Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Links

CNN On IPv6 163

i am the waltuss writes "CNN has tackled The Great IP Crunch of 2010 in this article. Its a good overview/intro to the subject that will likely take the place of the Y2K "bug" after January 1. "
This discussion has been archived. No new comments can be posted.

CNN On IPv6

Comments Filter:
  • Ostensibly..hrm. In my opinion, just because you can do something like this doesn't mean you should. I'm sure it'd be nice and all to have a cron job set up in your wristwatch to connect to a time server so you never have to set it or a cron in your thermostat that would connect to a weather service, obtain information about the day's weather, and adjust temperature accordingly.

    I don't think I'll ever be a fan of that sort of thing, though..maybe I'm just really goofy, but I don't mind not having a fully automatic lifestyle..I'm just not comfortable with having my life controlled to that extent by appliances, I don't mind adjusting the thermostat or manually timing my watch or things of that sort..if everything around me or physically on me is just a node in a vast mechanical network, what does that make me?

    Eventually, just a node in a vast mechanical network.

    Peace,
  • by Anonymous Coward
    Don't you know that <spooky overtone>the solar maximum </spooky overtone> is what's going to be messing everything up in the new year?

    Oy. First El Nino (sorry, no tilde). Then 9.9.99. Y2K is coming up. Then it's going to be either the IP crunch or the solar maximum.

    I'm betting on the solar maximum. IP addresses are too much for the hardwired little brains of most end-users...
  • You posted some great comments; but since you don't have an email listed, I will respond here and try to keep it brief.

    For one thing, allowing an outside entity to control an appliance which you have purchased sounds like a potential privacy issue to me - without some really strict regulations on what a company can do with the information, do I really want a company to know when & how much toast I make? (Slightly more seriously, think DIVX...)
    I agree with your fears. However, I feel that this will be inevitable, regardless of the privacy implications.

    In any case, I see NAT as a highly desirable way for me to control what is talking on my subnet to stuff outside the subnet, regardless of whether you're talking IPv4 or IPv6.
    NAT is not designed for security, it just coincidental that it is more secure than traditional means. If you want security, IPsec is the best way to go (and is much easier on IPv6 anyway).

    Why is there some limit of effort @ opening NAT walls to different protocols? If the protocol is simple, then you can communicate through a single connection, and the owner of the NAT box can open that single port & attach it to the proper machine.
    The limitation I speak of is a manpower/development limitation. It is not efficient to have someone spend their valuable time fixing the current NAT implementation for the latest and greatest vendor protocol. Often, vendor protocols embed the source/destination address somewhere inside the packet, which is why NAT fails. IPsec is a great example; it needs to embed the source and destination IP inside an encrypted packet. No NAT program will ever be able to route this correctly, which means people running NAT can't use IPsec, which won't fly economically.

    Maybe I'm not quite understanding what you mean by "IP expansion" using ports, but as far as I'm concerned NAT is _supposed_ to make your subnet look like a big server on a single IP address, and I can't think of any performance/utilization metrics used by ISPs where this paradigm would cause "Bad Things" to happen.
    By "IP expansion" I meant the mapping of unused ports on one host to ports on a different host (NAT), thus virtually giving you "more IP addresses" (bad phrase, sorry).

    ISP metrics depend heavily on being able to uniquely identify evey host in the network, internal and external, for a variety of very good and time-tested reasons (I won't go into detail). NAT is designed to obscure this, and thus represents a problem for any network admin.
  • Why don't they just switch over to AppleTalk?
  • by Ungrounded Lightning ( 62228 ) on Tuesday September 21, 1999 @02:00PM (#1669312) Journal
    To help push IPv6 forward, the Internet Assigned Numbers Authority on July 19 gave regional registries around the world the go-ahead to begin assigning numbers based on the new standard. So far, the majority of the organizations that requested IPv6 numbers are research departments and universities. The only commercial ISPs to ask for such address blocks are two Japanese firms, Internet Initiative Japan and Nippon Telegraph & Telephone.

    The regional registries are charging big bucks for blocks of numbers and managing them as if they were as scarce as IPv4 address space - or as if the world was beating down their door and needed to be throttled. Results: Only the big router builders' research departments (garage shops need not apply) and the universities (grant money and need to keep at the cutting edge) are interested.

    ISPs aren't going to buy numbers until they roll out the infrastructure. Why tie up even a few grand now, when you're not going to use the numbers until later? There's enough numbers to give one to every hair on every human's head, so they won't run out if you don't jump early. (And they want to encode routing in the numbers, so it might be better to wait.)

    What burns me is that price tag. The home experimenters can't get in on this unless they ante up (or do all their work with bogus numbers - which is problematic when you want to start interconnecting with the other guys). So we get to depend on the Cisco/3Com/Ascends of the world.

    Microsoft would be proud.

    Hmmm... Maybe we ought to pick a block UNofficially and divy it up for playing with. B-)

  • Not to mention that this layout is in a 2 dimensional environment. If it was in a 3 dimensional environment, then the time delay problem would be a moot point.

    -Restil
  • >> P.S. How in the hell are we supposed to remember addresses like
    >>127.12.255.234.127.123.55.234.124.121.253.231. 227.12.215.134?

    > You're not. The obvious solution is to make sure you use DNS so you don't have to worry about what the IP is.

    How in the hell are we supposed to remember DNS names like www.toaster.upstairskitchen.myhouse.org.au.earth.s ol.milkyway....?

  • I work for a wireless phone provider. One of my duties includes the keeping an eye on whether or not we have enough numbers. I also represent my company in matters regarding new areaa codes. Suffice to say, this is a serrious pain in the ass for everyone. Here (Minneapolis/St. Paul) we just split the 612 area code into two, with 651 being the new one, about a year ago. We're already planning to split the 612 again, this time into three pieces. All of these have been/will be geographical splits. All the phone companys are pushing for overlay splits, but the public, and the Public Utilities Commision hate those. A geographical split is where one area has one code, and another has a different one. In a overlay, both codes occupy the same physical areas. IE you and your neighbor may have different area codes. Solution to this? Beats me. But the day is coming where it'll be required to dial 10 digits to make any call. The public will hate it. But there is no way around it. Number Portibility is the new process in which we're hoping to save numbers. You move? Take your phone number with you. No need to issue a new one, or hold your old one for 90 days before reissue. Lots of technical problems involved with this. Not to mention the billing headaches it creates.
  • by Anonymous Coward
    Its me again, the original AC.

    Why would your company need more than a minimal number of IP addresses, unless you want every box on your network directly connected to the internet?

    Its not that simple. The technique you suggest is, basically, what got us into this mess in the first place. The problem comes when you merge two networks (i.e. two companies). Both have used 10.* addresses, so you wind up with two computers on the network with the same number. Uh oh. Somebody has to renumber their entire network or it just won't work.

    So you put a NAT box between the two subnets. Now some applications won't work because they put port numbers and IP addresses in the data packets. Urk.

    We'll do it that way if we have to, but we would really rather find something better.

  • by Enoch Root ( 57473 ) on Tuesday September 21, 1999 @06:40AM (#1669319)
    Kill two birds with one stone: switch to IPv6, then switch the whole telephone system on it. That way, when you want to call someone, the phone line has an IP address and perhaps a DNS entry. So there you go! You can phone phone.alicebranford.nyc.ny.us

    Erm. I guess that's as likely, feasible and practical as running your toasters on in a Beowulf cluster through your kitchen Intranet. :)

    "There is no surer way to ruin a good discussion than to contaminate it with the facts."

  • by Anonymous Coward
    I used to program cash registers. Do you know how much I would have given to be able to telnet to a misbehaving register on the other side of the country?

    There are tremendous business uses for this sort of thing.


    Do you know what a hassle you would have if every time you had a misbehaving register on the other side of the country, you had to verify that a hacker hadn't telnetted into it and trashed it?

    There are tremendous business uses, and also tremendous business liabilities to everything being mapped to a publicly available IP address.
  • What if we could build a public network built on IPv6? Would it [ompages.com] be useful? The benefit to society would be increased privacy the cost would be the need for people to eschew complacency.

  • by jamiemccarthy ( 4847 ) on Tuesday September 21, 1999 @06:44AM (#1669322) Homepage Journal
    Imagine 1 trillion Bill Gateses standing in a circle (not a pretty picture, but play along for a moment). Now ask each one to convert his fortune into pennies and toss them in a collective pile.

    OK, so I'm a math weirdo, but play along for a moment. If one trillion Bill Gateses were standing in a circle and threw all their pennies in, how tall would the pile of pennies be?

    Actually, there wouldn't be a pile at all: the density would only be one penny per 2.5 square cm. Assuming three Gateses per linear meter. Evenly spread out, there's plenty of room to spare. 1*10^12 people -> (1/3)*10^12 m circumference -> 1.06*10^11 m diameter -> 2.5*10^21 m^2 area -> 2.5*10^13 cm^2 per Gates. Each Gates gets to throw his wealth [webho.com] of 1.06*10^13 pennies into a square 50 km on a side.

    If all those Gateses were standing in a circle, light would take over five minutes to cross its diameter. The circle would be not quite the size of Mercury [seds.org]'s orbit around the sun.

    If each penny contained 1 trillion tiny computers and each computer had its own IP address, you'd still have used only a fraction of IPv6's potential space.

    To be precise, about 2.9%.

    But good luck rewriting the TCP protocol for your penny network -- its end-to-end space-time delay is ten minutes!

    Jamie McCarthy

  • IPv6 may not have been DESIGNED to handle routing table overload, but that will probably be a side effect.

    IPv6 is much more geared toward route aggregation. And since its just being rolled out, and people already know the effects of the messy routing setup of today, route aggregation will be encouraged to a much greater degree.

    Yes, this could be done with IPv4. But it isn't going to happen. Far too late into the game.
    --
    Brandon Hume
    hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
  • by Anonymous Coward
    We have NAT on the corporate firewall because, basically, that is how the firewall does it. Its a DEC SEAL firewall (AFAIK) with all bells and whistles enabled. Amongst other things this does NAT so as to avoid releasing information about our network to any nasty little sniffers out there. There are good reasons why it was done this way, but network transparency was not one of them.

    DHCP has a similar story. It has been looked into, but I gather that there were security problems. Around here, that was enough to scupper the whole idea.

    AFAIK we don't currently have NAT within the intranet, but thanks to the various new aquisitions who use 10.* addresses (plus at least some bits of the existing intranet) it has been suggested as the way forwards. I'm looking for better ideas.

    Someone else asked if I work for MS. I don't work for MS. Beyond that I refuse to confirm or deny anything. Oh, except that I don't actually work in the IT support department, so don't judge my employer by my comparative ignorance on the subject.

  • An engineer from GM attended one of the IPv6 design meetings at the IETF (a number of years ago). That is GM as in General Motors. He was making the case for a larger IP address space.
    Imagine, if you will, GM coming to the IETF every year for 10 million more IP addresses. Because GM is imagining it.
  • Imagine this picture in 5 years:

    I carry a digital cellular phone. Maybe it uses Voice over IP, or maybe it can just connect to the web to check my email. Either way, it needs its own IP address.

    I carry a PDA, hopefully a descendant of my beloved Palm V. I carry it because my phone is a tiny little thing, making its screen so small that I'm willing to carry a separate PDA. My PDA can hotsync itself to my databases, which are on a server on the Internet of course. So my PDA needs an IP address.

    My watch synchronizes itself to the atomic clock, using multicasted NTP packets. It also sets its alarm to tell me when its time to take my heart medication. It sets its alarm by checking my medical schedule, which is on a server on the Internet of course. So now we have three IP addresses on my body.

    After my last heart attack (brought on by the stress of working 70 hour days in Silicon Valley back in 2003), the hospital gave me a monitor to affix to my ankle which monitors my blood pressure, hydration levels, etc. It collects its data and sends a packet to the hospital once per hour.

    At my house, all five of my very expensive cars (the oldest being my old 1999 junker) have a mobile entertainment center which can pull in HDTV broadcasts, connect to whatever the WWW looks like in 2004, etc. So I have 5 more IP addresses.

    And of course, the fax machine in my main vehicle is an aftermarket addon which doesn't cooperate with the car's built-in gigabit ethernet network, preferring to use its own wireless net connection. Another IP address.

    These are all mobile connections. MobileIP doesn't work with NAT: you have to have a globally unique IP address for the remote proxy to route things to you.

    NAT is useful to hook up the 27 computer systems I expect to have in my house by 2004.
  • by KoF ( 33336 )
    Could someone put up a URl that explains the new things in IPv6?
  • IPv4 and IPv6 can co-exist on the same subnet. In fact, they can co-exist on the same host. You can have a machine which has an IPv4 address and operates as an IPv4 machine, which simultaneously has an IPv6 address and operates as an IPv6 machine.

    Every ethernet packet has an ethernet header. There is a two byte field in the ethernet header called the ethertype (also called the SAP in some terminology). The ethertype identfies what kind of packet it is. For example, IPv4 is ethertype 0x0800, which IPv6 is 0x86dd. Thus, you can happily mix IPv4 and v6 packets on an ethernet, your machines will look at the ethertype to figure out what to do with them. Likewise your routers can simultaneously handle IPv4 and IPv6 traffic.
    BTW, it isn't just ethernet. Every modern network type, including FDDI, ATM, Token Ring, PPP, etc has a two byte SAP field in its header. The only two network links I can remember which didn't are SLIP and Apollo Token Ring, and I'll wager you aren't using either of those.

  • I'm glad to know that there is at least one more technological crisis to worry about come 1/1/2000.

    Seriously, won't the switch require huge changes to existing infrastructure? The big routers on the great big cables -- won't they have to be changed/upgraded/reprogrammed to handle the larger numbers without screwing up the network addresses?

    Seems like it to me... but I haven't been following too closely. What are the low level changes we need before we can switch?

    --
    QDMerge [rmci.net] 0.21!
  • IPv6, from what I understand of it, is more than just a wider IPv4. Amongst other things, I think you get end-to-end encryption as standard. Roll on!

    And if you were to flip it all to IPX or something as remote, who'd want to rewrite Apache (web servers), netscape (browsers) and IE (market-space) just so that they'd work over the new protocol?
  • by the_tsi ( 19767 ) on Tuesday September 21, 1999 @05:53AM (#1669331)
    I think copyleft or thinkgeek should re-release an updated version of Vinton's classic (legendary?) t-shirt to promote IPv6 and get people more interested in using it...

    IP (more) over everything.
    -or-
    IP over everything from anywhere.

    You get the idea. :)

    -Chris
  • NICs only care about their own protocolls i.e. Ethernet cards only concern themselves with mac addresses etc.(that goes for network topoligies too). But routers on the other hand concern themselves with IP. They wont work unless thei'r IPv6 compatible.
    LINUX stands for: Linux Inux Nux Ux X
  • As addressed somewhat by the article, it seems to me that the address problem is only the most obvious part of the problems with IPv4. The components of IPv6 to do with intelligent routing will greatly increase our usage of available bandwidth, something we'll need even more if we have an address for "every toaster in the world."

    Besides, if I stick knife in my toaster to get out the bread, I'll probably blow the whole Internet.

    Hotnutz.com [hotnutz.com]
  • Well Banyan had a 48-bit network address way whenever VINES IP was introduced. Also an intelligent route mangement system that worked most of the time. The only time I saw really broken routing was when a 3rd party router was introduced to the network. Scorpion/Xylogics ISDN devices could mess the routing tables up so badly that they could induce server panics.

    Unfortunatly Banyan suffered from a lack of marketing, and a scant regard for quality control in their later years - ever seen BeyondMail 3.0.

    I have many tales of Banyan if anyone is interested.
  • by Dast ( 10275 ) on Tuesday September 21, 1999 @05:55AM (#1669335)
    Why exactly should every toaster, microwave, dishwasher etc be connected? And even if they are all connected, why in the world do they need their own ip address?

    Seems like NAT and IP Masq. are perfect for this kind of thing. What most people do on the internet can be perfectly done through NAT or Masq: web, mail, ftp, ssh, etc.

    How does having your own large address space help anything?

    (Not to slam on ipv6, tho. I do like build in ipsec).
  • I guess that's one of the questions.. How does the resolver say, 'Please give me an IPv6 address, not that crappy old IPv4?'?
  • All the more reason to invest in Cisco: the only current tech company that *definately* will still be around in 10 years. No one can displace them.

    Just think of the upgrade potential they have... (and people think MS have a corner on a market)

    -Chris
  • So, hypothetically, we all already HAVE IPv6 IP blocks?
  • Try http://www.ipv6.org/

    It's really neat, there are a few networks that support it (vBNS has some limited support right now). Think ip addys with hex numbers instead of deciaml and you're halfway there :)

    vBNS link at http://www.vbns.net/IPv6/index.html for those interested.
  • You have to support defence in some way.. ;-P
  • by Signal 11 ( 7608 ) on Tuesday September 21, 1999 @05:59AM (#1669341)
    Oh bother.. these people didn't do their research.

    Hit up this [arin.net] FAQ put out by ARIN. To quote: IPv6 was not designed to address the routing table overload.

    Not only that, CIFS is supposed to address this issue for ipv4. The biggest problem IMO is that router tables will simply become too large and cumbersome to maintain. There is a practical limit to how much routing info you can squeeze into a embedded system (router!) before the costs outweigh the benefits.

    --

  • Wow, I hadn't looked quite yet. Where the heck does the 'yearly maintenence fee' go? Is this like the DNS name registration 'tax' that NSI came up with?
  • by Anonymous Shepherd ( 17338 ) on Tuesday September 21, 1999 @06:00AM (#1669343) Homepage
    I would imagine, fundamentally, that everyone would *want* to switch, were it that simple.

    However, organizations and companies have to tackle issues such as hardware and OS support, software written to recognize and work with *both* IPv6 and IPv4 until the transition has been made, as well as all the little differences in network architecture that may be necessary due to IPv4 vs IPv6.

    I had heard that Linux already has support for IPv6; but how about hardware(NICs, routers, network topologies)? And do they work with Linux? And will the software we use, will they work with Linux?

    For example take USB. Everything is USB today except for WindowsNT. Linux has better USB support, for crying out loud! Can't use USB mice, keyboards, printers, anything, under WinNT. Will there be a similar situation for IPv6? If the M$s and Suns of the world don't actively try to promote IPv6, and smaller alternatives such as Linux can't/don't/won't step up to the plate, how will anyone ever switch over?

    Of course this is just another opportunity for Linux to show it's superiority =)

    Linux vs WinNT
    Better USB support
    IPv6 support
    Better low level scalability
    Higher efficiencies and runtimes
    Better clustering capability(Beowulf)

    etc.


    -AS
  • > I hate to say this, but: Are you listening, Microsoft? IBM? Cisco?

    See http://ftp-eng.cisco.com/pub/IPv6/ for IOS images for a lot of Cisco routers

  • There is indeed a growing problem of running out of telephone numbers. Here in Massachusetts they've already had to create several new area codes recently, and they're talking about doing it again.

    However, the problem isn't really cell phones, pagers, and finding new phone numbers for them, in the same way that the IP address problem is not about exactly about new computers needing IP addresses. The problem is inefficient allocation; IP addresses, like phone numbers, are allocated to the people that need them blocks at a time. Unfortunately those blocks are not granular enough, and lots of numbers end up getting wasted.

    IP example: many companies need only slightly more than a class C address space (255 IPs), but nowhere near a class B address space (65536). So they get a class B IP, but end up wasting thousands of IPs. Now imagine this with class A vs. class B addresses, where you are potentially wasting millions of addresses.

    Telephone example: with all the new local telephone companies offering service, they are assigned phone number blocks they can distribute by exchange (i.e. first three digits of a seven digit local number). You now basically have potentially thousands of wasted numbers depending on how successful they are in signing up customers.

    In any case, I am sure I'm off on a few technical details on the above, but the gist of it I'm pretty sure is correct.
    ----------

  • Solaris 8 should contain IPv6 support. Its been in the experimental stages with Solaris 7 and before that, Solaris 2.5.

    Check the rumors on http://www.sunhelp.org/
    --
    Brandon Hume
    hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
  • San Jose is overlaying a new area code (669) over 408 and is making 10 digit dialing mandatory for both area codes starting October 2nd of this year. We've had area code splits here in the Bay Area but as far as I know this is the first overlay.

    There's a quick explanation over at Pac Bell [pac-bell.com]. There are even commercials on television to make people aware that they have to start dialing 10 digits.

    I too foresee LOTS of problems with the shortage of numbers in the near future.
  • Well, wouldn't it be more fun to mess with the program that controls how and when you're thermostat's settings get changed than to mess with the thermostat directly? "I'm cold, let's turn up the thermostat" - where's the challenge in that?? I think you're just lazy! :)
    I'm kidding about the lazy comment, of course!

    I disagree with the opinion that you would just turn into a 'node' - your life controlled by the other nodes around you. If I start thinking about automation it leads me to a future where I no longer even have to think about many of the mundane tasks that fill up so much of my day currently. All that time can be devoted to more enjoyable things like deep-thinking (some would say philosophy, but I don't have the creds), artistic endeavors, futzing around with the automation software, television-enhanced weight gain, etc.

  • I live in the Netherlands. Here we've had the whole telephone-system (which is controlled by a single company [kpn.com]) renumbered. Most numbers used to be 9 digits (except for Amsterdam and Rotterdam which already had 10 digits). Now we all have a 10 digit-phone number. It all went rather flawlessly; they gave nearly everybody a new areacode. They chose those new areacodes in such a way that the new ones did not exist in the old system (luckily there were enough area-codes). They also added a digit to the phonenumbers, and voila...there are about 10 times as much numbers. They kept the old and the new system working together for a few months and then dumped the old system. A funny thing was that suddenly I got a free new-number-calculator with everything I bought:)
  • Yes, AFAIK most of the really large chunks of IP space which weren't being used have been returned.
  • I love NAT as much as the next man, but it's fundamentally a bad hack.

    You lose transparency, flexibility and ultimately performance from doing this kind of thing. For a $100 student house network, it's great to use NAT, for a $100M company it gets ugly really fast.

    Look more closely at your NAT box some time, it has Application-Level protocol handlers, because otherwise apps like Quake, CuSeeMe, FTP etc. wouldn't work correctly.
    As time passes, and users demand more sophisticated services, it gets harder for NAT to work properly, and the implementation gets more and more fragile.

    Supporting NAT because it's cheaper than upgrading is a false economy, like sticking with Win16 to save on NT licenses. You'll feel the pain later.
  • Possible technical quibbling aside, that sounds not too distant from reality.

    The wastage of numbers via ineffective use of exchanges does indeed suggest another vector via which "name space" may vapor away. The only good news is that cell phones and pagers are likely to "pack in" more effectively as they are not forced into a tiny geographic zone as would be the case for a local exchange.

    The merely makes the "crunch" happen quicker; as the numbers of phone numbers per person grow, the population of needed numbers is still growing pretty rapidly.

    The issue is not, in this case, one where there is a sudden date when everything breaks (as with Y2K, [hex.net] but rather something more like a ``brown-out'' where it becomes increasingly difficult to manage systems, and where new subscribers cannot be admitted, which will hit some geographic areas before others...

    It may result in businesses moving to ``economically depressed'' areas where there are exchanges with space free :-).

  • Oh, I've been known to be lazy at times, who hasn't been? But, I feel that if you don't have to think about the `mundane tasks', eventually, how will you know they're even being done? You'll just think it's natural to wake up and have a fresh piece of toast at your bedside, for instance, day in and day out..what're you going to do if one day that piece of toast isn't there, and since you have no idea where it came from or how it got there, you either get very upset or call `toast tech support' and hope they're there.."Out of mind, out of sight.."

    I don't know about anyone else, but I just don't want to live that way.

    Peace,
  • Well, first thing... 128 - 64 - 48 is not 32, its 16.

    Secondly, MAC addresses may be 48 bits now, but there's rumblings about making them 64 bits. There's a specific process to make a 48 bit MAC address into a 64 bit link-local address (split on the 24 bit boundary, insert 0xfffe, add 0x02 to the first byte). So 16 bits are NOT being "thrown away".

    So that top 64 bits is everything, including subnet id, and the bottom 64 bits are GUARENTEED to be unique within that subnet. And believe it or not, but your IP changes depending on which upstream you go through to get to the destination.
    That top 64 bits varies all over the place.

    I also have no doubt that IPv6 addresses CAN be assigned manually, having nothing to do with the ethernet address, if you choose not to do Neighbor Discovery. But otherwise, who cares? Guess what, my MAC address is 08:00:20:77:88:d1. What are you going to do to me with that? If you use authentication, the other end ALREADY knows who you are. If not, how does that differ from IPv4? You track me down via my upstreams, which anybody can do via IPv4 ANYWAY. And how do you know whether I've moved location, or I'm simply going out a different link to get to the end station? How do you know its me sitting at the station? How do you know that I haven't given/sold my laptop NIC to someone else? How do you know I'm using in.ndpd or an ethernet card at ALL?

    If you're going to get worked up over something, get pissy over online phonebooks which give out your home address, or websites which publish your email address to spammers. Worry about that stuff associated with your name, rather than someone writing down 3ffe:b00:1802:1:a00:20ff:fe77:88d1 every time they see it.
    --
    Brandon Hume
    hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
  • ...at least if you use a non-ethernet addressing scheme for those bottom 64 bits and get a full 128-bit space. I once wondered about whether nanotech would present problems for 128-bit addressing and did some back-of-the-envelope calculations to examine the issue. A little math to satisfy one's "what-if geek" tendencies:

    earth's surface area = 5.099*10^11 m2 [robinsonresearch.com]
    earth's land area = 1.4835*10^11 m2

    That's surface area, but we live in a volumetric space; let's define that space as 1 km high above/below earth's land-mass(part of that 1km being underground, part being in the air.) Thus the volume of human space above/below land is 1.48*10^14 m3. With 10^6 cubic centimeters per cubic meter, and approximately 10^23 atoms per cubic centimeter, we get 1.48*10^43 atoms in our human-habitable slab of space on earth.

    Now, how many IP addresses for that space? Well, 2^128 = 3.4*10^38th.

    Ergo we have enough IP addresses for nanotech devices of 43,600 atoms each, in a human-habitable volume completely covering the land-mass of Earth and extending to fill a volume of space above and below the earth's surface for a full 1 km. Sure, you might get nanodevices smaller than that, but would they be independent enough and sensing/generating enough information to communicate via IP?

    Well, if that isn't a problem for 128-bits, what is? Let's check a few other test cases that your friendly sci-fi reader might imagine...

    Well, that was just land-mass. What if we filled the sea with nanodevices, would that exhaust it?
    The sea is 11km deep at worst, 3.8km on average. Water surface area is little over double land. Thus water basically requires a factor of 10x more devices. Given that you probably won't have more than 10% of the volume of any space being nanodevices (and this would seem to remain an extreme upper bound), this probably isn't an issue.

    So what about interplanetary colonization? Still not too much of an issue for this solar system (ignoring the latency issues.) At least the first few planets (Mars/Venus/Mercury) which only add a factor of 3-4x expansion once 100% colonized form due to the roughly similar size of available nanodevice space on those planets as earth. True, a colonized Jupiter might pose problems down the line...

    And if you used nanoprobes to fill/convert entire atmospheric systems, you end up covering a lot more volume (99% of earths' atmosphere fills approx 8.6*10^19 m3 by my calculations, five orders of magnitude more space than our 1 km slab.) Of course, any nanodevice design on that scale would probably use its own non-IP protocol.

    Ah, but what other assumptions could be misleading us? For example, what is the efficiency of the 128-bit name space? Can we really use all those addresses? Well, I admit, I'm less an expert on this. The issue that Ethernet MACs will typically be your bottom 64-bits definitely chews up a lot of space, but if Ethernet doesn't make sense for nanodevices, we'll probably be using something else, or our self-assembling nanoprobes will build and configure themselves so that they share 1 higher-level IP but under the covers each have an colony-wide (not globally) unique ethernet address. How efficiently allocated is the rest of that (non-Ethernet) space? Well, I think CIDR-like tweaks can squeeze a fair amount out.

    Still, even in the case where 128-bits isn't quite enough(!), I suspect reverting to NAT-type approaches in IPv6 will be workable. Certainly inter-stellar communications which will be limited to a relatively small number of transmitters will scale up with NATs for quite a while, assuming photon-based communications. ;-)

    So I suspect the 128-bit addressing scheme of IPv6 will last us at least another 200 years, not just "decades" as the IPv6 committee conservatively claims. [ietf.org]

    Of course, they probably know more weaknesses in that timeframe than I. Pretty hard to extrapolate out that far. For example, will the 4-bit header for IP version numbers be sufficient? Only 255 (8bit) hops? Who knows? Maybe IPv6's optional extension headers will even let us kludge around those issues.

    Still, I think 128-bit IPv6 addressing will last us through nanotech and intra-planetary travel. Perhaps it will even last as long as our 4-digit field Y2K fixes!

    --LP ;-)
  • Accually I've talked to an old chess oppenent who is a physics science reasearcher at SCRI (super computer research institute) at FSU and he states that the quark thing is a bunch of BS. Suppositivly it has something to do with the fact that a quark in a certain position is defininatly going to do certain things. If you have 2 quarks that are seperated both with continue to go through their patterns generally mindless of the other. But it gives the impression that they are copying eachother. But this is just his opinion, (and this was 2 years ago when he told me that, I haven't seen him in a while, when this theory was just being discovered.. so things may have changed)

  • I had a bunch of these ready, the most apparent is that at one Nanogram a piece, 2^128 devices would still have a mass something like 10^5 times as much as the earth. But then I realized it was this sort of examples that the guy I was replying to complained about.

    The IETF did the write thing by choosing to go to 128 bits rather than 64, and given that I don't think we have to much to worry about.

    But then consider the flip side, if we think that getting the entire terrestrial Internet to move to ipv6 (with only 2 billion or so Nodes) is a big task, imagine moving the entire Wormhole-Switched MilkyNet, spanning a million planets with 2^108 Nano-sized nodes each, in a few hundred years...


    -
    /. is like a steer's horns, a point here, a point there and a lot of bull in between.
  • by jd ( 1658 )
    CISCO, Bay and Telebit hardware routers work extremely well with IPv6. 3COM is also working on IPv6 routers, and I believe is coming along well with them. Nobody else really matters, in this game, as IPv6 is designed for a gradual, rather than big crunch, transition.

    As far as software routers go, GateD and MRT work well with IPv6. I believe that there are others, too, but those seem to be the main ones.

    Software - Sendmail, Inetd, Telnet, FTP, Traceroute, Ping, Fetchmail, INN, various news readers, and BIND work with IPv6. Mail readers only need to talk to the local Sendmail, so mail to/from IPv6 networks does NOT require any change to mail reader software.

    Very little software actually -needs- to get ported. eg: Web Browsers don't =NEED= any special IPv6 capability. Just modify a proxy, like Squid, and you'll be able to access IPv6 web servers without problems.

    To port software, though, requires a bit of work. Not actual EFFORT, as the change is largely one of altering the structure you use, and the socket type from AF_INET to AF_INET6. Oh, and you need to remember that IP addresses need not be entered in a fixed-length format. Yes, there are other details, but those are really trivial.

    Linux will interoperate with all other IPv6 stacks, and has been able to do so since the experimental patch for 2.0.20 came out. :)

    Hardware doesn't care about the protocol, so any hardware will work with any stack. Microsoft isn't pressing IPv6, yet, but MOST of their publicity surrounding Windows 2000 touts the very things that adding the IPv6 stack gives it. My guess is that we're going to see Microsoft push IPv6 in a BIG way, to maximise publicity.

  • " Wrong, a firewall is the means to do that. You're relying on obscurity to protect you, which, as we all know, is no security at all. "

    It appears that I'm misusing the terminology - I usually lump NAT/firewall functionality together - being able to ignore or transform packets based on selection/rejection criteria and knowledge of protocols. In my following comments, when I talk about a NAT server, I also mean firewall functionality.

    This has nothing to do with obscurity (and I'm not even sure how you managed to bring that up w/respect to my previous reply!) - the whole point is that the owner of the "gateway" has total control of the flow of information through it.

    " You're relying on the upper layer protocols to make assumptions about the lower levels of network. This isn't proper. The network should be the network. The applications shouldn't have to know and shouldn't have to care what boxes they travel through to get to the end station. NAT breaks that. "

    I don't see why this is so. As I stated before, properly implemented, on the outside the NAT server looks like a single host. Any applications running on the outside won't be able to tell the difference (logically, although performance-wise might be another issue). Applications on the inside will think they're talking directly to the network through a gateway.

    The only problem you have is when you try and use a protocol which requires active participation by the NAT server. *You* think this is a problem - *I* think this is a good way to control who is talking to what, and what they're saying, from my subnet.

    " NAT, most frequently, tends to break low traffic datagram protocols. I'm pretty sure what you envision is a network using nothing but TCP, and proxy upon proxy upon proxy to pick up the slack. Sorry, but I find that a bit shortsighted. It may be great for you, but your situation is just that... yours. "

    NAT only breaks low traffic datagram protocols which it doesn't understand. I do *not* envision a network with nothing but TCP - I envision a network where I have control over which protocols are allowed through my gateway to the net.

    Being able to upgrade a NAT server to understand new protocols is a technical issue which I am not addressing, but which doesn't (to me) seem to be a big deal to solve.

    " Just as an example, a local ADSL provider in my area used to do just that... running their entire ISP behind a single NAT-overloaded IPv4 address. It was a dismal failure. Users couldn't play games like Diablo. One person would piss off an IRCOp, and the k-line would ban EVERYBODY. The NAT box would get overloaded and crash, and suddenly nobody had connectivity. "

    This points out the stupidity of that ISP provider rather than anything particularly wrong with a NAT implementation. An ISP is supposedly to provide relatively uncontrolled access to the net - a NAT server is going to, because of its nature, "filter" out any protocols it doesn't understand.

    ISP service provided by the IT department of a corporation might find a NAT server arrangement quite desirable, since they might not want people to easily play games like Diablo or access IRC. Without the NAT server, they would have a difficult time blocking attempts by people to do these things.

    As far as overloading & crashing is concerned, that's just a matter of systems-analysis & load-distribution - the fact that the ISP couldn't handle that just indicates their incompetence.

    " A NAT'd IP can never provide the full, unrestricted functionality of a real IP address. End of story. "

    A NAT'd IP provides ENHANCED functionality over a "real IP address" - the ability to control how any packets are accepted/rejected/transformed. Your "end of story" is not very final.
  • As someone in the industry, maybe you can answer this? Why haven't phone companies develop dial-out-only phone lines for Internet usage. You could attach the secondary line billing to the standard primary phone line. You would not be able to recieve calls on the second line, but all of the phone lines permanently connected to modems wouldn't care. Perhaps there are routing and network issues that I am not aware of, but it would seem that the local telco switch would be able to handle such this situation with a simple software upgrade. Just wondering...
  • But good luck rewriting the TCP protocol for your penny network -- its end-to-end space-time delay is ten minutes!
    Just use a good setup of seperated bridges and gates along with a few wormholes, and such a network would not be a bit of a problem.
  • sorta like mac(media access control) addresses?
  • Does IPV6 do anything about better authentication/security? Having more addresses is nice an all, so I can have my toaster on the Internet, but the last thing I want is to get a call about my toaster having cracked the Bank of America's system 'cause a script kiddie pulled it's IP out of a hat.

    It seems to be there some sort of sane routing rules could be put into place with a new IP system, so a router could spot spoofed packets (then again, in some cases this could be done now, and I sort of doubt anyone does, probably based on the overhead).

    Also, when they defined this sort of thing, did they give any consideration to the various attack methods that would be possible via IPv6? I suspect some of the issues we've seen in the past (i.e. Ping of Death) were caused because the protocol didn't suggest what to do in cases where the packet was malformed, or intentionally busted.
  • The answer is simple. Add one more digit to the phone number. Its happened before. It'll happen again. However, this time we could make a realitively easily switch if the phone company just required all new mail systems to accept both 10 digit numbers and 11 digit numbers. Then give people five years to upgrade thier hardware/software. So what if it costs money. That is why we pay bills. Anyways, it will cost more if we wait.

    Quack
  • Why exactly should every toaster, microwave, dishwasher etc be connected? And even if they are all connected, why in the world do they need their own ip address?

    Once enhanced with "net" access, these appliances will report your usage habits back to the manufacturer. (Anyone remember DIVX?) The theory is that they'll be able to improve their product as they better understand how their products are actually used. Since people are reluctant to have their habits recorded in this manner, expect to see "discounts" and other "perks" from devices that allow your usage to be tracked. (Example: People love those supermarket "value" cards -- you get cheaper prices, and the store gets a profile of your shopping habits.)

    In the home of tomorrow, "net" outlets will be as common as electrical outlets. The first devices you'll plug in will be your phone, TV, and computer. But it won't be long before the toasters, microwaves, and others follow suit. And Big Brother will be there to watch each and every device.

    IPv6: Putting the 6 in 666.

  • San Jose is overlaying a new area code (669) over 408 and is making 10 digit dialing mandatory for both area codes starting October 2nd of this year.

    When NYNEX bought New England Telephone, ten-digit dialling became mandatory up here in Maine (only one Area code--207--for the whole state still) for all non-local (i.e., toll) calls. People complained, so when Bell Atlantic bought NYNEX and wanted to raise rates, the Maine Public Utilities Commision told them that they'd have to reallow state-wide 7-digit dialling.

    They want to make a new area code soon, though. People are complaining about this too. It'll be entertaining to see how it turns out.
  • I'd like to be able to telnet into your cash registers too!!

    I used to program cash registers. Do you know how much I would have given to be able to telnet to a misbehaving register on the other side of the country?

  • Excellent point regarding the appliances. Most people wouldn't want others to say, start the microwave, and don't know how to build an effective firewall.

    However, you're off on the NAT/Masq issue. Say I've got a couple of machines going out over a cable modem (I don't; I've got DSL). Now, people on both computers want to use NetMeeting and receive incoming "calls" (I know NM is bad, but it illustrates my point, as its something that most home users have). NAT and Masq can't do this. Why, because the effective port-forwarding can't forward a connection to both machines.

    Now, say you have machines behind two separate NAT'ed connections. The users can't set up a NetMeeting connection, as neither is directly connected.

    Having a larger address space helps by giving each machine its own address so it can accept connections such as NetMeeting directly, because 15 machines won't be trying to use 1 IP.
  • Not only that, CIFS is supposed to address this issue for ipv4.

    You mean CIDR (Classless Inter-Domain Routing). CIFS is the Common Internet File System (SMB for the rest of us).
  • Wouldn't a company love it if they could use ip to tell how full a soda machine was?

    Coca Cola already does this, but not using IP. They use a different sort of protocol. Dunno how it works exactly, but I know it's implemented widely enough that it made its way up to Northern Maine a couple of years ago.
  • I'm supprised that nobody has brought up the price for renting ipv6 space, and yes i did say renting, you cant buy ipv6 address space, and you halfto pay yearly fees for it maintained, all ARIN and its buds want is MONEY.

    At those prices, it will compleatly come out of end users to implament, and hell, you halfto rent.

    Im supprised nobody has had a problem with this or Brought it up, but this is not good, i mean, with all thows addresses, one would logicly think, that it would be Free, or atleast a whole lot cheeper, like 100 bucks.

    i wonder if the 6bone is still up and running
  • Clues on when to ignore "expert" advice:

    It's my understanding that the Linux TCP/IP stack is the weakest of the three major stacks in present use

    1) If the sentence starts with "It's my understanding..."

    the impression I have gotten is that the Linux stack is the odd man out

    2) Toss in comments based upon "the impression I have gotten..."

    The TCP/IP stack is an area of development where a common code base is a valuable thing, enablng all machines on the net to speak a common language. It's an area where the GPL, which tries to act as a crowbar to force all code everywhere wide open, ends up being very divisive. Because Linux ends up always having to play catch-up on it's own implementation, the Linux stack will always be the least compatible with everyone else. This is viewed as a real problem, except, of course, for those people who hope there soon won't be anything on the net except Linux.

    3) Wrap up with a resounding jackass comment.
  • AC stated, "P.S. How in the hell are we supposed to remember addresses like 127.12.255.234.127.123.55.234.124.121.253.231.227. 12.215.134?"

    You're not. The obvious solution is to make sure you use DNS so you don't have to worry about what the IP is.

    However, if you're a glutton for punishment, you could theoretically represent them by 32 hex digits, reducing the maximum number of "digits" you'd have to remember. If you wish to reduce the number of digits to remember more, you could also conceivably represent the IP by 28 letters (letters being defined as the 26 alphabetic characters used in the Enligsh language), or 26 alphanumerics (the alphabet plus the 10 arabic numbers) or, if you really want to get silly, 16 characters (if each dotted quad is represented by one "ASCII" character (ranging from 1 to 256).

    Take your pick, I'd rather use DNS. :)


  • True.. We could Run out of IPv4 Space By 2010...
    But since we're going to have to freaking upgrade every router, adn networked piece of software.. do we really want to stick with IP?

    I mean, I wonder if there's Some folks out there.. working on a good replacement protocol.. something that does all that Ip does.. But faster, Lower on memory, and easier?

    Maybe IPv6 Isn't the answer.. Maybe We'll end up using Some weird Child of Banyan Vines.. Oor Ipx.. Or maybe there will be an open sourced Protocol.. Or maybe We will all fall under the Sway of Mr. Gates. and us MicrosoftIP-2000

    -Warning I'm too lazy to spellcheck---
    -And I could be making all of this up-
    -So Take it all with a grain of Salt.-
  • I bet that in the near future, cars will have IPs, so that they can remotely talk to the mehanics' computers. And while we're at it, have a thing, where if someone steals your car, they can find out where the IP is located at.

    I don't think it will stop car steeling, but dumb thieves will have to go away. Then only hackers will be competent enougth to steel cars.
  • ... Then ARIN is lying. Unless I see some credentials or a link, I'm going to stick with what ARIN said in their FAQ...

    --
  • Here is a good document that cleared up a number of false things I was told about IPv6.

    I would like to clear up a false thing that article states about IPv4: The IANA, NOT the InterNIC, hands out IP address blocks. What a gauche statement. You'd expect Bay Networks to know better.
  • Why would every client in the so-called technological home of the future even require it's own internet IP address?


    Except for the appliances that one might need to gain access to from the outside world (security system, garage door opener, etc) you wouldn't even need (any in many cases you specifically wouldn't want) any incoming connections from the outside world. If i'm surfing the web with my toaster, all I need is an internal IP address and an IP Masquerading firewall between me and the rest of the internet. Simple port redirection would suffice for gaining access to most other appliances.


    This is how I handle computers at my own place, I have an @Home cable modem, with a single IP address attached to a 486 box with two NIC cards running debian. This box acts as an IPMasq'ing firewall/dhcp server for the rest of the computers in my house. I use port redirection to ssh or ftp into the rest of the machines, and save myself having to pay for all of those extra IP's.


    There's no reason that I can think of why every machine on the net needs its own IP address anyway, it's far more secure to have a firewall sitting in between you and the rest of the world, and IP Masquerading works with everything that a typical user would need (http, ftp, instant messenger, icq, quake, realvideo, etc.) and as far as latency is concerned, my 486 only has 8 megs of ram, and both NICs are old ISA NE2000 clones, but I get an average of 50-100 pings for quake2, and have downloaded up to 180 KB/s (which is darn near the max for my cable connection anyways), with room to spare - certainly more than my toaster needs to tell me that it's done or for my X10 server to tell my coffee maker to start brewing in the morning.

  • by jd ( 1658 ) <imipak@yaHORSEhoo.com minus herbivore> on Tuesday September 21, 1999 @08:34AM (#1669394) Homepage Journal
    I don't have a URL to hand, other than the usual (http://www.ipv6.org and http://www.6bone.net).

    I -can- list some of the additions/changes, though.

    • Longer hex-based addresses. This makes for more addresses.
    • All addresses are calculated. The first part is derived from your provider's IP address, the last part from your MAC address. This guarantees a unique address, in any given space.
    • All addresses are dynamic. They are dynamic, not only at time of connection but throughout the time of connection. ie: If you were to move from one ISP to another, your IP address would change on-the-fly. Because of the derivation of the address, the same would be true if any ISP up the heirarchy, for whatever reason, moved from one address space to another.
    • Anycasting. You can communicate with the nearest client or server of a given type, without needing to know it's location on the network.
    • Simpler header, making for faster routing.
    • Compound, stacked headers, making for a clean seperation of data from low-level details.
    • Flow-control labels, allowing prioritization of packets.
    • IPSec is part of the specification, although it isn't mandatory.
    • Heirarchical routing is enforced by the network itself. A router should never need more than 512 entries at most (256 flows downstream and 256 upstream). This makes for faster path searches, cheaper routers, and a network that makes sense.
    • No Default Path!!
    • No Fragmentation of packets!!
    • Absolutely horrible reverse DNS entries
    • URLs break, requiring exotic workarounds
    • Automagic Configuration - the stack is supposed to automagically configure itself, not only determining it's IP address, but also sensing if the next router out is IPv6 or IPv4, and sending accordingly.
    • The IP address is bound tightly to the I/O device, not the machine. Unlike IPv4, where the IP address could be confused with the computer, this is not possible with IPv6.
    • Built-in Multicasting! None of this 'orrible patching BSD stacks need, or the codswallop Win9x or NT call multicasting. This is the REAL STUFF!
  • While IPv6 was designed chiefly to support larger addresses, the address allocation strategy for IPv6 and the VERY heavy emphasis on ease of renumbering in IPv6 engineering WERE designed to address the routing table overload.


    How I know? I was on the IESG when we approved most of those documents.

  • The problem is, no one wants to. In particular, the people who are building the routers. Routing tables are huge under IPv4, but memory is cheap. No one wants to handle the extra work that the routers would have to shoulder under 6. Getting the world to run at line rate is not easy, especially after looking at all the stuff that's packed into IPv6...

    Building a good IPv6 router requires IPv6 (obviously), but also extensions for RIP, OSPF, BGP4 (ack!), ISIS, ... to handle the bigger name spaces. I believe that many of these extensions are floating around in drafts. But they're not very widely deployed (if they are at all). And until the backbone routers all speak IPv6 (or some other solution, like MPLS tunnels to keep the "good" IPv6 traffic away from "bad" IPv4 routers), IPv6 traffic will be restricted to sketchy IPv4 tunnels.

  • I don't understand why each device needs a full IP. At my house I have one dial-up connection that is shared by all my boxes. The IP changes each time I connect. I use a reserved IP space for my local network. Why wouldn't other devices work this way? Perhaps there are a few applications where it wouldn't work but for most of the little devices that people are worrying about, this type of network makes sense.
  • Trumpet [trumpet.com] Winsock version 5.0 implements IPv6 on a Win95 / 98 platform.
  • >Does IPV6 do anything about better authentication/security?
    Yes. IPsec, IP-level authentication and encryption, is included in IPv6. It is available for IPv4 as well. Several free implementations (KAME, FreeS/Wan, etc) are under development.
  • How hard can it be? Really? Dumb hubs shouldn't need any upgrading whatsoever... and "smart" ones and switches... all you need to do is add more memory to the switches to store the longer IP string, and change the variables for holding IP addresses to a bigger value.... I really don't see a huge problem, but maybe that's why I don't do embedded circuits :-)
    -philsky
  • I remember when it was all 312. Then came 708 (and they said, "that ought to do it for now"), "now" lasted approx. 12 months, then it was 630.

    I got fed up.
    I moved.

    "The number of suckers born each minute doubles every 18 months."
  • by EggDye ( 41297 ) on Tuesday September 21, 1999 @06:01AM (#1669412) Journal
    This is something a of no-brainer, but you can find out a great deal about IPv6 by checking out

    http://www.ipv6.org/ [ipv6.org]

    If you just want a in-depth understanding of why you should use IPv6 instead of Ipv4 take a look at

    http://www.ie tf.org/internet-drafts/draft-ietf-iab-case-for-ipv 6-04.txt [ietf.org]
  • I predict that eventually, companies who own entire class A networks, and perhaps some class B networks, will end up getting into the access buisness when they find out that they have this TREASURE trove of IP numbers that are scarcer and scarcer. This could lead to a whole new outlook on things ISP's.. ;-P
  • by El Volio ( 40489 ) on Tuesday September 21, 1999 @06:03AM (#1669415) Homepage
    IPv6 (which, as the article pointed out, offers more than just a larger address space) won't achieve widespread acceptance until (strangely) it has widespread acceptance. In other words, nobody wants to move to a standard until everyone else is.

    As I understand it, IPv6 devices can still handle IPv4. So what we really need is for a few of the real leaders to come out and boldly adopt IPv6. I hate to say this, but: Are you listening, Microsoft? IBM? Cisco? Transition your products and services to IPv6, and the world will follow.

    Now if we can just get everybody to strongly encrypt ALL IPv6 traffic...
  • That's definitely an exaggeration and hyperbole.

    But if every Palm or Visor were networked? Or all the millions of Gameboys? As well as PCs, cell phones, cars, etc?

    Ostensibly anything that can use information can/should be connected to the internet.

    And the dynamic capabilities of IPv6 should be very useful for such roaming devices as cars, trains, airplanes, Gameboys, Palms and Visors, cell phones, beepers, pagers, e-books, WinCE machines, wristwatches, and whatnot.


    -AS
  • by Anonymous Coward on Tuesday September 21, 1999 @06:10AM (#1669417)
    Please excuse the AC posting, but I don't want to reveal who I work for.

    This was a good article on a technical subject. I've looked into this a bit already, and this article agreed with what I already knew and confirmed a few things I'd only suspected.

    This is of more than passing interest to us. My employer has recently aquired some other largish companies, and we need to set up a corporate Intranet. Problem is, we don't have enough IP addresses.

    (Well, maybe we do. There are rumours of a class B address owned by some research lab somewhere in the company. People are currently trying to track it down. Failing that, we might just have to buy a company that already owns one.)

    So now what do we do about IPv6? Everyone in the company is using IPv4, often with 10.*.*.* addresses hidden behind firewalls that do NAT. We need to integrate all these networks into one corporate Intranet, and the idea of having lots of NAT boxes playing games with IP addresses does not sound good. Neither does the prospect of renumbering all those boxes by hand. We don't run DHCP anywhere (someone once talked about security issues as the reason for that, I don't know anything more).

    One idea is to create an IPv6 backbone for the Intranet with IPv4 subnets hanging off it, and use protocol translation routers to connect the subnets. That way we can get the subnets on with minimum hassle, and upgrade them as and when it becomes feasible.

    As far as upgrading goes, our favoured solution would be to just buy new machines with IPv6 stacks installed. We certainly don't want a flag day. Reading the IPv6 site [ipv6.org], it looks like IPv6 and IPv4 machines can co-exist on the same Ethernet spur or whatever. Am I right about this?

    Any information would be gratefully received.

  • by Thomas Charron ( 1485 ) <[moc.liamg] [ta] [elffawt]> on Tuesday September 21, 1999 @06:11AM (#1669418) Homepage
    Something occured to me while I was reading this. They are now accepting registrations for IPv6 namespace, but how are they going to deal with the fact that domain names are already registered for IPv4 addresses? Aka, will slashdot have an 'IPv6' address, AND an 'IPv4' address? It's not like someones going to switch a light on and 'POOF', we're all on IPv6..

  • NT 5 (w2k) can do USB. I don't know if there's an add-on way of doing it in NT4 (like there was for win95)

    And Microsoft has an "unsupported" ipv6 stack for NT for download here: http://research.microsoft.com/msripv6/

    -------------
    The following sentence is true.
  • I believe it was Kahn who mentioned concern for the 2^128 limit during the Internet's 30th birthday discussion debate. Of course all limits are stupid, but they are also awfully convenient.

    It will take Nanomachines before we break 2^128 nodes,and once Nanotek happens we will have quite a lot of things to consider about the way our world works, of which the number hosts on the Internet does not really rank. I think we can sleep safely knowing that the people we are fucking things up for are not ourselves, but our children (and they deserve it, dog gonnit, the lazy little bastards!)

    About the memory thing: Consider that 128 bits is exactly the length you need for a truely safe crypto key (assuming it is your own info you are locking in, it can be symetric). If the world is heading where I think it is, it's about time to start practicing memorizing those...


    -
    /. is like a steer's horns, a point here, a point there and a lot of bull in between.

  • 128 bits for an IPv6 IP address? Why _4_ times bigger? Since each packet's header needs both a destination and the source, that's 32 bytes vs 8.

    If we say the average packet is 500 bytes (?), then IPv6 is imposing at least an additional 5% overhead on bandwidth limited lines. Like a tax--what are _we_ getting for it?

    I'm sure the extra bits will be rapidly stolen to help routing (ie, a couple of bits for continent, a couple more for region (state), or the network topographical equivalents.

    I have privacy concerns about this (static IPs) plus I wonder if Cisco isn't doing this to scr*w their competition (Linux routers?).

    -- Robert
  • by Silverpike ( 31189 ) on Tuesday September 21, 1999 @09:13AM (#1669429)
    Seeing some discussion of IPv4/v6 in this forum is starting to scare me, so I thought I'd try and clear up some major misunderstandings.

    I see a lot of posts saying that IPv4 is just fine and we should stick to it. Wrong, wrong, wrong. I realise that people on this group don't design routers every day, but I think you would be amazed at how much protocol hacking goes on under the covers. The vast majority of routers out there do some amazing things to try and hack together things like quality of service (QoS) and NAT that IPv4 just isn't designed to do.

    Yes, IPv4 is working. But the amount of time now spent in the design phases to kluge together ways for NAT and QoS to work is becoming way more than most design houses will stomach. Features like VoIP, VPN, and QoS have major cash potential for ISP's, and they in turn will pay to get capable equipment. Doing this with IPv4 is a bitch, and a lot designers secretly wish IPv4 would go away and use IPv6 instead, because VPN and QoS are much easier to do.

    One other major piece of misinformation here is that all boxes need to be replaced for this to happen. Not so. The vast majority of routers, hubs, switches, and all desktop computers are perfectly capable of running IPv6 right now. It involves a code load change, not a hardware upgrade. On a related point, most ISPs completely replace all their network boxes every 2 years anyways, so the threat of scrapping all hardware for IPv6 won't faze them much anyway (it's part of their cycle).

    The last point is that people don't think that their toasters need IP addresses. This is also not so! Yes, in the next 10 years your toaster will need an IP address. Why? Because ToasterCompany will want you to do a firmware upgrade on your toaster because their have been field problems (like toasters burning operators). You will go across the wire, flash your firmware, and now your microprocessor-controlled toaster has CrispyToaster(tm) v1.16b firmware. We've already seen web servers implemented in ~4mm PIC processors, so expect them to become popular in the near future in your favorite household appliance.

    To do this, you need an IP address (to speak IP of course). Please don't tell me how great NAT is... yes, I also run a Linux ipMasq box which works fine, but NAT fundamentally breaks many of the underlying IPv4 mechanisms. We can't keep dumping more patches to the NAT engine every time someone wants to NAT some new protocol; eventually we are going to reach a limit of effort.

    Also note that using ports as a means of "IP expansion" is also a Very Bad Idea. A port is specifically designed (in TCP/IP spec) to represent a different service on a given host, not across different hosts. Yes, you can use this technique in NAT, but it tends to make performance/utilization metrics used by ISP's blatantly wrong, which leads to Bad Things.

    Please also read Singal11 [mailto]'s message above, he is right about the routing table issue. There is no current proposal (beyond CIDR) which can solve this problem. Also, see jd's post, it is a good summary of why IPv6 is needed.
  • Adding an extra digit is a slick idea, in a way, but enters its own problems.

    After all, there are doubtless lots of software packages out there that assume that telephone numbers are exactly ten digits long.

    This doesn't break the phone system itself, but it breaks systems that track telephone numbers.

    The upshot is that this breaks just any sort of "business" system that uses telephone numbers...

    Happily, one of these systems that breaks will be the Circuit City systems that track who you are based on your telephone number. Customers may be quite happy about this, but Circuit City doubtless won't be...

  • In the the most recent two regions in which I have lived, Toronto and Dallas, it is already pretty much required that people dial all 10 digits.

    The problem is not that.

    The problem is that even ten digits may not be enough...

  • by Hasdi Hashim ( 17383 ) on Tuesday September 21, 1999 @06:13AM (#1669442) Homepage
    How were Vint Cerf, Jon Postel and Danny Cohen supposed to know that the system they sketched out on a piece of cardboard would one day be carrying everything from international currency transactions to Marilyn Manson videos?

    Shouldn't Al Gore share some of the blame too? -Hasdi

    P.S. sorry, i couldn't resist. ;-)

  • Note that there's another likely crisis, namely that North America is liable to run out of area codes some time soon.

    After all, there are only a theoretical billion numbers, which get cut down due to positional issues ( e.g. can't start either an area code or a local number with a 0 or 1, amongst other constraints).

    When you count up telephone numbers used by home phones, business phones, fax machines, pagers, cell phones, and start tossing in Internet usage, the system will be running out of room at some point.

    I hear rumor of some ideas the Telcos are working on to consolidate numbers; it won't be trivial...

  • by DGregory ( 74435 ) on Tuesday September 21, 1999 @06:18AM (#1669444) Homepage
    The y2k problem was a known problem with a known date, yet so many companies are waiting till the last minute to do anything about it. I think that this will be the same with the "running out of IPs" problem. If the forecasted date of sometime in 2010 is true, then I bet come late 2009, people will be frantically trying to think of a quick solution. That's just how people are, anything that requires added cost, will be done as late as possible. Hell, the oil reserves are supposed to run out in 30 years (AFAIK) and what are we doing about it now? Not a whole hell of a lot.

    As for toasters,cars,coffeepots, all having their own IPs... I can see it happening with cars. Think about it, your car has a computer inside it that monitors the system, and -today- you can take your car into a mechanic, and with their own kind of computer, can hook up with your car's computer and find out what is wrong. I bet that in the near future, cars will have IPs, so that they can remotely talk to the mechanics' computers. And while we're at it, have a thing, where if someone steals your car, they can find out where the IP is located at. There are a hell of a lot of cars on the planet, aren't there?

    And then there is the connectivity of cell phones, PDAs, people having dedicated lines to their computers in their home (eg. cable modems - connected all the time, so always have an IP). You have to remember that the IPs are not just for the USA, but for the rest of the world as well... the LDCs are beginning to be more connected, and as this develops, more IPs will be needed. With 6 billion people, if even half of them had at least one device that had an IP, it's easy to see that the 4 billion limit can run out very quickly.

    It's going to eventually be like the area code problem, and have to punch in 10 digit numbers for local calls. Gawd, hopefully they won't run out of area codes...
  • by Bobort ( 289 )
    I don't know about other nameservers, but BIND has support for the AAAA record, which is like an A record but for an ipv6 address. So if you're using a recent version of BIND, you can have it serve up ipv4 and ipv6 addresses for the same name, depending on what the resolver asks for.
  • by AlphaBrav ( 8012 ) on Tuesday September 21, 1999 @06:20AM (#1669447) Homepage
    Here [baynetworks.com] is a good document that cleared up a number of false things I was told about IPv6. I don't kno how these spread, but I know I was wrongly told many of them to be true.

    The best new thing I am waiting for IPv6 to to do is force everyone to upgrade their routers to include multicasting. The large address spaces of IPv6 multicasting should have some extrememly interesting effects on internet broadcasting. I can't wait :)

  • by ucblockhead ( 63650 ) on Tuesday September 21, 1999 @06:25AM (#1669449) Homepage Journal
    Every toaster? Nah... Every soda machine, every cash register, every scrolling display sign.

    You betchya!

    Wouldn't a company love it if they could use ip to tell how full a soda machine was? Wouldn't they love it to change the electronic signs outside their stores?

    I used to program cash registers. Do you know how much I would have given to be able to telnet to a misbehaving register on the other side of the country?

    There are tremendous business uses for this sort of thing.
  • can easily be revised to handle a few more than 4 billion addresses without a completely new infrastructure and more to the point, why the hell does my microwave need an IP address? IPv6 might have trillions upon trillions of addresses available, but it's overly complex IMO and needs too much work done in the background before it's even viable. IPv4 has 4 billion available addresses but thats assuming every address only uses a single port to connect with. You have the option of 65500 some ports to connect through which raises the potential number of addresses greatly. This shouldn't be new information to anyone. The NAT boxes are great because you can have hundreds of computers all on the same IP address and if you wanted to give each their own individual identity you could always assign each node a port that the outside user can connect to that node with now every IP address can have 65500 or so individual identities.
    Lets say IPv6 was made a standard tomorrow and everyone had five years to convert or even ten years. Every router would have to be replaced with the cost being put now on the major backbone providers. Then every server and embeded system on the internet would have to be replaced by people like MCI and Aletnet. That means high speed access companies and ISPs who rent their services have to pay higher prices, and all the people that utilize their services have to pay a higher fee to make up for it. It comes down to a 40$ monthly dialup bill. My suggestion? Keep your microwave and toaster off the internet and think up more effective uses for NATs and network configurations.
  • Yes, you can map through the 65535 ports available for NAT'ing connections. However, did you think to remember that most machines run multiple services on multiple ports? And, that each connection has a sending AND receiving socket? And beyond that, most applications open multiple connections... your web browser probably fired up at least four just to load the webpage you're viewing this on. All those sockets get eaten up pretty damned fast.

    IPv6 isn't hard to upgrade to. Its a software upgrade. And machines can run both stacks simultaneously. Pick up R. Stevens' network programming text, volume two, he gets heavily into coexisting IPv4 and IPv6 stacks. 10.0.0.1 is ::ffff:10.0.0.1. Boom, easy, no fuss, no muss. This stuff about "everything will break when we upgrade!" is a pure fairy tale.

    And IPv6 isn't near as complex as it looks. Sure, perhaps if you're implementing a stack, but for the most part its plug in and go. Neighbor Discovery is a Good Thing. And for the programmer, the library functions are cleaner and more direct.
    --
    Brandon Hume
    hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
  • In any case, I see NAT as a highly desirable way for me to control what is talking on my subnet to stuff outside the subnet, regardless of whether you're talking IPv4 or IPv6.

    Wrong, a firewall is the means to do that. You're relying on obscurity to protect you, which, as we all know, is no security at all.

    You're relying on the upper layer protocols to make assumptions about the lower levels of network. This isn't proper. The network should be the network. The applications shouldn't have to know and shouldn't have to care what boxes they travel through to get to the end station. NAT breaks that.

    NAT, most frequently, tends to break low traffic datagram protocols. I'm pretty sure what you envision is a network using nothing but TCP, and proxy upon proxy upon proxy to pick up the slack. Sorry, but I find that a bit shortsighted. It may be great for you, but your situation is just that... yours.

    Just as an example, a local ADSL provider in my area used to do just that... running their entire ISP behind a single NAT-overloaded IPv4 address. It was a dismal failure. Users couldn't play games like Diablo. One person would piss off an IRCOp, and the k-line would ban EVERYBODY. The NAT box would get overloaded and crash, and suddenly nobody had connectivity.

    A NAT'd IP can never provide the full, unrestricted functionality of a real IP address. End of story.
    --
    Brandon Hume
    hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
  • Has anyone approached any of the Class A address holders (AOL, MIT, IBM, etc), and asked to have some of them back? I suppose that there would be some seriou opposition to this, and it may not even be technically feasible... Just a thought.

One way to make your old car run better is to look up the price of a new model.

Working...