Unfortunately, no-one is willing to be the bad guy in that story... Not even a *country* can really pull it off. Think about how many non-IPv6-capable devices there are out there: virtually every single home router, printer, modem, camera, etc. Now as soon as a flag day is declared, the self-entitled of the world will rise up and say to their government, "who's going to pay for my new equipment?" Never mind that we've all known this day would come for over 10 years...
On the other hand, I might turn out to be the first who actually has to manage a dual-stack network... and be willing to talk about it, anyway. Assuming I'm not on powerful drugs as a result of doing so! Holy **** does it get complicated! -Adam
Trevor Cordes trevor@tecnopolis.ca wrote:
On 2011-05-11 Sean Cody wrote:
Anyone have an interest or are is implementing ipv6 anywhere?
An intro to ipv6 would be a great presentation topic so if you can share your experience, please do!
Seconded. But don't look at me.
Does anyone know when home ISP's like Shaw will start to offer IPv6 to home users? I don't think v6 will go anywhere until the ISP's with their massive IP pools start switching end users to it. Correct?
All of this 6-to-4 stuff seems stupid and overly complex. I would like to just see a day picked where 4 is shutoff and only 6 can be used. We'll all be !@$#%ing our pants for a few days/weeks but then it'll be done. _______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
On 11-05-11 8:02 PM, Adam Thompson wrote:
Unfortunately, no-one is willing to be the bad guy in that story... Not even a *country* can really pull it off. Think about how many non-IPv6-capable devices there are out there: virtually every single home router, printer, modem, camera, etc. Now as soon as a flag day is declared, the self-entitled of the world will rise up and say to their government, "who's going to pay for my new equipment?" Never mind that we've all known this day would come for over 10 years...
On the other hand, I might turn out to be the first who actually has to manage a dual-stack network... and be willing to talk about it, anyway. Assuming I'm not on powerful drugs as a result of doing so! Holy **** does it get complicated! -Adam
Hmm... Just throwing an idea out there... I think I saw somewhere where my D-Link 655 supported it. I've even got a spare G4 server with minimal hard drive space I can use. Who knows if the NIC will work with ipv6. No idea if my Mini can support it wirelessly. However if the stars align and it can pique some interest why not make it a non-serious project for a few people and see if we can make the system into an open content server not connected to the net (this way we avoid the ipv4 <--> ipv6 conversion mess)...
I've been doing this off and on for a few years with ipv4. Basically a LAMP server with some PHP apps. More than this is beyond my experience. Still, if someone is interested drop by and we can set things up here as a test.
Incidentally, getting an old PC for a short time instead of the G4 isn't out of the question. I just have to justify it to the folks in Selkirk.
Later Mike
Trevor Cordestrevor@tecnopolis.ca wrote:
On 2011-05-11 Sean Cody wrote:
Anyone have an interest or are is implementing ipv6 anywhere?
An intro to ipv6 would be a great presentation topic so if you can share your experience, please do!
Seconded. But don't look at me.
Does anyone know when home ISP's like Shaw will start to offer IPv6 to home users? I don't think v6 will go anywhere until the ISP's with their massive IP pools start switching end users to it. Correct?
All of this 6-to-4 stuff seems stupid and overly complex. I would like to just see a day picked where 4 is shutoff and only 6 can be used. We'll all be !@$#%ing our pants for a few days/weeks but then it'll be done. _______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
_______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
--- Mike pfaiffer wrote:
I think I saw somewhere where my D-Link 655 supported it.
Here is the manufacturer's sales page for your router. It has an "IPv6 Ready" sticker on the product picture. http://www.dlink.ca/products/?pid=530
As long as your home networking router can handle IPv6 to IPv4 NAT, then you won't have to buy anything else.
--- Adam Thompson wrote:
Unfortunately, no-one is willing to be the bad guy in that story... Not even a *country* can really pull it off.
If you want government to get involved, it would have to force all router manufacturers to support IPv6 to IPv4 NAT, and provide firmware updates for all their products that don't currently do so. They would have to be forced to provide firmware updates for discontinued products as well; how far back?
Rob Dyck
On 11-05-11 11:18 PM, Robert Dyck wrote:
--- Mike pfaiffer wrote:
I think I saw somewhere where my D-Link 655 supported it.
Here is the manufacturer's sales page for your router. It has an "IPv6 Ready" sticker on the product picture. http://www.dlink.ca/products/?pid=530
Thought so.
As long as your home networking router can handle IPv6 to IPv4 NAT, then you won't have to buy anything else.
I was thinking of making all the devices connected to the router IPv6 to make things simple. Since I don't want to have the wireless router connected to the internet (Shaw gets their underwear in a knot over open routers) it is easy to have all one or the other. From past discussions it seems the NAT part is a little tricky and not all routers handle it properly.
--- Adam Thompson wrote:
Unfortunately, no-one is willing to be the bad guy in that story... Not even a *country* can really pull it off.
If you want government to get involved, it would have to force all router manufacturers to support IPv6 to IPv4 NAT, and provide firmware updates for all their products that don't currently do so. They would have to be forced to provide firmware updates for discontinued products as well; how far back?
I don't think IPv4 is going away any time soon. At least not in the home. The software and documentation are available and well tested. If the ISPs make the switch then places like the lab will also have to make the switch. Businesses with internal LANs will have to choose. Are there ranges of IPs assigned to private LANs as there are in IPv4? If so then depending on the size of the business the transition and testing could be either very simple or very complex.
Then there are the applications... I'll leave that conversation for those with more experience.
Rob Dyck
See you at the lab tomorrow...
Later Mike
IPv6 has a 'site-local' reservation as well but that us going out of favor for what I have read. There is no functional reason to have an private unroutable network when the 'standard' allocation range is so gigantic making NAT unnecessary. Your routers and firewall ACL will effectively make it private if you so configure.
NAT isn't a security feature or design tool. It is a work around for lack of adressable space.
The one feature of ipv6 that blew me away was that with The auto configured link local space the address chosen is based on the MAC address of the host. If you ever had to reverse an errant 169.X prefix on your LAN this could be very handy and makes auto configure networks a he'll of a lot more deterministic with respect to address provisioning.
As an example of how things can be more complicated than might seem at first, consider setting up an e-mail server with the usual raft of anti-spam measures...
http://www.itworldcanada.com/news/e-mail-and-ipv6-what-it-admins-need-to-kno...
Oh yeah, we tend to look up those client addresses a fair bit to determine the client's reputation... When will all that work well under IPv6?
In any case, I'm hoping to spend part of my summer at work reading up on IPv6, and starting a few LAN-based experiments. No word yet on when the UofM will have its router infrastructure IPv6-ready, though.
Maybe Adam and I can compare notes in the fall, and see if either of us is ready to present something on the topic.
Gilbert
On 2011-05-11 20:02, Adam Thompson wrote:
Unfortunately, no-one is willing to be the bad guy in that story... Not even a *country* can really pull it off. Think about how many non-IPv6-capable devices there are out there: virtually every single home router, printer, modem, camera, etc. Now as soon as a flag day is declared, the self-entitled of the world will rise up and say to their government, "who's going to pay for my new equipment?" Never mind that we've all known this day would come for over 10 years...
On the other hand, I might turn out to be the first who actually has to manage a dual-stack network... and be willing to talk about it, anyway. Assuming I'm not on powerful drugs as a result of doing so! Holy **** does it get complicated! -Adam
Trevor Cordestrevor@tecnopolis.ca wrote:
On 2011-05-11 Sean Cody wrote:
Anyone have an interest or are is implementing ipv6 anywhere?
An intro to ipv6 would be a great presentation topic so if you can share your experience, please do!
Seconded. But don't look at me.
Does anyone know when home ISP's like Shaw will start to offer IPv6 to home users? I don't think v6 will go anywhere until the ISP's with their massive IP pools start switching end users to it. Correct?
All of this 6-to-4 stuff seems stupid and overly complex. I would like to just see a day picked where 4 is shutoff and only 6 can be used. We'll all be !@$#%ing our pants for a few days/weeks but then it'll be done.
If anyone's looking to get started, I'd suggest http://www.tunnelbroker.net/. They'll route you a block over a tunnel. Very easy to get started. The alternative is a 6to4 tunnel which gives you an IPv6 block based on your IPv4 address.
If you have a Linux box as the gateway you should run radvd to send out the router advertisements to the machines behind it.
Sean
On Thu, May 12, 2011 at 11:37 AM, Gilbert E. Detillieux < gedetil@cs.umanitoba.ca> wrote:
As an example of how things can be more complicated than might seem at first, consider setting up an e-mail server with the usual raft of anti-spam measures...
http://www.itworldcanada.com/news/e-mail-and-ipv6-what-it-admins-need-to-kno...
Oh yeah, we tend to look up those client addresses a fair bit to determine the client's reputation... When will all that work well under IPv6?
In any case, I'm hoping to spend part of my summer at work reading up on IPv6, and starting a few LAN-based experiments. No word yet on when the UofM will have its router infrastructure IPv6-ready, though.
Maybe Adam and I can compare notes in the fall, and see if either of us is ready to present something on the topic.
Gilbert
On 2011-05-11 20:02, Adam Thompson wrote:
Unfortunately, no-one is willing to be the bad guy in that story... Not
even a *country* can really pull it off.
Think about how many non-IPv6-capable devices there are out there:
virtually every single home router, printer, modem, camera, etc.
Now as soon as a flag day is declared, the self-entitled of the world
will rise up and say to their government, "who's going to pay for my new equipment?" Never mind that we've all known this day would come for over 10 years...
On the other hand, I might turn out to be the first who actually has to
manage a dual-stack network... and be willing to talk about it, anyway. Assuming I'm not on powerful drugs as a result of doing so! Holy **** does it get complicated!
-Adam
Trevor Cordestrevor@tecnopolis.ca wrote:
On 2011-05-11 Sean Cody wrote:
Anyone have an interest or are is implementing ipv6 anywhere?
An intro to ipv6 would be a great presentation topic so if you can share your experience, please do!
Seconded. But don't look at me.
Does anyone know when home ISP's like Shaw will start to offer IPv6 to home users? I don't think v6 will go anywhere until the ISP's with their massive IP pools start switching end users to it. Correct?
All of this 6-to-4 stuff seems stupid and overly complex. I would like to just see a day picked where 4 is shutoff and only 6 can be used. We'll all be !@$#%ing our pants for a few days/weeks but then it'll be done.
-- Gilbert E. Detillieux E-mail: gedetil@muug.mb.ca Manitoba UNIX User Group Web: http://www.muug.mb.ca/ PO Box 130 St-Boniface Phone: (204)474-8161 Winnipeg MB CANADA R2H 3B4 Fax: (204)474-7609 _______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
Hands down, http://sixxs.net is one of the best tunnel brokers around. I have a 100ms ping to the next hop, and a full /48 of ipv6 space for free. Not to mention, if you can justify why you would need more subnets, they are happy to give them to you.
This is a 6to4 tunnel though, and I use an openbsd box and the gateway..
Just my 2 cents. Rob
On Thu, May 12, 2011 at 11:43 AM, Sean Walberg sean@ertw.com wrote:
If anyone's looking to get started, I'd suggest http://www.tunnelbroker.net/. They'll route you a block over a tunnel. Very easy to get started. The alternative is a 6to4 tunnel which gives you an IPv6 block based on your IPv4 address. If you have a Linux box as the gateway you should run radvd to send out the router advertisements to the machines behind it. Sean
On Thu, May 12, 2011 at 11:37 AM, Gilbert E. Detillieux gedetil@cs.umanitoba.ca wrote:
As an example of how things can be more complicated than might seem at first, consider setting up an e-mail server with the usual raft of anti-spam measures...
http://www.itworldcanada.com/news/e-mail-and-ipv6-what-it-admins-need-to-kno...
Oh yeah, we tend to look up those client addresses a fair bit to determine the client's reputation... When will all that work well under IPv6?
In any case, I'm hoping to spend part of my summer at work reading up on IPv6, and starting a few LAN-based experiments. No word yet on when the UofM will have its router infrastructure IPv6-ready, though.
Maybe Adam and I can compare notes in the fall, and see if either of us is ready to present something on the topic.
Gilbert
On 2011-05-11 20:02, Adam Thompson wrote:
Unfortunately, no-one is willing to be the bad guy in that story... Not even a *country* can really pull it off. Think about how many non-IPv6-capable devices there are out there: virtually every single home router, printer, modem, camera, etc. Now as soon as a flag day is declared, the self-entitled of the world will rise up and say to their government, "who's going to pay for my new equipment?" Never mind that we've all known this day would come for over 10 years...
On the other hand, I might turn out to be the first who actually has to manage a dual-stack network... and be willing to talk about it, anyway. Assuming I'm not on powerful drugs as a result of doing so! Holy **** does it get complicated! -Adam
Trevor Cordestrevor@tecnopolis.ca wrote:
On 2011-05-11 Sean Cody wrote:
Anyone have an interest or are is implementing ipv6 anywhere?
An intro to ipv6 would be a great presentation topic so if you can share your experience, please do!
Seconded. But don't look at me.
Does anyone know when home ISP's like Shaw will start to offer IPv6 to home users? I don't think v6 will go anywhere until the ISP's with their massive IP pools start switching end users to it. Correct?
All of this 6-to-4 stuff seems stupid and overly complex. I would like to just see a day picked where 4 is shutoff and only 6 can be used. We'll all be !@$#%ing our pants for a few days/weeks but then it'll be done.
-- Gilbert E. Detillieux E-mail: gedetil@muug.mb.ca Manitoba UNIX User Group Web: http://www.muug.mb.ca/ PO Box 130 St-Boniface Phone: (204)474-8161 Winnipeg MB CANADA R2H 3B4 Fax: (204)474-7609 _______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
-- Sean Walberg sean@ertw.com http://ertw.com/
Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
Almost on cue... O'Reilly's ebook deal today is "DNS and Bind on IPv6."
On topic, one of the biggest problems with dual-stack co-existence is a "you can't get there from here" problem that causes intermittent (and sometimes permanent) DNS failures.
A fairly typical case: a domain (example.com) which is delegated to an IPv4-only nameserver (ns1.example.com). (Assume one nameserver for simplicity of explanation; always use at least two in the real world.) A subdomain (ad.example.com) which is delegated to a dual-stack nameserver (Windows Server 2008 R2, for example, and let's call it dc.ad.example.com). A IPv6-capable client (e.g. any Windows Vista or Windows 7 or Mac OS X or most Linuxes) attempting to resolve host.ad.example.com will recurse to ns1.example.com, which will provide the referral along with the IPv4 glue records for dc.ad.example.com (remember, ns1.example.com is NOT dual-stack). A fairly typical client resolver will then do some sanity checking, and obtain more details from dc.ad.example.com before sending the ultimate A query for host.ad.example.com. At this point, dc.ad.example.com reports *its own* IPv6 address to the IPv6-enabled client, even though they're still speaking IPv4.
Can anyone guess what happens next?
One of two scenarios, non-deterministically (AFAIK): 1. The resolver client suddenly decides to talk IPv6 to the authoritative nameserver "dc.ad.example.com", since it now knows its AAAA record, and IPv6 is obviously a better protocol, right?, fails to contact the nameserver over IPv6 and decides said nameserver is dead, and returns an ENOTFOUND or something similar to the requesting application. 2. The resolver client maintains its temporary cache of the nameserver's IPv4 address, and successfully obtains both A and AAAA records (again, this is typical for a gethostbyname() call) for the ultimate destination of host.ad.example.com. Then the application attempts to open a socket... which the OS happily attempts to do using IPv6.
This all works great as long as there is IPv6 connectivity between the client resolver, the authoritative nameserver, AND the destination host. If there isn't, then you've just blackholed your subdomain, just by turning on IPv6. Surprise!
I'm told this is a very common problem in the IPv6 early-adopter world, and there is no solution for it yet. One partial solution is to use static IPv6 addresses in the 4to6-transition style (where the IPv4 address is embedded in the last 4 bytes of the IPv6 address), apparently many client IP stacks treat those semi-magically. I don't understand the details of that yet, but IMHO that kind of invalidates the whole point of turning on IPv6 in the first place...
-Adam
-----Original Message----- From: roundtable-bounces@muug.mb.ca [mailto:roundtable- bounces@muug.mb.ca] On Behalf Of Sean Cody Sent: Thursday, May 12, 2011 16:38 To: Continuation of Round Table discussion Subject: Re: [RndTbl] IPv6
Almost on cue... O'Reilly's ebook deal today is "DNS and Bind on IPv6."
-- Sean (mobile)
On 2011-05-12, at 11:37 AM, "Gilbert E. Detillieux" gedetil@cs.umanitoba.ca wrote:
As an example of how things can be more complicated than might
seem at
first, consider setting up an e-mail server with the usual raft of anti-spam measures...
admins-need-
to-know/143080
Oh yeah, we tend to look up those client addresses a fair bit to determine the client's reputation... When will all that work well under IPv6?
In any case, I'm hoping to spend part of my summer at work reading up on IPv6, and starting a few LAN-based experiments. No word yet on when the UofM will have its router infrastructure IPv6-ready, though.
Maybe Adam and I can compare notes in the fall, and see if either of us is ready to present something on the topic.
Gilbert
On 2011-05-11 20:02, Adam Thompson wrote:
Unfortunately, no-one is willing to be the bad guy in that story... Not
even a *country* can really pull it off.
Think about how many non-IPv6-capable devices there are out there:
virtually every single home router, printer, modem, camera, etc.
Now as soon as a flag day is declared, the self-entitled of the world
will rise up and say to their government, "who's going to pay for my new equipment?" Never mind that we've all known this day would come for over 10 years...
On the other hand, I might turn out to be the first who actually has to
manage a dual-stack network... and be willing to talk about it, anyway. Assuming I'm not on powerful drugs as a result of doing so! Holy **** does it get complicated!
-Adam
Trevor Cordestrevor@tecnopolis.ca wrote:
On 2011-05-11 Sean Cody wrote:
Anyone have an interest or are is implementing ipv6 anywhere?
An intro to ipv6 would be a great presentation topic so if you can share your experience, please do!
Seconded. But don't look at me.
Does anyone know when home ISP's like Shaw will start to offer IPv6 to home users? I don't think v6 will go anywhere until the ISP's with their massive IP pools start switching end users to it. Correct?
All of this 6-to-4 stuff seems stupid and overly complex. I would like to just see a day picked where 4 is shutoff and only 6 can be
used.
We'll all be !@$#%ing our pants for a few days/weeks but then it'll be done.
-- Gilbert E. Detillieux E-mail: gedetil@muug.mb.ca Manitoba UNIX User Group Web: http://www.muug.mb.ca/ PO Box 130 St-Boniface Phone: (204)474-8161 Winnipeg MB CANADA R2H 3B4 Fax: (204)474-7609 _______________________________________________ Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
-
Adam Thompson -
Gilbert E. Detillieux -
Mike pfaiffer -
Robert Dyck -
Robert Keizer -
Sean Cody -
Sean Walberg