Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
The Internet

How Feds are Dropping the Ball on IPv6 299

Posted by CmdrTaco
from the go-long-go-long dept.
BobB-NW writes "U.S. federal agencies have six months to meet a deadline to support IPv6, an upgrade to the Internet's main communications protocol known as IPv4. But most agencies are not grabbing hold of the new technology and running with it, industry observers say. Instead, most federal CIOs are doing the bare minimum required by law to meet the IPv6 mandate, and they aren't planning to use the new network protocol for the foreseeable future."
This discussion has been archived. No new comments can be posted.

How Feds are Dropping the Ball on IPv6

Comments Filter:
  • by yagu (721525) * <yayagu@noSPaM.gmail.com> on Monday December 17, 2007 @11:22AM (#21725992) Journal

    I don't blame anyone, even government in this case, for avoiding the hassle of getting everything converted to IPv6. Maybe eventually we all will have to be there, but there always seems to be workarounds that work for everyone, minimal hassle, minimal pain.

    If you wanted a Starbucks coffee, and it was one street down, and someone told you you had to go through the in-between building, climb up and down its twenty flights of stairs just to get to the next street for you coffee, and you knew you could just walk around the building on the sidewalk, what would you do? Now, if the building were only two stories high, and the block to walk around were 600 ft each side, it might be a different choice.

    An interesting aside, meeting the mandate only requires they are IPv6 capable, not running it. This is the same height bar the government set for Microsoft in the early nineties when Microsoft delivered the DOA POSIX-compliant (never to be really used) NT. NT, with its barely implemented POSIX subsystem (only implemented the library portion, btw, not the user interface) got to put a check in the POSIX checkbox for government contracts.

    Lesson to be learned? If you want to make an effective mandate, make it a mandate for implementation, not capability.

    The government:

    • couldn't do metric
    • couldn't do POSIX
    • isn't doing IPv6
  • by rubycodez (864176) on Monday December 17, 2007 @11:27AM (#21726038)
    plenty of unused space can be reclaimed from horribly overbooked holders, it's five years or more, back to sleep everyone, we don't need ip6 this decade, and people that want to play can tunnel.
  • by postbigbang (761081) on Monday December 17, 2007 @11:37AM (#21726144)
    and many would argue that it's not. The IPV6 address space is beyond reasonable, and the onerous idea of tracking every conceivable device right down to bullets fired (look it up) is staggeringly senseless overkill. We still have huge Class B spaces taken up by various hoarders that need to give it up and use some common sense. There are loads of CIDR blocks that need to be used or pushed back into the pools of available IPV4 space.

    Those that do only the minimum to achieve IPV6 addressing are in my personal and technical opinion, doing nothing incorrectly beyond violating the spirit of mind-numbing nonsensical regulation. Even if IPV6 addressing were rational, then managing that space still needs work-- even after more than a decade of implementation.
  • by Joe The Dragon (967727) on Monday December 17, 2007 @11:39AM (#21726168)
    It bad idea as IPv6 kills NAT and ISP like COMCRAP will love to make you pay per system that you have on your network.
  • by Slashdot Parent (995749) on Monday December 17, 2007 @11:41AM (#21726200)
    What benefit does your average government agency get for switching to IPv6, and does it outweigh the costs?

    Obviously not, because if the benefits outweighed the costs, no mandate would be necessary. Agencies would have long ago switched on their own.

    And since costs outweigh the benefits, who can blame agencies for doing the bare minimum to achieve compliance? The writeup makes it sound like agency obstinance, but I view it is good budget stewardship. Agencies don't seem to want to flush good budget down the IPv6 toilet.
  • Why bother? (Score:2, Insightful)

    by davidwr (791652) on Monday December 17, 2007 @11:47AM (#21726266) Homepage Journal
    As much as people hate stop-gaps like NAT, in some environments it is a cheap solution to several problems and doesn't introduce new ones.

    Besides, how long did it take government computer networks to switch from proprietary systems like IBM's SNA, Microsoft's NetBIOS, Banyan's VINES, Digital's DECNET, Apple's Appletalk, and others to IPv4? IPv4 came out in the early '80s. I'd venture to say more than one government office was still using a completely-non-IPv4 network well into the '90s.

    No, unless there is a big benefit that justifies the cost, most System Administrators are going to do as little as they can get away with, both in the government and in Corporate America.

    Now, if you are in a shop where it's cost-effective to be on IPv6 then by all means why aren't you there already?
  • Doesn't matter... (Score:1, Insightful)

    by HogGeek (456673) on Monday December 17, 2007 @11:49AM (#21726290)
    ... The world is going to end December 21st, 2012.

    We should have enough to get us there...
  • Academic Attitude (Score:5, Insightful)

    by jeremiahbell (522050) <[jeremiahbell] [at] [yahoo.com]> on Monday December 17, 2007 @11:49AM (#21726292) Homepage
    During this last college semester I expressed my disappointment that IPv6 wasn't being implemented as widely as I thought it should be. I also subtly hinted at my disappoint that IPv6 wasn't covered at all (except one half a page of 405). My teacher said "I think it will take a new generation of Network Tech to implement IPv6". How in the hell are we going to have a new generation implementing it when it isn't even taught? I just took that joke of a Network+ test and now I'm certified, and I don't know diddly-squat about IPv6. Thankfully Wikipedia is there to explain a little bit of it to me.
  • by TechHawk (570290) on Monday December 17, 2007 @11:51AM (#21726318) Homepage
    IPv6 isn't that complicated to set up, especially since most recent desktops support IPv6 out of the box

    You're assuming that

    1: They are using "recent desktops"

    2: The image that they are loading onto the desktop will support IPv6

    Neither of those assumptions are anything resembling a "sure bet".

    I'd bet on the Dolphins beating the Patriots next weekend before I'd bet on the above.
  • by grahamsz (150076) on Monday December 17, 2007 @11:53AM (#21726340) Homepage Journal
    Is there a technical reason why you can't do NAT over IPv6?

    I can't see any reason it wouldn't work.
  • by Russ Nelson (33911) <slashdot@russnelson.com> on Monday December 17, 2007 @11:56AM (#21726394) Homepage
    IPv6 still does nothing for me. Until I can reach everybody who is listen()'ing for me using IPv6, having an IPv6 address, or IPv6 stack, or IPv6 routing doesn't help me one bit.

    Until that happens, NOBODY can adopt IPv6. That's the law, and no legislation can change that.
  • by Tony Hoyle (11698) <tmh@nodomain.org> on Monday December 17, 2007 @12:04PM (#21726494) Homepage
    The problem with that site is it's counting down... in the last few years more address space has been released than claimed, so it should be static or counting up.

    ipv6 has been needed 'real soon now' for 20 years. Yes we'll need it eventually, but it's so far from commercial deployment that it's just not an option - most infrastructure simply doesn't support it (in fact trying to run ipv6 over active directory will utterly screw it up because of the conflict between xp supporting ipv6 ad clients and 2003 not supporting them.. everything runs horrendously slow or breaks).
  • Re:Why bother? (Score:4, Insightful)

    by Antique Geekmeister (740220) on Monday December 17, 2007 @12:27PM (#21726826)
    Oh, NAT is more useful in several ways. It provides a single router or entry point that you can monitor for security reasons, it prevents people from running announced services such as HTTP, SMTP, or file sharing from their internal machines, and it draws a useful curtain of obscurity against activities you don't want traced back to their source.

    Switching to IPv6 often involves hardware switchovers and the elimination of old services that simply cannot interoperate with it because they weren't designed to, and should have been discarded years ago but haven't been, and the original author has very much moved on.
  • by fizzbin (110016) * <7fl8o4rqr2is001@sneakemail.com> on Monday December 17, 2007 @12:28PM (#21726844) Homepage
    How do you propose to get Class B hoarders (to say nothing of Class A hoarders who got their blocks in the 80s and early 90s) to turn loose of them? Other threads have talked about lawsuits being necessary. What do you know that they don't?

    In any case, there is no incentive for government, business or anyone else to adopt IPv6 unless and until it costs them to get IPv4 addresses. ARIN and the other RIRs need to announce *now* that by, say, 2009, they will start charging for IPv4 address allocations. Then you'll see IPv6 take off. If the RIRs don't start charging, then in 2010 or thereabouts they will run out of space and IPv4 users will have to go to those address hoarders who most definitely will charge them. And the result will be a LOT more chaotic for the Internet.
  • by iamacat (583406) on Monday December 17, 2007 @12:40PM (#21727066)
    That's nothing! Regional registry 10 digit phone number exhaustion in... -20 years. These days big companies can not just get a /5 phone number suffix to use for themselves. They are instead forced to hide behind NATed PBX exchanges and ask people to reach individual employees by dialing an additional 4 digit port number. This has ruined american business, but that's nothing compared to draconian restrictions on families who are not able to get a separate external phone numbers for every TV, settop box, toilet and toaster that they own.

    This ridiculous anachronism is to be fully blamed on laziness of government and corporate entities as well as some individual users who could not be bothered with 40 digit phone numbers. They were completely ignorant of widespread yellow pages services that would translate friendly names to actual numbers used internally by the phone network. In fact, modern phone headsets can be readily adopted to include an alphanumeric keyboard and do the yellow pages resolution automatically. Your traveling friend can be conveniently reached at room1135.guests.london.uk.holidayinnhotels.com.

    Surely there is no need to keep beating the old horse and entertain some people's suggestions that we keep one or two familiar short phone numbers for each family or registered business and then address toasters or individual employees with extensions of length chosen by the particular entity to fit their needs. They are just afraid of our freedom and our speed typing skills!

  • by Russ Nelson (33911) <slashdot@russnelson.com> on Monday December 17, 2007 @12:44PM (#21727134) Homepage
    - A large number of sites still don't have IPv6 DNS addresses
    That's the biggest problem. Until I can reach every server with IPv6, I'll still need IPv4. Since I need IPv4, why should I bother with IPv6?
  • by achurch (201270) on Monday December 17, 2007 @12:58PM (#21727374) Homepage

    Addressing is this teeny tiny eenie weenie ittie bittie fragment of the changes involved in IPv6.

    Yup, and the rest is second-system syndrome [wikipedia.org] too.

  • by afidel (530433) on Monday December 17, 2007 @01:18PM (#21727670)
    They just need to reallocate some blocks, MIT [mit.edu] has a Class A, 4 Class B's and a host of Class C's. That's enough to get most countries online. HP has TWO class A's thanks to the consumption of Compaq/DEC, ham's have a class A as does Xerox and Halliburton. Combined that makes for 100+ million additional IP's to become available if a couple large organizations simply re-ip. Now I know a large scale re-ip can be painful, but they have years to do it if they start now.
  • by Anonymous Coward on Monday December 17, 2007 @01:31PM (#21727872)
    Bah - just deny IP addresses to china, malaysia, *.south america, korea, singapore, the ukraine, the czech republic and verizon and we can forget about this problem. (let me check my spam list to see if i've forgotten any of the major players...) Oh yes, nigeria -- ahh hell, *.africa, just to be sure.

  • by KiloByte (825081) on Monday December 17, 2007 @04:30PM (#21731196)
    It's not "perfectly" functional. For example:
    * v6 address isn't there until ~10 mins after boot or until you disable+enable the interface
    * SMB/CIFS over v6? no way
    * you can't use DNS over v6

    On a complete unrelated note: your name sounds Polish. No major ISPs support v6 here, but the tunnel brokers are awesome. On SixXS I get connections to most oversea places *BETTER* by at least 10ms ping than routed directly through tpsa/Neostrada, tpsa/IDSL, tpsa/PolPak or Netia.

Long computations which yield zero are probably all for naught.

Working...