U.S. DoD Commits To IPv6 318
babaloo writes "According to this
article the U.S. Defense Department wants to move it's entire network to IPv6 by the year 2008. Will this be what pushes at least U.S. based companies and providers to actually convert over?" It's definitely a shot in the arm that IPv6 needs. This seemed to be more of a priority back when NAT was much less prevalent, but it seems we'll eventually find ourselves on IPv6, even if we drag our feet there.
dupe? (Score:4, Informative)
http://slashdot.org/article.pl?sid=03/06/1
oh wait, this is
any news is good news!
Re:dupe? (Score:2, Funny)
Re:dupe? (Score:2, Funny)
Re:Oh wait, here's one (Score:2, Informative)
The Carter administration tried to get the country converted to metric, but Reagan killed it.
You're kidding? (Score:2)
Think Metric! (Score:2)
Canada of course converted successfully (well, mostly) at the same time.
Re:Oh wait, here's one (Score:2, Interesting)
But language allows us to use the old imperial names for our old convenient sizes. I know running around school buming change for a "pint" is much more convenient than saying "5683 milliliters".
Try doing anything complicated with the old measurements. You need to remember fairly complicated names and values for each measurement to do math with them.
Take a look at the tables o
Re:Oh wait, here's one (Score:3, Interesting)
Re:Oh wait, here's one (Score:2)
Re:Oh wait, here's one (Score:3, Interesting)
just me 0.02c
One good rant deserves another (Score:5, Interesting)
Second, that essay sucks. For instance, a pint is not 250ml, but 568ml. The reason people order pints of beer instead of 568ml (or even a half-litre) is mostly historical, but it's also because it's handy to have a nice short name for a measure you use often. If they had used metric for beer all along, then people would have needed a short nickname for a half-litre, and perhaps they would have called it a pint. It's the same way we call kilometres "clicks", and it has nothing to do with base 10, or fractions, or "number theory" as you say.
This guy goes on to say:
No, we are most certainly not back where we started from. If you like to give a name to 3/7 of a metre, that's your business, but I like the fact that I can do mental math in metric, and convert units just by sliding the decimal point.
For example, if I'm travelling at 31km/h, what is that in metres per second? It turns out the hardest part of that calculation is converting hours into seconds, which involves dividing by 3.6. As far as mental arithmetic goes, it doesn't get much harder than that. There's your precious number threory for you. And it only gets worse if you try to turn 31mph into feet per second.
In contrast, if my car uses 7.3 litres of fuel per 100km, what is that in millilitres per km? It's 73. It's so simple you can do it in your head, and get your answer with as much precision as you want, so long as you are capable of sliding the decimal point properly for each unit conversion.
Later, we find this demented little nugget:
The problem here, if you'll take a moment to think about it, is that the authors of these cookbooks are not using the metric system. If they were, the problem would disappear. (In fact, if they would use any consistent system, the problem would disappear.)
How the author manages to blame this on the metric system is beyond my comprehension.
The best part comes next. I think my whole attitude on this "essay" can be focused on this one small quote:
You don't need to read anything else in this essay---even the rest of this paragraph, where he goes on to say that people buy wood in 120cm lengths---because it's all here. Nobody cares if you can't divide a metre into 3, just like nobody cares if you can'
Sigh... (Score:3, Redundant)
Karma-seekers, just go to the original post [slashdot.org] and repost all insightful comments!
~Berj
Re:Sigh... (Score:2)
not to pick but Andorion and I were on the same ball
cheers!
Re:Sigh... (Score:2)
Maybe instead of posting the above, I should have taken my own advice and just posted a bunch of insightful, funny, and informative comments from the last discussion!
~Berj
Re:Sigh... (Score:2)
All's fair in love, war... and SLASHDOT!
Re:10$ says... (Score:3, Funny)
Re:10$ says... (Score:2)
An IP address for.... (Score:5, Funny)
Circular definition, AH! (Score:4, Funny)
IPv8 won't be released until all IPv6 addresses are used.
The longer it takes for IPv8 to be released, the sooner it will happen!
Re:Circular definition, AH! (Score:2)
Re:An IP address for.... (Score:5, Funny)
[yes] [no] [sod off before I shoot you, ya nosy paperclip!]
Soko
Re:An IP address for.... (Score:2)
-j
Not Internet enabled, but... (Score:2)
They are still in prototype now, and I think are part of the LandWarrior system.
Re:An IP address for.... (Score:3, Funny)
internet enabled bullets
Sorry. You can't kill. The network is down.
Re:An IP address for.... (Score:3, Funny)
Great. I can't wait until these become the subject of hacks and viruses. Imagine getting shot in the head by a bullet with the following message attached:
Hi! How are you?
I send you this bullet in order to have your advice.
See you later. Thanks
Comment removed (Score:5, Funny)
Re:Standard (Score:3, Funny)
New category icon ... (Score:2, Funny)
IPv6.... (Score:2, Funny)
Re:IPv6.... (Score:5, Interesting)
You want to have vastly more addresses than can ever be used; this will kill scanning attacks by black hats and spammers who just try every network address looking for a victim. Anyone scanning thousands of bogus addresses for every real one will trigger all kinds of alarms.
Re:IPv6.... (Score:2, Insightful)
Chicken and egg (Score:4, Insightful)
Why would it be? I assume most US based companies and providers don't have many connections to the DOD network :) ;)
When a: there is a decent amount of IPv6 only content, and b: when the most widely used OS in the world ships with it enabled by default, (ipv6 install doesn't count here) then it might start taking hold. But it's a chicken and egg situation at the moment. That autopr0n guy should switch his site to IPv6 only, and force his viewers to start using IPv6 (or IPv6-over-IPv4)
Sign yourself up to an IPv6 tunnelbroker today, and get your own n * 2^64 addresses to play with.
In fact, why isn't Slashdot an IPv6 enabled site?
Re:Chicken and egg (Score:3, Interesting)
Ah, but if you're shipping networking gear, the telecom industry is broke, so the only major source of customers is the military. You're going to design to fit the requirements of the paying customers, and as keeping two designs going is more expensive, there will be more and more ipv6-capable gear sold to everyone if the military demands it.
People forget that as late as the early 80s, the US military bought 50% or more of all electronics purchased in the US.
Re:Chicken and egg (Score:4, Funny)
Because we are all hypocrits.
Re:Chicken and egg (Score:2)
Heavy Sigh (Score:4, Funny)
Too bad I have to type http://132.122.21.123.155.135.132.152.132.122.221. 123.15.23.32.52 to get to my computer that I don't have a domain name for.
Re:Heavy Sigh (Score:5, Informative)
From ifconfig:
inet6 addr: fe80::240:93fa:fe43:6f50/64 Scope:Link
And you're right - DNS will become more invaluable. ::1, or ::2, etc.
Although you only have to remember your subnet - eg 2001:618:15, and the address you use on that subnet, which is usually something like
Re:Heavy Sigh (Score:2, Informative)
Re:Heavy Sigh (Score:2)
inet6 addr: fe80::240:93fa:fe43:6f50/64 Scope:Link
Thanks. That will be much easier to remember.
Re: Heavy Sigh (Score:2)
I'm really sorry about this, but as a fully paid-up member of the Campaign for Real Pedantry (CaRP), I can't let 'more invaluable' go. DNS could become 'more valuable'. But invaluable means incapable of being valued; something is either invaluable or it's not - it can't be more invaluable, in the same way that something can't be more unique or more dead.
Thank you for your understanding in this matter.
IPV6 Costs.... (Score:3, Funny)
Washington, DC - June 26, 2003 - Dept. Of Defense in charge of security and defense for the United States Of America will be going over budget on an IPV6 upgrade. The majority of costs will be involved in training staff to count to the number 6. Previous training to count up to 5 was thought to be years ahead of its time since the DOD believes IPV5 would come after IPV4.
Heh (Score:5, Funny)
Re:Heh (Score:5, Funny)
Re:Heh (Score:2)
IPv6 would allow me to have real IP's on all my devices behind my firewall, and I wouldn't be breaking a good chunk of it like I do IPv4 just because I wouldn't have to NAT.
Multicast in IPv6 would revolutionize streaming media and software distribution, if five of your friends want to download a copy of RandomLinux ISO from you you only upload it once, not 5 times.
IPv6 May becomre much MORE needed (Score:4, Interesting)
Since several states have already banned NAT, and several more are moving in that direction... perhapse IPv6 will be necessary much sooner than we think.
Re:IPv6 May becomre much MORE needed (Score:3, Informative)
NAT sucks (Score:2)
Re:IPv6 May becomre much MORE needed (Score:2)
Re:IPv6 May becomre much MORE needed (Score:2)
There have been several articles on Slashdot about this. It's not about NAT in particular, but rather about any kind of device that "hides" your identity (so VPN tunnels are also mentioned).
Time to learn... (Score:4, Interesting)
Yeah -- I know how to use a Linux box as a decent router and setup Firewall's as needed, etc.
The fact that I'm not doing anything SERIOUSLY complex helps:
- Web servers (port 80 and 443)
- imaps (port 993)
- ssh2 (private port with honey-pots all over
- other misc needed ports and tunnels as well.
ONLY ports I specifically opened up and re-directed are available to the general Internet. Firewalls run internally as well, but many more services (lpr, smb, hell IPX is stilled used/preferred for accounting work)...
With IPv6 I'm probably going to go the route of:
1) Ok -- I *basically* understand it, but honestly haven't wrapped my brain around it
2) Try and get a few IPv6 addresses as needed
3) Update front end router to use it work with it.
4) Tunnel it back into my IPv4 network per port as needed. IPv6 NAT if you will...
I really don't want anything/everything directly connected to the Internet. At anytime. Except the Internet network router. These ISP's selling "Windows DSL modems" where it plugs directly into USB or the Ethernet is NUTS, IMHO.
Once in a blue moon I'll come across a Linux box that has ftp (for example) enabled and there really isn't the want/need for it. Oops, not Firewalled either... Glad it wasn't directly on the 'Net (!)
Even when the need _has_ arisen to put a box completely on the Internet directly it's been easy enough to setup a 1:1 map on the router... While the video feed was going on I personally would be nmap'ing the box to double check the firewall settings...
Of course the problem exists because, well, it is TOO easy to get on the Internet. Too many have no clue what they are doing, but they get email (!) Yeah. Those are the ones spreading virus' and not knowing it or have a hacked box spewing spam around the world. Some problems could also become moot with IPv6 in regards to security and accountability...
!fp
Re:Time to learn... (Score:4, Insightful)
Because my workstation is behind NAT on IPv4, I have to either VPN in, or SSH to the firewall, and then onto my workstation. With IPv6 however, because I can address my workstation directly, and because I've allowed SSH to it, I can ssh right in through the firewall. It's just better. Abolish NAT.
Re:Time to learn... (Score:2)
Oh, come now. You're over-reacting.
Get two hosts behind NAT, and they are unable to establish connections between themselves.
This is sometimes true, and is usually considered a benefit. Put servers on the public Internet, put client workstations behind NAT.
Because my workstation is behind NAT on IPv4, I have to either VPN in, or SSH to the firewall, and then onto my workstation.
Have you ever heard of port forwarding? Basically, you can take a high port (say
Re:Time to learn... (Score:2)
Re:Time to learn... (Score:3, Informative)
Your IPv6 router can *still* be used to firewall off your internal IPv6 network even though it has globally addressable IP addresses. The added benefit (you might not think this is a benefit, but many firms do) is if everyone has globally unique address space, and say, for example, two companies become partners, they don't have to renumber vast amounts of machines so the t
2008?!?! (Score:2)
Damnit! (In the spirit of dupes) (Score:5, Funny)
IPv6 sounds great but I see that we will need more TLDs and a domain name will be absolutely necessary.
Frickin' Rainman will be the only one able to remember xxxx.xxxx.xxxx.xxxx.xxxx.xxxx.
At least the giant corporations that are our new overlords will have to spend some serious $$$ to cover all the new 'name.new tld'. Perhaps after all this is done, they can work on flying cars. 'cause we are like 50+ years behind the times here, people.
But all that has to take a back seat to hard-to-remember IPv6.
Here's a plan, why don't we just take the internet away from all the AOLers, the Flash greeting card senders, the 'Great Story! Read this LOLRFLOLRLOL!!!!'ers, Zone Bejewled players and the cheaters at Counter Strike and we'll have enough IPs for all of the elitist bastards that are going to make my toaster talk to me.
Tell you what. I will trade all my IPs (192.168.x.x) for a friggin' flying car.
Let's make it happen. I'll even have a bumper sticker, "IPv6, but my doctor says I'll be fine!" with a smiley!
Gimme my flying car.
Re:Damnit! (In the spirit of dupes) (Score:2)
make sense, the issue is security (Score:3, Informative)
More than one benefit. (Score:5, Informative)
There is no address space shortage as reported...everywhere. -davidu
Re:Privacy, oh really? (Score:2)
Oh, and of course you don't have to remember it, you only need to have your DNS serve
By 2008 (Score:3, Funny)
How slow is that?
Excellent example! (Score:4, Funny)
Great attitude there, Rob.
Re:Excellent example! (Score:2)
Re:Excellent example! (Score:2, Interesting)
Sheesh, and they expect us to subscribe for this shitty service and shitty "customer is always stupid" attitude.
Check out the FAQ: "Why don't you do this simple thing to make the Slashdot experience better?" "I'm too busy." "Well, what about this one?" "Busy." "This?" "Busy."
What the fuck are the Slashdot editors so busy doing? They don't read their
Re:Excellent example! (Score:3, Funny)
CmdrTaco: Whatever. Next.
Great attitude there, Rob.
And they want people to pay for this?
The next dupe will be posted soon, but subscribers can see it early!
Last time with ISO protocols. (Score:5, Interesting)
It is definitely a good thing, but the US isn't going to shift to IPv6 just because one government department has decided to use it. It will happen by people getting involved with IPv6. Jump on the 6-bone today.
www.freenet6.net [freenet6.net], it's free.
IPv6 more likely to succeed than GOSIP OSI (Score:3, Informative)
One of the big differences between the GOSIP OSI stack (which failed in the market) and IPv6 (which might succeed) was that GOSIP was big, clumsy,
Re:IPv6 more likely to succeed than GOSIP OSI (Score:2)
Well, it worked enough that I now support a 7 layer OSI network stack! (infact, I just ported it to the PowerPC!)
Shoot me now? Please?
For anyone still in the dark... (Score:3, Informative)
Big numbers... (Score:2)
Remember, IP n00b - don't yell at me.
Re:Big numbers... (Score:5, Informative)
Hierarchical is good, as it means that the world doesn't need to know about routes for each company. It just says: Oh, that address is in the range belonging to Big ISP 1, so I'll pass it on. Big ISP 1 knows that it belongs to ISP 2, and ISP 2 passes it on to Company 3.
Re:Big numbers... (Score:2)
Re:Big numbers... (Score:2)
Most routers and OS's store IPs used for routing data in hash or trie data structures which will keep it from quadrupling the amount of RAM used. Since they are already using these data structures, the number of loads/compare ops
Re:Big numbers... (Score:3, Interesting)
It isn't actually that every computer has one IP address - it's really that every _network_interface_ has one IP address, but if you've only got one network card that's close enough to the same thing. The IP address has two parts, a network part for the network you're connected to and a host part for your machine itself. On the current IPv4 the address is 32 bits, which was plenty back in 1
How to defeat NAT with IPv6 (Score:3, Insightful)
Let's say I'm the author of a voice over IP application on a platform that supports IPv6, like, say, Mac OS X. I get myself a NAPT-replacement box that I stick on the edge of my home network. It assigns an IPv6 address to each of the inner systems using 6to4. Then, when my caller wants to try to phone me, I give her my IPv6 address. She connects to that address and her magic box sets up an IPv6 tunnel to my magic box automatically. Then my magic box forwards the packets to the right machine in my network.
Add a firewall to that, and you've got something that replaces NAPT.
You could keep IPv4 NAPT as a legacy feature for inside hosts and applications that don't support IPv6 yet. But apps that do support IPv6, would not have to do any work to traverse the NAPT.
simon
Coming faster and faster (Score:5, Interesting)
In every installation I've rolled out in the last few years, I've specced IPv6 support. Every network, router, interconnect, carrier and transit has had IPv6 working. Not always working very well, but enough that people didn't notice whether their traffic went over IPv6 or v4.
Solaris has had IPv6 for several years, and the current release its on by default, plug it into a network with an IPv6 router and it works. M$ is playing catch up by including it natively in XP, but it still takes some tweaking. The linux distros will have to start making it enabled by default (no more kernel recompiles), but that may be happening as I type this. More and more applications are being written as fully IPv6 aware, and most of the traditional apps like ping, FTP, traceroute and SSH are now re-written to use IPv6 when a AAAA record is returned from a DNS lookup. There still is a lot of work to be done, like fully working dynamic DNS updates, and DHCPng, route servers, and a free (as in everything) certificate system for IPSec. Every new release of every browser should check for IPv6 and use it whenever possible, M$ claims that will happen starting with their next desktop releases.
Where I've seen the most far-sighted development is in the newest generation of GSM mobile phones. All the big players are including IPv6 in their current handset designs, and the carriers are now developing value added services to sell. So its not just each phone is individually addressable, but can roam onto competing carriers networks and still have a globally accessible address. Internally, every carrier in Europe with 2.5G/3G services is running IPv6 for everything (except for a few dinosaurs about to be extinct). The other big area is giving each credit card with a smart chip (anti-fraud and verification chip) a range of IPv6 addresses. When the card is put into a reader or used for an online purchase, the chip will actively participate in the verification step by being uniquely addressable and requesting end-to-end encryption. There were several card manufacturers showing off their tiny IPv6 stacks at a recent smartcard trade show.
As I've pointed out in a post months ago, many ISPs here in Europe are making IPv6 available for early adopters, in the hopes of riding the next wave to some higher margins. I've had clients ask me for advice on getting onto the "new internet", because they didn't want to get left behind on the "old and obsolete internet". Then I point out how they are already on it, and my installations use the "new internet" whenever possible.
IPv6 is here, it works, and soon consumers will make it a "must-have" item when buying a new computer. When that starts happening, then techies with a few years of solid IPv6 experience will be sought after for their skills.
the AC
working with IPng/IPv6 since 1994
Re:Coming faster and faster (Score:3, Interesting)
This might be true for a few carriers you know, but it is absolutely not true for the wireless networks I've been working with (and they aren't dinosaurs, they include the market leaders) - they are all IPv4 and are running routers with IOS/JUNOS versions that don't even support IPv6. Since Cisco IOS 12.3 is the first non-T train IOS to support IPv6 and it came out in
I can't wait (Score:5, Insightful)
But you know what, that's not really a technology limit, that's a BUSINESS MODEL.
Watch this. When they finally go over to IPv6 and later install your new DSL, know what the knee-biting bastards will do? First, they will charge you MORE for a basic DSL with dynamic IP because now it is the new-fangled IPv6 (new=$$$). Then they will assign you a SINGLE IP addy from their store of 128 trillion. And they will assign IP addresses this way in SEQUENCE to all subscribers so that as soon as you get yours you are boxed in by other subscribers just getting theirs. You know they will, it will be a strategic decision to completely undermine the freedom you SHOULD have when there are about 1 billion IP addresses for every human alive on earth.
The only way around this would be to issue IP blocks to physical locations on the earth, so no matter where you are you have all the IP addresses reservered for that square meter of dirt, and if you have a large home/office/company then you have a big block indeed. ISPs would be forced to backbone their entire geographic area, including the whole planet if they are big enough.
As a business model it sucks big wind. But I like it as an end user.
Wire the planet. Freedom to connect! No more IP address space tyranny!!
Re:I can't wait (Score:4, Funny)
Well, wouldn't that make mobile computing a pain... "uh oh, by car has moved twenty feet, better change my IP address!" as you're going down the freeway.
Advantages of IPV6 (Score:4, Informative)
Small/independant ISPs? (Score:3, Insightful)
I believe that cisco already supports IPv6 on most (all?) of thier equipment. There are IPv6 packages for most OS, and you can support IPv6 and IPv4 simultaneously if neccessary.
Is it neccessary for the smaller guys to wait?
If
That seems a little ass backwards to me.
An IBM Rep. at some conference once.. (Score:4, Funny)
He mentioned how many addresses, and then asked if anyone knew what that meant.
He said that it would mean there would be enough for every frickin appliance, and it could run Java on it, and did anyone know what THAT meant?
Of course no one was supposed to have any answers, it was almost all PHBs there (I got dragged along to man a cursed booth).
So I raised my hand and said "So you can get up in the morning and reboot your toaster?"
EVERYONE burst out laughing!
Re:Only if it fits as standard (Score:3, Informative)
In solaris frex. you simply have to say yes to enable when asked during install and hey presto your machine is instantly IPv6 aware.
Re:Only if it fits as standard (Score:2, Informative)
Also, pretty much every single *-nix I can think of supports IPv6 natively. I know for a fact that OpenBSD supports it and I cna't imagine Linux doesn't. Heck, it'd be a fun challenge to find a Unix that doesn't support IPv6.
So that's *-nix, MacOS X, and all future versions of Windows. What else would an 'average home user' be using?
Re:Only if it fits as standard (Score:2)
Oh yeah, you can download IPv6 functionality for it. And then you can ping IPv6 hosts, and maybe, if you're lucky, you're using the right version of IE that supports IPv6 on 2000. W00t. I think everyone is referring to the full suite of tools. FTP, telnet, SSH (putty), IE, OE, everything. It's pretty pointless to have an IPv6 stack if none of your apps can use it.
Disclaimer: I use Linux, and it all works flawlessly, so I couldn't care less about people stuck on Windows ;)
Re:Only if it fits as standard (Score:2)
Nice troll.
Playing catch-up to Unix, more like.
Re:Only if it fits as standard (Score:2)
The fact is that most Windows users won't care or know about what IP version they're using. So it's not really up to them to "decide" to use IPv4 or IPv6. The key is ISP support. Until you have both of those no one will switch.
I would gladly switch to
Re:Only if it fits as standard (Score:2)
Start with tunnel-broking [google.com], or IPv6 over IPv4 [google.com].
I can recommend the BT IPv6 tunnel broker if you're in the UK...
Re:Recap (Score:5, Informative)
No, we will not. The current IPv4 has approximately 4,300,000,000 (4.3 x 10^9) total addresses in its address space. IPv6, however, has 3.4 x 10^38 available addresses.
To quote from the WIDE FAQ [wide.ad.jp]: "If the address space of IPv4 is compared to 1 millimeter, the address space of IPv6 would be 80 times the diameter of the galactic system."
It is simply not feasible that we will ever need anything more than IPv6.
Re:Recap (Score:2)
No, we will not. The current IPv4 has approximately 4,300,000,000 (4.3 x 10^9) total addresses in its address space. IPv6, however, has 3.4 x 10^38 available addresses.
You know that all of those RFID tags will each be getting their owm IPv6 numbers, just because some idiot thinks it's a neat idea. Or come up with some other real big waste of resources.
Which means that we'll need IPv8 or IPv10 by 2016
Re:Recap (Score:2)
Re:Recap (Score:2)
Re:Recap (Score:2)
Even with IPv6, you can bet people will still be extremely stingy when it comes to handing them out - someone will be charging for them (be it ARIN, APNIC, whoever..)
Yes, we will, if we want... (Score:2)
Remember, [princeton.edu]
IPv7, for a new wonderful experience.
Re:Recap (Score:4, Interesting)
baring an artificial scarcity. Like somebody buys 300 trillion trillion of them. You think thats unlikly, but if some company offered everybody on te board of "whoever will hand these out" 10 million dollars, do you honestly think they would run into a problem getting them?
Hell, if I had the money to do so, I would the resale on these would be huge.
Re:Recap (Score:2)
Re:Until, that is... (Score:2)
I have 65536 * 2^64 addresses. But you're not grasping how amazingly small that many addresses is.
Ignore the hosts part - it's pretty much fixed as a /64. /64 - that's a total of 2^64 subnets of 2^64 addresses.
The smallest subnet in IPv6 is
My 65536 subnets out of 2^64 is nothing. Yet it's more than I'll ever need for my lab.
But they're handed out like candy (Score:2)
If i wanted to use all them then i'd even have to dig out that 486 laptop from under my bed.
It's not enough i tell ya.
Re:Would be nice... (Score:2)
Just tell them it'll save them 10 cents per transaction!
Re:Would be nice... (Score:2)
It does, but with Linux, they can save even more!!!