Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

U.S. Government to Adopt IPv6 in 2008 284

Posted by timothy
from the they-should-adopt-odf-too dept.
IO ERROR writes "The U.S. Government is set to transition to IPv6 in June 2008, according to Government Computer News: 'In the newest additions to the IPv6 Transition Guidance, the CIO Council's Architecture and Infrastructure Committee has provided a list of best practices and transition elements that agencies should use as they work to meet the deadline. The latest additions, (MS Word) released in May, are a compilation of existing recommendations and best practices gathered from the Defense Department, which has been testing and preparing for the transition for years, the private sector, and the Internet research and development community.'"
This discussion has been archived. No new comments can be posted.

U.S. Government to Adopt IPv6 in 2008

Comments Filter:
  • by neonprimetime (528653) on Thursday June 22, 2006 @01:44PM (#15584189) Homepage
    That word document has 37 pages, 12,946 words, 74,666 characters, and 564 paragraphs. I think there's enough detail.
  • Deployed!?! (Score:3, Interesting)

    by Anonymous Coward on Thursday June 22, 2006 @01:44PM (#15584192)
    Wouldn't IPv6 basicly be deployed when 51%> adopt it? If the commercial world doesn't accept it then the goverment will be on it's own and that won't fly too well.
    • Re:Deployed!?! (Score:5, Insightful)

      by Red Flayer (890720) on Thursday June 22, 2006 @01:47PM (#15584214) Journal
      "If the commercial world doesn't accept it then the goverment will be on it's own and that won't fly too well."

      The government will never be on its own, there are too many corporations sucking at its teat who will need to step into line.

      Note how this works in re: MA trying to force open standards for anyone it does business with.
      • Re:Deployed!?! (Score:3, Insightful)

        by jgs (245596)
        The government will never be on its own, there are too many corporations sucking at its teat who will need to step into line.

        Good point, that worked really well with GOSIP [wikipedia.org] which is why we're all using OSI now.

        What, we're not? Hmm.
        • 5 years was an eternity in tech time then. The OSI requirement did help the interoperability situation, as the wikipedia link points out.

          Besides, there is a huge difference between "alone" and "not having the majority with you."
      • Re:Deployed!?! (Score:5, Insightful)

        by 99BottlesOfBeerInMyF (813746) on Thursday June 22, 2006 @02:02PM (#15584311)

        The government will never be on its own, there are too many corporations sucking at its teat who will need to step into line.

        Agreed. Who writes this stuff? ISPs already have management networks running IPv6 and big players like Comcast ran out of unique IPv4, for their cable modem pools and have completed their migration to IPv6. China is on the boat and most network gear deals with both just fine. How exactly is the US government going to be on its own here?

      • ^^this man speaks the truth.

        Why do you think cray has already deployed IPv6?
      • Re:Deployed!?! (Score:2, Insightful)

        by Tempest451 (791438)
        Believe that! When the Goverment (read Military) goes IPv6, half the corporate US is going too.
  • by Mancat (831487) on Thursday June 22, 2006 @01:48PM (#15584218) Homepage
    There's no place like ::1
  • Stats on IP usage? (Score:5, Insightful)

    by lawaetf1 (613291) on Thursday June 22, 2006 @01:49PM (#15584226)
    I'm curious as to whether there are any reliable stats out there about the availability of IPv4 address space and how it has changed over time. The widespread adoption of hide-mode NAT has allowed companies, universities and the like to move thousands of computers out of the public address space, freeing up large blocks of public address goodness. Cripes when I think about what I got away with in university, hooking my desktop up to the local LAN, getting a public and ........
    • by Anonymous Coward
      IPv4 reliable? Just have a remote exploit in Windows, bind or phpBB or whatever, then write your distribution code,

      1.upto(254){ |a|
      1.upto(254){ |b|
      1.upto(254){ |c|
      1.upto(254){ |d|
      TryExploit '#{a}.#{b}.#{c}.#{d}'
      }
      }
      }
      }

      And then have your zombies run this. The exploit would then run this. etc. etc.. and the Internet craps outs.

      Aside: Yes, starting at 1 is wrong, but this is for demonstration pur
      • by TCM (130219) on Thursday June 22, 2006 @03:07PM (#15584703)
        IPv6 addresses are not cryptographic keys, even if their space is as big. Relying on the ability to "hide" in the address space is so bad, you shouldn't even begin thinking about it. Better keep your services up-to-date and secure.

        Also, IPv6 NAT should never ever see the light of day.
      • by Lauritz (146326)
        Just like the space of possible e-mail addresses is to large to iterate over, and it therefore is infeasible to create an exploid that propagates via e-mail?
    • Yes, several analyses of IPv4 address usage over time have been made, although they don't agree with each other:

      Geoff Huston (2003) [potaroo.net]
      Tony Hain (2005) [cisco.com]
    • by Arthur B. (806360) on Thursday June 22, 2006 @02:13PM (#15584377)
      Yes but NAT is evil, it's a dirty hack. Plus NAT is changing the face of the internet, clearly separating content provider and producers. Sure you can host your blog anywhere now, but what about censorship ? If things such as darknets, freenets, etc become needed NAT will be a major annoyance.
      • Yes but NAT is evil, it's a dirty hack. Plus NAT is changing the face of the internet, clearly separating content provider and producers. Sure you can host your blog anywhere now, but what about censorship ? If things such as darknets, freenets, etc become needed NAT will be a major annoyance.

        So why is the US governmetn pushing something that can make it easier to run tools to circumvent government control ? That's what sets my spider-sense tingling. Add the tradition of senators trying to slip bad laws

    • by cmason (53054) on Thursday June 22, 2006 @02:20PM (#15584434) Homepage
      Got away with? Cripes, this is how the internet is supposed to work. Goddamn NAT. Grr.

      -c

    • by Intron (870560) on Thursday June 22, 2006 @02:22PM (#15584440)
      According to IANA [iana.org], there are some big blocks of wasted space out there:
      • BBN has three entire class A
      • HP+DEC has two entire class A (isn't it interesting that they were side by side?)
      • Halliburton has their own class A
      • multicast reserves 16 x class A but is largely unused

      Remember that a class A contains 16M addresses.
      • by arivanov (12034) on Thursday June 22, 2006 @02:43PM (#15584578) Homepage
        There is a tremendous waste of space all over the place, not just class thos few class As you mention.

        As an example: In one well known red brick UK university you have to have a public IP address and you are not allowed to put kit behind a NAT even if that kit OS something esoteric and obsolete like the Silicon Graphics or AS1 that drives Bruker NMRs. As a result you have the choice to leave it unconnected which is a major annoyance as it is designed for network connectivity or to leave it at the mercy of the elements. This is done so that the "usage is not reduced" so that the overall university allocation is still justified.

        While at it, IIRC the aforementioned Bruker as a class B which is not used for anything but to give semi-unique addresses to different components of Lab machinery which sit on internal networks worldwide. Classic abuse of public address space for what amounts to textbook RFC 1918.

        IBM is holding 9.0.0.0/8 which it practically does not use, There is a huge block in the high /8 area which is unused and reserved for edu.

        The only place where there is some IPv4 address shortage are the APNIC blocks. RIPE and especially ARIN still have plenty of address space to go around even without going and starting to ask people like IBM if they actually use those class As.
        • by Detritus (11846) on Thursday June 22, 2006 @04:32PM (#15585264) Homepage
          As an example: In one well known red brick UK university you have to have a public IP address and you are not allowed to put kit behind a NAT even if that kit OS something esoteric and obsolete like the Silicon Graphics or AS1 that drives Bruker NMRs. As a result you have the choice to leave it unconnected which is a major annoyance as it is designed for network connectivity or to leave it at the mercy of the elements.

          Setup a firewall, which is the proper way of doing it in the first place. The security benefits of NAT are incidental, not intentional. NAT also makes it difficult for network administrators to diagnose and isolate network problems.

      • HP+DEC has two entire class A (isn't it interesting that they were side by side?)

        Whoa. Working from your document [iana.org], if this trend contiues they will next buy Apple, and then MIT. That would be a powerhouse indeed.

        Although really, they should go the other way, buying Xerox and nabbing whatever the hell 14/8 is used for. Then they could have the world's only /6. That would either be the world's coolest dorky thing, or the world's dorkiest cool thing. I can't tell which.
    • by shakuni (644197)
      http://www.cisco.com/web/about/ac123/ac147/archive d_issues/ipj_8-3/ipv4.html [cisco.com]

      try this link. It is a logical analysis of the state of IPv4 address space (it is all /8 based though). It also has a link to another report which has a different view on space exhaustion.

      regards
    • by kbnielsen (835429) on Thursday June 22, 2006 @02:39PM (#15584553)
      For a long time, it has been predicted by various studies that we would run out of IPv4 addresses around 2010, based on the comsumption rate after introduction of NAT's and the changes made by CIDR (RFC 1817).

      However, a more recent study [cisco.com] by Cisco and others argue that we might be running out of addresses as soon as 2008 if the current consumption rate holds up. And with major pushes for 3. world countries to enter into the tech sector, my guess is that it is not a totally invalid assumption. They also argue how long the reclaiming of existing class A (or /8 in CIDR notation) networks would prolong the time where the IPv4 address space is exhausted.

      There are also lots of problem by using the D and E class networks for general putpose traffic, since the D class is classified as experimental and E as broadcast, and so it cannot be guaranteed that all equipment can handle these addresses or will even allow these addresses to be used, since previously it would have been a configuration mistake to use these (especially the D class) addresses...
  • 2008? (Score:5, Insightful)

    by Billosaur (927319) * <wgrother@optonlin[ ]et ['e.n' in gap]> on Thursday June 22, 2006 @01:50PM (#15584232) Journal

    As the CIO Council and Office of Management and Budget help map out the June 2008 transition to IP Version 6, perhaps the biggest challenge is that they're entering unfamiliar territory.

    In the newest additions to the IPv6 Transition Guidance, the council's Architecture and Infrastructure Committee has provided a list of best practices and transition elements that agencies should use as they work to meet the deadline.

    So the government has a year-and-a-half to meet this deadline? Forgive the cynicism, but given that they have a loose set of guidelines and so many systems that would need conversion, I think they're being a tad optimistic. Kudos for trying this, but I won't be surprised when it takes until 2010.

    • Re:2008? (Score:5, Informative)

      by Mariner28 (814350) on Thursday June 22, 2006 @02:02PM (#15584306)
      Actually, the DoD is transitioning to IPv6 capability by 2008, and yes, there's no way all systems will be capable of supporting IPv6, let alone transitioning to IPv6 exclusively, by then. So as systems, and more importantly - applications, are upgraded over time, they will get there.

      Ironically, it's not the government that's dragging its feet - it's the contractors. You'd think they've never heard of IPv6 before, even though every contract written in the last year or so is supposed to contain a clause stating that the system/application delivered under that contract will support IPv6...

    • Remember GOSIP? (Score:4, Interesting)

      by KenSeymour (81018) on Thursday June 22, 2006 @02:39PM (#15584552)
      I remember when the government mandated the switchover from TCP/IP to ISO protocols. The acronym for that was GOSIP.
      Computer industry vendors spent serious money preparing for the August 1990 adoption deadline.
      They had to implement the ISO protocols or risk not being able to sell their systems to the government (always a major customer).

      The revised date for adoption is never.

      The worst part about doing government contracts was dealing with all the folks that say:
      "We can't design this around TCP/IP, the government is mandating ISO."
    • It seems impossible, but thats because it is.
      From years of working for the government in IT, I know that it is practically SOP to push some insane requirement on everyone, delay it a few times, and then go into panic mode when everything isnt 100% at the deadline.

      This happens ALL the time.

      Also, I didnt read the document detailing the agencies affected by this, but "US Government" does not mean everyone. It could simply be a few agencies that must meet this requirement. This probably also wont affect
  • by Banner (17158) on Thursday June 22, 2006 @01:57PM (#15584279) Journal
    I haven't had the time yet to read over the specs and try to figure out what the downsides and hassles for the rest of us will be with IPv6, but I'm sure there are slashdotters out there who have taken the time to figure out where the problems and issues are.

    If those of you out there who understand those issues could make a few posts here I would greatly appreciate it.

    Thank you.
    • I am not amazingly versed in this issue but several things stand out immediately to anyone who has a little networking experience.

      1. Lots of legacy equipment does not and will never support IPv6. That means...
      2. We will have a whole bunch of IPv4 to IPv6 gateways. This will be absolutely necessary. We have them now, of course, but not so many of them. You think NAT is a PITA when you have IPv4 on both sides of the wall? Try it with different protocols. You're going to have fun!
      3. IPv6 addresses are four times the size of IPv4 addresses. That means additional computation is necessary to handle the simplest IP tasks (routing.) Doing the comparison to find out if a packet is yours on a 32 bit system can take as many as four comparisons, whereas with IPv4 it was only one.
      4. IPv4 software is mature, IPv6 software is comparatively untested. GUIs need to be developed for configuration, and all the software has to be developed. A lot of software has IPv6 support, but hasn't really been hammered on in that way, simply because practically no one is using IPv6. There will be significant fallout.
      5. IPv6 may be simpler, but retraining will still be necessary. Lots of people have spent literally decades getting used to TCP/IP, learning all its ins and outs, and figuring out how to make it do the right thing. IPv6 is allegedly more intelligently designed, but there will still be gotchas.

      I'm sure someone with a little more knowledge, and/or a little more imagination, can come up with others.

      • by Abcd1234 (188840) on Thursday June 22, 2006 @02:19PM (#15584422) Homepage
        IPv6 addresses are four times the size of IPv4 addresses. That means additional computation is necessary to handle the simplest IP tasks (routing.)

        Uhh... what? One of the big advantages of IPv6 over IPv4 is that it will make routing *easier*, thanks to the hierarchical address space.
        • It makes it easier, as in, you don't have to check through a big complex agglutination of routes to decide where a packet goes. However, comparing a packet's address to a target address involves four times as many bits in IPv6 as in IPv4.
          • LOL. Yes, at the edges of the network, hosts will have to switch from comparing 4 bytes to comparing a whopping *16*. NOOOOOO!
          • by TCM (130219) on Thursday June 22, 2006 @02:46PM (#15584598)
            However, comparing a packet's address to a target address involves four times as many bits in IPv6 as in IPv4.
            Wrong. Wrong. Wrong! Do you think the target address is scattered randomly through every packet? No, it has a fixed place in the header.

            Additionally, there are less options in IPv6, making the logic to analyze a packet even more simple than for IPv4.

            Random Google result:

            The improved routing, or movement of information from a source to a destination, is more efficient in IPv6 because it incorporates a hierarchal addressing structure and has a simplified header. The large amount of address space allows organizations with large numbers of employees to obtain blocks of contiguous address space. Contiguous address space allows organizations to aggregate addresses under one prefix for identification on the Internet. This structured approach to addressing reduces the amount of information Internet routers must maintain and store and promotes faster routing of data. In addition, as shown in figure 5, IPv6 has a simplified header because of the elimination of six fields from the IPv4 header. The simplified header also contributes to faster routing.
            http://www.cybertelecom.org/dns/Ipv6.htm [cybertelecom.org]

            If you keep spreading FUD instead of doing a simple Google search we will never get IPv6.
            • However, comparing a packet's address to a target address involves four times as many bits in IPv6 as in IPv4.

              Wrong. Wrong. Wrong! Do you think the target address is scattered randomly through every packet? No, it has a fixed place in the header.

              Yes, and it is four times as long in IPv6 as it is in IPv4. I didn't think this was that complicated a concept. I do realize that other parts of the packet have been streamlined, but this is going to affect edge routers and layer 3 switches.

              • Sorry, I must have misread something. But I still think this is FUD.

                Yes, the address is four times as long, but since many checks for valid options can be removed and routing tables are going to get smaller, the additional overhead is small or non-existent, maybe even negative. What is a simple check of an address against a table of addresses with a (now fixed!) mask compared to the complex logic to verify the validity of 6 additional options?
              • The byte size of the address is a complete non-issue in networking hardware. The part of networking that is hard is not the part where you compare a string of bytes.

                The real issue is that IPv6 was supposed to provide a heirarchical address scheme to simplify routing, but hasn't actually done so. Global addresses are just a flat number. Site local addresses completely failed to address the issue, and have been deprecated without even a suggested replacement. Link local addresses aren't useful for much be
      • by gclef (96311) on Thursday June 22, 2006 @03:00PM (#15584677)

        There is also right now a huge disagreement going on in the background about how to multi-home in IPv6.

        The presently-proposed model implies that only big ISPs (plans for at least 200 customers that you'll be allocating space to) can get their own IP space...everyone else has to get space allocated to them from bigger groups. This, predictably, is making the content providers and big enterprises very unhappy, because they're used to (and now require) multiple uplinks to differing ISPs.

        The proposed fix for this problem, shim6, has been routinely savaged as a complete non-starter. That's mostly because it's proposing allowing each and every end host to make it's own decisions about what path to take, causing all sorts of uglyness for security devices and traffic engineering.

        There presently is no good answer to this, which is why a lot of orgs are holding off on IPv6.
      • We will have a whole bunch of IPv4 to IPv6 gateways. This will be absolutely necessary. We have them now, of course, but not so many of them. You think NAT is a PITA when you have IPv4 on both sides of the wall? Try it with different protocols. You're going to have fun!
        If by "going to have fun" you mean "make a lot of money consulting," then yes, quite possibly. Otherwise something tells me that you're using some kind of literary device to make a point.
      • Wrongo on the routing. The last 48 bits are reserved for the node's MAC address and the first 16 bits are reserved for the type of traffic. The rest is heirarchically defined by the router. (The router advertisment is done via RADV and the address is discovered by the machine from that advertisment).

        The practical upshot is that if the traffic is for that LAN, you need only test the 48 bits for the MAC address. If it is for a node further downstream, there will be a non-zero value in the next byte after your

    • Virtually every application and router must be updated to support IPv6.
      Addresses are longer and harder to remember.
      Packet headers are larger, so less data fits in each packet.
      Multihoming still hasn't been sorted out.
      Certain default configurations allow anyone to see your MAC address and thus track your computer more easily (but fixes for this are known).
      Administration of a dual-stack network may cost almost twice as much as administration of a pure IPv4 network.
    • One big downside is that it's not really used on the internet, so it's really hard to get experiance with it on a daily basis. Just try to ask your ISP for an IPv6 address, it probably won't do any good because their routers don't have IPv6 turned on anyway. There is only a handful of hosts on the internet that have IPv6 addresses at all.

      If people have no real world experiance with it, they're not going to be very good at deploying it for 1,000 army boxes. Most admins don't even know how to enable IP
      • Everyone has the ability to get an IPv6 tunnel. When deployed, it's not much different than a native IPv6 connection. SixXS [sixxs.net] has 4 PoPs in the USA but only 220 [sixxs.net] users there so far. Go sign up! You just have to want to. Saying it's not used is plain wrong and helps noone.
  • IPv6 Adoption (Score:4, Insightful)

    by digitac (24581) on Thursday June 22, 2006 @01:58PM (#15584283) Homepage
    This is a big step forward for IPv6 adoption, but I think the next major step will be by the cable companies. They want every set-top-box or cable TV to have two way communication and be fully addressable. Where else would they get the address space needed for that? IPv6 solves a lot of the problems they have with addressing that may devices. That will probably be the first way IPv6 gets into most of our homes.

    Digitac
    • Re:IPv6 Adoption (Score:3, Insightful)

      by gbjbaanb (229885)
      Na, it'll be when MS issues a critical update that accidentally switches your network stack to use IPv6 .... :-)

      Perhaps this is what it would take to get IPv6 in place - MS to say 'we will stop supporting IPv4 in a year's time'. Watch all the computer companies scramble to update their software (and hardware - obviously you'll need to buy the updated versions) and then it'll happen. Otherwise, we're going to be stuck with IPv4 for a very long time to come.
      • Re:IPv6 Adoption (Score:3, Interesting)

        by kbnielsen (835429)
        > Na, it'll be when MS issues a critical update that accidentally switches your network stack to use IPv6 .... :-)

        Think Windows Vista :)

        According to Microsoft, Vista will have IPv6 installed and enabled pr. default and will prefer IPv6 over IPv4. Link is here [microsoft.com].
    • Unless the boxes are going to be communicating with each other that is a total nonissue. You can communicate behind NAT with anyone else 2-way; as long as they aren't also behind NAT.
    • This is a big step forward for IPv6 adoption, but I think the next major step will be by the cable companies. They want every set-top-box or cable TV to have two way communication and be fully addressable. Where else would they get the address space needed for that?

      10.0.0.0/8? It fits their "walled garden" business model perfectly.
    • Re:IPv6 Adoption (Score:2, Insightful)

      by Abcd1234 (188840)
      Uhh, the cable cos can, and already do, use private address spaces for their settop boxes, and this is the way it'll stay. There's no way a cable company will want their DSTB population externally reachable. As such, the IP address shortage is a non-issue for them.
      • Re:IPv6 Adoption (Score:5, Insightful)

        by Olmy's Jart (156233) on Thursday June 22, 2006 @03:34PM (#15584903)
        That is sooo funny because it's sooo blatently wrong. Dead opposite, dead wrong.

        Comcast exhausted the entire 10 net last year and are deploying IPv6 for their management addresses. Just check out their presentation at the recent NANOG (North American Network Operators Group) titled "IPv6 @ Comcast Managing 100+ Million IP Addresses" [nanog.org]http://www.nanog.org/mtg-0606/pdf/alain-durand.pdf [nanog.org] . Their situation is dire just with managing HSD "high speed data" devices (aka cable modems) already and going to get MUCH worse with their "triple play" deployment. Since they are management addresses, NAT is impractical, whether it's externally accessible or not. They don't have a choice. IPv6 is the only practical answer for them.

        Comcast, themselves, are saying the exact opposite of what you are claiming. They use private address space, but that's NOT the way it's going to stay. The address shortage is a pointed issue with them. They're already moving to IPv6. IPv6 to the customer is on the horizon.

        You loose. Thank you for playing.
    • This is a big step forward for IPv6 adoption, but I think the next major step will be by the cable companies.

      Its funny. I remember when the US government/military _made_ the standards instead of being years behind adopting them.

      I guess they are too busy spying on people and killing them to actually do any real innovation.

      • I guess they are too busy spying on people and killing them to actually do any real innovation.
        Not so! They're finding lots of new and innovative ways to spy on people and kill them.
  • by Midnight Thunder (17205) on Thursday June 22, 2006 @01:58PM (#15584285) Homepage Journal
    Anyone not having access to an IPv6 network, say because you are behind a NAT, and are wanting to try out IPv6, because it is in your blood to do so, I recommend giving Miredo [simphalempin.com] a go. If I suggest this one over other solutions, is because of the number of platforms supported (including, Linux, Windows, MacOS X, BSD). There is Freenet6, but it won't work from behind my NAT with MacOS X.
  • by Rob T Firefly (844560) on Thursday June 22, 2006 @01:59PM (#15584294) Homepage Journal
    If this transition goes anywhere near as well as that time the US Government resolved to convert the US to the metric system in the 1970s, then... well, we'll all have a lot more time to play solitaire.
  • The NSA (Score:2, Funny)

    by a_greer2005 (863926)
    needs the extra addressing space for all of the servers used for domestic internet spying...to stop them thur ter'ists!
  • Sorry. (Score:4, Funny)

    by fuzzyfozzie (978329) on Thursday June 22, 2006 @02:12PM (#15584372)
    I don't know what IPv6 is but I'm assuming because it is on Slashdot and it involves the government I should be against it.
  • So they slid it out. Wasn't it originally mandated to have already happened? I wonder how many times they are going to continue sliding it before it actually happens.

    The real problem is unfunded mandates. Great mandate, but without money behind it, it ain't gonna go anywhere.
  • Flexible IP adresses (Score:2, Interesting)

    by Bromskloss (750445)
    How about having a scheme like the following: If I have, say, the single address 111.222.333.444 (it's not a valid IP address, I know), and have more than one thing I want to plug in, I just append another dot and create a new sublevel. I get 111.222.333.444.1, 111.222.333.444.2, etc. There is no limit to it.

    The downside I can think of is that it will probably be slightly more work (and thus slower) for the machines on the net that reads the address on packets to send them in the right direction (I belie
    • There is no limit to it.

      That's a big problem when designing hardware and efficient software.
    • Dotted-quad notation of IP addresses is for human consumption only. Networking equipment treats them as 32-bit values. Or maybe it's four 8-bit values - I forget, and I'm too lazy to look it up. The point is, it's not a string at the network stack level, so simply appending another number isn't possible.
      • Dotted-quad notation of IP addresses is for human consumption only. Networking equipment treats them as 32-bit values. Or maybe it's four 8-bit values - I forget, and I'm too lazy to look it up. The point is, it's not a string at the network stack level, so simply appending another number isn't possible.

        I am suggesting a _new_ way here, not that we all suddenly append more digits to existing addresses and continue to call it IPv4.

        As for "32-bit value" vs. "four 8-bit values", I must say I wouldn't see t

  • by Sloppy (14984) on Thursday June 22, 2006 @02:18PM (#15584421) Homepage Journal

    The good news: long term, I think IPv6 is desirable. Thus, I like seeing a large organization pave the way. Let them get the kinks out. Let them find out what all goes wrong. Let them blaze the trail so we can ride on their coattails. Let them incur the big expense.

    The bad news: Wait a minute. "Them?" Oh shit, it's the US government. I'm a US citizen. Argh, that's my expense. D'oh!

    • The good news: long term, I think IPv6 is desirable. Thus, I like seeing a large organization pave the way. Let them get the kinks out. Let them find out what all goes wrong. Let them blaze the trail so we can ride on their coattails. Let them incur the big expense.

      Several others have already stepped up to the plate and have implemented IPv6. Here are some notes [merit.edu] asked when Comcast did their presentation at NANOG about how their IPv6 migration of their cable modem pools worked.

  • by Bromskloss (750445) <auxiliary DOT ad ... privacy AT gmail> on Thursday June 22, 2006 @02:20PM (#15584431)
    It's the new, boosted, PATRIOT Act: Intellectual Property version 6
  • Good luck (Score:3, Interesting)

    by blamanj (253811) on Thursday June 22, 2006 @02:37PM (#15584547)
    I hope it goes more efficiently than our switch to the metric system [nist.gov].
    • The civilized world actually DO laugh at your old and outdated "feet" and "lb"'s.

      It's quite ridiculous that you're still using your old and outdated system.

  • I guess someone upstairs finally figured out that it's easy to track people on the net when they don't move. If everyone has their own addresses, no need to ask the isp what it is anymore, huh?

    At the same time, dodging servers and going directly to your friends with encrypted comms will get easier too?
  • by kesuki (321456) on Thursday June 22, 2006 @02:49PM (#15584616) Journal
    Which firewalls can currently be used to filter, log, and block ipv6 traffic?

    IPV6 definitely has been around for many years now, but none of the windows firewalls I've downloaded seemed to have any kind of configurations for logging or filtering ipv6. Sure that's 2 years away, but unless I overlooked a firewall (there are so many for windows) or they use some kind of open source package that probabbly has ipv6 firewall capability already. i have to wonder how they're going to keep secure.
    • This is not Windows, but NetBSD had IPv6 since 1999 and still has the most complete IPv6 stack. The included packet filter(s) handle IPv6 just as well as IPv4 and have done so for at least some years now.

      And besides, I wouldn't connect Windows directly to the network in any case. It likes to trip over and salivate like a small child. Better use a real system to protect it.
  • Ada and waivers (Score:3, Interesting)

    by tcopeland (32225) * <tom@tho m a s l e e c o p e land.com> on Thursday June 22, 2006 @02:54PM (#15584644) Homepage
    I suspect this will be about as successful as the DOD's old policy of only doing development in Ada. Let the waiver requests begin!
  • If one would want some empirical perspective on how much impact this has on the world in general... the U.S. government adopted a best-practices and recommendation for computer contracts in the late 80s requiring all systems be POSIX compliant. While you can make the technical argument NT/XP is POSIX (.1), it's hardly a nudge in the direction technology decidedly went (i.e., Windows became dominant anyway).

  • I'm a bit surprised (Score:3, Interesting)

    by Jugalator (259273) on Thursday June 22, 2006 @04:17PM (#15585179) Journal
    Given how many problems with IPv4 this new revision solves and that a thorough look was taken at the protocol in its entirety, of all things, I'm surprised *geeks* usually just try to find reasons to not like it. Sure, admins may need to retrain, and there'll be infrastructure costs, but since when did geeks stop looking at positive evolution as being bigger than these things?

    There's also always a lot of FUD spread around this matter, and one can find it even in this topic, for example IPv6 increasing routing complexity. IPv6 uses hierarchical address ranges *and* is modularized so there's not just less complexity, but even less *traffic* to route unless using more advanced features of IPv6. After the transition, IPv6 is better for your routers.

    NAT's also seem to be a common enough argument against IPv6 that someone should have written a damn "Why NAT's won't solve address space issues" FAQ to uninformed people already. There is something similar [circleid.com] enough for that though.

    Anyway, instead of just ranting, here's a document [tcpipguide.com] about some of the changes IPv6 makes. Maybe especially this part [tcpipguide.com] is educative to some.

"When the going gets tough, the tough get empirical." -- Jon Carroll

Working...