL is wrong, it should be of the form:

      http://20010db87348/ [20010db87348]

      Note that the number is between brackets and has colons. Longer numbers are a side affect of making more addresses av

      • Did you check before you posted: obviously not, since /. drops the colons in the IP address, unless specified within 'a href'. Can I say broken?

        http://20010db885a308d313198a2e03707348/ [20010db885...2e03707348] [20010db885...2e03707348]

        That -sucks-. ok? it sucks. It may be great for network people, except those that use the addresses, but it suks.

        To nit pick, that URL is wrong, it should be of the form (note your URL was probably mangled by /.):

        http://2001:0db8::7348/

        Note that the number is between brackets and has colons. Longer nu

    • Re: (Score:3, Funny)

      by imipak ( 254310 )
      Well gosh, if only there were some method to map those long numerical addresses to arbitrary strings of human-readable characters. Hey, you may have hit upon a great business opportunity there!
    • by jd ( 1658 ) <imipakNO@SPAMyahoo.com> on Saturday June 28, 2008 @02:55PM (#23984213) Homepage Journal
      IPv6 supports the following, which are either non-standard extensions to IPv4, not available or not provided by ISPs:

      • Anycasting
      • Mobile IP (IPv4 implementations only support home base relay)
      • Mobile Networks
      • Autoconfiguration
      • IPSec
      • Source-Specific Multicasting
      • Simplified group membership protocol for multicasting
      • Extended information retrievable from multicast routers
      • Extensible packet headers
      • Distinct Class-base and Flow-based QoS mechanisms
      • Source-Specified Routing

      In addition to the extensions, the following benefits are also present:

      • Smaller router tables
      • Superior alignment of header entries, so faster header processing
      • Directly interchangeable addresses with Infiniband, so local-area and (when wide-area IB is released) wide-area networks can be transparently hybrid IP/IB

      Only a few of these points mention addressing at all, and none refer to the specific length of IPv6 addresses.

    • by GXTi ( 635121 )
      That's what DNS was made for in the first place. You don't type in 105.195.75.18 very often either, do you? The only people who memorize IP addresses (v4 or v6) are "network people"
  • by mrjimorg ( 557309 ) on Saturday June 28, 2008 @09:14AM (#23980575) Homepage
    The "chair of the IPv6 working group of the Federal CIO Council" has "not heard of anybody who is not going to make the IPv6 deadline". In other words, goverment agency responsible for IPv6 Deadline is unaware of how unprepared the departments that he's responsible for actually are.
  • by Guppy06 ( 410832 ) on Saturday June 28, 2008 @09:15AM (#23980579)

    ... as the federal government's push to go all-metric.

    "Can" pass IPv6 isn't the same as "will."

  • by Midnight Thunder ( 17205 ) on Saturday June 28, 2008 @10:36AM (#23981419) Homepage Journal

    I live in Canada and none of the ISPs that provide internet connection to the home provide native IPv6 support. Holidaying in France the other day I found that free.fr and possibly Wanadoo/Orange provide IPv6 support. An incomplete list of Internet Service Providers [sixxs.net] providing native IPv6 is available, though it could probably be updated and as more ISPs start providing native support to their customers. DSL Reports, also has a forum [dslreports.com] dedicated to IPv6.

    Myself, I have started experimenting with IPv6 simply so I can understand all the issues and be able to help out other adopters. I started using Teredo on my Mac (since it supports being behind a NAT), by means of Miredo [remlab.net] (a nice front-end for the Mac is available here [deepdarc.com]), and then moved onto Aiccu [sixxs.net]. The advantage with going using Aiccu, is that I can have an IPv6 subnet [sixxs.net] for my computers at home. Also, since I wanted to make my web server available on the IPv6 addressable net, I registered its IP address with FreeDNS [afraid.org], since they allow for registration of AAAA records on their servers. There are certainly other 6to4 tunnels providers, such as Freenet6, but I haven't really investigate them since I already have a solution that fits my needs.

     

  • IPv6 just has to bring out the geek on you. Full speed ahead.
  • But from my experience in state government I can tell you that while the Fed may lead, the states are still lagging far behind. So are educational institutions. I was recently on an interview with an educational entity and asked about plans for IPv6. They have no plans thus far.
  • by Nom du Keyboard ( 633989 ) on Saturday June 28, 2008 @01:42PM (#23983551)
    What the world needs is a cheap router that speaks IPv6 on the Internet side, and the equivalent of a NATted IPv4 on the user side such that each IPv4 user address is mapped to a unique IPv6 address on the Internet side. Absolutely every current home and business network today would be capable of running under such a system without change, and the Internet could become all IPv6 tomorrow without problems.

    And if your device talked IPv6 to this router, then it would transparently pass it through allowing a transition to IPv6 at the user's pace, rather than being forced into it due to the depletion of IPv4 addresses. After all, didn't someone once say that 4294967295 addresses ought to be enough for everybody?

    If such a nifty device exists, it's sure not being talked about widely yet.

    • I believe ipv6-NAT can be configured to do that (amongst other scenarios).. my Cisco has it but I've never bothered enabling it.

      The problem is the scenario you describe is a bit useless. An ipv4 device can't contact an ipv6 device anyway, as it doesn't support the address format. So all the websites would have to advertise ipv4 addresses, allow connection from ipv6 somehow, reply over ipv6, that then gets translated to ipv4. Way overcomplex to achieve precisely nothing.

    • This is basically what NAT-PT (RFC 2766 http://www.ietf.org/rfc/rfc2766.txt [ietf.org]) does. Unfortunately the IETF deprecated NAT-PT without offering a replacement, although Cisco and other vendors continue to offer the feature in their code.
    • by Shotgun ( 30919 )

      The world needs no such of a thing. The last thing I need is a piece of equipment that will tell the cable company how many pieces of equipment I have connected to the Internet.

      Currently, all Time-Warner can see is my Linux router running IPCop. That is all they need to see. How I choose to divide up my bandwidth budget between different boxes is my own business. They already use MAC address locking to make it a headache to switch the NIC connected to the cable box (you have to cycle the power when swit

Keep up the good work! But please don't ask me to help.

Working...