On the 8 June, it’ll be World IPv6 Day – a coordinated effort by major services on the internet, including Google and Facebook, to provide their services using the new version of the Internet Protocol. It’s part of the plans to cope with internet addresses ‘running out'. But just what is IPv6 - and what does it mean for most …
Your computer might...
...but your router and ISP almost certainly doesn't.
Lack of broadband modems
I have been looking to do this for some time. Internally my machines run IPv6, my machines out in the Internet also do, my ISP will (it was a major part of the reason for me changing ISP), but I can't find a sensibly priced ADSL modem that will do it. The best suggestion that I have received is to put OpenWRT on a Buffalo router ... some maybe time when I have a day or so to spare.
Until the hardware manufacturers step up to the plate - this won't happen. This ought not be an option, it should be a standard part of every new modem. However that would probably add 30p to the price, so it won't happen until customers scream for it, which won't happen until there is lots of content only reachable by IPv6, which won't happen until there are lots of potential customers who are able to access it over IPv6, which won't happen until ....
ABORT [[ Infinite recursion detected ]]
my cable modem uses IPV6, I was shocked when I found this out as I hadnt expected it. Good show!
but your router and ISP almost certainly doesn't
indeed, i was so looking forward to virgin media starting their 50Mbit services back in the day, as all the docsis 3 cable models and related kit have to pass both generic ipv6 and multicast capability's to get certified....
imagine my disappointment when it became clear after asking them they would NOT activate these options on their network "because they could" and didn't see the need as they could save some cash that quarter by not retraining staff, and buying lesser end of life kit in parts of the internal network that would never use these options.
as it stands now i am still forced to use a 3rd party ipv6 with end to end multicast included as standard and for free from a ipv4to ipv6 vendor http://go6.net/4105/download.asp to save bandwidth with multicast streaming.
not the ideal way but currently the only viable way to use web side multicast streaming and bypass the antiquated restrictive practices of virgin media and the other main ISP's in the UK today.
Re: Lack of broadband modems
The Fritz!Box ones do it.
Router? Mine works fine
Granted this is not the simple Plug and Pray IPv6 solution that will be required to get the huddled masses up to speed but it is not difficult for the tech savvy to get online with IPv6 and you *can* do it using your common-or-garden variety consumer "router" (or more accurately "NAT gateway") despite what you are told by many people who don't know what they are talking about.
All you need is a Linux box running as your router and to put your "router" into bridged mode (aka "modem mode" or "modem only mode"). Most of them support this mode. I use an elcheapo Netgear DG834 that I purchased about 8 years ago and it works fine.
Since the last IPv6 article on el'reg I have been experimenting to try and get my mad skillz up to speed. I blogged about how to do it here;
I still have to write the last couple of articles about autoconfiguration and getting servers such as squid, apache, bind etc on to IPv6. (I've got it all working but haven't posted the howto's yet, stay tuned!)
Try it, it's not as hard as you might think. The hardest part is getting your head wrapped around subnetting. I still don't understand it very much but I reckon the best way to figure stuff out is to muddle your way to getting it working, use it as much as possible and eventually it will foment into some sort of understanding over time.
I'm 2 for 3, how's that?
My computer supports it just fine, of course (well, all my computers). I haven't switched to IPv6 on my internal network out of laziness, but it'll happen sooner or later. My router supports IPv6 just fine, too - a WRT54GL, with Tomato firmware. Very nice, if a bit old.
At this point, I'm just waiting for my ISP to throw the switch. Any news on when AT&T DSL customers will see a changeover?
Solution: IPv6 "set-top box"
Not difficult to manufacture a device that uses 6-in-4 tunnels to provide IPv6 connectivity to a network via a router (and ISP) that's IPv4-only.
This is how I get my IPv6 service, 6-in-4 tunnel to AARNet.
Solution: IPv6 "set-top box"
Not difficult to manufacture a device that uses 6-in-4 tunnels to provide IPv6 connectivity to a network via a router (and ISP) that's IPv4-only.
This is how I get my IPv6 service, 6-to-4 tunnel to AARNet.
Yours might not
...but mine do.
Draytek Vigor 2130n router (nice router, actually) and AAISP. You need to be on FTTC to get the Draytek to work, or you need a separate DSL modem.
There's no place like ::1
I'm amazed that the Sony Playstation Network is not a participant
It's very lovely and I have tried to understand it, no I really have but face it, apart from the very sad and very serious IT geeks no other bugger gives a monkeys! Most people will only bother to implement when they really have to and have absolutely no choice at all.
I'm not trying to piss on anyone's parade, just facing up to the lazy reality of human nature!
..."head in sand" is always best approach!
...in Soviet Russia.
Incorrect, my good sir. I'm a very sad and very serious IT geek, and still IPv6 is a 'meh'. The *only* people who care about this are IPv6 geeks, who will already have their home network on IPv6 via a he.net tunnel (and love to tell you about it).
You're unfortunately correct. BT can't be arsed to provide IPv6 for their leased line customers, meanwhile I've signed up to AAISP (already knew about them before this article) and get native IPv6 on my home ADSL connection.
Office - Cisco 3825 (c. £3000) - £1079 pcm - no IPv6
Home - Linksys WRT54g (6 years old, £10 ebay value) - £20 pcm - native IPv6
Something tells me BT have to pull the finger out, but guaranteed they won't bother until the last moment where they'll provide a shit service until they iron out the bugs, and charge their customers a premium to recoup they costs due to their short-term savings.
I've had to flash the WRT54g with OpenWRT, but it performs perfectly as a dual stack router. Unfortunately there don't appear to be any dual stack ADSL Wireless routers available anywhere, so it will be just us geeks for the next while.
I do take slight offence to the "very sad" part though, what's wrong with building up a decent working knowledge of technology that I *will* have to support in the future?
decent IPv6-capable CPE
> Unfortunately there don't appear to be any dual stack ADSL Wireless routers available anywhere
you need to look a bit harder. the cisco 800 series will do this. though they're not cheap: 8-10 times the price of the crippleware dsl box you can get in asda. quite a few other vendors have betas of ipv6-capable firmware (of varying levels of usability). you can find a matrix of what's on offer here:
Re: decent IPv6-capable CPE
I've perused those matrices fairly well, It's fairly easy to find an IPv6 router, it's just difficult to find one that has a built in ADSL2+ modem too. The ones that did appear to tick all boxes were either out of my price range for a simple trial project, or appeared to be fairly buggy in reviews.
There's also the "IPv6 Ready Logo Program Approved List"
IPv6 made easy
ADSL vendors are often really bad with IPv6. I do not expect much native IPv6 support from any of them, so I have configured the ADSL modems to be a bridge. Another plain ethernet/wlan router is then used to do the L3 layers and abobe.
For the layer3 thingies, OpenWRT is an easy and free candidate to use for whole range for different hardware, and a real router/firewalls (I use Mikrotik units) are available for around 50 GBP (5 * 100 Mbps ethernet, IPv4/Ipv6, Ospfv3, etc). Gigabit version for about 90 GBP.
Some caveats still exists, I have seen quite many modem vendors who have their units as "bridge", but only bridge IPv4 traffic. Apparently people in their codeland have really hard time of understanding the difference between L2 and L3. One of the baddies are the latest Zyxel P660HN-series ADSL-modems no IPv6 passed in bridge mode. Telewell units work like a charm, i.e. like a real ADSL-bridge.
Indeed. My home networks are small and IPv4 works just fine, so I won't change to IPv6 until it comes as default with everything. Likewise my internet uplink depends on whatever my ISP uses so I don't worry about that either. My firewall doesn't care. It does NAT, too. I don't know what all the fuss about that is, either.
Had problems recently
setting up a new Win7 64bit PC. Internet run like a fat lazy dog with the computer dropping the connect every few minutes.
A solution was found on the microsoft website. Disable IPv6. They even provided a handy script which would do the work for me.
The internet has improved now but still a long way from being fixed. IPv6 the cause I don't know?
W7 IPv6 strangeness
I now have dual-stack working at home, courtesy of UKFSN and Entanet. All the Linux stuff just works, including my HTC phone, but my wife's W7 laptop didn't initially. A quick look with Wireshark on the network and ipconfig on the box told me that the box was using it's autoconfigured Teredo address, but for a native IPv6 connection rather than down the Teredo tunnel. Dunno if this is a bug, but the solution was to disable the Teredo interface. It all works fine & dandy now with its address autoconfigured in the usual non-standard M$ way. I could get it to use EUI-64 rather than the pseudo-random one, but I can't be arsed as it has caused no problems so far.
Its all working much better now!
So the last part of the IP is the MAC address and every device gets shown to the Internet.
Good news for the MPAA I guess.
The last part *can be* the MAC, but it doesn't *have* to be the MAC. It can be anything you want, even randomly altered over time as described in rfc4941.
And I don't even "get" ipv6. Never understood why they couldn't make the existing IP address a subnet of a new, much larger address space.
There are ways round that
Privacy addressing is one solution to that; essentially, when you have so many addresses, it's possible to use a different one every day, or to have each application on a system use a different address.
Obviously, the prefix will still enable things to be narrowed down to a particular network, but that's really no different from how things work now.
No necessarily. RFC4941 allows for privacy extensions which will randomize your address. Unfortunately it appears to be a little buggy on Win7.
.... if you are damn fool enough not to run a firewall blocking all incoming unsolicited connections.
Just means people need to properly configure their firewall rather than lazily relying on NAT to obfuscate what's behind the router.
My Alter Ego
"Unfortunately it appears to be a little buggy on Win7."
Another ticks the box but does not actually *do* the job MS product then.
> Never understood why they couldn't make the existing IP address a subnet of a new, much larger address space.
Short version: Because that would mean blowing out the IPv6 routing table with all the historical junk in the IPv4 routing table. this way we can hopefully end up with a lean, mean routing table for IPv6. (The long version of the answer is *really* long.)
Also, in fact, it wouldn't have simplified the transition that much. IPv4-only systems still wouldn't be able to understand IPv6 packets, so the problem of interworking between the two would still arise. Rather like 405-line and 625-line TV, in fact.
Thanks for the clarification chaps :)
Still good news for MPAA and the black helicopters as if MAC address for the last bit is the "out of the box" solution that's "98%"* of sources identified better than before
*Statistic subject to being a number plucked out of thin air
Privacy extensions are enabled by default in Windows 7.
I know people moan about this, but I'd prefer that as the default.
The next Y2K?
Not quit. But I see the need for a lot of software to be fully capable of allowing cut and pasting IPv6 addresses. I for one will be pissed if I have to type an IPv6 just once. I'm so grateful that my phone reads QR code.
we don't need no cut and paste
>> But I see the need for a lot of software to be fully capable of allowing cut and pasting IPv6 addresses.
so never heard of the dns then, eh?
Thing I need...
When ip6 finally becomes standard, I want my keyboard to have a hexadecimal keypad. Otherwise, typing addresses is really going to suck, shorthand or no. :-(
If only someone could invent a handy way of mapping IP addresses to easily memorable names... then you'd almost never need to type a big long IPv4 address ever again.
not that simple!
Way to over-simplify. DNS does *not* work for me in a wide range of situations including VPN to office, RDP and SSH to servers, SQL client connection config, mapping network drives on small office network without internal DNS - that's just the times I've typed IP addresses today.
Will somebody please write or point me to a practical guide for small business IT to transition to ipV6 that tells me more than how to make a basic connection to the internet and actually gives me useful how-tos on dealing with common cases like those mentioned above? Please!
That's a common problem
>> DNS does *not* work for me in a wide range of situations including VPN to office, RDP and SSH to servers, SQL client connection config, mapping network drives on small office network without internal DNS
That is not a fault of IPv4 (and it won't be the fault of IPv6 either). It's the fault of people who just don't give a s**t about setting anything up properly. As someone who likes thing to work properly (and yes, this means DNS is both there and working properly), I find it depressing the number of networks I have to work on where basic things like this are broken.
In a lot of ways, with IPv6 it should be a lot simpler setting up DNS. Part of your problem is that when using (say) a VPN, because of NAT* the address space is fragmented and it's hard to have DNS working right. Even so, it's not *that* hard to make it work with IPv4 if you actually care about it working.
With IPv6, each machine will have a globally unique address and so it should be easy to have DNS that includes everything. Even if the machine is only reachable via a VPN, it can still be in the DNS you are using when at the other end of that VPN. Thus if the VPN is down you can't reach the machine (as now), but when it's up, you can resolve it by name, and your VPN will happily route the traffic for you.
Plus bonus, the length of IPv6 addresses will give some incentive to make DNS work !
While I think of it...
...is there any point in changing over to IPv6 on my home LAN, for the devices which support it (and once the BT Home Hub 3 has its IPv6 support activated), before BT Broadband starts moving to it?
The device SHOULD do the translation on its own using NAT. Same as how ISPs will do the translation at their end.
Can't think of one
Most people will be using dual stack for a long time - IPv4 websites aren't going to go away for a long time. So if you have IPv4 installed for that, you may as well use it on your home network, either exclusively, or alongside IPv6.
It's perhaps worth playing with, if you want to gain more understanding, and practise typing those addresses, and we'll look in more detail at how you can go about doing that fairly soon.
But for casual use, not a massive case to be made for it right now, I'd say.
Worth remembering that you may have to address security in a different way, depending on how you do things. For example, my main network is firewalled via the router, but IPv6 connectivity is (currently) provided via a tunnel, so the router doesn't intercept anything coming in that way, as all the work's done by my OpenBSD box. That means that as well as fiddling around with IPv6 itself, I had to get my head around configuring the packet filter on OpenBSD to protect machines on the LAN via IPv6.
That won't be a problem when consumer routers appear, with built in IPv6 firewalls, but for now it's an extra consideration for anyone who wants to tinker.
since you probably use a router and NAT then when your ISP goes IPV6 you'll need a router that is IPV6. I guess most routers at that time will ipv6->4 translate (and NAT as appropriate).
Home LAN: what's IPv6-ready?
So, from what I can gather, Windows 7 (and possibly earlier) is IPv6-ready, as is Mac OS X, Linux and derivatives (e.g. the DiskStation Manager OS on Synology's NAS boxes). Apparently, the BT Home Hub 3 (our home router) can also handle IPv6, though the feature is not turned on yet.
Obviously, that leaves the increasing number of home entertainment devices which are network-aware (e.g. Blu-ray players), network printers and so on. (Oh yes: anyone know whether iOS, Android and Symbian^3 are IPv6-ready? Should look that up...)
Even with pretty much all desktop/laptop OSes in recent years having IPv6 baked in, I think we'll need routers with "legacy" IPv4 support/translation for some time to come.
iOS does IPv6 on the WiFi stack, but not on the WWAN stack.
Android is Linux at that level, so yes it does IPv6.
LTE has IPv6 baked in so deeply that all LTE mobiles are going to need IPv6 support.
Where's my IPV6 DSL Line then?
Why don't the UK's ISP get off their fat behinds and get their kit upgraded to use IPV6.
AFAIK, only AAISP is the only DSL ISP who has implemented it so far.
As mentioned ...
... one of the big obstacles to this is the availability of cheap customer equipment (CPE) that supports it. You can buy some expensive routers that will run IPv6, but according to the ISPs I've spoken with, there's not a massive amount of kit that's ready - though some seems to be almost there, give or take the occasional firmware update.
Hopefully as new models roll out over the next few months, there'll be more CPE that's capable, and then things will start to move, especially as some of those ISPs finally use up their remaining allocations of addresses.
BT's 21CN is IPv6 capable, and it can be made to work over the older parts of their infrastructure too, I gather.
21CN IPv6 capable?
Only if they fixed that bug they spent so long denying! (http://www.theregister.co.uk/2008/10/10/21cn_ipv6/)
IDNet have also implemented /48s for all their customers.
"It includes many extra features, including processing speed-ups, and enhancements to security and to quality of service"
There's no difference in security. So what if IPSEC is "mandatory" in V6 implementations? It's no different to IPSEC on V4, and you still need to build a key infrastructure to deploy it. And given that the IPv6 headers are 20 bytes longer, but your MTU remains at 1500, you'll actually get *slower* data transfers. Perhaps only by a few percent in the best case, but it will definitely be slower, not faster.
"64 bits long – which is likely to be the typical allocation from an ISP. In other words, you’ll receive more addresses for your home network that then whole of the IPv4 internet."
Except that you can't subnet it, apart from on point-to-point links. And even if you could, you'd have to configure your computers manually, because DHCP6 doesn't let you give out the prefix length (or "subnet mask" in old money)
"they won’t run out"
But you can't subnet, which means each end user has to be given typically a /48. France Telecom already has a /19, and the first 3 bits are fixed. So FT has taken 1/65536 of the total available space before we even start.
"That will make it hard to use some games, as well as services like Skype or remote NAS access, and leave customers relying on the public address they receive via IPv6 for such applications"
Except that anyone who sits behind any kind of firewall (e.g. in a workplace or a school) won't be able to receive inbound connections anyway. Getting your firewall admin to allow inbound connections to address X:X:X:X:X:X:X:X on port Y isn't really much different to enabling port forwarding on port Y.
If you stick your computer on the Internet (V4 or V6) without a firewall, you're asking for your network to be broken into. Your V6 addresses will be harvested, like E-mail addresses are harvested by spammers today. You can have dynamic "privacy" V6 addresses, but they're no good for P2P applications either (except with dynamic DNS, and your dynamic DNS hostnames will be harvested too).
"If you stick your computer on the Internet (V4 or V6) without a firewall, you're asking for your network to be broken into"
This is exactly what Virgin Media are doing to get around performance problems with the new SuperHub, Except, they say there will be no security issues.
- 'Kim Kardashian snaps naked selfies with a BLACKBERRY'. *Twitterati gasps*
- Review Apple iPhone 6: Looking good, slim. How about... oh, your battery died
- Crawling from the Wreckage THE DEATH OF ECONOMICS: Aircraft design vs flat-lining financial models
- +Comment EMC, HP blockbuster 'merger' shocker comes a cropper
- Moon landing was real and WE CAN PROVE IT, says Nvidia