* Posts by ZeroSum

85 posts • joined 4 Oct 2010

Page:

Microsoft pulls plug on IPv6-only Wi-Fi network over borked VPN fears

ZeroSum

T-Mobile US has IPv6-only access

Microsoft should support 464XLAT in Windows like they already to in the mobile version of it.

T-Mobile US has avoided major problems with VPNs. But then Android includes a 464XLAT and Apple iOS requires all Apps to work in an IPv6-only NAT64/DNS64 environment.

Sitting pretty in IPv4 land? Look, you're gonna have to talk to IPv6 at some stage

ZeroSum

> It'll come, Soon® (but unlikely to come this month)

Actions speak louder than words.

Basic bigot bait: Build big black broad bots – non-white, female 'droids get all the abuse

ZeroSum

"Bina48, Nadine, and Yangyang"

Put a number in the black girl robot's name, name the asian girl bot after a male actor, and give the white girl bot a relatively normal girl's name. Were they trying to skew their results even more against the non-white bots?

IPv6 growth is slowing and no one knows why. Let's see if El Reg can address what's going on

ZeroSum

>We have a branch which purportedly fixes everything IPv6 related on our systems, and I'm now in a >position to properly test it.

>So, Soon®

For the love of all that is holy an unholy make it soon.

ZeroSum

Re: The only reasons I can see are two

For an IPv4 only host to reach an arbitrary IPv6 address it needs to go through a proxy that does have IPv6 access. That should be easy to set-up as orgs likely already have proxy caches.

ZeroSum

Re: Revenue Streams...

No ISP charges for IPv6. Customers will not pay for as it.

ZeroSum

Re: ISPs are key

The CPE has got a lot better over the last couple of years. The improvements will find their way into the CPE of ISPs that don't care. It takes time but it is getting easier to turn it on in an ISP and have it just work.

ZeroSum

T-Mobile US adoption was driven by an individual

Cameron Byrne in T-Mobile US even wrote the RFC on 464XLAT.

The individual or group theory of IPv6 adoption is undoubtedly the correct one. Until IPv6 is sufficiently ubiquitous or solves a problem (CGN bypass and in future 5G low latency) you will always find an individual or group that pushed it through their organisation

China plots new Great Leap Forward: to IPv6

ZeroSum

EL Reg are hosted on Cloudflare now. They should just turn it on and get it over with.

ZeroSum

Re: China

China's IPv4 address problem is a lot less acute than India's. China has about 330 million IPv4 addresses compared to India's 30 million. China has been able to get away so far with not too much CGN except in mobile.

To keep growing without needing massive CGNs they need to deploy IPv6.

European Commission refers Ireland to court over failure to collect €13bn in tax from Apple

ZeroSum

Re: Race to the bottom

Tax reform needs to happen at the OECD level so that FDI isn't driven out of Europe.

I need an ISP that offers IPv6. Virgin Media: Whatevs, nerd

ZeroSum

Re: If in the UK, I recommend

> Surely that should be AAAA? We are still talking about ipv6, no?

No, he means A&A. They are an ISP in the UK for nerds that have supported IPv6 for years.

ZeroSum

Re: Am I the only one...

> And can you change the /64 prefix like most ISPs allow you to do with the single IPV4 address?

> It's a bloody hard question to get a straight answer to.

The /64 for the LAN comes from the DHCPv6 delegated prefix assigned by the ISP. Most ISPs assign the delegated prefix dynamically from a pool instead of assigning it statically. Unless the ISP has configured dynamic leases to be sticky the DHCP server will forget the lease when the lease period expires or immediately if the DHCPv6 client sends a RELEASE.

ZeroSum

> Never mind IPv6, let VM sort out stable connections, a working mail system and over subscription, before they try the technical stuff !

If they focused more on techical stuff then they wouldn't have so many technical problems.

ZeroSum

Re: My tweet was mentioned...

> FWIW... HE doesn't need a static IPv4 address, works fine with dynamic, including a REST API to update your endpoint address.

Good thing too. If tunnel services required a static IPv4 to set-up an IPv6 tunnel it would be partially counter productive to the goal of increasing IPv6 deployment. Many ISPs get revenue for charging for static IPv4 addresses so they have an incentive to thwart the deployment of IPv6 as it will eventually remove the need for IPv4. Since IPv6 is in plentiful supply it will be harder for ISPs to justify charging for static IPv6.

ZeroSum

Re: Am I the only one...

> One publicly visible IP per device seems to me to be leaking private information. Anyone care to tell me why I'm wrong?

The devices now assign themselves temporary randomly generated addresses from the /64 prefix announced by the router which remains the same. That /64 prefix is analogous to the single public IPv4 address most ISPs assign which the CPE uses to NAT.

ZeroSum

> Curious, if they adopt ipv6 will that be nat or would all the devices on my network get unique ipv6 addresses and bypass the firewall?

All devices on your network can assign themselves an IPv6 address from the /64 prefix announced by the router. The ISP router is likely to have an IPv6 stateful firewall that is on by default.

ZeroSum

It is the engineers that keep announcing it but they must be being continually delayed by lack of support from the rest of the business.

DNS infrastructure sprinting to IPv6 while users lag

ZeroSum

Re: So what

IMO the main reason everyone should support IPv6 deployment in public services is so that the world can have a functioning Internet that does not require one or more layers of NAT between communicating hosts.

ZeroSum

Re: Is El Reg on IPv6 yet?

Are El Reg trying to be the last technology website to support IPv6?

Google: There are three certainties in life – death, taxes and IPv6

ZeroSum

Re: @ZeroSum

You don't have to use the IPv6 address with the MAC address for your web server. You can configure a static IPv6 address like you would a static IPv4 address. Windows 10 and macos Sierra don't embed the MAC address by default.

ZeroSum

Four years ago the number of smartphones in the US was essentially zero. Now over 50% of them have IPv6. In another 4 years almost all of them will have IPv6. The public surface of the Internet is adopting IPv6 and it is going quite well.

Too much progress has been made deploying IPv6 to start again from scratch. A huge amount of work got us to this point. It is also impossible to be fully backwards compatible with IPv4 because 128 bits into 32 bits will not go. An IPv4 end-point will never be able to connect to an arbitrary IPv6 end-point without an external lookup.

ZeroSum

Re: @ZeroSum

> My understanding is that part of your IPv6 address is fixed from your MAC, so if I travel around with my laptop, Google could tell it is the same device connecting via IPv6 from anywhere in the world? Is that not the case?

That is not the case. Privacy addresses are used now to avoid the above situation.

https://tools.ietf.org/html/rfc4941

https://tools.ietf.org/html/rfc7217

A useful way of thinking about IPv6 addressing is that the /64 prefix used by autoconfiguration (SLAAC) is the basic unit of addressing rather than an individual IPv6 128 bit address. Every 3GPP smartphone connected using IPv6 gets a /64. This allows it to tether devices behind it. It also allows any IPv6 address in /64 be used so it can't be found by IP address range scanning because 64 bits is so vast.

https://tools.ietf.org/html/rfc7934

https://tools.ietf.org/wg/v6ops/draft-ietf-v6ops-unique-ipv6-prefix-per-host/

ZeroSum

Re: IPv6 is great...

> ...we'll know EXACTLY where you are and what devices you are using, without annoying things like DHCP and NAT getting in the way.

This is false.

With 3GPP mobile they'll know what PGW you came in on instead of what CGNAT you used. The PGWs can be serving users from a very wide area, even an entire country. The /64 prefixes are dynamic.

With fixed broadband they'll only be able to identify you down to the residential gateway's WAN link. If the IPv6 prefix is coming from a dynamic pool on the BNG or CMTS it can change.

IPv6 host devices don't embed their MAC addresses in their SLAAC addresses.

Based on IPv6 address information for them to know exactly where you are you would have to configure a static IPv6 address.

IPv6 tipping point

ZeroSum

Re: Still no ipv6

Sky Broadband are over 80% dual-stack IPv4+IPv6.

ZeroSum

LTE is not synonymous with IPv6

Most LTE networks (outside the big four in the US) still use IPv4 unfortunately.

LTE introduced the always up IP PDN connection.

Most VoLTE services are however implemented using IPv6 PDN connections to the IMS APN.

IPv6 now faster than IPv4 when visiting 20% of top websites – and just as fast for the rest

ZeroSum

Re: We didn't run out of ipv4

> Except, would you really configure your firewall/gateway to allow all inbound traffic to all devices on your home network??

It should support the IPsec and Internet Key Exchange (IKE) recommendations of RFC 6092.

ZeroSum

Re: I'm sure many of the punters here

> Have never had to set-up IPV6 infrastructure from scratch, or have to administer any large IPv6 network.

I have hundreds of routers with IPv6 and it was easy.

ZeroSum

Re: About 6to4

>An upgrade of my router should be a must

ISPs are not making any money off the transition to IPv6.

That is why they have been so slow to adopt it.

When you get new equipment from your ISP it will be because you changed provider, bought a new service, or the modem broke. IPv6 is a technical nice to have as far as the business case for deployment goes.

ZeroSum

Re: Not entirely on topic, but...

> They can't even tell me if the IPv6 prefix will be static on a business-type connection. I'm waiting for them to find out. (The IPv4 address would definitely be static).

Of course they could do static IPv6 delegated prefixes, they just don't want to do it yet.

It will be easier to implement static IPv6 than static IPv4 because they'll have mountains for virgin IPv6 address space to assign from.

ZeroSum

Re: Actually, thank the big telcos

Agreed that the big US ISPs have helped drive an improvement in CPE but that much of the CPE is still very poor.

> Auto-config puts your MAC address in the IP address, then another auto-config tool warns you that your MAC address is visible.

It is the host not the router that forms the host bits of the IPv6 address with SLAAC. Modern OSs no longer by default use EUI-64 addresses for communication beyond the router. They use privacy addresses.

ZeroSum

Re: About 6to4

> Even if someday you are forced by your ISP to use an IPv6 address on your router it doesn't mean you have to go and enable IPv6 on everything you own.

As IPv6 becomes more established any problems that make people want to turn if off will be ironed out.

As Metcalfe's law kicks in for IPv6 there will be an increasing incentive to use it.

ZeroSum

Re: We didn't run out of ipv4

> Your toaster is going to talk back to LG corporate headquarters and you are going to pay for the inet access

Your toaster would be able to make an outward call home through an IPv4 NAPT in the residential home gateway, so the corporate overlords will know about it either way.

IPv6 eliminates the need for the NAPT and allows for transparent end-to-end connectivity. That will allow applications that don't require centralised control.

ZeroSum

Re: We didn't run out of ipv4

> Note that several years ago, France Telecom got assigned a /19 block of IPv6 addresses. That is 1/65,536 of the *total* unicast IPv6 address space (the first three bits are fixed at 001).

That is only the currently delegated by IANA 2000::/3 prefix.

There's nothing to stop 4000::/3, 6000::/3 being delegated in future.

I will admit that France Telecom should not have been assigned a prefix as large as a /19. That is ridiculously big.

ZeroSum

Re: And what about BT and Virgin?

> The Virgin one, especially, pisses me off.

Badger them to do it dual-stack instead of using DS-Lite. If necessary they should buy more IPv4 from poor countries. Most of Liberty Global have deployed IPv6 using DS-Lite and it is terrible for power users that are still dependent on having a public IPv4 address on their WAN link so they can port forward.

ZeroSum

Re: And what about BT and Virgin?

> Meanwhile Plusnet ran a couple of trials back around 2009 and seem to have given up. Oh well.

Whoever did that at Plusnet is probably long gone.

There's a long tail of small ISPs. Some technically competent like AAISP and majority that are controlled by the bean counters.

ZeroSum

Re: About 6to4

> Yes, I have a public IPv4 address

Your ISP is going to run out of public IPv4 addresses. They'll have to use so-called Carrier Grade NAT.

The best ways of doing that use IPv6 as the underlying transport. Eventually you'll get IPv6.

ZeroSum

Re: We didn't run out of ipv4

> Your toaster is going to talk back to LG corporate headquarters

For there to be more than 3.5 billion internet connections in the world that don't sit behind a NAT the larger address space of IPv6 is needed.

The important scaling with IPv6 is not the number of devices sitting on a customer home LAN. It is the number of possible customer LANs that don't have the restrictions of NAT.

ZeroSum

Re: About 6to4

Chinese and Taiwanese equipment vendors are supporting IPv6 network equipment and CPE that they are selling. e.g. Huawei and ZyXEL.

Pure 6to4 needs a public IPv4 address so the host doing it can't be behind a NAPT.

ZeroSum

Re: We didn't run out of ipv4

Since SLAAC uses /64 and modern hosts randomly pick an address to use a pure IPv6 address scan of the /64 becomes too costly to be practical. They have to get you to visit a honey pot site to discover what your address is.

ZeroSum

Re: Why is IPv6 faster?

IPv6 isn't faster, unless it has a lower RTT path than IPv4. As ISPs make their IPv4 & IPv6 peerings congruent and dual-stack CDNs the relative performance of IPv6 will continue to improve. Eventually ISPs and CDNs will put less effort into maintaining the IPv4 peerings and distribution of IPv4 enabled CDNs. Then the performance benefit that IPv4 enjoyed up until a few years ago will change in IPv6's favour. It is already happening from some operators to sites like Facebook.

ZeroSum

Re: We didn't run out of ipv4

Time to stop beating that drum.

We're going to need a lot more than 3.5 billion independent Internet connections. Every IPv4 connection that isn't behind a NAPT needs a public IPv4 address. The only way the IPv4 Internet scales is ever more NAT and middleware.

IPv6 is being allocated in a sensible way. There are 18 billion billion /64s and only a small amount of that is being allocated from.

http://www.iana.org/assignments/ipv6-unicast-address-assignments/ipv6-unicast-address-assignments.xhtml

ZeroSum

And what about BT and Virgin?

What's the story with BT's deployment? Troubles with the IPv6 support in their home hubs perhaps. They were supposed to be at 50% deployment by now with it completed by the end of the year. LOL. That was never believable given their past performance. In fairness it should not be difficult for them to fix if they just put a little resource into it.

Meanwhile Sky Broadband are at 70% deployment.

Juniper: Yes, IPv6 ping-of-death hits Junos OS, too

ZeroSum

Re: IPv6

Most companies aren't connected to IPv6 at all and those that do just connect their public facing servers.

What you claim can't be true anyway as if IPv6 connectivity was configured all the way to the end hosts then they would be using it as by default it is preferred over IPv4.

iOS apps must do IPv6

ZeroSum

Apple still need to support RFC 6877 like Android does

Apple have implemented bump-in-the-wire support in iOS for working with IPv6-only networks that provide DNS64/NAT64 access to the IPv4 Internet in addition to the direct IPv6 Internet access. The use of central provider NAT44 is ubiquitous in mobile networks. Handsets in IPv6-only networks just use IPv6 instead of IPv4 to get to the NAT.

Apple have not given a solution to providing the IPv4 part of dual-stack access for devices tethered off an IPv6-only 3GPP connected iOS device. Android (and Windows Phone) can do this using a 464XLAT clat in the handset. The only available solution with iOS is for the handset to bring up a separate tethering APN using a separate 3GPP bearer with IPv4. But this defeats many of the advantages of moving to IPv6 in the packet core. If the operator also doesn't support dual-stack bearers (which is normal in the case of operators using IPv6-only 464XLAT) then IPv6 cannot be given on the tethering LAN (as RFC 7278 requires IPv6) via the separate tethering APN.

If iOS supported RFC 6877 and RFC 7278 in the cases of: 1) shared handset & tethering APN and 2) separate handset APN and tethering APN then they would be removing a major hurdle to simplifying IPv6 deployment in Mobile Packet Cores.

Suck it, Elon – Jeff Bezos' New Shepard space rocket blasts off, lands in one piece

ZeroSum

Sub-Orbital

The real prize remains to be won.

Cisco: The day of PCs is passing, cloud storage will dominate by 2019

ZeroSum

IPv6 end-user deployment in the US will be far ahead of 32% by 2019.

To get 32% users with IPv6 worldwide they've conservatively assumed quadratic growth continues instead of a more typical S-curve technology adoption. Using the same quadratic assumption for the US projects IPv6 end-user adoption there will be about 85% by the start of 2019. That is probably an underestimate for US mobile operators as VZW is already over 70% and T-Mobile US is over 50%.

IPv6 is great, says Facebook. For us. And for you a bit, too

ZeroSum

UK isn't a complete IPv6 laggard any longer

Sky Broadband soft launched dual-stack IPv4+IPv6 in August and as a consequence Google is seeing 10 times as much IPv6 traffic from the UK. Last weekend it was 2.1%.

ZeroSum

It's easy to track users already. They don't need IPv6 to do it.

Apple snuggles closer to IPv6

ZeroSum

About time

Apple have done nothing with IPv6 for the last 4 years. In that time user adoption has got up to over 21% in the US. So it is very welcome that someone in there is finally working on IPv6 again. The recent changes they announced to better support IPv6-only PDP/PDN connections in iOS are also welcome. They still have a critical gap in their IPv6-only support in iOS. They don't yet support IPv4 hotspot when the PDP/PDN connection is IPv6-only.

On the one hand they're saying IPv6-only is critical but on the other they aren't supporting it to a level that can be deployed. Android, Windows Phone and Jolla solve the IPv4 tethering problem using 464xlat.

Page:

Biting the hand that feeds IT © 1998–2019