Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
On Tue, Apr 17, 2007 at 08:20:08PM -0400, Leo Bicknell wrote: > It's not that users are stupid, necessarily. That was a bad choice of words on my part. I was aiming at describing the perception we often have, as we sit in our "back rooms" and hear the varied reports from our support departments of the frustrations our users confront. We're in complete agreement, I just didn't voice it properly. -- David W. Hankins"If you don't do it right the first time, Software Engineer you'll just have to do it again." Internet Systems Consortium, Inc. -- Jack T. Hankins pgpyJTavctwaz.pgp Description: PGP signature
Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
In a message written on Mon, Apr 16, 2007 at 03:42:53PM -0700, David W. Hankins wrote: > Both of these two progression trees represent the cumulative > formulation of knowledge: Users are stupid. Automatic is not > just best, it's the only way. [snip] > The main point, is that if you leave "all other host configuration" > details up to, well, the host itself, then in practice what you're > really doing is leaving it up to the user. Ultimately, it is > mandatory that the end-user make a choice in this model, if not > about everything, then about "some things". > > This is intolerable in an ISP environment. I agree 100% with your points, however I believe you have a minor marketing problem that might change how many people receive your comments. It's not that users are stupid, necessarily. They may be of course, but they are also lazy, impatient, and intolerant of things that do not work. As someone who can type "conf t" and use ed to configure their Unix box _I_ won't tolerate manually configuring my home laptop just so I can surf over to weather.com and find out if it's going to rain. While I may do all the testing and work-arounds to make it work for my job, I'll turn it off at home until it just works and is available via my standard provider. It's 2007, not 1987. If I can't take a brand new box out of the packing material, plug it into an ethernet port and have it just work then something is broken. The network, the OS, the protocol, take your pick, but it's broken and not deployable. [Note: How wise it is to put a brand new box on the net is a different question, the point is it should just work.] -- Leo Bicknell - [EMAIL PROTECTED] - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ Read TMBG List - [EMAIL PROTECTED], www.tmbg.org pgpRPuqE2lfHa.pgp Description: PGP signature
RE: (very few) AAAA websites, was: Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
> > www.hitachi.co.jp > > this one is very interesting! :-) > does anybody know more from Japan, regarding largely known brands? They developed IPv6 shims for their Windows 95 network drivers to all PCs using their network cards to use IPv6. --Michael Dillon
(very few) AAAA websites, was: Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
Hi, On Tue, 17 Apr 2007, Iljitsch van Beijnum wrote: On 17-apr-2007, at 4:12, Stephen Sprunk wrote: I also don't know how they react when you try to contact a site that _does_ have records, since no major content site has them (which is a whole 'nother discussion). Not "major content sites", but these are some web sites with records that people may be visiting for other reasons than just IPv6 tourism: That's an interesting concept, IPv6 tourism ;-) www.apnic.net www.arin.net www.lacnic.net www.ripe.net RIRs, frequent IPv6 promoters. they know available IPv4 space is going to end. yes, afrinic is missing.. :-( www.ietf.org www.ams-ix.net internet exchanges. those which see IPv6 as an "easy thing" :-) some more s to add: czech republic - info.nix.cz has IPv6 address 2001:ae8:4:0:230:48ff:fe42:48c5 ireland - www.inex.ie has IPv6 address 2001:7f8:18:2::4 malta - www.mix.net.mt has IPv6 address 2001:1a70:1:1::32 portugal - www.gigapix.pt has IPv6 address 2001:690:a00:40aa:2c0:9fff:fe20:e261 sweden - www.netnod.se has IPv6 address 2001:698:9:404:202:b3ff:fe89:f49b switzerland - pollux.swissix.net has IPv6 address 2001:7f8:24::7e www.isc.org www.netbsd.org www.hitachi.co.jp this one is very interesting! :-) does anybody know more from Japan, regarding largely known brands? www.surfnet.nl www.janet.ac.uk www.dante.net www.geant.net last two are the same server. from the european NREN folder the following could be added: (some www.. are aliases...) CZ - www.cesnet.cz has IPv6 address 2001:718:1:101:204:23ff:fe52:221a FR - www.renater.fr has IPv6 address 2001:660:3001:4002::10 GR - www.grnet.gr has IPv6 address 2001:648:2ffc:200::2037 IE - heanet.webhost.heanet.ie has IPv6 address 2001:770:18:2::c101:db4f MT - www.um.edu.mt has IPv6 address 2001:1a70:1:1::40 PT - www.fccn.pt has IPv6 address 2001:690:a00:40aa:2c0:9fff:fe20:e261 SE - www.sunet.se has IPv6 address 2001:6b0:e:1::f:1 CH - aslan.switch.ch has IPv6 address 2001:620:0:14::c NO - uninett.no has IPv6 address 2001:700:0:513::80 HR - www.carnet.hr has IPv6 address 2001:b68:e160:0:20b:dbff:fee6:a4f0 IS - frosti.rhnet.is has IPv6 address 2001:948:10:16::23 Cheers, Carlos
Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
On 17-apr-2007, at 4:12, Stephen Sprunk wrote: I also don't know how they react when you try to contact a site that _does_ have records, since no major content site has them (which is a whole 'nother discussion). Not "major content sites", but these are some web sites with records that people may be visiting for other reasons than just IPv6 tourism: www.apnic.net www.arin.net www.lacnic.net www.ripe.net www.ietf.org www.ams-ix.net www.isc.org www.netbsd.org www.hitachi.co.jp www.surfnet.nl www.janet.ac.uk www.dante.net www.geant.net
Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
since somebody made the mistake of cc'ing me, i actually saw this message even though i long ago killed-by-thread the offtopic noise it's part of. hereis: > > What's weird is that they don't just return a 0-record NOERROR when you > > do the follow-up A query, which would be the most logical failure mode > > -- they return an authoritative answer of 0.0.0.1 instead. > > Ick. These folks really need a clue batting don't they? this kind of outrageous behaviour has made the introduction of new RR types almost pointless, which is in turn the reason most often cited for "just use TXT" (as in SPF for example). is just a current example. some of these boxes only handle A RR's (by redirecting folks to a proxy) and answer with NOERROR/ANCOUNT=0, or just don't answer at all, for everything else. > > Of course, dealing with idiot consumers on a regular basis, their tech > > support folks insist the problem is on the user's machine and that it's > > a bug in their v6 stack, despite Ethereal captures showing the bad DNS > > response packets coming from their box... > > Argh, I can sort-of understand their way of handling it, but still, they > should have fixed this by now, and their clear broken DNS is simply a > real reason to avoid those hotels at all. lack of "clear channel DNS" has also made the introduction of DNSSEC take at least five of its thirteen years-too-long. ultimately we'll have to make an HTTPS transport for DNS or tunnel all of our hotel queries back to our home networks over VPN's. anything left in the clear is a target, not just for phishers and identity thieves, but for startup CEO's and their VC's. > Can somebody please sponsor a trip to any of these hotels for either two > or both of the Pauls, that is Mockapetris or Vixie, and let THEM call > techsupport on this!? :) At least the "eh dude, I kinda like (invented > DNS|coded BIND) and I really do think I sort of know what I am talking > about" discussion would be worth a "extremely priceless" rating and a > good laugh for the coming years for most of the Ops community :) been there, done that, trust me it wasn't even mildly amusing for anybody. what i'm wondering now is, if a 501(c)(3) patented something that was to be used on the internet, and granted an free/unlimited use/distribute license on sole condition that users/distributors actually implement it correctly, then (a) would it hold up in court, and (b) would the 501(c)(3) CEO get lynched?
Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
Stephen Sprunk wrote: > > Thus spake "Jeroen Massar" <[EMAIL PROTECTED]> >> But for the rest it all seems pretty fine to me... >> >> or do you mean that those ibahn things see "NOERROR" and >> then no answers, thus wrongly cache that as label has 0 answers >> at all? or what I mention above with the redirect? > > They do the same thing for requests that don't involve a CNAME, so > they're either choking on the query or a NOERROR response in > general; it's hard to tell which since I can only see one side of their > box. I also don't know how they react when you try to contact a site > that _does_ have records, since no major content site has them > (which is a whole 'nother discussion). Wellps, we have www.ipv6experiment.com of course where the actual content site soon will point to 2001:4978:0:0:0:0:B00:B1E5 :) /me wonders how many spam/corpfirewalls etc will like that sentence, but hotels won't have much of an issue with that I guess, it's one of the reasons for their existence... > What's weird is that they don't just return a 0-record NOERROR when you > do the follow-up A query, which would be the most logical failure mode > -- they return an authoritative answer of 0.0.0.1 instead. Ick. These folks really need a clue batting don't they? > Of course, dealing with idiot consumers on a regular basis, their tech > support folks insist the problem is on the user's machine and that it's > a bug in their v6 stack, despite Ethereal captures showing the bad DNS > response packets coming from their box... Argh, I can sort-of understand their way of handling it, but still, they should have fixed this by now, and their clear broken DNS is simply a real reason to avoid those hotels at all. Can somebody please sponsor a trip to any of these hotels for either two or both of the Pauls, that is Mockapetris or Vixie, and let THEM call techsupport on this!? :) At least the "eh dude, I kinda like (invented DNS|coded BIND) and I really do think I sort of know what I am talking about" discussion would be worth a "extremely priceless" rating and a good laugh for the coming years for most of the Ops community :) Remember kids: never leave home without a well known IP address where all kinds of obvious ports run your favorite tunneling mechanism :) [443 seems to be very popular for that nowadays it seems...] Long live tunnels and own infra! Greets, Jeroen -- Have broken DNS = $10 Room for a Paul = $500 Letting Paul expain DNS problem to L1 "Tech" = Priceless signature.asc Description: OpenPGP digital signature
Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
Thus spake "Jeroen Massar" <[EMAIL PROTECTED]> But for the rest it all seems pretty fine to me... or do you mean that those ibahn things see "NOERROR" and then no answers, thus wrongly cache that as label has 0 answers at all? or what I mention above with the redirect? They do the same thing for requests that don't involve a CNAME, so they're either choking on the query or a NOERROR response in general; it's hard to tell which since I can only see one side of their box. I also don't know how they react when you try to contact a site that _does_ have records, since no major content site has them (which is a whole 'nother discussion). What's weird is that they don't just return a 0-record NOERROR when you do the follow-up A query, which would be the most logical failure mode -- they return an authoritative answer of 0.0.0.1 instead. Of course, dealing with idiot consumers on a regular basis, their tech support folks insist the problem is on the user's machine and that it's a bug in their v6 stack, despite Ethereal captures showing the bad DNS response packets coming from their box... S Stephen Sprunk "Those people who think they know everything CCIE #3723 are a great annoyance to those of us who do." K5SSS --Isaac Asimov
Re: [ok] Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
I may well not have fully figured out what was going on in this particular situation. Mostly because I got tired of trying to sort out the endless mysteries of IPv6 running under XP Service Pack 2. Teredo may or may not have been at issue. I saw some analyses indicating this might have been the case. In any event, after backing it and IPv6 out, all was well. fh - >[h how come I didn't parse any operational content in this post...] > >Fred Heutte wrote: >[..] >> I spent a couple hours in a hotel recently trying to untangle why >> using the DSL system I could see the net but couldn't get to any >> sites other than a few I tried at random like the BBC, Yahoo >> and Google. >> >> That's because they are among the few that apparently have >> IPv6 enabled web systems. > >They don't have "IPv6 enabled web systems", a lot of people wished that >they did. What your problem most likely was, was a broken DNS server, >which, when queried for an simply doesn't respond. > >Most Network Operators (to keep it a bit on topic for this mailinglist) >can't do anything about broken DNS servers at End User sites. > >Note that this has *nothing* to do with Teredo, which even doesn't >activate itself when it can't get packets to be relayed. You can't thus >blame Microsoft for this. The DNS server is broken, not them. I know it >is always fun to blame M$ but really it isn't true. > >Note also that the BBC once did have a related DNS problem, that >was in 2002 though and was quickly resolved: >http://www.merit.edu/mail.archives/nanog/2002-04/msg00559.html >These had another kind of problem, they returned NXDOMAIN, so that it >looked like the requested label was not there; much better still than >the simple ignore and forget of the End User DNS problems. > > >> I was once, circa 1995 or so, fairly enamored of IPv6. Now it >> makes me wonder just exactly what problem it is good at solving. > >Primarily only one: a *lot* more address space. Enough to provide our >children's children children and the rest of the world with unique >addressable address space. Nothing more nothing less. > >> Don't get me wrong -- it's not the fault of IPv6 and its designers >> and advocates, it's that the world has moved on and other >> methods have been found for the questions it was designed to >> address. > >As it primarily resolves the address space problem and it solves this >perfectly well, how exactly did your world move on by staying limited to >32bits and only 4 million addresses while there are many more people on >this planet, not even thinking of subnets or having multiple addresses >per person? > >Greets, > Jeroen > >
Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
Chris L. Morrow wrote: [..] > the STSN devices? or 'ibahn' ? One thing to keep in mind is that the > DNS-LB used by Google/yahoo (in the examples above) seems to be returning > a CNAME for queries, then nothing for the follow-up resolution > request for a for the CNAME... So, ipv6 things may look 'broken' > because they are also 'slow' (waiting to re-do much of the lookup path to > get the A version) (snipped for brevity) 8<--- $ dig @ns1.google.com www.google.com ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41689 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 7, ADDITIONAL: 7 ;; ANSWER SECTION: www.google.com. 604800 IN CNAME www.l.google.com. $ dig @ns1.google.com www.l.google.com ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44383 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 7, ADDITIONAL: 7 --->8 8<--- $ dig @ns5.yahoo.com www.yahoo.com. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3095 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 0 ;; ANSWER SECTION: www.yahoo.com. 300 IN CNAME www.yahoo-ht3.akadns.net. $ dig @eur1.akadns.net www.yahoo-ht3.akadns.net. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15024 ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 --->8 The Yahoo redirect is out of bailiwick and thus requires a full lookup again, the google one at least can be served by the same box. But for the rest it all seems pretty fine to me... or do you mean that those ibahn things see "NOERROR" and then no answers, thus wrongly cache that as label has 0 answers at all? or what I mention above with the redirect? Greets, Jeroen signature.asc Description: OpenPGP digital signature
Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
On Mon, 16 Apr 2007, Stephen Sprunk wrote: > > Thus spake "Jeroen Massar" <[EMAIL PROTECTED]> > > Fred Heutte wrote: > > > I spent a couple hours in a hotel recently trying to untangle why > > > using the DSL system I could see the net but couldn't get to any > > > sites other than a few I tried at random like the BBC, Yahoo > > > and Google. > > > > > > That's because they are among the few that apparently have > > > IPv6 enabled web systems. > > > > They don't have "IPv6 enabled web systems", a lot of people > > wished that they did. What your problem most likely was, was > > a broken DNS server, which, when queried for an simply > > doesn't respond. > > In fact, it's one particular vendor (whose name I haven't been able to > discover) of pay-for-Internet transparent proxy/NAT devices, such as those > commonly used in hotels and at hotspots, that's messing the whole thing up. > They return an address of 0.0.0.1 in response to any DNS query from an > IPv6-capable client, and they've decided to train their service providers' > tech support departments to tell customers to turn off v6 rather than fix > what should be a very simple bug. the STSN devices? or 'ibahn' ? One thing to keep in mind is that the DNS-LB used by Google/yahoo (in the examples above) seems to be returning a CNAME for queries, then nothing for the follow-up resolution request for a for the CNAME... So, ipv6 things may look 'broken' because they are also 'slow' (waiting to re-do much of the lookup path to get the A version)
Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
Thus spake "Jeroen Massar" <[EMAIL PROTECTED]> Fred Heutte wrote: > I spent a couple hours in a hotel recently trying to untangle why > using the DSL system I could see the net but couldn't get to any > sites other than a few I tried at random like the BBC, Yahoo > and Google. > > That's because they are among the few that apparently have > IPv6 enabled web systems. They don't have "IPv6 enabled web systems", a lot of people wished that they did. What your problem most likely was, was a broken DNS server, which, when queried for an simply doesn't respond. In fact, it's one particular vendor (whose name I haven't been able to discover) of pay-for-Internet transparent proxy/NAT devices, such as those commonly used in hotels and at hotspots, that's messing the whole thing up. They return an address of 0.0.0.1 in response to any DNS query from an IPv6-capable client, and they've decided to train their service providers' tech support departments to tell customers to turn off v6 rather than fix what should be a very simple bug. (Granted that's a passable workaround for a few months while a vendor prepares a patch, but this issue has been around for _years_.) I know it is always fun to blame M$ but really it isn't true. Agreed. MS is sending a proper query, and every other DNS server on the face of the planet responds correctly. There are a few random apps that still bomb when both ends have IPv6 and there's only a v4 path between them (though most have been fixed over the last few years), but the OS is working correctly. S Stephen Sprunk "Those people who think they know everything CCIE #3723 are a great annoyance to those of us who do." K5SSS --Isaac Asimov
Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
On Sun, Apr 15, 2007 at 12:38:42PM +0200, Iljitsch van Beijnum wrote: > Sure, but that's because with IPv4, there are only three flavors: > > - manual configuration > - PPP > - DHCP Although nobody uses them: - BOOTP - RARP The distinction of DHCP, BOOTP, and RARP is important I think, and it would be good to remember the reasons for that progression, the lessons we learned on the way. If the progression from SLIP or HDLC to PPP also represents a progression in your view as it does in mine, then it is also important to remember. Both of these two progression trees represent the cumulative formulation of knowledge: Users are stupid. Automatic is not just best, it's the only way. > The DHCPv6 servers and clients that I tested two years ago didn't > even support address assignment to hosts. That sounds about right. The interesting events here have been this year or last. > >What DHCP and PPP did do, was to remove all of that, and make ISP > >integration of customer premise something that could "just happen" > >without any handholding or bearded geekery. > > Fortunately, the IETF got things right the sixth time around (?) by > adding the stateless autoconfig to IPv6, so these additional > mechanisms aren't necessary. Forgive me for saying (I do not mean it rudely), that I think this one sentence measures best precisely how far you've missed my point by. It is not enough to observe that the end host has been given an IP address, a prefix is imagined as part of that, and a default gateway. RARP and ICMP router discovery taught us this. It is still not enough to, after several years of thinking this was enough, throw in domain-search and nameserver configuration state. BOOTP taught us this. The main point, is that if you leave "all other host configuration" details up to, well, the host itself, then in practice what you're really doing is leaving it up to the user. Ultimately, it is mandatory that the end-user make a choice in this model, if not about everything, then about "some things". This is intolerable in an ISP environment. Compare it to the current IPv4 network, and you see that no choice is mandatory. You just plug in and go. You might, optionally, over-ride any DHCP or PPP delivered knob, but it is easy to simply return the client to "get everything dynamically" and Just Work (tm). > And exactly how often do people type in the address of their own > system...? I'm thinking more of the 'gamer' demographic, wherein other people type in your IP address. > A problem with the DNS and IPv6 is that unlike IPv4, you can't pre- > populate the DNS so that each host has a valid DNS name as soon as it > receives an address. Manual configuration is problematic for more > than the obvious reasons: host may use temporary IPv6 addresses with > random lower bits to avoid exposing their MAC address. The only > reasonable way to solve this is with dynamic DNS updates. That's an excellent summary. Neither has RTADV supported dyanmic dns updates for years, nor is it likely to in the future. If it does, I would be surprised if it manages to work properly. > This would > be bad except that customers will usually have their own prefix in > IPv6 so this should be solvable security-wise. It may not even involve DDNS, but rather be entirely internalized on the customer's home gateway. I think from everything I have just heard from you, that we could both agree: There have been IPv6 implementations "for years." There has not been IPv6 support until very recently, this year or last depending on how you count. -- David W. Hankins"If you don't do it right the first time, Software Engineer you'll just have to do it again." Internet Systems Consortium, Inc. -- Jack T. Hankins pgpNNMQqjMy9K.pgp Description: PGP signature
Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
[h how come I didn't parse any operational content in this post...] Fred Heutte wrote: [..] > I spent a couple hours in a hotel recently trying to untangle why > using the DSL system I could see the net but couldn't get to any > sites other than a few I tried at random like the BBC, Yahoo > and Google. > > That's because they are among the few that apparently have > IPv6 enabled web systems. They don't have "IPv6 enabled web systems", a lot of people wished that they did. What your problem most likely was, was a broken DNS server, which, when queried for an simply doesn't respond. Most Network Operators (to keep it a bit on topic for this mailinglist) can't do anything about broken DNS servers at End User sites. Note that this has *nothing* to do with Teredo, which even doesn't activate itself when it can't get packets to be relayed. You can't thus blame Microsoft for this. The DNS server is broken, not them. I know it is always fun to blame M$ but really it isn't true. Note also that the BBC once did have a related DNS problem, that was in 2002 though and was quickly resolved: http://www.merit.edu/mail.archives/nanog/2002-04/msg00559.html These had another kind of problem, they returned NXDOMAIN, so that it looked like the requested label was not there; much better still than the simple ignore and forget of the End User DNS problems. > I was once, circa 1995 or so, fairly enamored of IPv6. Now it > makes me wonder just exactly what problem it is good at solving. Primarily only one: a *lot* more address space. Enough to provide our children's children children and the rest of the world with unique addressable address space. Nothing more nothing less. > Don't get me wrong -- it's not the fault of IPv6 and its designers > and advocates, it's that the world has moved on and other > methods have been found for the questions it was designed to > address. As it primarily resolves the address space problem and it solves this perfectly well, how exactly did your world move on by staying limited to 32bits and only 4 million addresses while there are many more people on this planet, not even thinking of subnets or having multiple addresses per person? Greets, Jeroen signature.asc Description: OpenPGP digital signature
Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
On 16-apr-2007, at 23:42, David W. Hankins wrote: Router Advertisements let you automatically configure as many IPv6 addresses as you feel like. Remember that in XP, which Iljitsch recently cited to support his claim of "years of operating system support," you must click IPv6 into your configuration. It probably wants your XP install disc, or something like that. You have to enable IPv6. After that, stateless autoconfiguration takes care of your addresses and default gateway. No support for DNS lookups over IPv6, though, as far as I've been able to discern. But there are more operating systems than just Windows. Basic IPv6 support has been available in most of them since the early 2000s. "There has been router and operating system support for years" is a statement which predicates that the World has no technical excuse for not running IPv6 globally edge-to-edge already. That's an interesting way of putting it. I would concede that you can't reasonably run IPv6-only today, the DNS situation being an important reason for that. But if you want to run dual stack, and you're willing to get rid of some old stuff to accomplish that, you should be able to. I've been running IPv6 for years, literally longer than I can remember. In the beginning. I could only ping6 and traceroute6 from a FreeBSD box. These days, I ssh and ftp over IPv6, read and send email from/to my server over IPv6, I visit IPv6-enabled web pages and more, all with software that came with the system without specifically enabling anything. (On a Mac.) Some people even run IPv6 without realizing it. This is common at RIPE and IETF meetings and the like, where there is a conference network with one or more IPv6 routers. And the first home gateway that provides IPv6 connectivity out of the box has arrived in the form of the latest Apple Airport Express base station. RTADV won't help you here (tho they keep talking about putting domain-search and nameservers in it), and neither will DHCPv6 as it turns out (it carries a domain-search list, but not "your domain suffix" which is more what WPAD should really want). This is not "years of operating system support." What has had "years of operating system support," is the unfortunate practice of acquiring option code 252 in DHCPv4. Yes, despite the incredible level of IPv6 activity in the IETF some rather fundamental things never got the attention they needed. It reminds me of the situation with ISDN 11 years ago. Dial-up was pretty mature by then, and worked without much trouble. However, connecting to an ISP over ISDN was a nightmare of incompatible framings, hand-installing drivers and the like. However, the main issue was that there wasn't a generally accepted standard way of doing things. Once everyone settled on synchronous PPP and the drivers were tailored for that, it was smooth sailing. The same thing will happen for IPv6 DNS etc configuration once people realize that running dual stack isn't a long term solution.
Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
If you turn on IPv6 on an XP machine (or have it turned on for you by a "helpful" application or MCP-enabled IT staff) be aware that there can be unexpected consequences. In my case it was discovering the nooks and crannies of Teredo, Microsoft's IPv6 tunnelling protocol. http://en.wikipedia.org/wiki/Teredo_tunneling I spent a couple hours in a hotel recently trying to untangle why using the DSL system I could see the net but couldn't get to any sites other than a few I tried at random like the BBC, Yahoo and Google. That's because they are among the few that apparently have IPv6 enabled web systems. Once the reason became apparent, I found another terminal and figured out how to disable Teredo and IPv6 on my laptop and all was well for the duration. Lesson learned. I was once, circa 1995 or so, fairly enamored of IPv6. Now it makes me wonder just exactly what problem it is good at solving. Don't get me wrong -- it's not the fault of IPv6 and its designers and advocates, it's that the world has moved on and other methods have been found for the questions it was designed to address. There is certainly room for concern about how well those work, but the conversion effort to IPv6 -- well, the market has voted with its pocketbook, or not. Present company included. fh - >On Mon, Apr 16, 2007 at 01:59:36PM +1200, Perry Lorier wrote: >> >When you can plug your computer in, and automatically (with no >> >clicking) get an IPv6 address, >> >> Router Advertisements let you automatically configure as many IPv6 >> addresses as you feel like. > >Remember that in XP, which Iljitsch recently cited to support his >claim of "years of operating system support," you must click IPv6 >into your configuration. It probably wants your XP install disc, >or something like that. > >In my point of view, this does not cut the mustard for such words. > > >Let's be clear: > >"There has been router and operating system support for years" is >a statement which predicates that the World has no technical excuse >for not running IPv6 globally edge-to-edge already. > >I think such a statement is fundamentally flawed. > > >> This could be a fairly simple defacto standard if network operators >> start using it. This is an obvious weak link in the chain at this point >> tho. > >Does this represent "years of router and operating system support?" > >My answer is "no." > >> once you have DNS you can use the WPAD proxy auto discovery thingamabob. > >...if you also had your domain suffix (unless you are suggesting >that there have been WPAD records at the root for "years"?). > >RTADV won't help you here (tho they keep talking about putting >domain-search and nameservers in it), and neither will DHCPv6 >as it turns out (it carries a domain-search list, but not "your >domain suffix" which is more what WPAD should really want). > >This is not "years of operating system support." > >What has had "years of operating system support," is the >unfortunate practice of acquiring option code 252 in DHCPv4. > >> >and solve your dynamic dns problems (as IPv4 set top boxes do today), >> >> Updating your forward/reverse dns via DNS Update messages isn't that >> uncommon today. > >On Enterprise networks using GSS-TSIG, sure. > >On ISP networks, I think the only time end-hosts try to update >their reverse DNS directly is when they're participating in a >rather unfortunate, and unintentional, distributed DoS against >the root servers. > >Which, oddly enough, you mention next. > >Actual reverse dns updates for end hosts (and not their NAT >gateways) is relatively uncommon, owing to the fact that such >end hosts generally are on RFC1918 addresses. > >> http://www.caida.org/publications/presentations/ietf0112/dns.damage.html >> >> where hosts are trying to update the root zone with their new names. > >I'm confused by what you're trying to argue. Are you suggesting >that AS112 represents "years of operating system support for >IPv6"? > >> So you can get from A to D without requiring DHCPv6. > >...I hope you see that this is only so long as you require some >clicking instead. > >This is all well and good for those of us who have sufficient >growth (or equivalent feminine metaphor) on our chins, which we >enjoy stroking thoughtfully while determining what all these >"correct configurations" are. > >But I don't think "it works for bearded geeks" is setting the >bar high enough when we use lofty words like "supported by >routers and operating systems for years." > >-- >David W. Hankins "If you don't do it right the first time, >Software Engineer you'll just have to do it again." >Internet Systems Consortium, Inc. -- Jack T. Hankins >
Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
On Mon, Apr 16, 2007 at 01:59:36PM +1200, Perry Lorier wrote: > >When you can plug your computer in, and automatically (with no > >clicking) get an IPv6 address, > > Router Advertisements let you automatically configure as many IPv6 > addresses as you feel like. Remember that in XP, which Iljitsch recently cited to support his claim of "years of operating system support," you must click IPv6 into your configuration. It probably wants your XP install disc, or something like that. In my point of view, this does not cut the mustard for such words. Let's be clear: "There has been router and operating system support for years" is a statement which predicates that the World has no technical excuse for not running IPv6 globally edge-to-edge already. I think such a statement is fundamentally flawed. > This could be a fairly simple defacto standard if network operators > start using it. This is an obvious weak link in the chain at this point > tho. Does this represent "years of router and operating system support?" My answer is "no." > once you have DNS you can use the WPAD proxy auto discovery thingamabob. ...if you also had your domain suffix (unless you are suggesting that there have been WPAD records at the root for "years"?). RTADV won't help you here (tho they keep talking about putting domain-search and nameservers in it), and neither will DHCPv6 as it turns out (it carries a domain-search list, but not "your domain suffix" which is more what WPAD should really want). This is not "years of operating system support." What has had "years of operating system support," is the unfortunate practice of acquiring option code 252 in DHCPv4. > >and solve your dynamic dns problems (as IPv4 set top boxes do today), > > Updating your forward/reverse dns via DNS Update messages isn't that > uncommon today. On Enterprise networks using GSS-TSIG, sure. On ISP networks, I think the only time end-hosts try to update their reverse DNS directly is when they're participating in a rather unfortunate, and unintentional, distributed DoS against the root servers. Which, oddly enough, you mention next. Actual reverse dns updates for end hosts (and not their NAT gateways) is relatively uncommon, owing to the fact that such end hosts generally are on RFC1918 addresses. > http://www.caida.org/publications/presentations/ietf0112/dns.damage.html > > where hosts are trying to update the root zone with their new names. I'm confused by what you're trying to argue. Are you suggesting that AS112 represents "years of operating system support for IPv6"? > So you can get from A to D without requiring DHCPv6. ...I hope you see that this is only so long as you require some clicking instead. This is all well and good for those of us who have sufficient growth (or equivalent feminine metaphor) on our chins, which we enjoy stroking thoughtfully while determining what all these "correct configurations" are. But I don't think "it works for bearded geeks" is setting the bar high enough when we use lofty words like "supported by routers and operating systems for years." -- David W. Hankins"If you don't do it right the first time, Software Engineer you'll just have to do it again." Internet Systems Consortium, Inc. -- Jack T. Hankins pgpbIxFk401KC.pgp Description: PGP signature
Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
On Mon, Apr 16, 2007, Perry Lorier wrote: > > configure web proxies, > > once you have DNS you can use the WPAD proxy auto discovery thingamabob. .. and the microsoft extensions to support ipv6 in proxy autoconfiguration files: http://blogs.msdn.com/wndp/articles/IPV6_PAC_Extensions_v0_9.aspx http://blogs.msdn.com/wndp/archive/2006/07/18/IPV6-WPAD-for-WinHttp-and-WinInet.aspx Adrian
Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
When you can plug your computer in, and automatically (with no clicking) get an IPv6 address, Router Advertisements let you automatically configure as many IPv6 addresses as you feel like. > have something tell you where your DNS assist servers, Microsoft had an old expired draft with some default anycast IPv6 nameserver addresses: fec0:0:0:::1 fec0:0:0:::2 fec0:0:0:::3 -- http://tools.ietf.org/id/draft-ietf-ipv6-dns-discovery-04.txt While this was never accepted by the IETF, I believe windows machines still use these by default if they have no other name servers but do have IPv6 connectivity. This could be a fairly simple defacto standard if network operators start using it. This is an obvious weak link in the chain at this point tho. > configure web proxies, once you have DNS you can use the WPAD proxy auto discovery thingamabob. and solve your dynamic dns problems (as IPv4 set top boxes do today), Updating your forward/reverse dns via DNS Update messages isn't that uncommon today. See: http://www.caida.org/publications/presentations/ietf0112/dns.damage.html where hosts are trying to update the root zone with their new names. So you can get from A to D without requiring DHCPv6.
Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
On Sun, Apr 15, 2007, Iljitsch van Beijnum wrote: > With IPv4, PPP IPCP will negotiate a whole bunch of stuff, including > the addresses of both sides of the link. PPP IP6CP only negotiates a > 32-bit unique token for each side which can then be used to create > link local addresses. I'm pretty sure l2tpns has IPv6 support of some sort. I was planning on trialling it in exactly this setup - LNS services for L2TP-provided PPPoE ADSL. Has anyone here done this and enabled IPv6 negotiation? Has anyone sorted out the issues relating to end-point IPv6 security for home PCs now that NAT is removed? Adrian
Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
On 15-apr-2007, at 21:35, Joe Abley wrote: With IPv6, there's of course still manual configuration, but PPP is out because it can't negotiate IPv6 addresses. I've heard you say this a few times now, but I am also told by various people in various places that they have succeeded in getting IPv6 addresses assigned using PPPoE. Colour me confused. Does RFC 2472 have some practical limitations in the real world that I haven't noticed? Or is the problem a simple matter of implementation? With IPv4, PPP IPCP will negotiate a whole bunch of stuff, including the addresses of both sides of the link. PPP IP6CP only negotiates a 32-bit unique token for each side which can then be used to create link local addresses. Two years ago, when I was writing my IPv6 book, I did some testing between an Cisco 2500 and a MacOS 10.4 system to see how IPv6 over PPP behaves, and the result was that it did work, but there was no address assignment from the router to the Mac, not through PPP, because it doesn't support it, and not through router advertisements, for reasons unknown. Probably someone decided that stateless autoconfig on a point to point link didn't make sense. (Note that the pppd in question is common to both the BSD family and Linux.) I have no idea what's different in the PPP over ethernet setup, but it could be many things, such as that the PPP implementations do support stateless autoconfig there, or that it's not actual IPv6 over PPP but rather IPv6 over IPv4 or over bridged ethernet.
Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
On 15-Apr-2007, at 06:38, Iljitsch van Beijnum wrote: With IPv6, there's of course still manual configuration, but PPP is out because it can't negotiate IPv6 addresses. I've heard you say this a few times now, but I am also told by various people in various places that they have succeeded in getting IPv6 addresses assigned using PPPoE. Colour me confused. Does RFC 2472 have some practical limitations in the real world that I haven't noticed? Or is the problem a simple matter of implementation? Joe
Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
On 13-apr-2007, at 21:48, David W. Hankins wrote: A given ISP may or may not directly communicate with end hosts using any form of DHCP, but the current broadband ISP models which are de rigeur would not be salient without DHCPv4 on the end hosts, even if that is only between the set top box and customer. Sure, but that's because with IPv4, there are only three flavors: - manual configuration - PPP - DHCP With IPv6, there's of course still manual configuration, but PPP is out because it can't negotiate IPv6 addresses. New in IPv6 is stateless autoconfiguration, which will give you addresses and default gateways, but (so far) not extra info such as DNS addresses. The situation for DHCP in IPv6 is very different from the one in IPv4: because DHCPv6 was late to the party (IIRC the final RFCs came out around 2003, decent implementations are still not abundant) and we have stateless autoconfig, the focus for DHCPv6 was to provide additional information (those !#$ DNS addresses) and a new trick: prefix delegation. This is a mechanism where routers can lease a prefix from a DHCP server, and then use that prefix in their router advertisements. This is a great tool for provisioning. The DHCPv6 servers and clients that I tested two years ago didn't even support address assignment to hosts. And note that even when hosts do, and a DHCPv6 server is available, these hosts must still listen for router advertisements because DHCPv6 doesn't provide a default gateway address, like DHCP for IPv4 does. What DHCP and PPP did do, was to remove all of that, and make ISP integration of customer premise something that could "just happen" without any handholding or bearded geekery. Fortunately, the IETF got things right the sixth time around (?) by adding the stateless autoconfig to IPv6, so these additional mechanisms aren't necessary. When you can plug your computer in, and automatically (with no clicking) get an IPv6 address, Like I said, this part has never been a problem with IPv6. have something tell you where your DNS assist servers, There will be a router advertisement option to learn DNS servers. Note though, that this is only an issue for hosts that are IPv6-only, which isn't exactly the typical use case today. configure web proxies, ?? and solve your dynamic dns problems Which dynamic DNS problems? It works just fine for me. On the subject of DNS, I think you are going to find that, since IPv6 addresses do not pass the 'phone test', IPv6 customers will have a new emphasis on having their names in DNS. And exactly how often do people type in the address of their own system...? A problem with the DNS and IPv6 is that unlike IPv4, you can't pre- populate the DNS so that each host has a valid DNS name as soon as it receives an address. Manual configuration is problematic for more than the obvious reasons: host may use temporary IPv6 addresses with random lower bits to avoid exposing their MAC address. The only reasonable way to solve this is with dynamic DNS updates. This would be bad except that customers will usually have their own prefix in IPv6 so this should be solvable security-wise.
Re: DHCPv6, was: Re: IPv6 Finally gets off the ground
On Thu, Apr 12, 2007 at 11:11:54AM +0200, Iljitsch van Beijnum wrote: > I have a Cisco 2500 with software from 1999 and a Windows XP box with > software from 2001, both supporting IPv6, sitting here... I didn't > get my first Mac until 2002, but that one supported IPv6 at that > point, too. It would be foolish to suggest that software implementing IPv6 has not existed for many years. It would also be foolish to use "support IPv6" as a blanket statement, when the features have not truly been usable by more than bearded geeks. > There is a provisioning problem with IPv6, yes. Note that the word 'provisioning' is more than just 'addressing'. A given ISP may or may not directly communicate with end hosts using any form of DHCP, but the current broadband ISP models which are de rigeur would not be salient without DHCPv4 on the end hosts, even if that is only between the set top box and customer. So it might not be "their job", but it's still an important facet of the architecture. One could say that although a DHCP department doesn't exist within ISP's, there would have been a need for a staffed department in its absence. I remember the era when we used to deliver "install" floppies to our prospective customers. And I can tell you they weren't a very good idea. Web pages full of instructions, flyers with "simple to follow" steps, none of them really worked very well either. Even if our iconic mascots trying to make the instructions friendlier were awfully cute. What DHCP and PPP did do, was to remove all of that, and make ISP integration of customer premise something that could "just happen" without any handholding or bearded geekery. When you can plug your computer in, and automatically (with no clicking) get an IPv6 address, have something tell you where your DNS assist servers, configure web proxies, and solve your dynamic dns problems (as IPv4 set top boxes do today), then I would allow you the use of the words 'supports IPv6' rather than 'implements IPv6'. On the subject of DNS, I think you are going to find that, since IPv6 addresses do not pass the 'phone test', IPv6 customers will have a new emphasis on having their names in DNS. But these are forward looking statements, and it's equally possible that people will be moved instead to use presence networks. -- David W. Hankins"If you don't do it right the first time, Software Engineer you'll just have to do it again." Internet Systems Consortium, Inc. -- Jack T. Hankins pgp3AhMWtSXvG.pgp Description: PGP signature
DHCPv6, was: Re: IPv6 Finally gets off the ground
On 10-apr-2007, at 18:12, David W. Hankins wrote: IPv6 has had operating system and router support for years. I'd have to object with such a blanket statement. I have a Cisco 2500 with software from 1999 and a Windows XP box with software from 2001, both supporting IPv6, sitting here... I didn't get my first Mac until 2002, but that one supported IPv6 at that point, too. I don't think you can say you support IPv6 (from an ISP's point of view) without DHCPv6, since I don't think anyone at a large ISP sized scale is going to leave address assignment up to RTADV. There is a provisioning problem with IPv6, yes. For instance, you can't get an IPv6 address over PPP, like you can with IPv4. But I don't see how DHCPv6 solves that. I can see how _enterprises_ might like DHCPv6, because hosts coming up with the bottom 64 bits of the address is just way to anarchistic for them. But ISPs don't care. They'll just give out prefixes rather than individual addresses, so the router advertisements vs router advertisements + DHCPv6 question never comes up. (Yes, if you have DHCPv6 you still need RAs because DHCPv6 can't give you a default gateway.) And customers rarely connect their hosts directly to ISP-controlled boxes these days, there is usually some kind of home gateway involved.
Re: IPv6 Finally gets off the ground
Yes. Silly of you. I think you may have missed more than the singular reference. This back and forth has little to do with morality and more to do with opinion. Yet it begs, how moral is an argument of 'my opinion is superior to your opinion'? Such a lashing of another's opinion under the pretense of removing someone from their lofty perch to restore equality is hardly equality at all. Everyone is entitled to their opinion. Though, I doubt Mr. Yao was expressing his so strongly. Gian Anthony Constantine On Apr 10, 2007, at 1:35 PM, Patrick W. Gilmore wrote: On Apr 10, 2007, at 1:24 PM, Joseph S D Yao wrote: On Tue, Apr 10, 2007 at 12:10:59PM -0400, Patrick W. Gilmore wrote: ... Second, who said v6 was "the heights"? ... My, aren't we serious? Too serious to realize that satellites are a little higher than I, at least, can reach. Guess I missed that reference. Silly of me. Fine imagery. Just like the stuff you can get for free if you use a v6 stack :) As for being serious, I do believe you were the one who claimed v6 was going "into the gutter", and "the depth". Pot, kettle, black? Actually, you went beyond being serious by implying some type of moral superiority. Which is fine, you packets can be morally superior to mine -- TTFN, patrick
Re: IPv6 Finally gets off the ground
On Apr 10, 2007, at 1:24 PM, Joseph S D Yao wrote: On Tue, Apr 10, 2007 at 12:10:59PM -0400, Patrick W. Gilmore wrote: ... Second, who said v6 was "the heights"? ... My, aren't we serious? Too serious to realize that satellites are a little higher than I, at least, can reach. Guess I missed that reference. Silly of me. Fine imagery. Just like the stuff you can get for free if you use a v6 stack :) As for being serious, I do believe you were the one who claimed v6 was going "into the gutter", and "the depth". Pot, kettle, black? Actually, you went beyond being serious by implying some type of moral superiority. Which is fine, you packets can be morally superior to mine -- TTFN, patrick
Re: IPv6 Finally gets off the ground
On Tue, Apr 10, 2007 at 12:10:59PM -0400, Patrick W. Gilmore wrote: ... > Second, who said v6 was "the heights"? ... My, aren't we serious? Too serious to realize that satellites are a little higher than I, at least, can reach. -- Joe Yao Analex Contractor
Re: IPv6 Finally gets off the ground
Patrick W. Gilmore wrote: > > The only good thing I can say about this proposal is that 10GB is not > NEARLY enough to get your typical luser to think about changing their > configuration. Therefore, it probably won't have an impact on v6 > adoption. (That ghod.) Nor was it intended to. From what I understand it's an experiment on the usability of dual-stack servers at this point. Porn happens to be a test load. We (myself, previous and current employers) have been deploying dual stack servers (with published records) for all sorts of applications which may or may not give us some reasonable samples of client behavior (usenet news, ntp servers, open source ftp http mirrors). Experience would suggest that before content providers can build a business case for dual stack servers they need to confirm they're not going to loose eyeballs as a result. > --TTFN, > patrick >
Re: IPv6 Finally gets off the ground
On Tue, Apr 10, 2007 at 03:54:39PM +0200, Stephane Bortzmeyer wrote: > IPv6 has had operating system and router support for years. I'd have to object with such a blanket statement. I don't think you can say you support IPv6 (from an ISP's point of view) without DHCPv6, since I don't think anyone at a large ISP sized scale is going to leave address assignment up to RTADV. I'm aware that Vista added support for DHCPv6, and I have heard naught else (aside from the unixes). So, it's my opinion that IPv6 "may" only recently have started enjoying the level of operating system support required for actual ISP-scale use by one major vendor...and I don't know how commonly deployed Vista is yet. -- David W. Hankins"If you don't do it right the first time, Software Engineer you'll just have to do it again." Internet Systems Consortium, Inc. -- Jack T. Hankins pgpkju5wVgq6x.pgp Description: PGP signature
Re: IPv6 Finally gets off the ground
On Apr 10, 2007, at 11:13 AM, Joseph S D Yao wrote: On Tue, Apr 10, 2007 at 03:54:39PM +0200, Stephane Bortzmeyer wrote: On Sun, Apr 08, 2007 at 06:15:34PM -0500, J. Oquendo <[EMAIL PROTECTED]> wrote a message of 24 lines which said: was successfully configured by NASA Glenn Research Center to use IPsec and IPv6 technologies in space." ... We're taking 10 gigabytes of the most popular "adult entertainment" videos from one of the largest subscription websites on the internet, and giving away access to anyone who can connect to it via IPv6. ... *sigh* Off the ground, then into the gutter, eh? From the heights to the depths ... First, I find it interesting that you are applying your personal morals to a technical discussion. Actually, I find it sad too. Second, who said v6 was "the heights"? Many people would argue this actually _lifts_ v6, not drags it down. (And most of those people would further argue v6 should have stayed down.) Third, where do you work? I work on the Internet. If you are opposed to pr0n, and you work on the Internet, you need to change jobs, FAST. Unless you enjoy self delusion. And don't even think about saying "not on MY network". I don't care if you work for a .gov, there is plenty of nekkid-flesh-bits flying on your network. To think otherwise only proves you are delusional or ignorant. The only good thing I can say about this proposal is that 10GB is not NEARLY enough to get your typical luser to think about changing their configuration. Therefore, it probably won't have an impact on v6 adoption. (That ghod.) -- TTFN, patrick
Re: IPv6 Finally gets off the ground
On Tue, Apr 10, 2007 at 03:54:39PM +0200, Stephane Bortzmeyer wrote: > > On Sun, Apr 08, 2007 at 06:15:34PM -0500, > J. Oquendo <[EMAIL PROTECTED]> wrote > a message of 24 lines which said: > > > was successfully configured by NASA Glenn Research Center to use > > IPsec and IPv6 technologies in space." ... > We're taking 10 gigabytes of the most popular "adult entertainment" videos from one of the largest subscription websites on the internet, and giving away access to anyone who can connect to it via IPv6. ... *sigh* Off the ground, then into the gutter, eh? From the heights to the depths ... -- Joe Yao Analex Contractor
RE: IPv6 Finally gets off the ground
HAHAHAHAHA I always knew that this stuff was the most prevalent and billable content on the web, but I never thought of using it as a motivating factor for chage! Good one! Scott -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Stephane Bortzmeyer Sent: Tuesday, April 10, 2007 9:55 AM To: J. Oquendo Cc: nanog@merit.edu Subject: Re: IPv6 Finally gets off the ground On Sun, Apr 08, 2007 at 06:15:34PM -0500, J. Oquendo <[EMAIL PROTECTED]> wrote a message of 24 lines which said: > was successfully configured by NASA Glenn Research Center to use IPsec > and IPv6 technologies in space." Any human on board? Because he would have been able to access useful content: http://www.ipv6experiment.com/ The great chicken or the egg dilemma. IPv6 has had operating system and router support for years. But, content providers don't want to deploy it because there aren't enough potential viewers to make it worth the effort. There are concerns about compatibility and breaking IPv4 accessibility just by turning IPv6 on. ISPs don't want to provide IPv6 to end users until there is a killer app on IPv6 that will create demand for end users to actually want IPv6. There hasn't been any reason for end users to want IPv6 - nobody's dumb enough to put desirable content on IPv6 that isn't accessible on IPv4. Until now. We're taking 10 gigabytes of the most popular "adult entertainment" videos from one of the largest subscription websites on the internet, and giving away access to anyone who can connect to it via IPv6. No advertising, no subscriptions, no registration. If you access the site via IPv4, you get a primer on IPv6, instructions on how to set up IPv6 through your ISP, a list of ISPs that support IPv6 natively, and a discussion forum to share tips and troubleshooting. If you access the site via IPv6 you get instant access to "the goods".
Re: IPv6 Finally gets off the ground
On Sun, Apr 08, 2007 at 06:15:34PM -0500, J. Oquendo <[EMAIL PROTECTED]> wrote a message of 24 lines which said: > was successfully configured by NASA Glenn Research Center to use > IPsec and IPv6 technologies in space." Any human on board? Because he would have been able to access useful content: http://www.ipv6experiment.com/ The great chicken or the egg dilemma. IPv6 has had operating system and router support for years. But, content providers don't want to deploy it because there aren't enough potential viewers to make it worth the effort. There are concerns about compatibility and breaking IPv4 accessibility just by turning IPv6 on. ISPs don't want to provide IPv6 to end users until there is a killer app on IPv6 that will create demand for end users to actually want IPv6. There hasn't been any reason for end users to want IPv6 - nobody's dumb enough to put desirable content on IPv6 that isn't accessible on IPv4. Until now. We're taking 10 gigabytes of the most popular "adult entertainment" videos from one of the largest subscription websites on the internet, and giving away access to anyone who can connect to it via IPv6. No advertising, no subscriptions, no registration. If you access the site via IPv4, you get a primer on IPv6, instructions on how to set up IPv6 through your ISP, a list of ISPs that support IPv6 natively, and a discussion forum to share tips and troubleshooting. If you access the site via IPv6 you get instant access to "the goods".
Re: IPv6 Finally gets off the ground
J. Oquendo wrote: > "On Thursday, 29 March 2007, a Cisco Systems router, flying > in low Earth Orbit onboard the UK-DMC satellite built by > Surrey Satellite Technology Ltd (SSTL), was successfully > configured by NASA Glenn Research Center to use IPsec and > IPv6 technologies in space." > > http://www.dmcii.com/news.htm > > Its good to know that IPv6 is finally being used along > with encryption! Albeit in outer space, maybe one day we > could all catch up with this "out of this world" > technology that people could now claim is "light years" > ahead of us. I'm looking forward to a future where pc104/isa bus based routers figure prominently in the ip core! >
IPv6 Finally gets off the ground
"On Thursday, 29 March 2007, a Cisco Systems router, flying in low Earth Orbit onboard the UK-DMC satellite built by Surrey Satellite Technology Ltd (SSTL), was successfully configured by NASA Glenn Research Center to use IPsec and IPv6 technologies in space." http://www.dmcii.com/news.htm Its good to know that IPv6 is finally being used along with encryption! Albeit in outer space, maybe one day we could all catch up with this "out of this world" technology that people could now claim is "light years" ahead of us. -- =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo echo @infiltrated|sed 's/^/sil/g;s/$/.net/g' http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743 "How a man plays the game shows something of his character - how he loses shows all" - Mr. Luckey