On the 8 June, it’ll be World IPv6 Day – a coordinated effort by major services on the internet, including Google and Facebook, to provide their services using the new version of the Internet Protocol. It’s part of the plans to cope with internet addresses ‘running out'. But just what is IPv6 - and what does it mean for most …
This is overly pessimistic
IPSEC does not require a key infrastructure to be useful. Opportunistic encryption doesn't prevent targetted attacks but it does prevent the kind of trawling carried out by Phorm or the NSA.
A /19 allocated for France Telecom's 14 million broadband customers means the current allocation policy can serve about 900 billion end users, each with enough address space to create more than 60,000 subnets. The addresses are not running out.
Firewall configuration should be simpler than NAT configuration because the same service running on several computers behind the firewall will be able to use the same port number.
We're running out of address space
And they assign a subnet the size of all IPv4 to every household
Will they never learn?
("The world will only ever need about 5 computers" - and they're at my house!)
Ladies and gentlemen...
...for the third decade in a row the final fix for everything to work together seemlessly once and for all is here.
No IPv6 here
I just had a look at my Virgin Media supplied cable router. It does not support IPv6. Looking at the logs there are 21 devices with DHCP served IPv4 addresses and a further 6 devices with static IPv4 addresses. At a guess I'd say about 75% of the devices are capable of IPv6 while the rest just aren't.
Before I start to look at IPv6 I will need a new router. Given the horror stories coming out about the new Virgin Media routers, I don't want to go down that route just yet. So there won't be any IPv6 here for quite some time.
Get VM to give you a modem
Seriously. Get VM to give you a cable modem not a router, (a DOCSIS 3 modem to be precise) and then go and get your own router. There are a few routers with ethernet interfaces on the internet side that do IPv6. Of course, Virgin don't do IPv6 themselves, which makes this something of a theoretical exercise.
re: Oh yeah?
There is one major difference between opening port X for a given IPv6 address and forwarding port X for a NATed IPv4 address. You can only do the latter once, which means you are shit out of luck if two computers/devices on your network want to use the same port to receive inbound connections.
Not much of a problem for most programs, as they can switch ports, but want to play the same game on the internet with 2 people on a LAN? One of the people on the LAN must host, otherwise the other person can't join. Is the game using a peer to peer approach? Well, you just got screwed over because now it'll never work.
IPv6 on a home router
I think MS have specified IPv6 support as required in order for the manufacturer to use some sticker or something on your home router, but last I checked it hadn't had much of an effect.
For what it's worth, the best (in terms of value and functionality) IPv6 (and general DSL) service I've found so far is to use FTTC (aka BT Infinity) with your own router running something like OpenBSD and PPPoE to the BT-supplied VDSL2 modem.
PPPoE I hear you say? "But what about the low MTU?" Never fear - the BT-supplied router supports mini jumbo frames allowing your PPPoE tunnel to operate with a 1500 byte MTU and terminate your public IP addresses on your router.
Oh, and it supports IPv6 too.
AAISP is probably the most progressive with regards to IPv6 support, but it works for me with Entanet via UKFSN.
The only missing piece in the puzzle for me is a cheap low power box to use as a router which supports jumbo frames and can push ~40Mbit/s of traffic without breaking a sweat. The guru plug looks like it might just do it, but I'd like 3 or 4 ethernet interfaces preferably with VLAN support.
I'm still using a Soekris net4801 which doesn't do jumbo frames and is a bit underpowered and expensive.
Also note there is a bug in BT's 20CN (not the correct term, really) network which affects IPv6 and which they will not fix:
Alix 2d3 single board computer running LEAF-Bering Linux. Works a treat for me, though I dunno whether you could push it to the bitrate you want.
Bad NICs :(
Unfortunately, it doesn't look like those NIC chips support jumbo frames. The Linux via-rhine driver certainly doesn't.
How many home routers are IP6 ready?
I mean it's only been what 15 *years* since this standard was issued.
FFS there should have been an IP6 mode in *every* home router by now.
In infrastructure the future does not just *happen*.
Ah, young grasshopper, there is much you must learn.
Slow is the way of the Internet, like jello on a fridge door. How old is CSS 2, and yet only recently has Microsoft managed to implement it? And that's just a single web browser! Or WPA - there are STILL devices out there being produced that only support WEP. Email has been completely unchanged for decades. FTP, HTTP, HTTPS... those have been around for ages, longer than even the Internet itself (most of it, anyway).
Made the interwebs goto 256. Which is 1 higher
...IN BASE 4. I'M FINE!
IPv6: There is no Plan B
Not for me.
It's just a trick to make one's MAC address public and traced, and your mobility tracked.
There is no requirement
to put your MAC in the address. It is just a convenient unique number for people who don't wish to make one up.
You can simply configure DHCP6 to use a ranged addy instead of sticking the MAC addy on the host portion. That's what I've done, as I don't like my MAC address to be shown to anyone.
Bamboozled and Brain-scrambled
OK - I confess to posting as Anonymous Coward because I kinda feel like I *should* understand IPv6 (having been a geek since my first Vic20) but I don't get it.
For example - We all know that 192.168 and 10.0.0.0 etc are private IP address ranges for in-house usage. But what are their IPv6 equivalents? If I setup DHCP to issue v4 and v6 addresses, what would I set it up as with any confidence that I'm not going to inadvertently use the IPv6 address for the MDs favourite website.
There's loads of RFC talk and talk of more addresses etc (which I'm all for) - but for the first time in my life I'm actually wanting to find a "for Dummies" book, or preferably a free website, that tells me in simple speak what I should be using and how.
Only when it's understood in the same way that IPv4 is will it truly gain momentum and see a speedier roll-out.
According to Mr. Google, RFC4193 is the Ipv6 answer to RFC1918 (the venerable 10.x.x.x and 192.168.x.x and the harder to remember 172.16.0.0/12)
The short answer is: pick an address that starts with 'fd' and make the rest whatever you want.
The RFC jabbers on about making the global ID random (or globally unique). If you're setting up a private test range at home, this is probably no big deal. Globally unique does become important if you ever have to connect two private ranges. An example would be setting up a VPN between two sites that each use 192.168.0.0/24 behind a NAT router. Rare, but it happens.
(Not an IPv6 expert here by any means, so insert disclaimers to back up data before trying this, do not operate heavy machinery, etc...)
You don't. kinda
You'll have the link local addresses, which never go outside.
However, every machine that needs to connect to the outside world /also/ has a globally routable IP
Part of the reason for IPv6 is to get rid of NAT, as it breaks the end to end model. You just need to have a firewall in place to block new connections.
But does it mean you have to get rid of NAT regardless of whether it's original purpose is removed?
If mom and pop's router gets an IPv6 address and then holds them on an IPv4 LAN will that work? It would certainly make things easier for the vast majority that don't give a toss. I'm sure NAT has saved quite a few from internet nastiness.
Re: Bamboozled and Brain-scrambled
> We all know that 192.168 and 10.0.0.0 etc are private IP address ranges for in-house usage. But what are their IPv6 equivalents?
There are no exact equivalents. You don't need them, because your ISP won't just give you one lousy address - you'll get a large block of addresses just for you, which you can use as you wish with no risk of collision with anyone else. And if you're paranoid about using global addresses in your living room, you can use something called a Unique Local Address which will never be routed outside your house. Next-gen ADSL or cable boxes really will have to handle these.
You're right about the dummies book... you can try
"IPv6 for Dummies, Part 1: It's Time!"
"IPv6 for Dummies, Part 2: Comparing IPv4 and IPv6"
Please - a how-to guide!
Hi mate, VIC20 was also my first computer and I'm also posting AC to protect my geek cred ; )
Can somebody please post a link to a real how-to guide (no videos) that explains how to do common tasks in the ip6 world. Not just how to connect to the internet but also tasks like:
configure and connect to simple office VPN
manage small home or office network, including wired and wireless connections, multiple routers
set up dns (or however its done) to connect to systems that we currently connect to by ip address eg source control, databases, custom hardware
diagnose network problems (must not require wireshark)
configure firewall to replace previous NAT router's protection against non-requested traffic
configure common VOIP configs
connect to IP4 and IP6 web sites
connect to IP4 and IP6 systems that do not play well with DNS or where DNS is not available (eg RDP, legacy software, etc)
supporting old systems eg win2k, old printers, old hardware
basic security config
set up mailservers, including SPF etc for good deliverability
ensure good performance and reliability
I can do all of the above and more with my eyes closed in an IP4 world, but have no idea how to do in IP6. I'm not going to read the RFCs and work it out from scratch and I'm not going to do any of this until I am confident in advance that it won't cause major instabilities, bugs and general time wasting.
The beer is for whoever can find me a useful information resource.
IPv6 is Evil
IPv6 is a conspiracy by a global cabal to dominate the world. It has been foretold for thousands of years. WE MUST RESIST. DO NOT "UPGRADE" TO IPV6. THERE ARE PLENTY OF IPV4 ADDRESSES.
I gave up on IPv6
Set it up on my XP box. Every fetch had a "freeze" of some 15-20 seconds, which became intolerable on sites that fetch content from multiple domains (multiply freeze time by number of domains...).
I know the answer. XP was looking for the AAAA and timing out, then looking for the AA. Why? Half-assed support in the router (Livebox) and pretty much zero support in the ISP (Orange France).
I don't see the point in wasting any more time with IPv6 until the ISP gets its act together, and given that the Livebox Mini (v1.2) manual says mass media devices and shared printers can be plugged into the USB port and this *still* doesn't work, I know I'll be an old wrinkly grey-haired cranky git before Orange get this one sorted!
There is, I should point out, a rather large bug (or bad wording) in the test page. I tried it on my Android phone via WiFi and it said "No IPv6 address detected" followed by "No problems are anticipated for you with this browser, at this location", followed by "You appear to be able to browse the IPv4 internet only..." No problems? Hmmm... [results using 3G comms were even worse]
I really don't care...
I like the principle of NAT and the easy way it provides most of the technical illiterate people with a somehow decent security.
I really don't want a globally routable IP for every device in my home. I don't see the benefit in it - despite making it easier to track and trace my every movement.
Smug expat here...
My ISP (the largest one where I live) has fully implemented IPv6, and supplies a suitable router (Fritzbox 7340) and comprehensive, easy-to-follow instructions. It took me about ten minutes to set up.
The headlong rush into services started by Mrs Thatcher (showing my age!) was based on the argument "you have to buy in stuff and pay people to make products, but service revenue is money for nothing. So, let's have a service economy."
Therefore in the UK (where I have never had a broadband connection, btw) it seems that people who run ISP businesses think that the "SP" bit stands for "Rent Collector".
These people jump at the chance to implement consumer-friendly things like Phorm, packet inspection, bandwidth throttling, port blocking, etc ad nauseam; on the other hand IPv6 represents forward investment, training requirements, new routers and so on. In other words "stuff you have to buy".
At the end of the day, in the UK it's all about the money. It's only about the money. And when it's only about the money, then everything turns to shit.
Sick of the lecturing
We need IPv6. I have no objection to IPv6. World plus dog keeps raving about how critical it is for us to move to IPv6. I understand completely. Honest.
But there's a problem...
I CAN'T USE IPv6 because nobody provides the hardware and services for me to do so.
So I'm sick to death of people lecturing me about it. Don't lecture users, lecture the ISPs and router manufacturers. Until THEY start supporting IPv6, lecturing users about it is utterly pointless.