Re: IPv6 vs IPv4 (Re: Sprint NOC? Are you awake now?)
On dinsdag, sep 2, 2003, at 23:18 Europe/Amsterdam, Nenad Pudar wrote: Again my point is that your site (or any other that use the same dns for ipv4 and 6) may be blackholed by ipv6 (it is not the question primary about the quality ipv6 connction it is the fact that your ipv4 connection which may be excelant is blackholed with your ipv6 connection which may not be good and to me the most obvious solution is not to use the same dns name for both) First of all, why are you repeating everything the previous posters said? This is a waste of bandwidth. Not only on the network, but also where it really matters: in the synapses. The real problem is that your software assumes that if there are several addresses in the DNS, it can just pick one and assume that address works. That has never been a good idea, but in IPv4 you can get away with it. In IPv6, you can't. IPv6 hosts are required to support more than a single address per interface, and when people actually use this then it's only a matter of time before address #1 becomes unreachable while address #2 is still reachable. So this means you have to try them all. The new name to address mechanisms for IPv6 are such that you can ask for IPv4 addresses, IPv6 addresses or both for a certain FQDN. If you choose both, you'll usually get an IPv6 address first. I don't see how it would be reasonable to have separate FQDNs for all these addresses and have the user try them all rather than simply have the application walk through the list of addresses and try them all until it gets a live one. (And yes, I've suffered from decreased performance because of non-optimal or even nonexisting IPv6 connectivity, but that's the price of being an early adapter.) Now if your argument is that it's not a good idea to depend on applications handling this they way they should _today_ that is something I'm willing to discuss, although I don't necessarily agree. BTW, my IPv6 connectivity for www.bgpexpert.com is in some ways better than IPv4 as there is an extra path available over IPv6 that isn't available over IPv4.
IPv6 vs IPv4 (Re: Sprint NOC? Are you awake now?)
(btw, for those of you who think that IPv6 isn't in use, you may now safely ignore this thread). On Tue, Sep 02, 2003 at 04:34:18PM -0400, Nenad Pudar wrote: My enviroment is far to be broken my friend. This is not question about me or my environoment this question about your site ,I can always mange to get such a sites if I want but I am not sure that some other people are even awre what the problem is. I think that still majority of ipv6 connections is through 6 bone and there you do have a latency and evrybody using the same dns for ipv4 and ipv6 should re-think it over i would say that I serve a moderate number of web pages a day off my web server. (warning, big!) here are some statistics: http://puck.nether.net/stats.html this is the first complaint i've received of accessing puck via ipv6 (aside from when i was running a buggy kernel that would cause it to stop responding to the v6 address periodically). here's some stats for my sendmail as well: puck:~ grep sm-mta /var/log/maillog | wc -l 30350 puck:~ grep IPv6 /var/log/maillog | wc -l 405 puck:~ grep IPv6 /var/log/maillog.Mon | wc -l 324 puck:~ grep IPv6 /var/log/maillog.Fri | wc -l 324 puck:~ grep IPv6 /var/log/maillog.Thu | wc -l 865 This means i'm getting a small number of emails sent via IPv6 without troubles. Might I suggest the problem is on your end. Do you have all the latest solaris patches installed? Either that, or ifconfig down your ipv6 interface or remove the autoconf from your machine as necessary until you have a chance to test it. In the mean time, you can visit the webpage here: http://204.42.254.5/netops/ I try to always use / referencing urls, so it should work just fine for you. If you notice a url that does not just reference /, please let me know. - Jared Jared Mauch wrote: On Tue, Sep 02, 2003 at 10:47:14PM +0300, Petri Helenius wrote: Nenad Pudar wrote: OK The point is that ipv6 connection is not good enough to be used. And for the sites that have the same dns for ipv4 and ipv6 ipv6 in a way blackhole ipv4 connection. In this case puck.nether.net is timinig out from time to time (going over ipv6) instead of going over ipv4 network. Disable ipv6 from your routers / hosts. If that is not an option, type in the ipv4 address to your browsers but don´t tell other people to break their systems because your environment is broken. I wonder if I should re-enable ecn as well then. get those broken people to fix their systems...but I don't think i'm an important enough internet resource for people to listen to me. btw, if you http://ip-of-puck/ you will get the correct web pages. - jared -- Nenad Pudar IP Network Engineer TELEGLOBE phone: 1 514 868 8053 -- Jared Mauch | pgp key available via finger from [EMAIL PROTECTED] clue++; | http://puck.nether.net/~jared/ My statements are only mine.
Re: IPv6 vs IPv4 (Re: Sprint NOC? Are you awake now?)
I do not send e-maol to complain about my connection to puck.nether.net ,neither I claim I have a excelent ipv6 connection ,what triggerd my-e-mail was the someone complining to not be able to reach your site. I have more than few ways to making it reachable . My e-mail was more to rise the general diskussion about this issue and puck.nether.net was only the example Again my point is that your site (or any other that use the same dns for ipv4 and 6) may be blackholed by ipv6 (it is not the question primary about the quality ipv6 connction it is the fact that your ipv4 connection which may be excelant is blackholed with your ipv6 connection which may not be good and to me the most obvious solution is not to use the same dns name for both) for the people coming through 6bone or even for the majority of people not peering with Verio. This the trace from 6 bone looking glass traceroute6 to 2001:418:3f4:0:2a0:24ff:fe83:53d8 (2001:418:3f4:0:2a0:24ff:fe83:53d8) from 2001:6b8::204, 30 hops max, 12 byte packets 1 6bone-gw4 0.749 ms 0.537 ms 0.506 ms 2 gw1-bk1 1.103 ms 1.101 ms 1.046 ms 3 tu-16.r00.plalca01.us.b6.verio.net 186.424 ms 186.129 ms 187.344 ms 4 tu-800.r00.asbnva01.us.b6.verio.net 246.76 ms 246.798 ms 246.759 ms 5 t2914.nnn-7202.nether.net 458.76 ms 446.925 ms 496.061 ms 6 2001:418:3f4:0:2a0:24ff:fe83:53d8 450.172 ms 477.296 ms 453.895 ms nenad Jared Mauch wrote: (btw, for those of you who think that IPv6 isn't in use, you may now safely ignore this thread). On Tue, Sep 02, 2003 at 04:34:18PM -0400, Nenad Pudar wrote: My enviroment is far to be broken my friend. This is not question about me or my environoment this question about your site ,I can always mange to get such a sites if I want but I am not sure that some other people are even awre what the problem is. I think that still majority of ipv6 connections is through 6 bone and there you do have a latency and evrybody using the same dns for ipv4 and ipv6 should re-think it over i would say that I serve a moderate number of web pages a day off my web server. (warning, big!) here are some statistics: http://puck.nether.net/stats.html this is the first complaint i've received of accessing puck via ipv6 (aside from when i was running a buggy kernel that would cause it to stop responding to the v6 address periodically). here's some stats for my sendmail as well: puck:~ grep sm-mta /var/log/maillog | wc -l 30350 puck:~ grep IPv6 /var/log/maillog | wc -l 405 puck:~ grep IPv6 /var/log/maillog.Mon | wc -l 324 puck:~ grep IPv6 /var/log/maillog.Fri | wc -l 324 puck:~ grep IPv6 /var/log/maillog.Thu | wc -l 865 This means i'm getting a small number of emails sent via IPv6 without troubles. Might I suggest the problem is on your end. Do you have all the latest solaris patches installed? Either that, or ifconfig down your ipv6 interface or remove the autoconf from your machine as necessary until you have a chance to test it. In the mean time, you can visit the webpage here: http://204.42.254.5/netops/ I try to always use / referencing urls, so it should work just fine for you. If you notice a url that does not just reference /, please let me know. - Jared Jared Mauch wrote: On Tue, Sep 02, 2003 at 10:47:14PM +0300, Petri Helenius wrote: Nenad Pudar wrote: OK The point is that ipv6 connection is not good enough to be used. And for the sites that have the same dns for ipv4 and ipv6 ipv6 in a way blackhole ipv4 connection. In this case puck.nether.net is timinig out from time to time (going over ipv6) instead of going over ipv4 network. Disable ipv6 from your routers / hosts. If that is not an option, type in the ipv4 address to your browsers but don´t tell other people to break their systems because your environment is broken. I wonder if I should re-enable ecn as well then. get those broken people to fix their systems...but I don't think i'm an important enough internet resource for people to listen to me. btw, if you http://ip-of-puck/ you will get the correct web pages. - jared -- Nenad Pudar IP Network Engineer TELEGLOBE phone: 1 514 868 8053 -- Nenad Pudar IP Network Engineer TELEGLOBE phone: 1 514 868 8053
Re: IPv6 vs IPv4 (Re: Sprint NOC? Are you awake now?)
Nenad Pudar wrote: Again my point is that your site (or any other that use the same dns for ipv4 and 6) may be blackholed by ipv6 (it is not the question primary about the quality ipv6 connction it is the fact that your ipv4 connection which may be excelant is blackholed with your ipv6 connection which may not be good and to me the most obvious solution is not to use the same dns name for both) for the people coming through 6bone or even for the majority of people not peering with Verio. It's a valid point, except that IPv4 could just as easily have had a problem. Network connectivity issues happen. Whether one uses IPv4 or IPv6 in the connection is not decided by the server, but by the client. If an IPv6 path is really bad, the client should switch to an IPv4 path and vice versa. If the software in use by the client does not make this easy, it is not the fault of the server. Perhaps a better solution than different DNS names for IP versions should be better client abilities. Is it unreasonable for the client system to detect that the IPv6 path seems unreasonable and quickly check to see if there is a better IPv4 path? Or perhaps the software utilizing the IP stack should allow the user to specify which method they'd like to utilize at that moment in time (ie, web-browser; view site with IPv4|IPv6). This would solve the problem you are indicating and not overcomplicate the server side which is working fine. People don't want to learn to type www.ipv6.example.com and www.ipv4.example.com. It makes much more sense to just change the software to choose which method it wants. Not that software vendors would incorporate such features. -Jack This the trace from 6 bone looking glass traceroute6 to 2001:418:3f4:0:2a0:24ff:fe83:53d8 (2001:418:3f4:0:2a0:24ff:fe83:53d8) from 2001:6b8::204, 30 hops max, 12 byte packets 1 6bone-gw4 0.749 ms 0.537 ms 0.506 ms 2 gw1-bk1 1.103 ms 1.101 ms 1.046 ms 3 tu-16.r00.plalca01.us.b6.verio.net 186.424 ms 186.129 ms 187.344 ms 4 tu-800.r00.asbnva01.us.b6.verio.net 246.76 ms 246.798 ms 246.759 ms 5 t2914.nnn-7202.nether.net 458.76 ms 446.925 ms 496.061 ms 6 2001:418:3f4:0:2a0:24ff:fe83:53d8 450.172 ms 477.296 ms 453.895 ms
RE: IPv6 vs IPv4 (Re: Sprint NOC? Are you awake now?)
-BEGIN PGP SIGNED MESSAGE- Jared Mauch wrote: (btw, for those of you who think that IPv6 isn't in use, you may now safely ignore this thread). Then I will safely respond to it in that case ;) On Tue, Sep 02, 2003 at 04:34:18PM -0400, Nenad Pudar wrote: My enviroment is far to be broken my friend. This is not question about me or my environoment this question about your site ,I can always mange to get such a sites if I want but I am not sure that some other people are even awre what the problem is. I think that still majority of ipv6 connections is through 6 bone and there you do have a latency and evrybody using the same dns for ipv4 and ipv6 should re-think it over I think you should rather paste some traceroutes or use GRH to find out where the problem is. Check http://www.sixxs.net/tools/grh/ for some nice diagnostic tools. And you might want to read Minimal IPv6 Peering by Robert Kießling: http://ip6.de.easynet.net/ipv6-minimum-peering.txt i would say that I serve a moderate number of web pages a day off my web server. (warning, big!) here are some statistics: http://puck.nether.net/stats.html this is the first complaint i've received of accessing puck via ipv6 (aside from when i was running a buggy kernel that would cause it to stop responding to the v6 address periodically). SNIP And it works fine here behind 6bone and RIPE space. (Oh and yes this mail should reach puck over IPv6 :) I do have to note that there is quite a big amount of latency at least from Intouch: 2001:418::/32 2001:6e0::2 8954 33 2914 7 2001:418:3f4:0:2a0:24ff:fe83:53d8 (2001:418:3f4:0:2a0:24ff:fe83:53d8) 327.307 ms 308.8 ms 308.631 ms BIT on the other hand as a direct link to Verio... 2001:418::/32 2001:7b8::290:6900:1cc6:d800 12859 2914 6 2001:418:3f4:0:2a0:24ff:fe83:53d8 146.572 ms 298.737 ms 146.726 ms 13 puck.nether.net (204.42.254.5) 144.612 ms 146.984 ms 129.067 ms Almost the same latency :) Either that, or ifconfig down your ipv6 interface or remove the autoconf from your machine as necessary until you have a chance to test it. In the mean time, you can visit the webpage here: http://204.42.254.5/netops/ I try to always use / referencing urls, so it should work just fine for you. If you notice a url that does not just reference /, please let me know. A smallish hint here: $ORIGIN example.com. www 2001:db8::1 A 10.100.13.42 www.ipv62001:db8::1 www.ipv4A 10.100.13.42 This way one always has a forced fallback to a certain service Though for HTTP one prolly has to add them to the virtual hosts. Internet Explorer tends to nicely fall back from IPv6 to IPv4 after a certain timeout depending on how fast an icmp unreach comes back etc and prolly other factors. I haven't tested it with the new Opera 7.20b on Windows though which btw does IPv6 ;) I also don't know how Mozilla handles it as it doesn't do IPv6 on Windows... and I have no X box to test it at this moment... Greets, Jeroen -BEGIN PGP SIGNATURE- Version: Unfix PGP for Outlook Alpha 13 Int. Comment: Jeroen Massar / [EMAIL PROTECTED] / http://unfix.org/~jeroen/ iQA/AwUBP1Ug1imqKFIzPnwjEQKeMgCeIAcj8vDU7KnvLo7kiEz9fBhjXWUAnA9G GItH+RCakIiTVYE8SZ2M9VYv =ZA0L -END PGP SIGNATURE-
