Transparent IPv6 with Linux? 79
David A. Madore asks: "Every once in a while, I decide to try out IPv6 (on my local PC network that isn't connected to the Internet). And every time I'm disappointed. Now that the kernel supports it, and libc (glibc 2.2.1) supports it, and that I've recompiled the net-tools with inet6 support (why doesn't RedHat do that by default, I'd like to know), I would expect to be able to type
'telnet ::1' and get a connection to localhost, prompto! Instead, I get '::1: Unknown host.' Isn't the whole point of' IPv6 support of the libc to make program support completely transparent? And isn't the whole point of dynamically linked libraries so that we get it without even having to recompile anything? Or am I being incomparably naïve here? Will we have to rewrite and recompile any network-aware program so as to get IPv6 support? By the way: How will X11 DISPLAY strings work with IPv6 ':0' is kindda confusing in relation with IPv6 addresses)? Can anyone clarify the matter?"
IPv6 (Score:2)
Overall Its really bloody annoying but if it expects it to look like IPv4 then yea it will have to be rewritten hopefully it will not become the case too often. I actually like IPv6 and have been having a lot of fun with it especially with automating it (automated tunnel setups and such) have a slight issue with the NetBSD stack (its wierd Really wierd) =) Anyways thats it for now
I'm not sure... (Score:2)
telnet 127.0.0.1
telnetd takes this IP and asks the appropriate library to connect to this address. The library function would then recognize that an IPv4 address was given and convert it to the corresponding IPv6 address and connect to this address?
IPv6-awareness (Score:5)
There -is- a way to get round that - an IPv4/IPv6 gateway - but that adds a lot of overhead and is not the way to fix broken apps.
There has been a LOT of discussion on URLs and X DISPLAY strings, as they would allow multiple interpretations of the IPv6 address. One possibility is to require fully-expanded addresses in those instances, another is to bracket the address somehow, so that it can be seperated. AFAIK, there's no real, universal consensus on this, at least not the last time I looked. There may be more of one, by now.
For Telnet, FTP, etc, go to ftp.inner.net and download the ported utils they have. I admit, the porting isn't the best code I've seen, but it does work, and'll give you a feel for what could be done.
If you want to try IPv6 properly, though, join the 6Bone and test your machine to the limits.
RedHAt not enabling IPv6 (Score:2)
Is IPv6 already done? (Score:2)
--
"New worlds are not born in the vacuum of abstract ideas, but in the fight for daily bread..."
Confusion (Score:3)
Anybody in the know want to write a decent How-To?
-----------
"You can't shake the Devil's hand and say you're only kidding."
KAME (Score:3)
Re:Is IPv6 already done? (Score:5)
IPSEC is fairly well defined, and from the looks of it, Freeswan will be there soon. NRL has been there for a while, for BSD systems, I believe.
Routers are done - mrt is very usable, Bay has (or had, b4 they were taken over) an IPv6 router, as did Telebit. GateD is going slowly, but that's their fault for being obstinate and not opening the source. Cisco is getting there, and has been one of the cornerstones of the 6bone since it's inception. 3Com are working on it, but they are irrelevent anyway. Just ask any Borg.
About all that -really- needs to be done with IPv6 is for the masses to rise up and throw gummy fish at the backbone admins until they install it.
Re:IPv6-awareness- Where can I find info on 6bone? (Score:2)
-AP
Re:Confusion (Score:4)
It's just technical enough that I can follow discussions about IPv6 implementation and management, but doesn't get into the really nasty details -- there are supposed to be other books for that, and _UNP_ has other topics to get to.
For the uninitiated, _Unix Network Programming, 2nd Edition_ is two or three volumes, all worth it, and written by the late W. Richard Stevens, Network God. RIP.
Re:IPv6-awareness (Score:1)
Re:IPv6-awareness- Where can I find info on 6bone? (Score:5)
Your ISP can be running a cooked hamburger, as far as you're concerned. :) So long as you've an internet connection, the only requirement is that you set up a tunnel, connecting to some existing node on the 6bone. It's as easy as that. :)
Just e-mail the maintainer of the node, get the IPv4 address for their end-point, let them know the address for your end-point, configure SIT0 accordingly, and you're sorted.
(If you get a dynamic IP address, from your ISP, it's slightly more complex. The maintainer'll need to have some kind of script running, to automatically adjust the tunnel, according to what your new IP address is.)
Re:Confusion (Score:2)
Re:IPv6-awareness (Score:4)
Possibility B: The IETF team -meant- ., but their secretary's finger slipped on the keyboard, and nobody had the heart to correct them.
Possibility C: It's a secret conspiracy by the IETF to promote their new online hypertext system, VVV, and their new GUI system, Y.
Possibility D: They forgot that other people were already using the symbol, and by the time they noticed, were too drunk/lazy/proud (delete as applicable) to correct it.
Re:Is IPv6 already done? (Score:1)
playground.sun.com has a full blown IPv6
implementation.
Also, wait for Solaris 8. Many people will be
surprised.
Possibility E: (Score:1)
A combo of A and D. They wanted something clearly seperate and because MAC addresses use : as the seperator, they assumed it would be usable.
Not knowing everything else, but wouldn't a , be a good character?
Re:IPv6-awareness (Score:1)
IPv6 on Linux just sucks (Score:2)
FreeNet6 for testing (Score:2)
Re:KAME (Score:3)
On the other hand, there's a =LOT= of IPv6 software (such as GateD 6) which is very specific to that stack, which Linux misses out on.
Works fine on NetBSD (Score:2)
I suspect your Linux userland utilities just haven't been updated to be v6 aware. Either complain to the maintainers of those programs or send them patches. There are lots of patches on several FTP sites for making utilities v6 aware, by the way.
Re:I'm not sure... (Score:1)
I believe the author wanted full IPv6 support, not just an IPv6-aware application that still uses IPv4 as its front end.
So many things couldn't happen today
So many songs we forgot to play
So many dreams coming out of the blue
Archive of RPM and deb packages? (Score:1)
Some notes on IPv6. (Score:5)
Software vendors and network hardware vendors do not fully support it -- some will give software to you as an addon. But they do not support it. If you learn from it, great, but if it breaks, oh well, it isn't yet meant for production purposes anyway.
I think one of the main reasons RedHat doesn't ship with IPv6 enabled is that it is not yet supported everywhere. For example if you use things like sockaddr_in in your programs, you're hosed because it is IPv4 specific. And there are a lot programs that are IPv4 specific (not to mention 4-byte-copies to duplicate addresses). And checking all networking programs takes a lot of time. Not to mention fixing them and getting maintainers to support IPv6.
So this summs up to three important points:
1) IPv6 is development stuff and quite uncommon. So don't expect your average program to work.
2) It can be used very well to learn things on IPv6 and networking in general. That's also why 6bone started.
3) Because IPv6 is still beta and things, it isn't yet in very-easy to use packages with your favourite OS flavour. Also don't expect ISPs to support it. The larger ISPs are on the 6bone and might offer you a tunnel endpoint, but it's experimental for them too. So they probably don't want to invest too much time in it.
Oh, and for the people who still want to try IPv6, there is a good HOWTO on setting up IPv6 for Linux. If it's to technical, you don't want to try it on any operating system. If it's peanuts, you should help test IPv6 and help porting more applications
That's all for now, Erik.
Re: Late W. Richard Stevens???? (Score:1)
I was really looking forward to reading more of his books to see where he fell in the whole BSD vs. Linux vs. everyone else debate. It was pretty clear from his other books that he really disliked System V, and really liked BSD.
And now I hear he died. :-( When did this happen?
Depends on the application (Score:2)
That said, there are also some other issues, such as people upgrading to BIND 8 for DNS stuff, implementation maturity, to name a couple.
Late W. Richard Stevens: Slashdot article link (Score:3)
There was a Slashdot Article [slashdot.org] on September 4th.
The world lost a truly great networking mind when it lost W. Richard Stevens. May he rest in peace.
--Joe--
Re:Important Things to do with IPV6 (Score:1)
[links to TechWeb article]
Sure, try this:
Use the archives, Luke! [slashdot.org]
Re:Confusion (Score:1)
One of the most useful things that I've found about it is that all of the examples can be downloaded as a tarball. This is especially useful since it comes with a header file which allows both IPv4 and IPv6 in the same program, and in some instances in the same function.
Sorry, I don't remember where the tarball is located, but it is on the web as unpv12e.tar.gz, so you can look for it. And I recommend buying the book.
Re:Important Things to do with IPV6 (Score:1)
Re:I'm not sure... (Score:1)
Re:Confusion (Score:1)
I don't recall his website off the top of my head, but I think that uunet has a copy.
Re:Archive of RPM and deb packages? (Score:2)
Daniel
Apps (Score:4)
The big lesson that the world should be learning from IPv6 (but isn't) is that most existing network applications are hopelessly dependent on the protocol they were written for. So, for example, the standard 'telnet' program you get in your favorite Linux distribution supports IPv4 *only*. It *will not* work with IPv6. If you feed it IPv6 addresses, it's not going to somehow magically work. The telnet program just does not know anything about IPv6, and nothing short of installing a new version of telnet or using elaborate and dangerous kluges is going to change that.
There are ways to build applications that can support -- within some reasonable constraints -- any protocol you throw at them. A lot of this centers around using protocol-independent APIs such as getaddrinfo() and being careful about how you code things. It's also possible to take most existing apps and retrofit this flexibility into them, though some apps are really poorly written and those are really hard to fix. Applications written that way will transparently just deal with IPv4, IPv6, or whatever else you feel like using.
However, a lot of the IPv6 implementors are just making applications support IPv4 OR IPv6 rather than making them support anything. This just means that if IPv6 doesn't happen (which is definitely possible) or if we all decide later to move to IPv7, we're going to have the same problems all over again.
Now, there are tricks such as proxies and NATs that can be used to allow an IPv4-only app to talk using IPv4 to some intermediate point that then relays the data over IPv6 to some far end. This works, sometimes, but it's exactly the kind of kluge that IPv6 exists to try to avoid.
Re:Important Things to do with IPV6 (Score:4)
yes, so your IPv6 adress WILL be static, possibly even on a dailup. This means that it may be easier for websites to track you without the use of cookies. It means if you get glined from an irc network you can't just logoff and log back on.
But it also means that you can host a web/ftp/etc server and have it be in the same location all the time; it also means you can buy a .com or .net or whatever domain name. Basically it means everything that having a static IPv4 adress meant.
This is not something that the IPv6 protocol makers should be worrying about. After all, if you'll remember, the entire point of the IPv6 standard is to create a system whereby everyone gets their own static IP. The privacy concerns are something that your ISP should be handling. Talk to them. And the ISP can handle this probably by setting up a system whereby you change your IP occationally if you want to; this is how some *dsl and cable providers handle the exact same privacy problems (since *dsl and cable also have static IPs).
But the fact is that a lot of people-- me, for instance-- would _want_ a static IP. And there's no real way that the people writing the IPv6 protocol _can_ do anything about privacy concerns arising from static IPs, since there's no system i can think of where you can't be tracked but can have a DNS name.. The ISP should be the one you should be complaining to.
Re:Important Things to do with IPV6 (Score:2)
We KNOW that sites hanging on to an address when changing providers is a long term disaster - the routing tables just get too big.
There's lots of things in IPv6 to support renumbering. So expect addresses to be relatively static - but do NOT write them down if you don't absolutely have to!
(Yes - there is stuff in DNS too. Look up A6 records in the internet-drafts directory.)
But Wait! There's MORE! (Score:2)
IPV6 IS NOT solely to remedy ip address shortages. There are those who contend that there is no such shortage, and we can all just use NAT boxen and masquerading till the cows come home. Which leads to the natural assumption that there's no need for IPV6.
Other important things that come with IPV6 are the QoS ratings, additional security features (!), better design from the network architecture standpoint, general improvements in the spec, etc.
Keep in mind, IPV4 is OLD, and it was never meant to do the things we have it doing, becuase the designers at the time had no idea how the Internet would turn out.
(!) BTW, this does NOT refer to the so-called loss of anonymity caused by putting a MAC in the address. Read more at the IPV6 [ipv6.org] FAQ.
Textual representation of IPv6 addresses (Score:4)
There is an internet draft [ietf.org] which proposes the following native format:
instead of "ABCD:EF01::2345:10.9.8.7" use "ABCD-EF01--2345-10.9.8.7.ipv6" which contains only characters valid on a domain name and marks the with a pseudo-TLD of ".ipv6"
----
Re:Important Things to do with IPV6 (Score:1)
Dynamic IP addresses are a nasty kludge that IPv6 hopes to fix.
Static IPs are a *feature* not a bug.
How would you like it if every time you wanted to send or recive (postal) mail, you had to go to the post office and register an address - which you then lost after a week or so?
actually... (Score:1)
~> telnet localhost
connecting to localhost (::1)...
but that's a long way off.
Re:Possibility E: (Score:1)
IPv4/IPv6 Compatability (Score:2)
The bulk of problems lie in the address conversion (from readable strings to data used by sockets) functions. Since IPv6 addresses need more space to store, the IPv4-centric program isn't going to have enough space for them, thus support for IPv6 in the libraries isn't going to solve everthing, a partial rewrite will be needed. Usually it will be simple to make it compliant, unless it uses a lot of IPv4 dependant stuff (like raw sockets for example).
If code uses gethostbyname and gethostbyaddr, it is probably IPv4-dependant. If code uses getaddrinfo and getnameinfo, it is probably protocol-independant. (Please note that I said "probably"). Just grep source and find out if it needs to be rewritten.
So, yes, you were slightly naive, there is yet work to be done
Ben Higgins
Re:Possibility E: (Score:1)
That does however leave the IPv4 in IPv6 legacy addresses ::127.0.0.1, hmm, I don't suppose that a ':' is valid after one of those, so use a '.' after IPv6, and ':' after dotted quad would work.
Anyone know anyone on the IETF?
--
What about API's? (Score:2)
Last I checked, getaddrinfo was not widely available under most Linux distros. Apparently, there is no api standard for sockets, ipv6 or no (the ipv4 api is more or less a de facto standard, although there are still gaps, such as a threadsafe version of gethostbyname).
Stevens talks about XTI, but as far as I can tell it's yet another example of Open Group navel gazing. Is it even available under Linux?
Unless I'm wrong, they haven't made it easy to do the Right Thing. Ah well, I guess the right thing to do is complain to a local representative of ITC (the International They Consortium).
Not Linux's fault. Few apps coded with IPv6 compat (Score:4)
is sysutils and the like DON'T always know about
IPv6 yet. For instance, I don't think telnet is protocol independant. So you really can't blame it.
Besides, an addr of
For you coders out there, STOP using the old methods, inet_ntoa and inet_aton. These DON'T work! You need to use inet_pton (which are defined in to handle IPv6 properly, if at all. Read the prototype if you haven't already.)
It's a wise idea these days to develop network applications that are protocol independant. I see stuff that isn't coming out of freshmeat.net all the time.
It's usually a simple chore to patch source to be protocol independant, you just whip around a few different calls. Developers should take heed!
- Paradox
Man of the C!!!
perl -e "print join q( ), split(q.z.
IPv6 Linux Pointers (Score:2)
For 6bone info, see http://www.6bone.net/ [6bone.net]
Re:IPv6-awareness (Score:1)
No XTI/TLI for Linux (Score:1)
Anyway, sockets are easier to use
Why it doesn't work (Score:1)
IP6 Evangelists (Score:2)
I have read posts here pointing out that programmers need to be educated to write their apps to support methods that have IPv6 support and that word needs to be gotten out to ISP's, network admins etc about how to integrate a changeover to the new protocol.
Now, in the true spirit of the Internet community, I should be offering my services instead of just suggesting this, but whoever takes on this is going to need *way* more free time and money that I have unfortunately. They'll also need to be prepared to dive in and build up a deep understanding of the programming and technical issues involved.
Of course, an evangelist isn't the only thing that will be required to muster up support and readiness for the changeover, but it's one of the ingredients that I feel is lacking at the moment.
Anyone feel a call to action???
Re:IPv6 and you (Score:1)
That shouldn't stop them from pointing out the rough edges and asking for help.
Re:I'm not sure... (Score:1)
My debian2.2 (potato) box has some support! (Score:1)
NAT is EVIL - IPv6 is the only long term solution (Score:1)
IPv6 is most certainly about alleviating the IP address space shortage. Everything else was a case of "well, if we're redesigning the world, there's this one small thing I want to add..."
Network Address Translation (NAT) is an unmitigated Evil in that it breaks the End-to-End model - the basic design assumption of the Internet (you know, smart end hosts, with stupid routers in the middle who are not supposed to muck with the packets in any way?). There's also one other small gotcha with NAT - if you NAT, you can't use IP security. How can the NAT translate IP addresses hiding in an encrypted packet?
The 32-bit IPv4 address space will exhaust, and when it does, we all must have IPv6 stacks in our kernels, and our applications converted and working in both the old and the new address space.
Anything else is just an egregious hack, and must not be tolerated.
Re:Important Things to do with IPV6 (Score:1)
Right, and no-one needs faster than a 2400cps modem, I mean - who would want to transfer anything but text?
The system was designed to give everyone their own IP, nor was it designed as an 'end user service' like television, radio, newspapers, etc...
Right now, due to the use of IPv4 and it's address distribution problems, most desktop PC software assumes that you have a dynamic IP. This prevents all kinds of neat functionality in software, like immediate e-mail delivery, and requires all kinds of systems to be implemented as client-server-client instead of peer-peer connections (example: ICQ, MS-Net Meeting, etc), which is a waste of valuble resources on the part of the service provider, and a waste of bandwidth for the whole 'net.
Just because people are used to a nasty kludge doesn't mean that they can't take advantage of the benifiets of not needing that kludge any more.
Also, all the advantages of Dynamic IPs can be gotten through dynamic IP'd proxy servers. Just set up your computer to route all it's IP traffic through the proxy... which will use a different IP for each request. So, instead of having to disconnect and reconnect to get a new IP, you can just hit "reload" in your browser! (Or reconnect in your IRC client, whatever)
As for terms of service agreement, I refuse to agree to anything that resticts what apps I can run on my PC --- And I'll encourage everyone I know to do the same!
$DISPLAY is not a problem (Score:1)
for an IP address? NO! You're looking for:
ip-addr:n[.n]
So you rip of the right hand display[.screen]
spec _first_, then hand the left hand side to your
ascii2address routine.
The late W. Richard Stevens and IPv6 (Score:1)
W. Richard Stevens UNP book is full of well-explained IPv6 material, down to the detailed API level. I highly recommend his books on UNIX or Network Programming or both.
IPv6 is ``transparent'' in NetBSD (Score:1)
Argh. Good point. (Score:1)
Re:Late W. Richard Stevens: Slashdot article link (Score:1)
:-( I'm rading that set of posts now, and am deeply saddened that my words were even a faint echo of some of the things posted on there by idiots.
W. Richard Stevens will be very missed. I recommend his books to everyone who wants to understand TCP/IP deeply. I don't think there are any other books you can point to and say "If you want to write your own TCP/IP protocol stack, read and understand this, and you'll be 90% of the way to knowing how.".
:-( :-( :-(
Re:NAT is EVIL - IPv6 is the only long term soluti (Score:1)
IPSEC can be NAT'd -- The black tunnel endpoints are not encrypted, and most of the time not included in the encrypted data.
I've got an IPSEC client I use for work and a Linux "firewall" that masquerades IPSEC rather nicely.