One Step Closer to IPv6 281
gbjbaanb writes "IPv6 came a step closer yesterday as ICANN added IPv6 host records to the root DNS servers, reports the BBC. 'Paul Twomey, president of Icann which oversees the addressing system, told the BBC News website there was a need to start moving to IPv6. "There's pressure for people to make the conversion to IPv6," he said. "We're pushing this as a major issue." The reason for the urgency, he said, was because the unallocated addresses from the total of 4,294,967,296 possible with IPv4 was rapidly running out. "We're down to 14% of the unallocated addresses out of the whole pool for version 4," he said. Projections suggest that this unallocated pool will run out by 2011 at the latest.'"
Sad (Score:5, Interesting)
I mean, if those companies complain, who cares. They wouldn't get such large and prestigious allocations in an IPv6 network anyways. So what's the difference.
I know, I know, we should move to IPv6 anyways. Just a suggestion. Poor initial planning warrants changes down the road.
Re:Sad (Score:5, Funny)
Re:Sad (Score:5, Funny)
Re: (Score:2)
Re: (Score:2)
Re:Sad (Score:5, Funny)
Re: (Score:3, Informative)
It may be setup this way on your computer's network settings but the RFC says the whole
http://www.faqs.org/rfcs/rfc3330.html [faqs.org]
Re: (Score:3, Insightful)
Also, without IPv6, there's only a maximum of 2^32 Linksys routers that will be needed. IPv4 is unfairly capping the maximum number of needed NAT routers, and thus unfairly capping the profits of Cisco. We must think of the cost of IPv4 in terms of corporate profits, or we are doomed. Our economy depends on exponential growth, and that applies to addres
Re: (Score:2)
Its sad to look at the list of class a allocations [iana.org] and know that we're almost out. All this was done before NATs became popular. I think ICANN/IANA should work on wrestling some of those class As back from companies like Ford, Apple, HP, etc. None of those companies are going to ever have 16,000,000 hosts on public IPs. I know some of those companies have already made sub allocations. We could probably buy 5-10 years if they could reclaim just the 3, 9, 13, 17, 19, 20, 34 and 40 class As and get over 130,000,000 IPs back.
I mean, if those companies complain, who cares. They wouldn't get such large and prestigious allocations in an IPv6 network anyways. So what's the difference.
Halliburton has a TLD? I dunno... if you tried to take it back, a certain someone might "accidentally" shoot you in the face!
Re: (Score:2)
Sheesh.
Re: (Score:3, Informative)
We could probably buy 5-10 years if they could reclaim just the 3, 9, 13, 17, 19, 20, 34 and 40 class As and get over 130,000,000 IPs back.
Well, think about this: 3.x.x.x is owned by General Electric:
;; QUESTION SECTION: ;www.ge.com. IN A ;; ANSWER SECTION:
whois 3.0.0.0
OrgName: General Electric Company
NetRange: 3.0.0.0 - 3.255.255.255
CIDR: 3.0.0.0/8
NetName: GE-INTERNET
So naturally, you would expect www.ge.com [ge.com] to be in that block. And you would be wrong.
dig www.ge.com
www.ge.com. 30 IN A 216.74.131.56
I have always thought it was rather irresponsible of them.
Re:Sad (Score:5, Informative)
130,000,000 / 4,294,967,296 = 3%
The article says we will run out of unallocated IPs by 2011. The unallocated pool is 14%. It is currently 2008. 2011 - 2008 = 3 years. What makes you think that reclaiming 3% is going to buy us 5 to 10 years?
Re:Sad (Score:5, Funny)
Re: (Score:3, Informative)
I'm a contractor with the Postal Service (Class A 56) and I don't think we need the whole thing. Probably 50-75% of postal computers are individual post offices that access the network through a DSL (or in some small towns, dialup) and VPN. Data Centers and other large facilities should easily be able to fit in 1-1
Re: (Score:2)
I'm a contractor with the Postal Service (Class A 56) and I don't think we need the whole thing. Probably 50-75% of postal computers are individual post offices that access the network through a DSL (or in some small towns, dialup) and VPN. Data Centers and other large facilities should easily be able to fit in 1-10 class B's depending upon just how many sites there are.
Well, it used to be that all that ip space was divided up amongst different processing & distribution centers, post offices, etc. Now like everyone else, they are using a lot of NAT.
Re: (Score:3, Funny)
Re: (Score:2)
For more information on the rate of IPv4 consumption, see http://www.potaroo.net/tools/ipv4/ [potaroo.net]
And, while those companies aren't using 100% of their blocks, they are using some of them, so it's not as trivial as just returning the unused block; they have to make sure they are numbered in a small subset of it and return the rest.
A lot of
Re: (Score:3, Interesting)
Re: (Score:3, Informative)
HP used to have another Class B: 130.168.x.x, which it acquired along with Convex Computer. However, they subsequently gave it to Agilent when spinning it off.
Re: (Score:2, Flamebait)
Re: (Score:2)
Re: (Score:2)
How do you define prestigious? I hope its not by number of addresses assigned.
I have a
Re:Sad (Score:5, Insightful)
http://www.arin.net/registration/guidelines/ipv6_initial_alloc.html [arin.net]
Re: (Score:3, Insightful)
Have you not paid your 2008 ARIN fees?
Are you not an ISP?
You can't come up with the US$35 for a
How is ARIN blocking you in any way?
Are you just trolling
I don't understand your complaint. If you already have an IPv4 allocation from ARIN, getting an IPv6 allocation requires only filling out the form, sending it in, and getting your allocation. They stick the $35 onto your ARIN fee at the next billing cycle. It's even easier than getting an IPv
Re:Sad (Score:5, Funny)
Re: (Score:3, Insightful)
Just Like Oil (Score:5, Insightful)
Re: (Score:3, Insightful)
Re: (Score:2)
Re: (Score:2, Interesting)
Re: (Score:2)
Actually, it's the other way around. Everyone has been fed up with ICANN because they've been dragging their feet on getting this done.
Re: (Score:3, Interesting)
Re: (Score:3, Insightful)
6to4 is pretty similar to configured tunnels, but it structures its IPv6 addresses in such a way that each endpoint can automatically discover the IPv4 address of the other endpoint. Thus 6to4 requires no configuration or state in the network.
Re: (Score:3, Insightful)
Re:Just Like Oil (Score:4, Insightful)
We are not addicted to oil just because we are lazy. We are addicted to oil because it is so god-damn good. We will be badly screwed if it runs out, and no amount of innovation will bring such a wonderfully convenient energy source back. In comparison, and, come to think of it, not even in comparison, IP6 is a complete and total triviality.
Re: (Score:3, Insightful)
Re: (Score:2)
Re: (Score:2)
Mine gave me 16 for free, but it's a rare case of an actually good ISP.
Re: (Score:3, Insightful)
Re:Just Like Oil (Score:4, Insightful)
It would be nice to have a perfectly efficient method of coercion to force ISP's to actually spend their subsidies on broadband penetration, but no one in power seems to be interested. It's the same story as IPv6 up to now. ICANN seems to be taking the lead finally. Hopefully someone will follow suit in the broadband arena.
It's a sham - the Internet is mostly dark (Score:2, Insightful)
Try it yourself - hack up some script to randomly generate IPs and then ping sweep the network blocks. You'll probably be quite surprised at the result.
A while back, I wanted to have a way to detect if a host was "offline" so that it could modify its behavior. (EG: halt outgoing SOAP requests if the server's network connectio
Re: (Score:2, Insightful)
Most large server farms block ICMP/ping at the border. Relying on ping to indicate whether an IP is occupied is just wrong.
Granted, I'm with you on the "large empty pool" theory.
Re: (Score:2)
Re: (Score:2)
iptables -P INPUT DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
Tada. "reject" is one thing, because it actually responds. "drop" though - just drops the packet...almost like nothing is even there. And yet, I can go out and do things, and stuff can get back to me on established sockets.
Re: (Score:3, Insightful)
Re: (Score:3, Informative)
Now, maybe day one I only need 4 IP addresses. I get a subnet that can handle that, plus maybe 2 more. Now, when I need to add 2 more, I have to add a whole new subnet, waste more IPs, AND
Re: (Score:3, Interesting)
That's assuming I want all my devices to be publicly visible. What if I don't? While NAT is a little PITA to set up, it works beautifully for the job. I don't want people to be able to easily figure out the all the systems on my network, and even if I converted my network to IPv6, I want a solution like NAT.
NAT just makes it easy for the network to have a single point-of-contact going in/out of the network.
Re: (Score:2)
Re:It's a sham - the Internet is mostly dark (Score:5, Informative)
Of course, time goes on, ram is cheap, and doing it now is somewhat easier, but it still requires ram and processing power, and that increases latency and cpu utilization.
For instance, assume that everyone was assigned address space in blocks of 256 address (class C) and had to show they utilized the address space before getting more as well as prove they continued to use it. Now assume that only half of the address space available was assigned. 2.1 billion addresses in use. Thats approximately 8.3 million class C blocks
allocated. I'm going to assume thats higher than what we have actually in use these days (not allocated, in use) but bear with me for reference purposes.
Now, for each packet you route, you have to search through those allocated blocks and find the one that contains the address you're communicating with. You also have to determine which path of the many you may have on your router is the best path to use based on number of hops to the destination (we'll pretend AS hops are real hops for simplicity), include other factors such as your internal weights for a route because its expensive for you to use the OC3 you have rather than the DS3 because you got a great deal on the DS3 but not so much on the OC3.
You've just spent a lot of CPU cycles trying ot figure out which path to use. Now
So
Okay, so now we can do better, great! Lets readdress everyone
I'm not going to bother going into the complexities of re-addressing a large network, but its rather a pain in the arse and can cost a whole hell of a lot of money in IT resources. So when you look at the big picture and think, 'well, I can readdress now and help deal with the problem and then have to eventually switch to the new protocol (for now, IPv6) eventually anyway OR I can wait till everyone has to switch to the new protocol because of this problem and only do it once'
It makes more sense to wait and do it at once, save yourself some money, deal with it when everyone else does, and deal with the least amount of work you can until that time. And
Of course, on that same note, there are plenty of businesses which don't exist yet that will make a killing off the scare of running out of IPv4 address space and the switch to IPv6
Re:It's a sham - the Internet is mostly dark (Score:5, Insightful)
The sad part is, most of the IP addresses in question are... dark. Nothing there. Even though we're approaching 85% allocation, utilization is probably around 1-2%. No, I'm not kidding.
And you have ANY hard data to back that up ? No. Others are trying to come up with better metrics (http://www.potaroo.net/tools/ipv4/index.html is exceptionally verbose), but you ? You are not kidding about thinking that it maybe probably is around 1-2% ... Wow.
Try it yourself - hack up some script to randomly generate IPs and then ping sweep the network blocks. You'll probably be quite surprised at the result.
Bzzzt. No, I would not be -- nor should anybody be. First of all, it's not a requirement for every address to be routable to (and you can check that much better by looking at what percentage of prefixes are actually advertized). Second, many, MANY hosts and networks are behind firewalls, intrusion detection & response systems, etc. -- a "simple pingscan" can easily land you in a black hole at the network border after a couple of pings -- if access to those machines is even allowed from your network. Sure, in consumer broadband connections you don't often have such firewalls restricting inbound access, but that's not the "entire internet". Hell, go ping amazon.com and see what you get back. Nada, that's what.
A while back, I wanted to have a way to detect if a host was "offline" so that it could modify its behavior. (EG: halt outgoing SOAP requests if the server's network connection was disrupted, preventing bogus error messages from entering the system)
A problem many others have faced and solved before you.
My first thought was to randomly generate 10 IP addresses, then ping them to see if they were offline, guessing that at least 50% would respond.
Accounting for the different classes of addresses, unroutable space, bogons, etc. in that random calculation would be more work than the result is worth, especially seeing as how the state of netblocks can change over time. I wonder, why was your first thought to crap out (at least) 10 packets to the net that really are not needed ? What possible reason could there be for you to automatically ping a cellphone in Singapore ? Just imagine everybody doing this, just to check whether they are "online" ...
How about choosing some well-known addresses (such as one of your own servers in a different locale, or possibly "well-known" servers that you know will respond and that don't mind a ping from you every now and then ... Not only do you get a 100% response rate when everything is working correctly, you also forego abusing bandwidth in remote locales you are not at all interested in.
Basically, none did. So, then I tried randomizing addresses and keeping a list of only those that had, at one time, responded. Even that turned out to be unfruitful.
You know, while still a bit dickish, it might have occured to you that most of {a-m}.root-servers.net do reply to ping or DNS requests. So do, in all likelihood, a router in your upstream, or DNS resolvers you know about. Instead, you now latch on to addresses that respond. The cellphone in Singapore, for instance.
So finally, I took a dictionary and randomly created domain names from 1-2 normal dictionary words, pinging those, and keeping a list.
Ah. So now that flooding ICMP out to the net is not enough, you have to litter it with bogus DNS requests the reply to which you are not really interested in. Again, imagine EVERYBODY doing this. Why not pick 10 known domain names and always ping those ? At least the results will be cached, and you may even choose ones whose owners you know and can ask whether they mind to be flooded with icmp every now and then.
That yielded some 40% usable responses, allowing me to keep a list of fairly
Re: (Score:2)
Maybe 1 or 2 percent is a bit on the low side, but there is a lot of attrition with sub-netting /30s, where there are 4 addresses taken, of which two (one half) are the network and the broadcast address (x00 and x11) leaving the remaining two (x01 and x10) for actual devices, of which one will most likely be a router or gateway, and the last one is the actual server doing something interesting.
On the other hand, several ISPs use dynamic allocation when assigning IP-addresses to their customers, and a numb
Re: (Score:2)
The key problem with that is that the longer you wait the more equipment you have to replace and/or upgrade. And more upgrades and replacements means more money spent that would otherwise not had the equipment been installed with IPv6 from the get go.
So if you wait too long you can cripple your company/agency with overhead in contractor and equipment costs which could have been averted if you implemented a plan earlier. Of co
Re:Just Like Oil (Score:5, Interesting)
It simply doesn't follow that Co2 levels haven't ever been this high. That Co2 that we are generating; you know, from fossil fuels?
Where do you think it was before it became fossilized?
http://www.geocraft.com/WVFossils/PageMill_Images/image277.gif [geocraft.com]
For most of the current Cenozoic era, Co2 levels have been *higher* than they currently are. The *only* possible issue with "global warming" right now is whether or not the rapid rate of change in Co2 levels will be damaging, not the absolute level of Co2 in the atmosphere.
For example, during the Jurassic period, Co2 levels were at 1800 ppm. During the Cambrian period, Co2 levels were 5000 ppm. Currently, Co2 levels are at 378 ppm, and even if we burn ALL known sources of Fossil Fuels it is unlikely we will drive that above 900 ppm or so.
Oh Noes The Internets! (Score:2, Funny)
Seriously, though, I have a feeling that IPv4 will be saved by an ingenious tech solution far in advance of the world running out of addresses.
Re: (Score:2)
Re: (Score:2)
Yeah, there are loads of great solutions that you can just invent really easily.
For example, we could put the whole world on 1 IPv4 IP. Then we simply use a secondary metric for determining which host we want to send data to; this could be a 128 bit number, meaning there will easily be enough secondary numbers for all hosts in the world for a long time to come.
Re: (Score:2)
Re: (Score:3, Insightful)
My home network allows over 10M hosts (Score:5, Funny)
Re: (Score:2)
Re: (Score:2, Informative)
Good. (Score:2, Funny)
Either that, or router manufacturers will start including SPI firewalls that aren't completely useless.
Re: (Score:2)
temporary fix (Score:2, Funny)
Re: (Score:3, Informative)
IPV6, a lame solution for no problem (Score:2, Insightful)
Forcing v6 will be a disaster. It's better to force people to better implement v4 and take that time to design a system that will expan
NAT Sucks (Score:4, Informative)
A few reasons you might want to have a public address inside your network:
* Direct VOIP telephony (SIP, Skype, various instant messenger clients, run a TeamSpeak Server), etc
* Running game servers, web server, mail server, etc
* Remote access (VNC, SSH, etc)
* Direct file transfer with a friend (I've, from time to time, run into problems with things like instant messenger client based file transfers not working behind a NAT - though they do seem to have somewhat alleviated that problem - I suspect by routing my file transfer through the IM network instead of directly to the other person), or P2P file sharing systems, like Bittorrent - yes, they can usually work behind NATs; but they work better if direct connections could be more easily made).
Yes, yes, I know about port forwarding. That's fine and dandy as long as you only have a single device per port that you want to allow incoming traffic to. Ultimately, IPv6 is a much better solution to the problem of address space limitations than is NAT. NAT usually requires software to do ugly hacks to get around the limitations of only allowing outbound connections. A simple firewall with every device having a global address is a better solution, because then I can open up as many ports to as many devices as I like, without having to worry about only allowing one device per port.
I've had a number of times where I've been extremely frustrated by NAT. Often times, if software isn't explicitly written with NAT in mind, and the problems it creates, then it won't work well in a NAT'ed network.
more the story (Score:5, Informative)
http://en.wikipedia.org/wiki/Ipv6#Features_and_differences_from_IPv4 [wikipedia.org]
Re:more the story (Score:4, Informative)
Larger address space
This is the address exhaustion argument.
Stateless address autoconfiguration (SLAAC)
Interesting, but not a selling point for users, and will make administrative management a pain in the ass. Most networks will use DHCPv6 to have records of which host had a given IP address...but they'll still have to run AutoConf to get a default gateway. This kind of split is annoying more than it's helpful.
Multicast
This is really only used on the link level, with one or two site-level things. I don't think this will not be used heavily. Also, if you want multicast, it's already available in IPv4. So this isn't really a gain with IPv6.
Link-local addresses
End users don't care, most sites won't care. In fact, the only people who do care are the authors of EIGRPv6 and OSPFv6 implementation. This isn't really a gain...just a difference.
Jumbograms The first possibly interesting thing in the list. It won't be used by many places, but DB->App server jumbograms are a common thing in IPv4, and making those bigger & standard is a reasonable gain.
Network-layer security
aka IPSec. Implemented, but key exchange is left as an exercise for the reader. (In other words, it's not happening.) This will be used very, very rarely. This is also something that's already available in IPv4, so not a gain for IPv6.
Mobility
Interesting, and also something definitely new....but not actually implemented anywhere. Not clear if this will fly at all.
No more checksum at the network layer
I'm not sure if anyone really cares.
In short, the single biggest selling point for the vast majority of businesses and users really is the extra size. The other stuff is either already available in IPv4, or only useful for some rare cases. In the majority of cases, the extra IP space is IPv6's only real selling point.
I don't expect much to change (Score:5, Interesting)
They're not going to be very eager to give up their position as a gatekeeper of a limited resource just so their customers can frolick in a vast address space for free. Since most of them operate in a monopoly or duopoly situation, the proverbial "free market" won't force them to move off IPv4 either.
Re:I don't expect much to change (Score:5, Insightful)
If a user wants a public IP. That's more cost. If they want a *fixed* IP.. go talk to the business services manager over there.
If they do implement ipv6 it'll be done the same way. 1 ipv6 address per account (ipv6 NAT exists and has done for a while). If you want 8 of them that's more cost. If you want more than 256.. see that guy in a suit waving? Go hand him your chequebook.
And before anyone says 'but but we'll all get 16 million addresses!'.. yeah, over the rotting corpses of every major ISP in the world.
Re: (Score:2)
Re: (Score:2, Informative)
I used to work for Ampex, the inventors of the VCR, once a company with about 20,000 employees, now essentially a patent licensing firm with fewer than a hundred. They have a Class B: 13
oh grow up (Score:2)
First of all, it certainly used to be easy to be an ISP, and there used to be a whole slew of mom 'n' pop ISP operations. The fact that a lot of those closed up shop has much more to do with the fact that they just couldn't compete with the cutthroat pricing the telcos (and to a much more limited extent) the cable companies were rolling out to acquire market share. If you're living in an area with only one or two ISP cho
Re: (Score:2)
If I want to start a business and it HAS to be on a v6 block because there are no v4 blocks left it would be a bit unfair competitively for me if the consumer ISP's refused to allow access to my web site due to lack of providing IPv6 to consumers.
I expect something like an edict from the Fed to c
Peak IP? (Score:5, Funny)
Re: (Score:2)
Blame it on the man! (Score:2, Funny)
Re: (Score:2)
It wasn't his idea to put a refrigerator [lginternetfamily.co.uk] on the 'net.
IPv6 migration behind a NAT (Score:3, Interesting)
If you are stuck behind a home router, with NAT then you will probably find yourself unable to access IPv6 sites. In the meantime there are two solutions:
- Teredo. If you have Vista this is standard. For everything else there is Miredo [remlab.net]
- Aiccu. A litte more work and bureaucracy to get up an running, but a solution non-the less
Of course there is also Apple's Airport Extreme, which is one of the few home routers out there that support IPv6. I believe some of the third-party firmwares will do this too, but I don't think the IPv6 support is mature. As for Linksys, D-Link, et al. I think you are out of luck for the moment.
Also, if you running Apache, you will need a minium of Apache 2 and specify IPv6 support, using the configure script, prior to building it.
IP6 won't matter til Google supports it (Score:5, Insightful)
That means that I can do a DNS query using nothing but IP6 packets - NOT IP4 packets.
That means that I can do an HTTP transfer from Google's servers using nothing but IP6 packets - NOT IP4 packets.
Hell, wake me up when there's a AAAA record for Slashdot.
This is a *baby* step towards IP6 being useful.
Re:IP6 won't matter til Google supports it (Score:4, Insightful)
Now Google can register an AAAA record, do you think they will? If they couldn't register one, do you think they would?
Re:IP6 won't matter til Google supports it (Score:5, Informative)
So you can query the root and
I agree that there isn't much content on the IPv6 internet now. So if you want it, yell at the content providers.
Consumer router support (Score:4, Interesting)
Well, I'm happy to say that my wait is finally over. They didn't make a big deal about it, so I don't know exactly when they did it, but Apple added that support to their Airport Extreme. So now when I go anywhere that has one of those, I can directly SSH into those inside machines that I've opened ports for without undue muss or fuss.
Apple has been a stalwart supporter of IPv6, from my observation. It's been possible to use AFP file sharing over IPv6 since at least Tiger and the built-in VNC stuff works over IPv6 too (though there is a naming lookup bug that requires you to connect using the IPv6 address literal if you use the command-K "Connect to" dialog).
So, Netgear and Linksys, what's holding you guys up?
I get a surprising number of IPv6 hits... (Score:5, Informative)
I get a surprising number of IPv6 hits on my webserver at home. Most of these appear to be XP or Vista boxes with Internet connection sharing turned on that automatically assign themselves a 6to4 [wikipedia.org] addresses when they have an interface with a public IPv4 address.
IPv6 with 6to4 is easy to set up, and I'd recommend it to anybody who has a static IPv4 address. You can use NAT-PT [tomicki.net] so all your IPv6 hosts can still get to the IPv4 network. If you have a couple of DNS servers, you can even set up reverse DNS for your IPv6 network just the way you want using this nice web interface [nro.net] from the NRO [nro.net].
I maintain some good links to stuff about IPv6 on del.icio.us [del.icio.us].
I hate NAT. And I think IPv6 can be just as secure. Partly because a 64-bit address space is really hard to effectively randomly probe working addresses and partly because it's fairly easy to configure a firewall to not allow incoming connections.
Before IPV6 gets popular, it needs: (Score:2)
1. Home routers that support it.
And/or
2. DSL and cable modems that support it.
I'd love to convert my home network to IPV6, but as long as I connect through an IPV4 ISP, and my wireless router only does IPV4, I'm hosed.
Joe D
Re: (Score:2)
1. Home routers that support it.
What about NATs (Score:3, Interesting)
Re: (Score:2)
Given a standard end-user allocation of a /64 network, you will have 1.8*10^19 addresses to play with. It is unlikely that you would need to fake more with NAT.
Re: (Score:2)
Re: (Score:2)
They'd have to really work at it. The normal IPv6 link configuration process only allows the ISP to set the leading /64 prefix. The trailing 64 bits are entirely determined by the host, and can't be forced to any particular value by the upstream router. It's possible to force the issue by way of MAC registration and DHCPv6 or a firewall, but it takes a fair amount of configuration to do it and it doesn't work well with the Windows IPv6 stack (which much prefers that you use stateless autoconfiguration of in
Projections (Score:2)
Riight. Last I read it was 2011 for ARIN, 2012 for RIPE, assuming current allocation procedures. If allocation- and revocation-procedures are changed before then, "at the latest" suddenly becomes "at the earliest".
There is a problem, but it's not got a final due-by date attached to it just yet.
Double byte AS numbers are running out too (Score:2)
Where the IP space allocation graph shows an exponential line since 1990something, the AS number allocation graph shows a linear line.
The interesting thing is that somewhere in 2010/2011, when the IPv4 IP space is running out, also the double byte AS number allocation is running out. At around
Re: (Score:3, Insightful)
If google, microsoft, redhat, CNN and the BBC (insert favourite site here) all go ipv6 (and by that I mean google starts indexing it too), that will be the year of ipv6.
Re: (Score:2)
There shouldn't be an inside or outside for IPv6, since there is no notion of NAT. If you mean your router, then using a service like dyndns.org is an alternative.
Re: (Score:2)
Uhh, using the DNS name you registered?
Re: (Score:2)
Re:Great, IPv6, an insecure protocol (Score:5, Informative)
Lest anyone think this jackass is correct:
It is not up to the protocol to support the hardware. And anyway, all good firewalls support IPv6 already. NAT? It's there if you're dumb enough to want it.
Step one: update your router to the new netblock.
Step two: sed -i'' 's/^old:net:block/new:addr:ess/' db.mydomain.com; rndc reload
Step three: laugh at people who go around changing ISPs all the time.
If only it support IPSec [ipv6.com], "the goal of [which] is to provide various security services for traffic at the IP layer, in both the IPv4 and IPv6 environments." Oh, wait...
Re: (Score:3, Informative)
With no ability to NAT or firewall in IPV6 , anyone on the external Internet can find out exactly what you have, theb stage targeted attacks on every single host on a private network.
End-user netblocks are 2^64 addresses in size. If an attacker could ping a billion hosts per second, it would still take them 585 years to scan a single block.
So, again, NAT-as-security is even dumber on IPv6 than it is on IPv4.
As for the stated IPsec, it was a nice draft... but never made in the standard.
From Wikipedia:
Wow. Guess you're wrong there, too.
Re: (Score:3, Informative)
I firewall ipv6 very nicely, thank you very much.
And you're last comment proves you're not a net admin.