Brian Candler wrote: > On Sun, Jan 28, 2007 at 12:36:38AM -0800, Joe wrote: >> whats sad is how many people will never let go of NAT after they migrate >> to ipv6. > > It's not sad; for many people it would be essential. How would you like your > 48-bit MAC address to become a permanent cookie, following you about > whenever you access the Internet?
*sigh* read RFC3041 to 'solve' that part and of course dhcpv6 exists and everything else you have in IPv4. > And if you need to change ISP, and > therefore get a new address allocation, many people would rather just put in > some NAT at the border than take the pain of network renumbering (which IPv6 > doesn't make any easier than IPv4) Depends on the size of your network of course. But you can actually get IPv6 PI space already, you will have to cash out a bit for it, just like for IPv4 address space, but it is there. Problem for that solved. Same non-scaling solution as in IPv4. No differences there. And otherwise read RFC4193 to get your unique local goo for free. > Stuart Henderson wrote: >> 128-bit gives you a *lot* of address space. >> >> 18 million million million /64's, each of which can hold >> 65536 x the total number of possible 48-bit MAC addresses. > > Nope. One year ago, France Telecom applied for, and was granted, a /19 of > IPv6 address space. Since the first three bits are fixed in the unicast > addressing plan, this means that a single ISP has already taken 1/65,536th > of the total available. The first three bits (2000::/3 ;) are used now only that in case this whole idea of giving people huge chunks of addresses goes bad that there are 7 (8-1 ;) tries left to do it correctly. So if the 2000::/3 space runs out, then the world has another 7 tries left to screw it up again. Thus no issue there. Of course if you have better ideas, you can always bring it up on the various RIR forums. Also note that FT serves the whole country of France, you might not like them, but they also have a right to use the Internet ;) Most ISP's get only a /32 and there are millions of those. Getting a /19 is really something that only a few ISP's will be able to claim that they will actually be able to get customers for. > This all boils down to dogma on the part of the IPv6 designers - e.g. "thou > shalt not have server-based address autoconfiguration". If IPv6 had stuck > with DHCP, which everyone knows and understands, then you could just give > each customer a /96, rather than a /48 as demanded by IPv6, and we would > have addresses for aeons. Not so now. There is *NO* demand from anyone for giving /48's to customers. It is only a suggestion. RIR's do allocate address space towards ISP's based on the fact that they will be providing the /48's to endusers. The reason btw for doing that is so that the prefix size is always the same. You can then 'easily' (ahum) renumber by just swapping out the first 48 bits, the rest you can keep the same. At least the numbering plan will thus be easy that way. (the editing and getting everything else isn't ;) The only sort-of requirement that there is is the /64 boundary, because of autoconfig, which you can easily avoid too by using static addresses or DHCPv6. You can perfectly use /126's if you want. BTW: Don't use /127's that will break your IPv6 as the lowest address is the anycast address. Just like the network address in IPv4. > So I argue that IPv6 doesn't solve any of the problems which IPv4 has - not > even address depletion - and adds plenty of its own. Address "depletion" is the only one thing that IPv6 really solves it perfectly well. > As a result, I don't > see much commercial reason to roll it out, and certainly no commercial > reason to switch off the existing IPv4 Internet. Arguments here: > http://pobox.com/~b.candler/doc/misc/ipv6.txt I suggest you start doing some background reading, read a good book or something as you clearly are missing a LOT of information, as I've easily shown by the answering the FUD you where trying to spread above. Don't read this as rant, it will probably sound like it, but that is because you have so much wrong in the text ;) To address the points in that document: > 1. ROUTING TABLE EXPLOSION IPv6 is an ADDRESSING system, it has nothing (not much at least) to do with routing. BGP/ISIS/OSPF are ROUTING systems. Subscribe to [EMAIL PROTECTED] if you want to solve that problem. > 2. THE RENUMBERING PROBLEM Impossible to solve as well documented by the IETF. The second there is an external factor (eg a place where you have to put your IP in a remote firewall or DNS server) this ain't easy any more. Valid argument, but the same for IPv4 and IPX and any other. problem there is here > 3. THE MULTI-HOMING PROBLEM See 1) Same problem in effect. Btw, phone numbers are analogous to DNS, not to IP addresses. > 4. ADDRESS DEPLETION Your arguments are bullshit, and you know it. > 5. NETWORK ADDRESS TRANSLATION "Unfortunately, it does. There are people running NAT for IPv6, right now." I have never seen or heared anybody doing it (yet). also again see RFC3041. > 6. SMALL PROVIDERS, DEVELOPING COUNTRIES No problem there, even when you wrote that document. ANY ISP has a plan for 200 customers, if you don't well, is there use for you then getting a /32 of address space? > 7. FALSE ROUTES AND INSTABILITY Again, Routing != Addressing. SBGP is one part of the solution for this btw. Good monitoring systems like RIS and GRH is the other. > 8. SOURCE ADDRESS SPOOFING SBGP + uRPF. Both possible for IPv4 and IPv6. > 9. ABUSE Of course on can still abuse. Nothing to do there. That is the 'side effect' of allowing people to send packets. > 10. FAIR RESOURCE SHARING AND "QUALITY OF SERVICE" QoS is available for both IPv4 and IPv6. Tag your traffic correctly, have the intermediate routers use that information and you are up and running. The problem is though that there is no global protocol which can request a 'perfect low latency 10Gbit stream from A to B', as you don't own the whole route. If you want to be able to do that: build a global network or BUY the service. > 11. SECURITY Use IPSEC, same as for IPv4. > 12. ADDITIONAL PROBLEMS CAUSED BY IPV6 12.1 Yes, Doom allowed you to play against IPX players when you where on IP already. At least if the programmer had written it correctly, thus getaddrinfo() way it would have been easy to fix. Not much to do there but upgrade. 12.2 is fixed already, in effect nobody ever used A6. A6 was also only an experimental draft, never even up for standard. 12.3 Use the source luke and fix it. 12.4 same as 12.1 in effect. You should have used the correct API's which where in place already BEFORE IPv6 came around. 12.5 Please ask your granny to remember your telephone number (10 digits) or the IP address of www.google.com, oh yeah that changes now and then. Use DNS. Simple. 12.6 indeed, every John Joe does their own network. They also have a clear understanding of IPv4 netmasks, broadcast, network address, CIDR, etc etc I assume ;) 12.7 again read RFC3041 or just configure it statically or randomly whatever. There are a lot more ways to track you anyway. Sorry, not wanting to step on your toes, but that whole 'document' is only a nice piece of FUD. I suggest you start updating the document by rewriting it from scratch. After you read an actual book or have done something with IPv6. Greets, Jeroen [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
