Re: [gentoo-user] IPv6 not ready here; Hmmm
On Friday 10 June 2011 08:52:15 Pandu Poluan wrote: -original message- Subject: Re: [gentoo-user] IPv6 not ready here; Hmmm From: Paul Hartman paul.hartman+gen...@gmail.com Date: 2011-06-10 03:52 And another bonus is that there are plenty of funny things we can spell in hexadecimal. ;) While I'm sure I'll tag the C001:D00D address for my workstation, I'm not sure upper management will appreciate me naming some servers DEAD:BEEF or BAD:D06 or A55:401E ... :-P If you don't tell them and, when they do notice, tell them that changing the IPs is not recommended due to possible issues with the installed software, you might get away with that. Although, why reserve those for servers instead of said management? ;) -- Joost
Re: [gentoo-user] IPv6 not ready here; Hmmm
On Fri, Jun 10, 2011 at 14:22, Joost Roeleveld jo...@antarean.org wrote: On Friday 10 June 2011 08:52:15 Pandu Poluan wrote: -original message- Subject: Re: [gentoo-user] IPv6 not ready here; Hmmm From: Paul Hartman paul.hartman+gen...@gmail.com Date: 2011-06-10 03:52 And another bonus is that there are plenty of funny things we can spell in hexadecimal. ;) While I'm sure I'll tag the C001:D00D address for my workstation, I'm not sure upper management will appreciate me naming some servers DEAD:BEEF or BAD:D06 or A55:401E ... :-P If you don't tell them and, when they do notice, tell them that changing the IPs is not recommended due to possible issues with the installed software, you might get away with that. Although, why reserve those for servers instead of said management? ;) There's playing with fire, and there's playing with FIRE. :D Rgds, -- Pandu E Poluan ~ IT Optimizer ~ Visit my Blog: http://pepoluan.posterous.com
Re: [gentoo-user] IPv6 not ready here; Hmmm
On Friday 10 June 2011 17:08:40 Pandu Poluan wrote: On Fri, Jun 10, 2011 at 14:22, Joost Roeleveld jo...@antarean.org wrote: On Friday 10 June 2011 08:52:15 Pandu Poluan wrote: -original message- Subject: Re: [gentoo-user] IPv6 not ready here; Hmmm From: Paul Hartman paul.hartman+gen...@gmail.com Date: 2011-06-10 03:52 And another bonus is that there are plenty of funny things we can spell in hexadecimal. ;) While I'm sure I'll tag the C001:D00D address for my workstation, I'm not sure upper management will appreciate me naming some servers DEAD:BEEF or BAD:D06 or A55:401E ... :-P If you don't tell them and, when they do notice, tell them that changing the IPs is not recommended due to possible issues with the installed software, you might get away with that. Although, why reserve those for servers instead of said management? ;) There's playing with fire, and there's playing with FIRE. :D Considering I regularly play with Nitro mixtures and sharp blades spinning around through the air, playing with FIRE isn't too bad :) Besides, how many managers do you have that actually check the IP-addresses the DHCP server gives their machines randomly? :) -- Joost
Re: [gentoo-user] IPv6 not ready here; Hmmm
Apparently, though unproven, at 15:17 on Friday 10 June 2011, Joost Roeleveld did opine thusly: On Friday 10 June 2011 17:08:40 Pandu Poluan wrote: On Fri, Jun 10, 2011 at 14:22, Joost Roeleveld jo...@antarean.org wrote: On Friday 10 June 2011 08:52:15 Pandu Poluan wrote: -original message- Subject: Re: [gentoo-user] IPv6 not ready here; Hmmm From: Paul Hartman paul.hartman+gen...@gmail.com Date: 2011-06-10 03:52 And another bonus is that there are plenty of funny things we can spell in hexadecimal. ;) While I'm sure I'll tag the C001:D00D address for my workstation, I'm not sure upper management will appreciate me naming some servers DEAD:BEEF or BAD:D06 or A55:401E ... :-P If you don't tell them and, when they do notice, tell them that changing the IPs is not recommended due to possible issues with the installed software, you might get away with that. Although, why reserve those for servers instead of said management? ;) There's playing with fire, and there's playing with FIRE. :D Considering I regularly play with Nitro mixtures and sharp blades spinning around through the air, playing with FIRE isn't too bad :) Besides, how many managers do you have that actually check the IP-addresses the DHCP server gives their machines randomly? :) You have managers that know what an IP address is? Wow -- alan dot mckinnon at gmail dot com
Re: [gentoo-user] IPv6 not ready here; Hmmm
OK. I rebooted and I don't think the test results changed anything. Test with IPv4 DNS record ok (1.003s) using ipv4 Test with IPv6 DNS record bad (0.496s) Test with Dual Stack DNS record ok (0.993s) using ipv4 Test for Dual Stack DNS and large packet ok (0.543s) Test IPv4 without DNS ok (0.988s) using ipv4 Test IPv6 without DNS bad (0.012s) Test IPv6 large packet bad (0.455s) Test if your ISP's DNS server uses IPv6 timeout (15.018s) Kernel config. root@fireball / # cat /usr/src/linux/.config | grep -i ipv6 CONFIG_IPV6=y CONFIG_IPV6_PRIVACY=y CONFIG_IPV6_ROUTER_PREF=y CONFIG_IPV6_ROUTE_INFO=y CONFIG_IPV6_OPTIMISTIC_DAD=y # CONFIG_IPV6_MIP6 is not set CONFIG_IPV6_SIT=y CONFIG_IPV6_SIT_6RD=y CONFIG_IPV6_NDISC_NODETYPE=y CONFIG_IPV6_TUNNEL=y CONFIG_IPV6_MULTIPLE_TABLES=y CONFIG_IPV6_SUBTREES=y CONFIG_IPV6_MROUTE=y CONFIG_IPV6_MROUTE_MULTIPLE_TABLES=y CONFIG_IPV6_PIMSM_V2=y # IPv6: Netfilter Configuration CONFIG_NF_DEFRAG_IPV6=y CONFIG_NF_CONNTRACK_IPV6=y CONFIG_IP6_NF_MATCH_IPV6HEADER=y root@fireball / # Did I miss anything? I think most of the failures are outside my rig. I don't run the DNS servers for google. ;-) Thoughts? Something I need to check here? Dale :-) :-)
Re: [gentoo-user] IPv6 not ready here; Hmmm
On Friday 10 June 2011 16:30:16 Alan McKinnon wrote: Apparently, though unproven, at 15:17 on Friday 10 June 2011, Joost Roeleveld did opine thusly: On Friday 10 June 2011 17:08:40 Pandu Poluan wrote: On Fri, Jun 10, 2011 at 14:22, Joost Roeleveld jo...@antarean.org wrote: On Friday 10 June 2011 08:52:15 Pandu Poluan wrote: -original message- Subject: Re: [gentoo-user] IPv6 not ready here; Hmmm From: Paul Hartman paul.hartman+gen...@gmail.com Date: 2011-06-10 03:52 And another bonus is that there are plenty of funny things we can spell in hexadecimal. ;) While I'm sure I'll tag the C001:D00D address for my workstation, I'm not sure upper management will appreciate me naming some servers DEAD:BEEF or BAD:D06 or A55:401E ... :-P Although, why reserve those for servers instead of said management? ;) There's playing with fire, and there's playing with FIRE. :D Considering I regularly play with Nitro mixtures and sharp blades spinning around through the air, playing with FIRE isn't too bad :) Besides, how many managers do you have that actually check the IP-addresses the DHCP server gives their machines randomly? :) You have managers that know what an IP address is? Wow It is mentioned in some magazines on occasion Although IP is usually translated to Intellectual Person by some and an IP- address is the address of that person ;) -- Joost
Re: [gentoo-user] IPv6 not ready here; Hmmm
On Fri, Jun 10, 2011 at 10:46 AM, Dale rdalek1...@gmail.com wrote: Thoughts? Something I need to check here? Does your ISP offer IPv6? If not, are you using an IPv6 tunnel of some kind? If not, then you don't have IPv6 connection to the Internet, so the results look normal.
Re: [gentoo-user] IPv6 not ready here; Hmmm
On Fri, Jun 10, 2011 at 9:30 AM, Alan McKinnon alan.mckin...@gmail.com wrote: You have managers that know what an IP address is? iPod, iPhone, iPad... surely iP is something related to that.
Re: [gentoo-user] IPv6 not ready here; Hmmm
Paul Hartman wrote: On Fri, Jun 10, 2011 at 10:46 AM, Dalerdalek1...@gmail.com wrote: Thoughts? Something I need to check here? Does your ISP offer IPv6? If not, are you using an IPv6 tunnel of some kind? If not, then you don't have IPv6 connection to the Internet, so the results look normal. I have ATT so no idea what they do. They are so slow at times, they may still be on IPv3 or something. lol I'm just kidding about IPv3. Just making a point. Another thing, I have a old router too. I'm not sure what role that would play in this. Unless it just allows the packets through without any changes, it may be blocking the new stuff. I guess I'm as ready as I can be right now. Dale :-) :-)
Re: [gentoo-user] IPv6 not ready here; Hmmm
Paul Hartman wrote: On Wed, Jun 8, 2011 at 11:50 PM, Dalerdalek1...@gmail.com wrote: I'm just hoping html5 will improve some things. May not but doesn't hurt to hope. I just hope it will eliminate some of the things that are such power or memory hogs now. It may not at first but eventually Some stuff is already looking good, outside of streaming video, like http://chrome.angrybirds.com/ which probably would not be possible without Flash or Java just a couple years ago. So things like youtube won't change any? Well, I learned something about one of my facebook friends. She likes that bird game too. I killed one bird but I got to work on my car. It being 100 and no A/C sucks big time. I got a funeral to go to pretty soon so I need to get this fixed. Dale :-) :-)
Re: [gentoo-user] IPv6 not ready here; Hmmm
On Wednesday 08 June 2011 23:56:32 Dale wrote: Volker Armin Hemmann wrote: Read the FAQ and Info posted. From the website: If this test fails: it means that the DNS resolver you are using, requires IPv4 to reach the DNS authoritative servers of your favoriate web sites. In the near future, every web site of consequence will remain accessible in this form, so there is no immediate danger. There is no 'falling behind'. If there is a need to migrate them to ipv6 they will do that. As end user you have nothing to worry about. -- #163933
Re: [gentoo-user] IPv6 not ready here; Hmmm
Apparently, though unproven, at 08:52 on Thursday 09 June 2011, Dale did opine thusly: Paul Hartman wrote: On Wed, Jun 8, 2011 at 11:50 PM, Dalerdalek1...@gmail.com wrote: I'm just hoping html5 will improve some things. May not but doesn't hurt to hope. I just hope it will eliminate some of the things that are such power or memory hogs now. It may not at first but eventually Some stuff is already looking good, outside of streaming video, like http://chrome.angrybirds.com/ which probably would not be possible without Flash or Java just a couple years ago. So things like youtube won't change any? Why do you think it will change at all? IPv4 is not going away. There is still lots of space available and it has a very long life ahead of it still. -- alan dot mckinnon at gmail dot com
Re: [gentoo-user] IPv6 not ready here; Hmmm
Alan McKinnon wrote: Apparently, though unproven, at 08:52 on Thursday 09 June 2011, Dale did opine thusly: Paul Hartman wrote: On Wed, Jun 8, 2011 at 11:50 PM, Dalerdalek1...@gmail.com wrote: I'm just hoping html5 will improve some things. May not but doesn't hurt to hope. I just hope it will eliminate some of the things that are such power or memory hogs now. It may not at first but eventually Some stuff is already looking good, outside of streaming video, like http://chrome.angrybirds.com/ which probably would not be possible without Flash or Java just a couple years ago. So things like youtube won't change any? Why do you think it will change at all? IPv4 is not going away. There is still lots of space available and it has a very long life ahead of it still. I was just hoping thing like youtube might change for the better. What little I know about html5, it sounds like it is going to be better. If something as big as youtube changes to better its site then others will too. We sort of switched subject from IPv6 to HTML5. I'm sure IPv4 will be around a long time tho. Now back to finding the leak in my car A/C. It won't hold a vacuum at the moment. Weird. Dale :-) :-)
Re: [gentoo-user] IPv6 not ready here; Hmmm
On 2011-06-08 9:25 PM, Paul Hartman wrote: After that, machines on my local network (including wifi) can get both IPv4 and IPv6 addresses from the router and can talk to the outside world on either network. I'm getting a headache... Is there a decent guide that explains IPV6 for noobs who don't speak IP? Meaning, in plain english, how to set it up and make it work, without having to understand all of the granular technical aspects? Also - how long is it going to be before there are parts of the internet that you can't get to without speaking IPV6?
Re: [gentoo-user] IPv6 not ready here; Hmmm
On 9 June 2011 12:16, Tanstaafl tansta...@libertytrek.org wrote: On 2011-06-08 9:25 PM, Paul Hartman wrote: After that, machines on my local network (including wifi) can get both IPv4 and IPv6 addresses from the router and can talk to the outside world on either network. I'm getting a headache... Is there a decent guide that explains IPV6 for noobs who don't speak IP? Meaning, in plain english, how to set it up and make it work, without having to understand all of the granular technical aspects? Also - how long is it going to be before there are parts of the internet that you can't get to without speaking IPV6? There's a number of howto's in google, but I'm not sure how they work if you are running a laptop and connect through different networks with/without ipv6 provision. This is the Gentoo guide: http://www.gentoo.org/doc/en/ipv6.xml -- Regards, Mick
Re: [gentoo-user] IPv6 not ready here; Hmmm
On Thu, Jun 9, 2011 at 12:46 AM, Mick michaelkintz...@gmail.com wrote: On my wife's Windows 7 laptop, it just worked perfectly after I enabled it on my router and her wifi reconnected. All tests on test-ipv6.com pass except for the last DNS test. She can go to sites like http://www.v6.facebook.com no problems. That's because Windows7 use toredo servers/relays to resolve and connect to ipv6 addresses. I disagree. :) It gets an IPv6 address from my ISP and no traffic flows through Microsoft's relay servers. It works the same as my gentoo boxes and my cell phone. The only tunnel is the one between my router and my ISP's 6RD server. Everything on my side of the network just uses native regular IPv6 as far as the clients are concerned. AFAIK, Win vista/7 only uses teredo when no actual IPv6 internet connectivity exists. And when it's not part of a corporate domain. And when the host you're connecting to does not have an IPv4 address. Again, that's AFAIK. :)
Re: [gentoo-user] IPv6 not ready here; Hmmm
On Thu, Jun 9, 2011 at 12:46 AM, Mick michaelkintz...@gmail.com wrote: BTW, Windows Vista and 7 generate randomized host IDs for public IPv6 addresses, it's generally advised to disable that. You can do that by running this at administrator cmd prompt: netsh interface ipv6 set global randomizeidentifiers=disabled I was looking at the same in the Linux kernel scratching my head if I should enable this or not ... What does it do - not sure I understand what such temporary addresses are used for: IPv6: Privacy Extensions (RFC 3041) support CONFIG_IPV6_PRIVACY: Sorry, I described the problem poorly. More specifically I should have said that it should be disabled because Windows does it /wrong/. :) In IPv6, link-local address is required (begins with fe80::) even when an internet-routable address exists. It is derived from your network prefix and your MAC address. Normally, the public IPv6 address also contains your MAC address. Every IPv6 interface is going to have at least 2 different addresses. Imagine a world where IPv6 is everywhere. You take your laptop home, to the cafe, to work, to a hotel on a business trip. Despite using different networks in each place, your MAC address will tie them all together. The governments and corporations are tracking this and now know even more about you. At least, that's what people worry about. In Linux, enabling the privacy extensions adds an additional, temporary IPv6 address to the interface, with a randomized MAC part, and it changes regularly (every hour or two? something like that). The link-local address still contains the MAC-based IPv6 address, and the standard routable IPv6 address is also available but not used by default for outgoing connections. So, inside your network, things are predictable and unchanging, which makes management of clients, routing of traffic, firewall rules, etc. easier to deal with. To the outside world, your IP address is constantly changing and can't be used to track you as easily as it would be if the MAC portion of the address were consistent. In Windows, however, when that option is enabled, they wrongly randomize ALL of the addresses, even the local, rather than just creating a temp random public address. Which means every time that machine reboots it's going to look like a new client on the local network, and any local network setup you have pertaining to a certain IP are going to be a pain to maintain. Depending on your usage, maybe that doesn't matter, but in general, on Windows machines, it's considered a buggy implementation and is undesired. In Linux, it should be absolutely fine to use. In your /etc/sysctl.conf you can add these lines to enable it on every interface by default, assuming you enabled in your kernel config: net.ipv6.conf.all.use_tempaddr = 2 net.ipv6.conf.default.use_tempaddr = 2
Re: [gentoo-user] IPv6 not ready here; Hmmm
On Thu, Jun 9, 2011 at 6:16 AM, Tanstaafl tansta...@libertytrek.org wrote: On 2011-06-08 9:25 PM, Paul Hartman wrote: After that, machines on my local network (including wifi) can get both IPv4 and IPv6 addresses from the router and can talk to the outside world on either network. I'm getting a headache... Is there a decent guide that explains IPV6 for noobs who don't speak IP? Meaning, in plain english, how to set it up and make it work, without having to understand all of the granular technical aspects? Short version - if your ISP and your networking hardware (gateway/router/firewall/whatever) already support IPv6, you simply need to enable all the IPv6 stuff in your kernel, enable ipv6 USE flag in your /etc/make.conf and rebuild affected packages. If you use DHCP/autoconfig it should just work automatically. Otherwise, you need to jump through the hoops we're talking about to establish tunnels or other means of getting IPv6 over a network that is not IPv6-capable. You can decide if you care enough about that kind of thing to shed your noob-ness and get into it more. :) The only real benefit of being on IPv6 at the moment is that every device has an internet-accissble address. That means no more NAT forwarding from your router to ports on certain devices. Otherwise, there's basically no perceivable benefits from using IPv6, other than the geek cred you earn by saying you're on IPv6. :) Another benefit, a side-effect of the fact that that most places are NOT ready for IPv6 yet, means many internet filters and loggers ignore IPv6 packages entirely. I've read that using IPv6 is one way to get around the great firewalls of oppressive regimes like China, Iran and universities. :) I don't expect that to last very long once more people start using it. For an unscientific example of how many people are using IPv6, the Mainline DHT network shows several million clients connected on IPv4 but only 78 clients on IPv6... Also - how long is it going to be before there are parts of the internet that you can't get to without speaking IPV6? There are some v6-only sites now, but they are basically sites that also exist on ipv4 internet and are used for testing/proof-of-concept. Given the billions of non-v6-capable devices on the internet, it would be commercial suicide for a company to leave the IPv4 Internet any time soon. I would guess you should be fine for another 10 years using IPv4-only.
Re: [gentoo-user] IPv6 not ready here; Hmmm
On Thursday 09 Jun 2011 16:51:29 Paul Hartman wrote: On Thu, Jun 9, 2011 at 12:46 AM, Mick michaelkintz...@gmail.com wrote: BTW, Windows Vista and 7 generate randomized host IDs for public IPv6 addresses, it's generally advised to disable that. You can do that by running this at administrator cmd prompt: netsh interface ipv6 set global randomizeidentifiers=disabled I was looking at the same in the Linux kernel scratching my head if I should enable this or not ... What does it do - not sure I understand what such temporary addresses are used for: IPv6: Privacy Extensions (RFC 3041) support CONFIG_IPV6_PRIVACY: Sorry, I described the problem poorly. More specifically I should have said that it should be disabled because Windows does it /wrong/. :) In IPv6, link-local address is required (begins with fe80::) even when an internet-routable address exists. It is derived from your network prefix and your MAC address. Normally, the public IPv6 address also contains your MAC address. Every IPv6 interface is going to have at least 2 different addresses. Imagine a world where IPv6 is everywhere. You take your laptop home, to the cafe, to work, to a hotel on a business trip. Despite using different networks in each place, your MAC address will tie them all together. The governments and corporations are tracking this and now know even more about you. At least, that's what people worry about. In Linux, enabling the privacy extensions adds an additional, temporary IPv6 address to the interface, with a randomized MAC part, and it changes regularly (every hour or two? something like that). The link-local address still contains the MAC-based IPv6 address, and the standard routable IPv6 address is also available but not used by default for outgoing connections. So, inside your network, things are predictable and unchanging, which makes management of clients, routing of traffic, firewall rules, etc. easier to deal with. To the outside world, your IP address is constantly changing and can't be used to track you as easily as it would be if the MAC portion of the address were consistent. In Windows, however, when that option is enabled, they wrongly randomize ALL of the addresses, even the local, rather than just creating a temp random public address. Which means every time that machine reboots it's going to look like a new client on the local network, and any local network setup you have pertaining to a certain IP are going to be a pain to maintain. Depending on your usage, maybe that doesn't matter, but in general, on Windows machines, it's considered a buggy implementation and is undesired. In Linux, it should be absolutely fine to use. In your /etc/sysctl.conf you can add these lines to enable it on every interface by default, assuming you enabled in your kernel config: net.ipv6.conf.all.use_tempaddr = 2 net.ipv6.conf.default.use_tempaddr = 2 Excellent explanation! Thank you. :-) Now was it that difficult to add a couple of meaningful lines in the kernel documentation, so that any other than the kernel hacker who wrote that module would learn that its there to anonymise your ipv6 address for privacy purposes? I take it that loading this module would cut both ways. If I were to allow connections to my server only for *my* IP address, then that would be quite difficult to achieve if my IP address changed every few minutes. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] IPv6 not ready here; Hmmm
On Thu, Jun 9, 2011 at 3:27 PM, Mick michaelkintz...@gmail.com wrote: I take it that loading this module would cut both ways. If I were to allow connections to my server only for *my* IP address, then that would be quite difficult to achieve if my IP address changed every few minutes. Since you can have multiple addresses on an interface, you could theoretically create a separate route just for your connections to your server, using a consistent address rather than the randomized one. And of course in a world where we all get a large pool of address space to do with what we please, you could skip the whole auto-configuration thing entirely and just manually assign whatever addresses you want. And another bonus is that there are plenty of funny things we can spell in hexadecimal. ;)
RE: [gentoo-user] IPv6 not ready here; Hmmm
-original message- Subject: Re: [gentoo-user] IPv6 not ready here; Hmmm From: Paul Hartman paul.hartman+gen...@gmail.com Date: 2011-06-10 03:52 And another bonus is that there are plenty of funny things we can spell in hexadecimal. ;) While I'm sure I'll tag the C001:D00D address for my workstation, I'm not sure upper management will appreciate me naming some servers DEAD:BEEF or BAD:D06 or A55:401E ... :-P Rgds, -- FdS Pandu E Poluan ~ IT Optimizer ~ Sent from Nokia E72-1
Re: [gentoo-user] IPv6 not ready here; Hmmm
On Tuesday 07 June 2011 20:27:45 Dale wrote: 11: Test mit IPv4 DNS Eintrag ok (0.712s) verwende ipv4 Test mit IPv6 DNS Eintrag ok (0.712s) verwende ipv6 6to4 Test mit Dual Stack DNS Eintrag ok (0.726s) verwende ipv4 Test mit Dual Stack und grosse Pakete ok (0.665s) verwende ipv4 Test IPv4 ohne DNS ok (0.417s) verwende ipv4 Test IPv6 ohne DNS ok (0.440s) verwende ipv6 6to4 Test grosse IPv6 Pakete ok (0.734s) verwende ipv6 6to4 Test ob der DNS server des ISP IPv6 unterstützt bad (1.401s) as the site explains the dns test is a goodie and failing it is not a big deal. -- #163933
Re: [gentoo-user] IPv6 not ready here; Hmmm
Volker Armin Hemmann wrote: On Tuesday 07 June 2011 20:27:45 Dale wrote: 11: Test mit IPv4 DNS Eintrag ok (0.712s) verwende ipv4 Test mit IPv6 DNS Eintrag ok (0.712s) verwende ipv6 6to4 Test mit Dual Stack DNS Eintrag ok (0.726s) verwende ipv4 Test mit Dual Stack und grosse Pakete ok (0.665s) verwende ipv4 Test IPv4 ohne DNS ok (0.417s) verwende ipv4 Test IPv6 ohne DNS ok (0.440s) verwende ipv6 6to4 Test grosse IPv6 Pakete ok (0.734s) verwende ipv6 6to4 Test ob der DNS server des ISP IPv6 unterstützt bad (1.401s) as the site explains the dns test is a goodie and failing it is not a big deal. Well, I have to ask this. If the DNS fails, how will my browser know where to go? From my understanding, when I type in abc.com and hit enter or go, the first thing it does is go to a DNS server to see what the actual number is. Another question. Mine failed on some of the ones yours passed on. Is that a local setting or something between me and the site I am going to? In other words, can I change something here or is it outside my control? I think it is outside my control but want to make sure. Dale :-) :-)
Re: [gentoo-user] IPv6 not ready here; Hmmm
On Tue, Jun 7, 2011 at 8:27 PM, Dale rdalek1...@gmail.com wrote: Funny thing is, I use googles DNS servers. 8.8.8.8 and 8.8.4.4 are the settings. I find it ironic that Google is one of the ones hosting this event and it appears their server is not ready. Makes me think. Dale scratches chin a bit From Google DNS FAQ: Does Google Public DNS support IPv6? Google Public DNS can respond to requests for IPv6 addresses ( requests), but it does not yet support native IPv6 transport and cannot talk to IPv6-only authoritative nameservers. Clients should use IPv4 network connections to use Google Public DNS.
Re: [gentoo-user] IPv6 not ready here; Hmmm
2011/6/8 Volker Armin Hemmann volkerar...@googlemail.com: 11: Test mit IPv4 DNS Eintrag ok (0.712s) verwende ipv4 Test mit IPv6 DNS Eintrag ok (0.712s) verwende ipv6 6to4 Test mit Dual Stack DNS Eintrag ok (0.726s) verwende ipv4 Test mit Dual Stack und grosse Pakete ok (0.665s) verwende ipv4 Test IPv4 ohne DNS ok (0.417s) verwende ipv4 Test IPv6 ohne DNS ok (0.440s) verwende ipv6 6to4 Test grosse IPv6 Pakete ok (0.734s) verwende ipv6 6to4 Test ob der DNS server des ISP IPv6 unterstützt bad (1.401s) as the site explains the dns test is a goodie and failing it is not a big deal. Charter Communications cable internet: Test with IPv4 DNS record ok (0.580s) using ipv4 Test with IPv6 DNS record ok (0.268s) using ipv6 Test with Dual Stack DNS record ok (0.256s) using ipv6 Test for Dual Stack DNS and large packet ok (0.090s) using ipv6 Test IPv4 without DNS ok (0.148s) using ipv4 Test IPv6 without DNS ok (0.162s) using ipv6 Test IPv6 large packet ok (0.092s) using ipv6 Test if your ISP's DNS server uses IPv6 ok (0.316s) using ipv6 :)
Re: [gentoo-user] IPv6 not ready here; Hmmm
On Tue, Jun 7, 2011 at 8:27 PM, Dale rdalek1...@gmail.com wrote: Should I have the USE flag ipv6 enabled or should I leave it off for now? If so, anyone had any trouble with it or is this a trivial change? Enable the IPv6 stuff in kernel, enable ipv6 USE flag in your make.conf, rebuild any packages that were -ipv6 before, and you should be good to go from a basics standpoint. After that, you need actual IPv6 service from your ISP (and modem and router), or tunnel over IPv4 through a provider. My cable ISP has a 6RD Border Relay. My DD-WRT router supports IPv6 and I set it up to make the connection to the 6RD, so on my client machines there's no special setup needed, it just magically works without any problems. If your router doesn't support it, you can still establish IPv6 tunnel from your Gentoo box directly, there are several ways to do it. Something like net-misc/miredo is extremely simple to set up if you just want to try it, and to see the dancing turtle on www.kame.net :)
Re: [gentoo-user] IPv6 not ready here; Hmmm
Apparently, though unproven, at 21:45 on Wednesday 08 June 2011, Paul Hartman did opine thusly: On Tue, Jun 7, 2011 at 8:27 PM, Dale rdalek1...@gmail.com wrote: Funny thing is, I use googles DNS servers. 8.8.8.8 and 8.8.4.4 are the settings. I find it ironic that Google is one of the ones hosting this event and it appears their server is not ready. Makes me think. Dale scratches chin a bit From Google DNS FAQ: Does Google Public DNS support IPv6? Google Public DNS can respond to requests for IPv6 addresses ( requests), but it does not yet support native IPv6 transport and cannot talk to IPv6-only authoritative nameservers. Clients should use IPv4 network connections to use Google Public DNS. Almost all large auth servers out there are in exactly that position. Mine certainly are. Cisco are waiting in the wings with a gigantic[1] quote for what it will take to change that. [1] When I say gigantic I really do mean gigantic, as in OMFG, does the number of $US fit into the money field in Oracle Financials??. Not gigantic as in oh, that's big, bigger than what we normally call big. Just wanted to add some perspective... -- alan dot mckinnon at gmail dot com
Re: [gentoo-user] IPv6 not ready here; Hmmm
On Wednesday 08 Jun 2011 20:51:10 Paul Hartman wrote: 2011/6/8 Volker Armin Hemmann volkerar...@googlemail.com: 11: Test mit IPv4 DNS Eintrag ok (0.712s) verwende ipv4 Test mit IPv6 DNS Eintrag ok (0.712s) verwende ipv6 6to4 Test mit Dual Stack DNS Eintrag ok (0.726s) verwende ipv4 Test mit Dual Stack und grosse Pakete ok (0.665s) verwende ipv4 Test IPv4 ohne DNS ok (0.417s) verwende ipv4 Test IPv6 ohne DNS ok (0.440s) verwende ipv6 6to4 Test grosse IPv6 Pakete ok (0.734s) verwende ipv6 6to4 Test ob der DNS server des ISP IPv6 unterstützt bad (1.401s) as the site explains the dns test is a goodie and failing it is not a big deal. Charter Communications cable internet: Test with IPv4 DNS record ok (0.580s) using ipv4 Test with IPv6 DNS record ok (0.268s) using ipv6 Test with Dual Stack DNS record ok (0.256s) using ipv6 Test for Dual Stack DNS and large packet ok (0.090s) using ipv6 Test IPv4 without DNS ok (0.148s) using ipv4 Test IPv6 without DNS ok (0.162s) using ipv6 Test IPv6 large packet ok (0.092s) using ipv6 Test if your ISP's DNS server uses IPv6 ok (0.316s) using ipv6 :) I find this rather confusing! Paul is your ISP offering native IPv6 and if they do does your router speak ipv6? What does your /etc/resolv.conf show? When I run this test I get: Test with IPv4 DNS record ok (0.552s) using ipv4 Test with IPv6 DNS record bad (0.197s) Test with Dual Stack DNS record ok (0.558s) using ipv4 Test for Dual Stack DNS and large packet ok (0.239s) using ipv4 Test IPv4 without DNS ok (0.368s) using ipv4 Test IPv6 without DNS bad (0.022s) Test IPv6 large packet bad (0.025s) Test if your ISP's DNS server uses IPv6 ok (0.691s) using ipv4 When I run it with Windows 7 I get: Test with IPv4 DNS record ok (0.689s) using ipv4 Test with IPv6 DNS record bad (0.022s) Test with Dual Stack DNS record ok (0.544s) using ipv4 Test for Dual Stack DNS and large packet ok (0.241s) using ipv4 Test IPv4 without DNS ok (0.384s) using ipv4 Test IPv6 without DNS ok (3.593s) using ipv6 Teredo Test IPv6 large packet bad (0.018s) Test if your ISP's DNS server uses IPv6 ok (0.387s) using ipv4 From Windows7 I can ping ipv6 addresses (but not domain names) because it uses Teredo, but from Linux I cannot. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] IPv6 not ready here; Hmmm
On Wed, Jun 8, 2011 at 5:04 PM, Mick michaelkintz...@gmail.com wrote: On Wednesday 08 Jun 2011 20:51:10 Paul Hartman wrote: Charter Communications cable internet: Test with IPv4 DNS record ok (0.580s) using ipv4 Test with IPv6 DNS record ok (0.268s) using ipv6 Test with Dual Stack DNS record ok (0.256s) using ipv6 Test for Dual Stack DNS and large packet ok (0.090s) using ipv6 Test IPv4 without DNS ok (0.148s) using ipv4 Test IPv6 without DNS ok (0.162s) using ipv6 Test IPv6 large packet ok (0.092s) using ipv6 Test if your ISP's DNS server uses IPv6 ok (0.316s) using ipv6 :) I find this rather confusing! Paul is your ISP offering native IPv6 and if they do does your router speak ipv6? My ISP (Charter) does not offer native IPv6 yet, but they do offer a 6RD Border Relay. It is basically an IPv6 tunnel that runs over an IPv4 network, but the important part is that the tunnel server is running within my ISP's network. That means I get my full internet speed on IPv6 traffic! My wireless router is running DD-WRT (which is a Linux distro). It is running kernel 2.6.34 and has all the ipv6 modules enabled in the kernel. Basically, it is setup by loading the sit module (CONFIG_IPV6_SIT_6RD in kernel config). Then using the ip command to create a sit tunnel and set up the routes for IPv6 traffic, and then starts radvd (the IPv6 router advertisement daemon, think of it as a kind of DHCP server for IPv6 addresses). The process should be exactly the same on OpenWRT. After that, machines on my local network (including wifi) can get both IPv4 and IPv6 addresses from the router and can talk to the outside world on either network. (and then when you get to that point, you should create IPv6 firewall rules on the router and/or computers, or else risk leaving their entire network open to bad guys) What does your /etc/resolv.conf show? $ cat /etc/resolv.conf nameserver 127.0.0.1 (because I run net-dns/unbound on my local machine). For the other computers/devices they use the DNS server which runs on the router, 192.168.0.1 My ISP does offer DNS servers at actual IPv6 addresses, though I'm not using them. When I run this test I get: Test with IPv4 DNS record ok (0.552s) using ipv4 Test with IPv6 DNS record bad (0.197s) Test with Dual Stack DNS record ok (0.558s) using ipv4 Test for Dual Stack DNS and large packet ok (0.239s) using ipv4 Test IPv4 without DNS ok (0.368s) using ipv4 Test IPv6 without DNS bad (0.022s) Test IPv6 large packet bad (0.025s) Test if your ISP's DNS server uses IPv6 ok (0.691s) using ipv4 For example all this stuff just works normally here: $ host ipv6.google.com ipv6.google.com is an alias for ipv6.l.google.com. ipv6.l.google.com has IPv6 address 2001:4860:800b::93 # traceroute6 ipv6.google.com traceroute to ipv6.l.google.com (2001:4860:800b::93) from 2602:100:xx:xx:xx:xx:xx:xx, 30 hops max, 24 byte packets 1 2602:100:xx:xx:1::1 (2602:100:xx:xx:1::1) 0.459 ms 0.383 ms 0.353 ms 2 * * * 3 2001:506:100:6c::1 (2001:506:100:6c::1) 11.29 ms 7.999 ms 7.773 ms 4 bbr01olvemo.tge0-3-0-4.mo.olve.charter.com (2001:506:100:23::1) 9.093 ms 7.715 ms 7.691 ms 5 bbr02chcgil.tge0-3-0-0.il.chcg.charter.com (2001:506:100:55::2) 33.981 ms 25.812 ms 23.573 ms 6 prr01chcgil.tge2-4.il.chcg.charter.com (2001:506:100:317::1) 16.862 ms 17.737 ms 16.46 ms 7 v201.core1.chi1.he.net (2001:470:0:114::1) 18.04 ms 17.368 ms 24.015 ms 8 * * * 9 2001:4860::1:0:92e (2001:4860::1:0:92e) 34.911 ms 18.025 ms 25.379 ms 10 2001:4860::8:0:281e (2001:4860::8:0:281e) 27.843 ms 28.74 ms 28.569 ms 11 2001:4860::2:0:7ef (2001:4860::2:0:7ef) 27.568 ms 28.365 ms 28.221 ms 12 2001:4860:0:1::83 (2001:4860:0:1::83) 27.586 ms 37.284 ms 35.649 ms 13 iw-in-x93.1e100.net (2001:4860:800b::93) 27.731 ms 27.647 ms 28.372 ms From Windows7 I can ping ipv6 addresses (but not domain names) because it uses Teredo, but from Linux I cannot. For Microsoft Windows (at least Windows 7), when it detects IPv6 advertisement server on the local network, it will use it automatically. When no IPv6 is detected, it uses Teredo instead. Maybe your DNS servers don't return IPv6 addresses? On my wife's Windows 7 laptop, it just worked perfectly after I enabled it on my router and her wifi reconnected. All tests on test-ipv6.com pass except for the last DNS test. She can go to sites like http://www.v6.facebook.com no problems. BTW, Windows Vista and 7 generate randomized host IDs for public IPv6 addresses, it's generally advised to disable that. You can do that by running this at administrator cmd prompt: netsh interface ipv6 set global randomizeidentifiers=disabled And now I'll try not to talk about Windows on this list again for the remainder of the year. ;) Hope that helps!
RE: [gentoo-user] IPv6 not ready here; Hmmm
-original message- Subject: Re: [gentoo-user] IPv6 not ready here; Hmmm From: Paul Hartman paul.hartman+gen...@gmail.com Date: 2011-06-09 08:25 And now I'll try not to talk about Windows on this list again for the remainder of the year. ;) Naaah, is okay... as long as you don't do it excessively :) Sometimes we Linux-people (-devs, -testers, -contribs, whathaveyou) need the proverbial kick in the pants if something Just Works™ in Windows but a Royal PITA™ in Linux... :þ Rgds, -- FdS Pandu E Poluan ~ IT Optimizer ~ Sent from Nokia E72-1
Re: [gentoo-user] IPv6 not ready here; Hmmm
Paul Hartman wrote: Enable the IPv6 stuff in kernel, enable ipv6 USE flag in your make.conf, rebuild any packages that were -ipv6 before, and you should be good to go from a basics standpoint. After that, you need actual IPv6 service from your ISP (and modem and router), or tunnel over IPv4 through a provider. My cable ISP has a 6RD Border Relay. My DD-WRT router supports IPv6 and I set it up to make the connection to the 6RD, so on my client machines there's no special setup needed, it just magically works without any problems. If your router doesn't support it, you can still establish IPv6 tunnel from your Gentoo box directly, there are several ways to do it. Something like net-misc/miredo is extremely simple to set up if you just want to try it, and to see the dancing turtle on www.kame.net :) Now what was I thinking. Oh, wait. I wasn't thinking. There was the problem right there. I hadn't enabled any of the IPv6 stuff in the kernel. Jeeez, what a idiot. I haven't even thought of the kernel settings. sighs Anyway, I enabled a lot of stuff in the kernel and will reboot at some point and test again. I'm not sure when I will be rebooting tho. Dale :-) :-)
Re: [gentoo-user] IPv6 not ready here; Hmmm
On Thu, Jun 9, 2011 at 09:15, Dale rdalek1...@gmail.com wrote: Now what was I thinking. Oh, wait. I wasn't thinking. There was the problem right there. I hadn't enabled any of the IPv6 stuff in the kernel. Jeeez, what a idiot. I haven't even thought of the kernel settings. sighs You owe me a new keyboard. The one I had wasn't sympathetic with hot tea being spurted into its innards :-) Anyway, I enabled a lot of stuff in the kernel and will reboot at some point and test again. I'm not sure when I will be rebooting tho. You're already late for World IPv6 day, tho' :-) Rgds, -- Pandu E Poluan ~ IT Optimizer ~ Visit my Blog: http://pepoluan.posterous.com Google Talk: pepoluan Y! messenger: pepoluan MSN / Live: pepol...@hotmail.com (do not send email here) Skype: pepoluan More on me: My LinkedIn Account My Facebook Account
Re: [gentoo-user] IPv6 not ready here; Hmmm
On Wednesday 08 June 2011 13:59:36 Dale wrote: Volker Armin Hemmann wrote: On Tuesday 07 June 2011 20:27:45 Dale wrote: 11: Test mit IPv4 DNS Eintrag ok (0.712s) verwende ipv4 Test mit IPv6 DNS Eintrag ok (0.712s) verwende ipv6 6to4 Test mit Dual Stack DNS Eintrag ok (0.726s) verwende ipv4 Test mit Dual Stack und grosse Pakete ok (0.665s) verwende ipv4 Test IPv4 ohne DNS ok (0.417s) verwende ipv4 Test IPv6 ohne DNS ok (0.440s) verwende ipv6 6to4 Test grosse IPv6 Pakete ok (0.734s) verwende ipv6 6to4 Test ob der DNS server des ISP IPv6 unterstützt bad (1.401s) as the site explains the dns test is a goodie and failing it is not a big deal. Well, I have to ask this. If the DNS fails, how will my browser know where to go? From my understanding, when I type in abc.com and hit enter or go, the first thing it does is go to a DNS server to see what the actual number is. Read the FAQ and Info posted. From the website: If this test fails: it means that the DNS resolver you are using, requires IPv4 to reach the DNS authoritative servers of your favoriate web sites. In the near future, every web site of consequence will remain accessible in this form, so there is no immediate danger.
Re: [gentoo-user] IPv6 not ready here; Hmmm
Pandu Poluan wrote: On Thu, Jun 9, 2011 at 09:15, Dalerdalek1...@gmail.com wrote: Now what was I thinking. Oh, wait. I wasn't thinking. There was the problem right there. I hadn't enabled any of the IPv6 stuff in the kernel. Jeeez, what a idiot. I haven't even thought of the kernel settings. sighs You owe me a new keyboard. The one I had wasn't sympathetic with hot tea being spurted into its innards :-) Anyway, I enabled a lot of stuff in the kernel and will reboot at some point and test again. I'm not sure when I will be rebooting tho. You're already late for World IPv6 day, tho' :-) Rgds, Sorry bout the keyboard. Tea huh? I like mine cold, no ice tho, with mucho sugar. lol I missed it this time but I'm late a lot on this sort of thing anyway. Maybe next time I will be ready. I'm just hoping html5 will improve some things. May not but doesn't hurt to hope. I just hope it will eliminate some of the things that are such power or memory hogs now. It may not at first but eventually. Of course, then again there will be something else new to be a power or memory hungry beast. Progress, so painful at times. ;-) Dale :-) :-)
Re: [gentoo-user] IPv6 not ready here; Hmmm
Volker Armin Hemmann wrote: Read the FAQ and Info posted. From the website: If this test fails: it means that the DNS resolver you are using, requires IPv4 to reach the DNS authoritative servers of your favoriate web sites. In the near future, every web site of consequence will remain accessible in this form, so there is no immediate danger. Yea but I use Gentoo. If I wanted to be THAT far behind, I'd go back to Mandriva or something. ;-) Seriously, I just don't want to get to far behind and then have trouble playing catch up. It's kind of like not updating Gentoo for a year. It's a mess to catch up and some periods of time are worse than others. It's almost midnight here. I'm going to go put the junkyard A/C compressor in my car. It's pushing 100F here and I need to get that fixed. Dale :-) :-)
Re: [gentoo-user] IPv6 not ready here; Hmmm
On Wed, Jun 8, 2011 at 11:50 PM, Dale rdalek1...@gmail.com wrote: I'm just hoping html5 will improve some things. May not but doesn't hurt to hope. I just hope it will eliminate some of the things that are such power or memory hogs now. It may not at first but eventually Some stuff is already looking good, outside of streaming video, like http://chrome.angrybirds.com/ which probably would not be possible without Flash or Java just a couple years ago.
Re: [gentoo-user] IPv6 not ready here; Hmmm
On Thursday 09 Jun 2011 02:25:43 Paul Hartman wrote: My wireless router is running DD-WRT (which is a Linux distro). It is running kernel 2.6.34 and has all the ipv6 modules enabled in the kernel. Basically, it is setup by loading the sit module (CONFIG_IPV6_SIT_6RD in kernel config). Then using the ip command to create a sit tunnel and set up the routes for IPv6 traffic, and then starts radvd (the IPv6 router advertisement daemon, think of it as a kind of DHCP server for IPv6 addresses). The process should be exactly the same on OpenWRT. Oh I see, that explains it! What does your /etc/resolv.conf show? $ cat /etc/resolv.conf nameserver 127.0.0.1 (because I run net-dns/unbound on my local machine). For the other computers/devices they use the DNS server which runs on the router, 192.168.0.1 My ISP does offer DNS servers at actual IPv6 addresses, though I'm not using them. So when a ipv6 query arrives at your local resolver (router) from one of your LAN machines on the 192.168.0.1 address, the router knows to send it down the tunnel to be resolved at the ISP's resolvers? For Microsoft Windows (at least Windows 7), when it detects IPv6 advertisement server on the local network, it will use it automatically. When no IPv6 is detected, it uses Teredo instead. Maybe your DNS servers don't return IPv6 addresses? Well, yes my router is ipv4 only and therefore it would not resolve ipv6 addresses. On my wife's Windows 7 laptop, it just worked perfectly after I enabled it on my router and her wifi reconnected. All tests on test-ipv6.com pass except for the last DNS test. She can go to sites like http://www.v6.facebook.com no problems. That's because Windows7 use toredo servers/relays to resolve and connect to ipv6 addresses. BTW, Windows Vista and 7 generate randomized host IDs for public IPv6 addresses, it's generally advised to disable that. You can do that by running this at administrator cmd prompt: netsh interface ipv6 set global randomizeidentifiers=disabled I was looking at the same in the Linux kernel scratching my head if I should enable this or not ... What does it do - not sure I understand what such temporary addresses are used for: IPv6: Privacy Extensions (RFC 3041) support CONFIG_IPV6_PRIVACY: Privacy Extensions for Stateless Address Autoconfiguration in IPv6 support. With this option, additional periodically-altered pseudo-random global-scope unicast address(es) will be assigned to your interface(s). We use our standard pseudo-random algorithm to generate the randomized interface identifier, instead of one described in RFC 3041. By default the kernel does not generate temporary addresses. To use temporary addresses, do echo 2 /proc/sys/net/ipv6/conf/all/use_tempaddr See file:Documentation/networking/ip-sysctl.txt for details. Symbol: IPV6_PRIVACY [=n] Type : boolean Prompt: IPv6: Privacy Extensions (RFC 3041) support Defined at net/ipv6/Kconfig:24 Depends on: NET [=y] INET [=y] IPV6 [=y] Location: - Networking support (NET [=y]) - Networking options - TCP/IP networking (INET [=y]) - The IPv6 protocol (IPV6 [=y]) -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] IPv6 not ready here; Hmmm
Dale wrote: Howdy, I got a link to this: http://www.worldipv6day.org/ From there, there is a link to test whether the new IPv6 works on my system and between me and the reat of the world. It appears I am not ready. It complained about the DNS server for the most part. Funny thing is, I use googles DNS servers. 8.8.8.8 and 8.8.4.4 are the settings. I find it ironic that Google is one of the ones hosting this event and it appears their server is not ready. Makes me think. Dale scratches chin a bit Should I have the USE flag ipv6 enabled or should I leave it off for now? If so, anyone had any trouble with it or is this a trivial change? Thanks much. Dale :-) :-) Actually, it is enabled already. Here is its complaint list: Test with IPv6 DNS record bad (0.261s) Test IPv6 without DNS bad (0.003s) Test IPv6 large packet bad (0.238s) Test if your ISP's DNS server uses IPv6 timeout (15.014s) Is there anything I need to change here to get everything ready or is it beyond our control anyway? Dale :-) :-)
Re: [gentoo-user] IPv6 not ready here; Hmmm
Actually, it is enabled already. Here is its complaint list: Test with IPv6 DNS record bad (0.261s) Works for me (asking for v6 record using v4 transport). I dont have v6 transport. /home/adam$ host -t www.google.com www.google.com is an alias for www.l.google.com. www.l.google.com has IPv6 address 2404:6800:4006:802::1010
Re: [gentoo-user] IPv6 not ready here; Hmmm
On Wednesday 08 Jun 2011 03:18:47 Adam Carter wrote: Actually, it is enabled already. Here is its complaint list: Test with IPv6 DNS record bad (0.261s) Works for me (asking for v6 record using v4 transport). I dont have v6 transport. /home/adam$ host -t www.google.com www.google.com is an alias for www.l.google.com. www.l.google.com has IPv6 address 2404:6800:4006:802::1010 Most/all domestic routers do not do ipv6 yet, or ipv6 in ipv4 tunnelling. This means that you may need to terminate the tunnel at your PC and use your PC as the router for ipv6 thereafter in your LAN. All this assumes that your ISP is offering ipv6 in the first place. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
