Four Root DNS Servers Go IPv6 On February 4th

I Don't Believe in Imaginary Property writes "On February 4th, IANA will add AAAA records for the IPv6 addresses of the four root servers. With this transition, it will finally be possible for two internet hosts to communicate without using IPv4 at all. Certain obsolete software may face compatibility problems due to the change, but those issues are addressed in an ICANN report (pdf)."

Routers!

The main problem isn't obsolete software, but hardware. Changing routers to some that support IPv6 isn't done over night. And even if you do, and get IPv6 assigned, it doesn't help unless your provider also supports IPv6 -- else you might as well be tunelling the old way anyhow.

Regards,
--
*Art

Finally

Hopefully ISPs will start to offer IPv6 as standard pretty quick, I'm getting tired of dynamic IP allocation.

Re:Finally

They don't do dynamic IP addresses because they don't have enough addresses. They do it for stopping you from running a server on your home computer. Sure you can still run a server, but it's harder to run one when your IP address keeps changing.

Re:Finally

No... if that was the case, your IP would change.

IP changes, in my experience from both Comcast and Verizon FIOS, are so rare that they effectively don't happen. I've never had a change with FIOS from the day the service was fired up, and although I can't recall ever having my previous Comcast one change except when I physically moved, its possible it did once or twice.

If they want to block servers, they'd block inbound ports.

Dynamic IP addresses are used because its the only possible way to do it without having techs setting up every joe six pack or grandmothers computer.

Re:Finally

I think many of us geeks know that you can also use methods like DHCP to configure static IPs. What you are benefiting from here is DHCP, not your dynamic IP.

Pave way for 128-bit registers?

First of all--this is great news. We need breaks from the past like this. Maybe we'll see computers natively handle 128-bit words. UUIDs are already there. I'm sure the custom networking hardware already has it down, but this could be something that drives it. 128-bits seems like overkill for addressing, but it could be put to use as well.

So when will I be able to connect?

So when will this mean that I can actually use IPv6 for connecting to servers?

Like, when will I be able to open my browser window, type in an IPv6 address, and connect to...say..google?

Re:So when will I be able to connect?

Right now.

No, really.

You appear to have misspelled your answer: the correct answer is "Real soon now. Not really."

Google has no IPv6 address to connect to. Nor have most other major net sites. IPv4 is still the only way to connect to almost all of the internet.

Chris Mattern

Re:So when will I be able to connect?

if you're browsing by IP now anyway you're doing it wrong.

About time..

Great, now we can soon get on with the job of assigning static ip addresses to all our toasters, refrigerators, furnaces, thermostats, tv sets, electric hairdryers, etc.

Re:About time..

What is so difficult about adding a default rule to your firewall that blocks all incoming connections to your subnet and then adding rules specifically for the devices and services that do require incoming connections?

ie) deny ip from any to 2610:78:ad::/48

With NAT you are eliminating the possibility of incoming connections, with IPv6 you can deny connections all you want but can allow incoming connections where required or desired. Sure you can setup a port forwarding rule to allow a service for a given machine, but what happens when you need the same service to go to more than one host? You know need to accommodate for that by changing the incoming port on your real IP.

Not to mention all the issues raised by protocols that embed IP's that are not routable within the protocol themselves (take the SIP protocol for example). Work-arounds need to be put in place for many protocols on an individual basis in a NAT'd environment. This is a pain in the ass that would be highly unnecessary in a post IPv4 world.

If you're so fond of the kludge that is NAT, nobody is stopping you from using NAT with IPv6 in combination with a non-routable unique-local prefix (fc00::/7).

Dragging your feet on adoption of a superior technology that works for every situation in favor of a broken setup that happens to meet YOUR rather limited requirements is delaying progress for the rest of us. ;)

Generally speaking the consumer world isn't ready for IPv6 yet anyway (Too many Windows machines with limited IPv6 capabilities)... but I still get annoyed with all the anti-IPv6 commentary by those that have not fully investigated the specifics.

Just the personal pet peeve that is looking forward to moving behind the network design of choice for the 1980's.

Re:About time..

Everyone, lets all hold hands and repeat now:

Firewalling and NAT are different things...
Firewalling and NAT are different things...
Firewalling and NAT are different things...

two of 'em, eh?

With this transition, it will finally be possible for two internet hosts to communicate without using IPv4 at all

Well, I guess that IPv6 transition is coming along nicely.

HAR HAR HAR.

Yeah, when slashdot drops it's IPv4 address, then I'll believe in this IPv6 nonsense.

Re:two of 'em, eh?

Yeah, when slashdot drops it's IPv4 address, then I'll believe in this IPv6 nonsense.

OK, admit it... how many of us would go figure out how to run IPv6 if it was required to get a /. fix?

Best IPv6 Read ever (not the article)

But the off topic link I'm making to the wikipedia page...

IPv6 [wikipedia.org]

common to see examples that attempt to show that the IPv6 address space is absurdly large. For example, IPv6 supports 2128 (about 3.4×1038) addresses, or approximately 5×1028 addresses for each of the roughly 6.5 billion people[1] alive today. In a different perspective, this is 252 addresses for every star in the known universe [1] - a million times as many addresses per star than IPv4 supported for our single planet. These examples, however, have an underlying and inco

No, wait, not THAT game server...

I'm just hoping the Enemy Territory server I play on doesn't move too quickly to the switch to IPv6. It took me ages to load their map rotation, but it's a good selection and their bots are a nice challenge. It has taken me months already to remember the 216.27.112... wait, is it 112.48, or 48.112 at the end? And that 27 doesn't look right. It ends in :27962, I know that. Or is it :27964?

Ah crap, I forgot the number again.

Damn you, progress.

Re:No, wait, not THAT game server...

Don't worry, you'll have no trouble remembering the new address. It's b439:88fa:31d3:0507:613a:426c:99ba:02e2 .

Re:No, wait, not THAT game server...

Indeed, just as easy as the new emergency number [youtube.com]

Why did they skip 64-bits?

I'm just curious. I know that the 128-bits are not meant to be densely filled, but surely somewhat thought of 64 bits before 128 was settled on. Given the same principle of sparse assignment, will 256 be far off?

Re:Why did they skip 64-bits?

I belive that they skipped the 64-bits address to be able to fit the 48-bit MAC (Level 2) address inside the IP (Level 3/4) address, and thus avoiding the need for the router to use ARP to find the MAC address corresponding to a local IP address.

Er...

What about A6 records? Aren't those the ones that were to support aggregation and renumbering?

Irony

The irony in all this is that neither Cisco or any of the developers of IPv6 compliant OSs (Microsoft, Apple, Kernel.org, for example) actually have AAAA records themselves.

IANAIANA

I Am Not An Internet Assigned Numbers Authority.

Mixed up acronyms

Certain obsolete software may face compatibility problems due to the change, but those issues are addressed in an ICANN report

Wouldn't that be handled better with an ICANT report?

Human readability

So, we've got lots of IPv6 addresses, thus we can assign static IP's to everything. Catch: IPv6 addresses aren't very readable/memorable. I can remember all of the IPv4 addresses on my network, but I wouldn't remember the v6 ones.

So, what's the solution there: well there's DNS and DHCP... man I hate DHCP. What if my local DHCP server or DNS server goes down? And, then I try to ping it to diagnose... oh, if only I could remember its address!

What about web hosting providers? Dear Hosting Support, can you please change my www IP to 2001:0db8:85a3:08d3:1319:8a2e:0370:7334? Much easier to screw up then if I say 66.35.250.151.

Also, IPv6 means we can throw away NAT... which is good, because NAT sucks, and its basically only there because we don't have enough IPv4 addresses. But, hang on ... so every machine I have on my local network has a public IP address. Great. Do I really want that? Yes, I have a firewall; yes, its secure... but its still more secure to have every machine (except 1) completely non-addressable from the internet.

I know a lot of less secure networks would be screwed if every machine was publicly-addressible. They may have a poorly-configured or nonexistent firewall, and are only getting a semblance of security by using NAT.

Don't get me wrong, IPv6 is definitely a good idea; the address space rocks, and there's a whole host of other benefits. There's just a bunch of simple, practical issues that IPv4 solves better.

*ducks* This has got to be flamebait on a place like /.

Re:Human readability

IP addresses:
I can't remember my IPv4 addresses without looking them up, so I'd be no worse off than with IPv6. You'll get older too son, then you'll agree with me :)

As for web hosting providers, they won;t ever have to 'change your IP address', they'll just have to tell you it in the first place, then you're done.

In both cases, IPv6 supports auto-registration so you won't have to fiddle with it anyway. As the IETF says [ietf.org] "Since IPv6 addresses are too long to remember and EUI64-based addresses are too complicated to remember, they are not suitable for such identifiers"

IIRC you don't need DHCP anymore with stateless autoconfiguration.

NAT:
think for a moment what NAT does. All you have is your router attached to the internet, and all your computers connected to the router. Unless you explicitly allow incoming connections to pass through, your PCs are "firewalled" at the router.

If you have IPv6, you'll still have the router. I hope that all router manufacturers will be shipping them with incoming connectivity disabled by default, just like it is at the moment. Then, you'll be no less secure with IPv6 than you are today.

You will have the benefit of being able to "DMZ" as many of your PCs as you like, not just one of them. This is best of both worlds.

I think IPv6 will be a good thing, if it ever happens. I can't see that happening anytime soon though, there's too much infrastructure out there.

ipV6?

Can anyone try and give a quick ipV6 (benefits?) overview for someone who (relative to the rest of the world) is smart & computer savvy, but has ADD like a mofo, and is (relative to most slashdotters) network stupid.

Drove to the Levy

Yeah, February 4th 2007, that was the day the internet died. I remember it like it was yesterday... Now where did I put my teeth? ;)

are they really that hard to remember?

When i think of the subnets i've used/worked in, i tend to believe that remembering ipv6 addresses isnt going to be that hard in reality.

Ok, they're long - but in my head right now i can remember 4 subnets, work, previous work, home and the university i went to. Now i tend to think in terms of subnets. For example lets say my home is 192.168.1.0/24, my router is 1, my dns is 2, my mailserver is 3, my printer is 4, etc etc. The bit at the front replacing the 192.168.1 may have got alot bigger, but i still only have to remember it once.

So even if its 2001:0db8:85a3:08d3:1319:8a2e:0001 you'll wrap your head around it. Am i going to remember the ipv6 addresses for slashdot, google and a dozen other public websites? No, but i dont know their ipv4 ones off the top of my head either, and its also why i have dns. The fact is the only place you're going to or should need to know ipv6 addresses is when your assigning them yourself and you'll probably memorize it out of use in any case.

Finally possible?

"it will finally be possible for two internet hosts to communicate without using IPv4 at all." DNS has nothing to do with enabling to IPV6 hosts to communicate on the internet... it only provides name resolution. The routers make it possible for 2 IPV6 hosts to communicate... you just do so by using their IPV6 address instead of the name..

Wait... isn't this bad?

I thought I recalled reading that IPv6 was easier to throttle and censor than IPv4.

ORSN has IPv6

I am surprised that so far no-one has mentioned the Open Root Server Network. It serves exactly the same data as the ICANN root servers, and has supported IPv6 for some time now. The root hints is available from http://european.nl.orsn.net/tech-hint.php [orsn.net]. I have been using it for a few years now without problems.

Re:IPv4 ~ IPv6 eqiv

The addresses work, the protocols are different, however, so there is more involved in switching to IPv6 than prefixing the address with ::ffff:.

Re:MOD PARENT DOWN

To whoever modded P down:

I appreciate your vigilance, but better attention to timestamps is advised. I posted P before G got the flamebait mod, and said flamebait mod may even have been in response to P.

Honestly, an "overrated" may have been more accurate, if anything at all.