More on China's IPv6 Network Buildout 163
photojournaliste writes "China has developed and demonstrated its first high-performance network core router based on the next-generation Internet standard known as IPv6, which the country officially inaugurated earlier this week." There's also a CNet story, which has a bit more information than our earlier story.
Any more high-profile rollouts of IPv6? (Score:4, Interesting)
Re:Any more high-profile rollouts of IPv6? (Score:5, Informative)
China is not the only Asian country with a strong interest in IPv6. Japan has already implemented an IPv6 production network, which is used by every service provider in the country. South Korea is working with the EU to develop applications and services using IPv6.
Also, check out this article: Japan, China, S. Korea developing next Net [com.com].
Develop intellectual property, copy model # (Score:4, Interesting)
Is this the Intel/AMD "486" thing all over again?
Re:Develop intellectual property, copy model # (Score:5, Funny)
That's absurd, noone can read Cisco source code.
Re:Develop intellectual property, copy model # (Score:1)
Re:Develop intellectual property, copy model # (Score:2)
Do you mean;
"noone has the opportunity to look at and read cisco sourcecode" (because its so secret)
or;
"even if you had the opportunity to look at cisco sourcecode you wouldn't be able to read it" (because its so badly written)
Re:Develop intellectual property, copy model # (Score:2)
Re:Develop intellectual property, copy model # (Score:3, Interesting)
Check the release notes:
http://www.cisco.com/en/US/products/sw/iosswrel / ps 5014/prod_release_note09186a0080199977.html
The chinese probably are using the cisco GSRs. If you google for GSR IPv6 you'll see a couple places with IPv6 and the GSR in action (abiliene?) and some with Juniper to GSR Ipv6 connections.
-A
While the idea that the chinese stole the router and hacked in IPv6 is nice, it is much easier to believe they bought a co
Re:Develop intellectual property, copy model # (Score:1, Insightful)
I"P" is a massive scam to get the West to stop manufacturing. "Made in England (or USA)" used to be a mark of pride, now all the real work is done by China, while the idiot West kills itself fighting over who has the most imaginary property?
Pretty soon, all the West will have will be ephermal dreams, and the rest of the world will say "fuck that".
I wonder how thay tested it? (Score:1, Interesting)
Do network speed tests rely on clusters of machines?
Re:I wonder how thay tested it? (Score:2)
Re:I wonder how thay tested it? (Score:5, Informative)
http://www.spirentcom.com/analysis/product_line.c
and this:
http://www.ixiacom.com/products/chassis/ch_displa
I used one of these to demonstrate to the IT department of my megacorp exactally why my networking lab needed it's own isolated subnet on its own Cat6K, and its own servers.
Once I started pumping out thousands of frames per second of random IP and MAC addresses their routers started dying under the loads.
I got everything I asked for
-nB
Re:I wonder how thay tested it? (Score:1)
Remind me of flood ping.
Re:I wonder how thay tested it? (Score:2)
Re:I wonder how thay tested it? (Score:2)
What counts is your ability to put that data on the line. This is something no PC and exceptionally few server class machines can do.
With the advent of PCIe we are beginning to see PC's that conceivably could saturate a gig link, though even then they would have trouble.
-nB
Re:I wonder how thay tested it? (Score:4, Informative)
The "Internet2 speed record" had Dell boxes running NetBSD pushing 4Gbps for an hour [sunet.se] with no packet loss.
Re:I wonder how thay tested it? (Score:2)
"This is something no PC and exceptionally few server class machines can do."
I think I have your statement covered.
I know what I'm talking about, I also know that the standard way to test a router is with the test tools I outline previously, not a group of PCs.
but hey, you're the one with the respectable handle
-nB
Re:I wonder how thay tested it? (Score:2)
I know that load generators are used to throw bits on the wire for network testing, but you don't have anything covered.
Re:I wonder how thay tested it? (Score:2)
Show me one PC that can source 4Gbps off of it's I/O bus. That's faster than a single PCIe lane. Desktop boards supporting faster, multi-lane PCIe are only now coming to market. There aren't even many NICs that can support over 1Gbps. Myrinet only supports 2 gig, Infiniband supports 10Gig and in theory could support 40 gig. I suspect that the machine you are talking about is not a desktop class machine.
Load generators are the accepted standard unit of speed measurement. Wheth
Re:I wonder how thay tested it? (Score:2)
Sender:
Dell 2650, with one single Intel Xeon 2.0 GHz CPU and 1024 Mbytes of RAM
Receiver:
Dell Precision 650, with one single Intel Xeon 2.8 GHz CPU and 512 Mbytes of RAM. NOTE that this host only has a 100 MHz PCI-X bus(!)
Network interfaces (both sender and receiver): Intel® PRO/10GbE LR
Re:I wonder how thay tested it? (Score:1)
Re:I wonder how thay tested it? (Score:2)
Re:I wonder how thay tested it? (Score:1)
Re:I wonder how thay tested it? (Score:2)
According to the specs you linked, they used server-grade Intel(R) PRO/10GbE LR [misco.co.uk] NICs which cost more than a whole PC. They point out that one of the machines "only has a 100 MHz PCI-X bus(!)" but that's a lot faster than whatever is on your desktop, and it comes on a server-grade motherboard (see here [hp.com] under "Will new PCI-X cards be compatible in conventional PCI based systems?").
These guys called the machines PCs, but they obviously spent a big wad of cash on server-grade I/O busses. The result:
One thing I like (Score:4, Insightful)
Some experts have predicted that once China has embraced IPv6, Western countries that wish to do business with Asia will have to upgrade their own networks.
There is actually some truth in this, and might increase the accepetance rate. Same thing is happening to governments using OOo file formats is all, but at a smaller scale.
However, the other article said that it is backward compatible with ipv4, are they using some kind of NAT then, or is it just backward compatible in the sense that the Chinese network can read of ipv4 networks.
Another critique is that, whilst this network uses ipv6, it is mainly used to connect university networks, therefore, business won't be as much pushed to adopt ipv6, hence the article...
Re:One thing I like (Score:1)
It may infact make the internet a bit more random and fun again
tunnel (Score:1)
easy way to determine what's outbound traffic without having to look at the destination.... that would probably be benificial to the chinese government
Re:One thing I like (Score:2)
yeah, that'll translate well...
Chinese guy: let's browse over to Slashdot...
His computer: Hey 66.35.250.150, I'm FEDC:BA98:7654:3210:FEDC:BA98:7654:3210 and I want all your base to belong to me. Or maybe just you're index.html.
Slashdot server: WTF? What's all that "FEDC" gobbly-gook supposed to
Re:One thing I like (Score:1)
IIRC the way it should work is slashdot.org (66.35.250.150) becomes 0:0:0:0.66.35.250.150 which tells the ipv6 router to use ipv4. After upgrading to ipv6 slashdots ip is now 0:0:0:FFFF.66.35.250.150
which means that slashdot can use ipv6. Eventually slashdot would get its own ipv6 block and stop us
I think that... (Score:5, Interesting)
I really look forward to the day when I can (once again) have end-to-end connectivity with peers. The proliferation of NAT devices truly has changed the face of the Internet from a large peer-to-peer network with content at every corner, to a client-server model where content is only served by those with enough capital.
This is readily apparent in the draconian acceptable useage policies of most providers.
I *want* to be able to connect to any of my home machines from work, and vice-versa (firewall permitting). I would *love* to have my own block of portable address space for me to do with as I please.
I simply can't wait for this to catch on in more places. I encourage all of you to look into IPv6 and see how much added benefit you could get from having a near-unexhaustable pool of addresses available.
Re:I think that... (Score:1)
I already do all of this, I don't see why you wouldn't be able to, it just requires that you correctly setup your router at home and know your ip address. I use dyndns with my router and have each machine setup to be accessible from a different port number.
Re:I think that... (Score:2)
Re:I think that... (Score:3, Insightful)
Re:I think that... (Score:2)
If you have a
Re:I think that... (Score:1)
Re:I think that... (Score:1)
There's more than one way to do this, my point is that having every de
Re:I think that... (Score:2)
Thats not "security through obsecurity". Its if others didn't know how SSH, PGP, SSL worked and relied on that to provide a level of security. The fact that you keep a key secret ok.
Re:I think that... (Score:2, Insightful)
Re:I think that... (Score:4, Insightful)
NAT has nothing to do with firewalling. NAT does not drop any packets whatsoever - your firewall does. With IPv6 noone is proposing that we stop using firewalls, just that we stop using NAT. Nobody's network will be one bit less safe by dropping the NAT and keeping the firewall.
Not feasability, need. (Score:2, Informative)
Re:I think that... (Score:2, Insightful)
I really believe that this is a good thing. Many people are not embracing IPv6 due to lack of a high-profile rollout showing its feasability.
Many people are also not building gigantic football stadiums made out of cotton candy due to lack of a high-profile rollout showing its feasability. But just because someone does it doesn't mean you will get more gigantic cotton-candy stadiums, even though it does solve the shortage of cotton-candy at football games.
Also, much of the software out there does not
Re:I think that... (Score:2)
Then keep your firewall in place. You do have one, don't you? Noone is proposing we drop firewalls with IPv6, just NAT.
You don't use SSH or SSL or any other protocol that does host-based authentication? If not, and if you don't
Re:I think that... (Score:3, Informative)
IPs were never meant to be portable. Making it portable really messes up routing. This is why you set up DNS so you can name each device. I have a DHCP server that gives out IPs based on MAC addresses so all I have to remember is a name, not a long number (IPv6 numbers are a lot longer too).
Re:I think that... (Score:3, Informative)
This all requires the mobile computer to report back periodically with status updates on its current "care-of IP", and that's all. This is not a tunnel, it's real mobile IP, built into the protocol. I believ
Re:I think that... (Score:1)
Re:I think that... (Score:2)
Actually NAT doesn't act like a firewall at all. Read the RFCs sometime, it doesn't actually drop any packets, it simply re-writes certain ones.
Re:I think that... (Score:2)
No, they won't be dropped. Random packets ariving will simply be routed
Re:I think that... (Score:2)
Your own router will route them to internal hosts unless it has filtering rules to tell it to do otherwise. All the attacker has to do is get the packet
Re:I think that... (Score:2)
Re:I think that... (Score:2)
You're right, they aren't routable for the most part, but certain people can make them routable, at least on the network near you on the outside. See my other post [slashdot.org]. You can't rely on the non-routability of those addresses to maintain the security of your network.
Re:I think that... (Score:2)
Yeah. Well, netfilter does nat and filtering. Just make sure you have some stuff in the filter table as well as nat.
No problem.
Re:I think that... (Score:2)
That is just a conceptual view of how the usual network using Traditional NAT works - sessions are going one way, and the private addresses are not visible to outside hosts. That doesn't specify that NAT should drop connections that are going they other way. Nothing in any of the NAT R
Re:I think that... (Score:1)
Re:I think that... (Score:1)
I agree using a NAT is a pain if one needs direct P2P connectivity, but OTOH, it also gives you a basic one-way firewall so that outsiders won't be able to get in so easily.
For example, if a Windows box is behind a NAT, the chance of getting infected by a new RPC bug drops significantly.
In that sense, it's useful.
But then, there are so many more ways to get into a private network (Such as worms propagate through browser bugs...), and a basic NAT is not a replacement for those who need two-way access c
No idea of how IPv6 works (Score:3, Informative)
Re:this isn't ipv6 related (Score:3, Insightful)
However, the IP6 rollout is going to be an expensive process. It certainly hasn't gone at the pace that we were being told four or five years ago.
For myself, I've moved the company I work for away from some of their older h
Re:this isn't ipv6 related (Score:2)
I never said Cisco was inferior to Linux. We're a small outfit, and money spent to upgrade our existing *older* Cisco equipment to IP6 could be much better spent elsewhere. Linux does a damn good job on routing, and is a lot cheaper than Cisco.
You must be a Cisco employee, because Linux routing and iptables/netfilter are not unknowns. Cisco ain't the only equipment in the world, but it sure is among the mo
Re:this isn't ipv6 related (Score:2)
And as you want to connect to more and more networks, you'll find you need to centralize allocation of network addresses, you'll run into portability and route table size issues, and you'll eventually run out of space in 10/8 to use, and at that point you realize you didn't solve the problem at all, you just duplicated it on a smaller scale.
Re:I think that... (Score:2)
Wow... if the parent poster knows a "VERY tiny bit" about networking, you know absolutely nothing at all.
seems like I've heard of CERN before (Score:1, Flamebait)
Communism and the internet. (Score:1, Offtopic)
Isn't this self-defeating for a communist country as it exists now?
Re:Communism and the internet. (Score:1, Troll)
adoption of IPv6. There will be no way for
any dissident to hide behind a NATed IPv4
address. Everyone will have their own static
IP address assigned to them, so there will
not be any anonimity to hide behind.
In the Soviet PRC, the Internet owns YOU!
Re:Communism and the internet. (Score:1)
Re:Communism and the internet. (Score:1)
Re:Communism and the internet. (Score:1, Insightful)
Re:Communism and the internet. (Score:1, Flamebait)
Under a communist regime, the government is not answerable to the people. The political process is controlled by the party elites. The average citizen's only role in the process is to submit to the dictates of the party. To do otherwise means a short painful life in a gulag.
A report from CNN on gulags in North Korea [cnn.com]
Non-trivial totalitarian governments can only be impleme
Re:Communism and the internet. (Score:1)
That doesn't do it? : )
To be serious, I think (With no hard data supporting the claim.) China's technology, especially in the academic institutions, is much more advanced than many think, and can actually utilize some of that.
Re:Communism and the internet. (Score:2)
Billions? (Score:3, Informative)
By increasing this to 128 bits, IPv6 provides billions more IP addresses
Billions? Try 3.4 dodecillion
The Question Is... (Score:3, Insightful)
On the other hand, it's still pretty easy to tunnel IPV4 through IPV6, so where is the incentive to upgrade going to be?
At least running Linux at home, that's one conversion worry I don't have :-)
---
My blog [blogspot.com] or yours?
Re:The Question Is... (Score:1)
Re:The Question Is... (Score:2)
Last to market (Score:4, Insightful)
why, if there's no freedom? (Score:2)
Because it helps you track your citizens? (Score:2)
Xix.
Re:Because it helps you track your citizens? (Score:1)
Re:Because it helps you track your citizens? (Score:2)
http://www.theregister.co.uk/2003/12/04/it_giants
On this basis, I'd expect the security provisions of IPV6 to be attractive (depeinding on what they let you do). Seems like a pretty logical conclusion to me.
Xix.
Why the Chinese are using IPv6 (Score:3, Funny)
For those who claim China respects IP (Score:1, Informative)
Reuters
Wednesday December 29, 4:59 PM
Hitachi GST sues Chinese disk drive maker
HONG KONG, Dec 29 (Reuters) - The hard disk drive manufacturing joint venture between Hitachi Ltd. and IBM said on Wednesday it has sued Chinese firm Magicstor Inc., saying it had made multiple patent infringements.
In the suit filed in United States District Court, Hitachi Global Storage Technologies seeks monetary damages and a permanent injunction barring Magicstor from making and se
Re:For those who claim China respects IP (Score:1)
So...?
Minidrive maker Cornice slapped with another suit [zdnet.com]
If you want to claim the Chinese doesn't respect the US IP system as much as the US do, just pointing out a Chinese firm being sued doesn't seem very convincing to me...
Just my 2 cents.
P.S. Software piracy is probably more (Or much more...) serious in China (And many developing countries.), and China doesn't seem to have a good track record in holding up the US IP system, but the above article doesn't tell much IMO, US companies get sued on IP
You're kinda slow aren't you? (Score:1)
I want to buy some of this stock (Score:4, Funny)
China has developed and demonstrated its first high-performance network core router based on the next-generation Internet standard
China? Are they public yet? What's their ticker, I can't find it??
someone has to say it. (Score:4, Interesting)
Lest we forget!
http://newsroom.cisco.com/dlls/corp_012303.html
One of my favorite quotes to be found on cisco's website:
Copying of IOS source code: Cisco alleges that Huawei has copied portions of the Cisco IOS source code and included the technology in its operating system for its Quidway routers and switches. Huawei's operating system contains a number of text strings, file names, and bugs that are identical to those found in Cisco's IOS source code.
"Intellectual Property" vs National Interests (Score:4, Interesting)
Content control? (Score:2)
The CNET article itself is terrible. (Score:5, Informative)
There is a rather better article on the subject of IPV6 adoption at InternetWeek, but that article is now four years old.
As for the specific information in the article,
"IPv6 provides billions more IP addresses" - I think the reporter is a bit confused about all these large numbers. IPv6 provides billions of TIMES more addresses. More even than that in fact; 2 to the power 128 is 79228162514264337593543950336 times greater than 2 to the power 32. (This calculation was brought to you by GNU bc [gnu.org])
"It was created and deployed in response to ... especially as Web use in Asia rises sharply." - The author has fallen for the post hoc ergo propter hoc fallacy [wikipedia.org]. In any case, the beginning of the development of IPv6 occurred significantly before the extensive takeup of Internet technologies in Asia.
As other people have already mentioned (including in the reader comments below the article - I would have contributed but see no point in "registering" with CNET), goodness knows where the journalist got their figure of "257 nodes". They should perhaps take the time to either check their notes or cross-check the information their sources are giving them.
Something the author failed to point out is that it is not only Asian countries that have been working with IPV6. There has been significant piloting in most countries that make use of the Internet. This means that there are IPV6 over IPv4 tunneling facilities that work therse days, meaning that it is not necessary for countries up upgrade everything to IPv6 in order for their businesses to trade with China, no matter what the article implies.
Re:The CNET article itself is terrible. (Score:2)
The IPv6 network was academic institutions only, from what I understood. How is this any different than the Internet2 that we (colleges, etc) have in the US?
37.25 GB/sec (Score:1)
Re:37.25 GB/sec (Score:1)
IPv6 on Internet2 (Score:3, Informative)
ALL of abiline (Internet2) is v6 enabled, just not all the way to clients.
Here is an up to date map of deployment of Ipv6 on I2.
http://www.abilene.iu.edu/images/v6.pdf [iu.edu]
Re:IPv6 on Internet2 (Score:1)
I'm interested that this did not make the news aswell. Internet 2 is what exactly the new Chinese network is trying to do. It must be the fact that
China, a technological underdog.
china (Score:1)
Re:Not suprisingly slashdot "editor" michael posts (Score:2, Funny)
Re:One Thing China Needs to Develop and Rollout (Score:2)
Re:One Thing China Needs to Develop and Rollout (Score:1)
Re:One Thing China Needs to Develop and Rollout (Score:2)
Now, I don't know if currently there is a regulation that bans an individual from having a routable add
Re:wow! (Score:1)
Re:Compatibility (Score:1)
So, although China has fairly whupped most other places in getting IPv6 in first, there's n
Re:Compatibility (Score:2)
Re:When is Slashdot going to do IPv6? (Score:1)