Re: Cogent IPv6

[Aftab Siddiqui]

> I had to ask this here a while back, so I can now share. :-)
>
> IPv6 addresses are written as 8 16-bit chunk separated by colons
> (optionally with the longest consecutive set of :0 sections replaced
> with ::).  A /112 means the prefix is 7 of the 8 chunks, which means you
> can use ::1 and ::2 for every connection.
>
> Of course, just because you allocate a /112 (or shorter) in your
> database doesn't mean you have to use it.  You could also allocate a
> /112 for a point-to-point link and use a /127 (e.g. addresses ::a and
> ::b).
>
Still that doesn't give any reason to provide /112 for point to point
connectivitiy. Seriously, I'm peering with a transit provider with /126 and
when I asked for a reason they said, ease of management. How come Subnetting
/32 to /126 is ease of management?? thats quite difficult to understand.
This debate is there fore quite a long time but everytime it pops up I
feel so uncomfortable with this granular subnetting.

Regards,

Aftab A. Siddiqui

Re: World IPv6 Only Day.

[Tim Chown]

On 9 Jun 2011, at 05:36, Karl Auer wrote:

> On Wed, 2011-06-08 at 17:37 -1000, Paul Graydon wrote:
>> Dumb question.. what does the switch (L2) have to do with IPv6 (L3), or 
>> is it one of those 'somewhere in between the two' things?
> 
> Well, a modern switch should work fine, even if not directly IPv6 aware,
> but it won't understand multicast and will generally flood multicast
> frames to all interfaces. So definitely stipulate IPv6 capability, even
> for switches

And it won't have DHCPv6 snooping, or tools to mitigate rogue RAs.

Tim

Re: Facebook Engineering, on WIPv6D:

[Seth Mos]

Hi Jay,

Can you correlate the user from the access logs and send them a email that 
their IPv6 internet is not working correctly?

Regards,

Seth

Op 9 jun 2011, om 05:03 heeft Jay Ashworth het volgende geschreven:

> """
> World IPv6 Day came to an end earlier today. We successfully enabled IPv6 on 
> our site for 24 hours, with great results. We saw over 1 million users reach 
> us over IPv6.
> 
> We’re pleased that we did not see any increase in the number of users seeking 
> help from our Help Center. The estimated 0.03% of users who may have been 
> affected would have experienced slow page loads during the test. 
> 
> Based on the encouraging results, we’ve decided to leave our Developer site 
> dual-stacked, supporting both IPv4 and IPv6. And we will continue to adapt 
> our entire code base and tools to support IPv6.
> 
> We are glad to have joined with the Internet Society, major Web companies, 
> and other industry players to enable IPv6 for this test day. It was a great 
> opportunity to test our infrastructure and IPv6 readiness.
> 
> IPv6 is vital to the continued growth of the Internet, and World IPv6 Day was 
> a great step in the advancement of the protocol.  We hope the overall success 
> of the 24 hour test will encourage others in the industry to establish 
> reliable IPv6 connectivity and develop robust IPv6 products.
> 
> Donn is glad the Internet didn't break today.
> """
> 
> That last was in italics... :-)
> 
> Cheers,
> -- jra
> -- 
> Jay R. Ashworth  Baylink   
> j...@baylink.com
> Designer The Things I Think   RFC 2100
> Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII
> St Petersburg FL USA  http://photo.imageinc.us +1 727 647 1274
> 

Quick comparison of LSNs and NAT64

[Aleksi Suhonen]

Hello,

Some people were talking about Large Scale NATs (LSN) or Carrier Grade 
NATs (CGN) yesterday. Comments included that DS-Lite and NAT64 are 
basically LSNs and they suffer from all the same problems. I don't think 
that NAT64 is as bad as other LSNs and here's why:


NAT64 scales much better than NAT44 and NAT444(*)

The trick is with its companion DNS64. If you need more NAT64 capacity, 
you can just add more NAT64 boxes with unique /96 prefixes around your 
network and have your DNS64 load-balance traffic to those boxes. You can 
also map one A record into two  records of different NAT64 boxes, in 
case that works better with some application protocols.


The smallest granularity of load-balancing easily available with NAT444 
is per customer or per customer group. DNS64 allows per flow granularity 
for load-balancing without even breaking a sweat.


I've been testing NAT64 at home using a public NAT64 trial and generally 
I've been very happy with it:


http://www.trex.fi/2011/dns64.html

A neat feature I've liked is that I don't have to pass all my traffic 
via the NAT64 box, and so it doesn't have to be between me and the 
Internet. NAT44 usually acts as a fuse between me and my Internet.


The biggest downsides I've encountered are:

I.   Some streaming websites use IP addresses in their video stream 
URLs, so DNS64 doesn't get asked and that traffic won't flow via NAT64. 
Thankfully these are a minority.


II.  Networked games usually use some sort of a tracker to help clients 
find games to connect to, and those only use plain IP addresses too. And 
some games only query for A records, and thus can't benefit from DNS64 
either.



So I guess the optimal way to stretch the lifetime of IPv4 while still 
moving toward IPv6 all the time would be to dual-stack customers and 
deploy both NAT64/DNS64 and some other LSN which can handle the two 
downsides above. All the traffic that you can shift to NAT64 means that 
your other LSN (which doesn't scale as well) can handle that much more 
traffic before becoming a bottleneck. And naturally, you'll want to 
shift all that youtube/facebook/whatever traffic to native IPv6 to help 
both NAT boxes cope.


My 2 cents delivered,

--
Aleksi Suhonen

() ascii ribbon campaign
/\ support plain text e-mail

(*) NAT44 means the normal NAT from private IPv4 addresses to public 
IPv4 addresses. NAT444 means that there are two layers of NAT boxes: 
usually one at customer premises and the other at the ISP, doing LSN.

Re: World IPv6 Only Day.

[Karl Auer]

On Wed, 2011-06-08 at 17:37 -1000, Paul Graydon wrote:
> Dumb question.. what does the switch (L2) have to do with IPv6 (L3), or 
> is it one of those 'somewhere in between the two' things?

Well, a modern switch should work fine, even if not directly IPv6 aware,
but it won't understand multicast and will generally flood multicast
frames to all interfaces. So definitely stipulate IPv6 capability, even
for switches

Regards, K.

-- 
~~~
Karl Auer (ka...@biplane.com.au)   +61-2-64957160 (h)
http://www.biplane.com.au/kauer/   +61-428-957160 (mob)

GPG fingerprint: DA41 51B1 1481 16E1 F7E2 B2E9 3007 14ED 5736 F687
Old fingerprint: B386 7819 B227 2961 8301 C5A9 2EBC 754B CD97 0156


signature.asc
Description: This is a digitally signed message part

Re: IPv6 day fun is beginning!

[Graham Beneke]

On 08/06/2011 22:58, Daniel Roesen wrote:

On Wed, Jun 08, 2011 at 03:48:52PM -0400, Joly MacFie wrote:

What seems evident, looking at
http://asert.arbornetworks.com/2011/06/monitoring-world-ipv6-day/ is that a
lot of folks switched it on - and then switched it off again pretty damn
quick!


I'd attribute that spike to "people actively testing around for all
those participants actually working".


I agree. It appears to be mainly the 'native' traffic that spiked - 
native typically isn't the mom 'n pops at home.


I know that when I woke up and found that my Youtube content was coming 
over v6, I used the opportunity to load test my infrastructure. ;-)


--
Graham Beneke

Re: World IPv6 Only Day.

[Richard Patterson]

IPv6 has its own ethertype. (0x86DD)  see the list: 
http://en.wikipedia.org/wiki/EtherType
We've also encountered old IOSes that didn't forward Ethernet frames 
that contained IPv6 payload.



On 06/09/2011 03:37 PM, Paul Graydon wrote:
Dumb question.. what does the switch (L2) have to do with IPv6 (L3), 
or is it one of those 'somewhere in between the two' things?


Paul

On 6/8/2011 1:08 PM, fredrik danerklint wrote:

Well, that's another problem.

To make a long story short, the network (not mine and I don't have 
any kind of
control over that either) that my customers (including me) are using, 
did put
in new equipment (a switch) over a year ago and after that I lost my 
IPv6
connection that I had previously. That switch does not support IPv6 
it turns

out.

Re: Cogent IPv6

[ML]

On 6/8/2011 9:51 AM, Nick Olsen wrote:

I'm sure someone here is doing IPv6 peering with cogent. We've got a Gig
with them, So they don't do that dual peering thing with us. (They do it on
another 100Mb/s circuit we have... I despise it.)
Just kind of curious how they go about it.
Do they issue you a small IPv6 block for your interface, just like they do
for IPv4? Is it a separate session? Any things to be aware of before
pulling the trigger on it? (Other then them not having connectivity to HE's
IPv6 side of things, Wish they would fix that already...)

Nick Olsen
Network Operations (855) FLSPEED  x106


Did Cogent have the gumption to charge you more for IPv6 too?

Re: World IPv6 Only Day.

[Paul Graydon]

Dumb question.. what does the switch (L2) have to do with IPv6 (L3), or 
is it one of those 'somewhere in between the two' things?


Paul

On 6/8/2011 1:08 PM, fredrik danerklint wrote:

Well, that's another problem.

To make a long story short, the network (not mine and I don't have any kind of
control over that either) that my customers (including me) are using, did put
in new equipment (a switch) over a year ago and after that I lost my IPv6
connection that I had previously. That switch does not support IPv6 it turns
out.

This is exactly the things that the customers really need to better understand
and why it's not gonna work for them.


You did miss a thing:

$ dig mx fredan.se

;; ANSWER SECTION:
fredan.se.  3597IN  MX  10 mail.fredan.se.

;; ADDITIONAL SECTION:
mail.fredan.se. 3597IN  A   77.105.235.102
mail.fredan.se. 3597IN  2001:4db8:e001::2::17

So I do have a IPv6 connection but not to my customers.


How about that one?

(Please reply to the mailing list only)

You wouldn't be posting to the list... :-)

Received: from [77.105.232.43] (port=53699 helo=fredan-pc.localnet)
by mail.fredan.se with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256)
(Exim 4.71) (envelope-from)
id 1QURHg-0004ZJ-4d
for nanog@nanog.org; Thu, 09 Jun 2011 00:31:32 +0200

Re: IPv6 day fun is beginning!

[Paul Graydon]

Not cook islands.  I am in Hawaii though so not a huge distance away.  
I'd got dual boot debian/windows and I had the tzlocation set wrong 
under Debian (GMT instead of local time).  Boot back into Windows to 
test something and sent a few e-mails without noticing the time stamp 
was wrong.


Paul

On 6/8/2011 9:41 AM, Ryan Pavely wrote:
Are you really on Cook Island in the Pacific or is your email headers 
date timezone string set incorrectly -1000.  Your message won't be 
read by me until tonight shortly after 12:19 am.  Sadly you'll miss 
IPv6 day :(





  Ryan Pavely
   Net Access Corporation
   http://www.nac.net/


On 6/9/2011 12:19 AM, Paul Graydon wrote:
I've done the same at home, HE tunnel for IPv6.  I've got a Linksys 
WRT54GL running DD-WRT so getting it set up was relatively straight 
forward though I really need to fix the automatic startup script 
that's misbehaving.
Work was another matter, one big headache, to the point where I'm 
wondering if something is interfering.  OpenBSD box running pf acts 
as a router for us, HE tunnel comes up easily and works fine from 
box. rtadvd starts advertising the network range and every machine in 
the office picked it up.  Briefly those workstations running Windows 
7 in the office were able to use the tunnel (5 mins give or take).  
From then on I could see outbound and inbound IPv6 traffic on the BSD 
box, but it never seemed to reach the workstations.  Tearing down, 
reconfiguring, checking out every guide under the sun, nothing worked 
:)  Gave up in the end, I'll tackle it later when I've got time to 
waste.
Would be nice if my $isp would sort out an IPv6 address range for us 
to use properly.


Paul


On 6/8/2011 1:40 AM, Jamie Bowden wrote:

Thanks to HE's tunnel broker service, I've got fully functional dual
stack at home (well, mostly, like most folks, VZ gives me a single
address and I live behind that with NATv4, but otherwise, I loves me
some FiOS) and yesterday went by for me without a hitch, including
accessing Facebook (I'd hear from the wife and kid really quickly if
they weren't working).  For a working tunnel, I put my DIR-825 as the
"DMZ" host behind the cheesy Actiontec router VZ requires, forward all
traffic with zero firewalling to it, and let the D-Link appliance 
handle

all my firewall needs (and it terminates my v6 tunnel obviously).  The
one thing I haven't quite figured out how to make it do (and maybe it's
just not capable) is use the /48 HE routes to me.  The box insists that
the internal interface be on the same subnet as the external, and it
hands out v6 addresses from that /64.

Jamie

-Original Message-
From: Jared Mauch [mailto:ja...@puck.nether.net]
Sent: Tuesday, June 07, 2011 7:15 PM
To: Iljitsch van Beijnum
Cc: NANOG list
Subject: Re: IPv6 day fun is beginning!


On Jun 7, 2011, at 7:13 PM, Iljitsch van Beijnum wrote:


www.facebook.com has  but doesn't load for me over IPv6, it does

for others though

If you go to www.v6.facebook.com it works, but it seems they have some
problem on their main site.  I am seeing some issues reaching them over
IPv6.

- Jared

Re: Cogent IPv6

[Chris Adams]

Once upon a time, William Herrin  said:
> Now, as to why they'd choose a /112 (65k addresses) for the interface
> between customer and ISP, that's a complete mystery to me.

I had to ask this here a while back, so I can now share. :-)

IPv6 addresses are written as 8 16-bit chunk separated by colons
(optionally with the longest consecutive set of :0 sections replaced
with ::).  A /112 means the prefix is 7 of the 8 chunks, which means you
can use ::1 and ::2 for every connection.

Of course, just because you allocate a /112 (or shorter) in your
database doesn't mean you have to use it.  You could also allocate a
/112 for a point-to-point link and use a /127 (e.g. addresses ::a and
::b).

-- 
Chris Adams 
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.

Facebook Engineering, on WIPv6D:

[Jay Ashworth]

"""
World IPv6 Day came to an end earlier today. We successfully enabled IPv6 on 
our site for 24 hours, with great results. We saw over 1 million users reach us 
over IPv6.

We’re pleased that we did not see any increase in the number of users seeking 
help from our Help Center. The estimated 0.03% of users who may have been 
affected would have experienced slow page loads during the test. 

Based on the encouraging results, we’ve decided to leave our Developer site 
dual-stacked, supporting both IPv4 and IPv6. And we will continue to adapt our 
entire code base and tools to support IPv6.

We are glad to have joined with the Internet Society, major Web companies, and 
other industry players to enable IPv6 for this test day. It was a great 
opportunity to test our infrastructure and IPv6 readiness.

IPv6 is vital to the continued growth of the Internet, and World IPv6 Day was a 
great step in the advancement of the protocol.  We hope the overall success of 
the 24 hour test will encourage others in the industry to establish reliable 
IPv6 connectivity and develop robust IPv6 products.

Donn is glad the Internet didn't break today.
"""

That last was in italics... :-)

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII
St Petersburg FL USA  http://photo.imageinc.us +1 727 647 1274

Re: Cogent IPv6

[William Herrin]

On Wed, Jun 8, 2011 at 9:58 PM, Kelly Setzer  wrote:
> IPv6 newbie alert!
>
> I thought the maximum prefix length for IPv6 was 64 bits,
> so the comment about a v6 /112 for peering vexed me.  I
> have Googled so much that Larry Page called me and
> asked me to stop.
>
> Can someone please point me to a resource that explains
>how IPv6 subnets larger than 64 bits function and how
>they would typically be used?

Hi Kelly,

IPv6 netmasks work exactly like IPv4 netmasks. You can even route
/128's if you want. Two major caveats:

1. SLAAC (stateless autoconfiguration, the more or less replacement
for DHCP) only works if the subnet on your LAN is exactly /64. So
unless you're manually configuring the IPv6 address on every machine
on your subnet, you're using a /64.

2. Reverse DNS delegates every 4 bits (in IPv4 its every 8 bits). And
when you write the address, every 4 bits is one digit. So unless you
want to make things needlessly hard, you're also going to choose 4-bit
boundaries for everything. I.e. a /56 or a /60 but never a /57.


Now, as to why they'd choose a /112 (65k addresses) for the interface
between customer and ISP, that's a complete mystery to me.

Regards,
Bill Herrin

-- 
William D. Herrin  her...@dirtside.com  b...@herrin.us
3005 Crane Dr. .. Web: 
Falls Church, VA 22042-3004

RE: Cogent IPv6

[Kelly Setzer]

> -Original Message-
> From: r...@u13.net [mailto:r...@u13.net]
> Sent: Wednesday, June 08, 2011 9:19 AM
> To: nanog@nanog.org
> Subject: Re: Cogent IPv6
> 
> On Wed, 8 Jun 2011 09:51:21 -0400, Nick Olsen wrote:
> 
> > I'm sure someone here is doing IPv6 peering with cogent. We've got a
> > Gig
[SNIP] 
> We have separate v4 and v6 sessions with them on the same dual-stack
> interface (a v4 /29 and v6 /112 on the interface).  One session is
> between our v4 address and theirs, and carries v4 prefixes only.  Then
> another session between v6 addresses that carries v6 prefixes only.

IPv6 newbie alert!

I thought the maximum prefix length for IPv6 was 64 bits, so the comment about 
a v6 /112 for peering vexed me.  I have Googled so much that Larry Page called 
me and asked me to stop.

Can someone please point me to a resource that explains how IPv6 subnets larger 
than 64 bits function and how they would typically be used?

thanks,
Kelly
 

*** CONFIDENTIALITY NOTICE ***
This e-mail message and all attachments transmitted with it may
contain legally privileged and confidential information intended
solely for the use of the addressee. If the reader of this message
is not the intended recipient, you are hereby notified that any
reading, dissemination, distribution, copying, or other use of this
message or its attachments is strictly prohibited. If you have
received this message in error, please notify the sender
immediately and delete this message from your system. Thank you.

Re: Retraining "IT" on networking myths (the cloud to the rescue!)

[Michael Sinatra]

On 06/08/11 18:32, Jared Mauch wrote:


MYTHS:

TCP/53 is only for zone transfers ICMP is a security risk/ddos
avenue Internal networks must be secured with NAT A firewall is the
only way to secure the perimiter

In fact for IPv6, ICMP is more important vs less.  Firewalls
frequently harm and don't block data going out.  TCP/53 is needed for
EDNS.


tcp/53 is needed when EDNS is _not_ available and DNS message size 
exceeds 512 bytes.  UDP fragments are (sometimes) necessary for EDNS.


So, that adds to your MYTHS section:

Fragmented packets (like ICMP) are always a security risk and DDoS vector

michael

Re: Thank you Microsoft (and others)

[Ravi Pina]

We (Mozilla) intend to keep the properties[1] we enabled online 
and will continue to roll out to our entire infrastructure as it
permits.

We hit some vendor issues which prevented us from having a larger
showing, sadly.

-r

[1] http://www.mozilla.com/
http://www.mozilla.org/
http://wiki.mozilla.org/
https://addons.mozilla.org/



On Wed, Jun 08, 2011 at 09:20:12PM -0400, Jared Mauch wrote:
> I think it's important to thank Microsoft for leaving sites like xbox IPv6 
> enabled.  Hope many other participants leave it on as well.
> 
> I think it's a certain sign of the maturity of the protocol and networks at 
> this stage of the game.
> 
> I have observed some traffic step-down in the network, but it's not entirely 
> clear if it's lowered to levels pre-v6-day.
> 
> Looking forward to those sharing data at NANOG next week.  (I'm not convinced 
> the data I have is worth sharing, but will send it over to the nanogpc soon 
> enough..)
> 
> - Jared
> 
> On Jun 8, 2011, at 9:09 PM, Shahid Shafi wrote:
> 
> > I dont think ISOC dashboard is updating any more. Google is no longer
> > advertising  but dashboard still shows green and TTLs were short on
> > those records.
> 

Re: Thank you Microsoft (and others)

[Cameron Byrne]

Thanks to all the v6day participants on all sides of the net.  This has been
a great effort that will eventually be a precedent for all a major sites to
go dual stack with confidence as bugs are shaken out, access networks are
enabled,  and meaningful data is collected and processed.

Cb

PS. Special thanks to isoc and the core group that stuck their neck out to
make this happen.

Retraining "IT" on networking myths (the cloud to the rescue!)

[Jared Mauch]

On Jun 8, 2011, at 9:20 PM, Mark Andrews wrote:

> It's *never* been a good idea let alone a best idea however it was
> the only solution to a problem in the last millinium and really
> should only be deploy to protect those 20 year old boxes that still
> have that problem.
> 
> Way to much of security so called "best practice" isn't and actually
> has deterimental effects that outweigh any benifits.

I'm not sure the best way to fix this as there's all these common 
misconceptions about technology out there.

MYTHS:

TCP/53 is only for zone transfers
ICMP is a security risk/ddos avenue
Internal networks must be secured with NAT
A firewall is the only way to secure the perimiter

In fact for IPv6, ICMP is more important vs less.  Firewalls frequently harm 
and don't block data going out.  TCP/53 is needed for EDNS.  IPv6 doesn't have 
the concept of NAT, or at least not in the same way as people use 1918 space at 
home and in IT networks...

I'm not sure the best way to deal with this.  There's a lot of netadmins 
(perhaps myself included) that operate in a universe where they treat these 
items as fact, real and even on an audit-checklist.

When it comes to enabling IPv6 on your NOC or corporate network, how will they 
respond?  "Wait, they will have a globally routed IP address?  How do I NAT 
that?"

It does alter the environment of enforcing a security policy.  Then again with 
all this "cloud" stuff (should that read return to mainframe processing days?), 
it may not matter as much since what you're securing will be "in the cloud", a 
remote location that has a pre-existing security policy that meets whatever 
your standards are (FIPS, FISMA, the auditors, etc..)

- Jared

Re: Cogent & HE

[Patrick W. Gilmore]

On Jun 8, 2011, at 9:18 PM, Kevin Loch wrote:
> Richard A Steenbergen wrote:
>> On Wed, Jun 08, 2011 at 06:39:02PM -0400, Patrick W. Gilmore wrote:
>>> Yes, both refuse to buy transit, yes.  But HE is able, willing, and even 
>>> begging to peer; Cogent is not.  These are not "the same thing".
>> I'm ready, willing, and lets say for the purposes of this discussion begging 
>> to peer with every Tier 1, but some of them aren't willing to peer with me. 
>> Does that mean I should stop buying transit and blame them for my resulting 
>> lack of global reachability? 
> 
> Do you have half the routing table as your customer base?

No one does, most especially neither 174 nor 6369.  (Although GBL3 will be able 
to make a good stab at it if they don't shed too many customers 
post-integration.)

-- 
TTFN,
patrick

Re: World of Warcraft may begin using IPv6 on Tuesday

[Mark Andrews]

In message 
, Ray Soucy 
writes:
> Just grabbed the Trial and tested it.
> 
> Verified that IPv6 is used for World of Warcraft on the Antonidas
> server.  It works pretty well actually.
> 
> I see they replicated their practice of dropping all ICMP traffic for
> IPv6.  Not sure that's the best idea.

It's *never* been a good idea let alone a best idea however it was
the only solution to a problem in the last millinium and really
should only be deploy to protect those 20 year old boxes that still
have that problem.

Way to much of security so called "best practice" isn't and actually
has deterimental effects that outweigh any benifits.

Mark

> Anyone know if they plan to leave it working now and possibly expand
> it too all their servers?
> 
> Ray
> 
> On Wed, Jun 8, 2011 at 6:33 AM, Frank Bulk  wrote:
> > More here: http://ipv6.blizzard.com/
> >
> > =A0 =A0 =A0 =A0To test IPv6 in World of Warcraft, you'll need to edit you=
> r
> > =A0 =A0 =A0 =A0config.wtf file and add the following line:
> >
> > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0SET unlockIPv6 "1"
> >
> > =A0 =A0 =A0 =A0This will activate the IPv6 features. If your computer has
> > =A0 =A0 =A0 =A0a valid IPv6 address, you'll be able to check the "Enable
> > =A0 =A0 =A0 =A0IPv6" checkbox from the Network options in the World of
> > =A0 =A0 =A0 =A0Warcraft client. Once in the game, you'll be able to see
> > =A0 =A0 =A0 =A0which type of connection the client has made to the realms
> > =A0 =A0 =A0 =A0next to the latency information.
> >
> > Frank
> >
> > -Original Message-
> > From: Kevin Day [mailto:toa...@dragondata.com]
> > Sent: Saturday, April 23, 2011 1:10 PM
> > To: NANOG list
> > Subject: World of Warcraft may begin using IPv6 on Tuesday
> >
> >
> > For those that don't know, World of Warcraft is currently the largest onl=
> ine
> > role playing game, with somewhere over 12 million subscribers.
> >
> > Version 4.1 of the game is expected to be released this Tuesday, which wi=
> ll
> > be automatically pushed to all clients. The current Beta version of 4.1 h=
> as
> > full IPv6 support. In the beta, it's automatically enabled if you have
> > native IPv6 (non-6to4, non-Teredo). While Blizzard has been pretty silent
> > about this, barring a last minute revert or delay of this patch, there ar=
> e
> > suddenly going to be a bunch more users that can potentially use IPv6. An=
> d
> > these users are the type who are going to be especially sensitive to
> > latency, jitter and packet loss, since this is a real-time game platform.
> >
> > For those of you with Help Desks who have to support users like this, the
> > associated setting in the game's Options menu is apparently called "Enabl=
> e
> > IPv6 when available". It's apparently grayed out if you do not have IPv6 =
> at
> > all, unchecked by default if you are on 6to4 or Teredo, and checked by
> > default if you are on native v6. The tooltip says: "Enables the use of IP=
> v6,
> > the technology behind the next-generation Internet. Requires IPv6
> > connectivity to the internet. Checking this box without IPv6 connectivity
> > may prevent you from playing WoW."
> >
> > Anyone from Activision/Blizzard who would like to chime in with more
> > details? :)
> >
> > -- Kevin
> >
> >
> >
> >
> 
> 
> 
> --=20
> Ray Soucy
> 
> Epic Communications Specialist
> 
> Phone: +1 (207) 561-3526
> 
> Networkmaine, a Unit of the University of Maine System
> http://www.networkmaine.net/
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org

Thank you Microsoft (and others)

[Jared Mauch]

I think it's important to thank Microsoft for leaving sites like xbox IPv6 
enabled.  Hope many other participants leave it on as well.

I think it's a certain sign of the maturity of the protocol and networks at 
this stage of the game.

I have observed some traffic step-down in the network, but it's not entirely 
clear if it's lowered to levels pre-v6-day.

Looking forward to those sharing data at NANOG next week.  (I'm not convinced 
the data I have is worth sharing, but will send it over to the nanogpc soon 
enough..)

- Jared

On Jun 8, 2011, at 9:09 PM, Shahid Shafi wrote:

> I dont think ISOC dashboard is updating any more. Google is no longer
> advertising  but dashboard still shows green and TTLs were short on
> those records.

Re: Cogent & HE

[Kevin Loch]

Richard A Steenbergen wrote:

On Wed, Jun 08, 2011 at 06:39:02PM -0400, Patrick W. Gilmore wrote:
Yes, both refuse to buy transit, yes.  But HE is able, willing, and 
even begging to peer; Cogent is not.  These are not "the same thing".


I'm ready, willing, and lets say for the purposes of this discussion 
begging to peer with every Tier 1, but some of them aren't willing to 
peer with me. Does that mean I should stop buying transit and blame them 
for my resulting lack of global reachability? 


Do you have half the routing table as your customer base?

- Kevin

Re: IPv6 day non-participants

[Shahid Shafi]

I dont think ISOC dashboard is updating any more. Google is no longer
advertising  but dashboard still shows green and TTLs were short on
those records.

\\

; <<>> DiG 9.6.0-APPLE-P2 <<>> www.google.com in 
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15535
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.google.com.IN

;; ANSWER SECTION:
www.google.com.588628INCNAMEwww.l.google.com.

;; Query time: 191 msec
;; SERVER: 2620:0:ccc::2#53(2620:0:ccc::2)
;; WHEN: Wed Jun  8 18:08:38 2011
;; MSG SIZE  rcvd: 52



On Wed, Jun 8, 2011 at 5:16 PM, George B.  wrote:

> On Wed, Jun 8, 2011 at 4:31 PM, Jorge Amodio  wrote:
> >>> So if you are using a Netscaler with SLB-PT (IPv6 VIP balancing to
> >>> IPv4 servers), the entire LB is subject to stop working until they get
> >>> this fixed.
> >>
> >> And this is EXACTLY why we needed World IPv6 Day.
> >
> > Agreed, right on the money !!
> >
> > Traffic stats may not say a lot yet due to tunnels and lack of native
> > IPv6 connectivity but finding this type of bugs is a major reason to
> > do live tests, even if the test fails.
>
> Well, we are still attempting to recreate the problem.  It isn't
> something as simple as someone coming in over a tunnel with a small
> MTU with a larger advertised MSS.  There is some "magic" that must
> happen to actually put the unit in this state.  We ran for 9 hours
> before and 9 hours after the hiccup without any problems.
>
> So it is going to take a while before we are ready to test this again
> live.  The sooner I can recreate the problem, the better, though.
>
>

Re: Cogent IPv6

[Owen DeLong]

On Jun 8, 2011, at 7:18 AM, r...@u13.net wrote:

> On Wed, 8 Jun 2011 09:51:21 -0400, Nick Olsen wrote:
> 
>> I'm sure someone here is doing IPv6 peering with cogent. We've got a Gig
>> 
>> with them, So they don't do that dual peering thing with us. (They do it
>> on
>> another 100Mb/s circuit we have... I despise it.)
>> Just kind of curious how they go about it.
>> Do they issue you a small IPv6 block for your interface, just like they
>> do
>> for IPv4? Is it a separate session? Any things to be aware of before
>> pulling the trigger on it? (Other then them not having connectivity to
>> HE's
>> IPv6 side of things, Wish they would fix that already...)
>> 
>> Nick Olsen
>> Network Operations (855) FLSPEED x106
> 
> We have separate v4 and v6 sessions with them on the same dual-stack 
> interface (a v4 /29 and v6 /112 on the interface).  One session is between 
> our v4 address and theirs, and carries v4 prefixes only.  Then another 
> session between v6 addresses that carries v6 prefixes only.

That's really the best way to do dual stack peering anyway.

Keeps things much cleaner.

Owen

Re: IPv6 day fun is beginning!

[Victor Kuarsingh]

Sent from my iPad

On 2011-06-08, at 5:09 AM, Joel Jaeggli  wrote:

> 
> On Jun 7, 2011, at 5:32 PM, Jay Ashworth wrote:
> 
>> - Original Message -
>>> From: "Matt Ryanczak" 
>> 
>>> Indeed. Verizon LTE is v6 enabled but the user-agent on my phone
>>> denies me an IPv6 experience.
>> 
>> I thought I'd heard that LTE transport was *IPv6 only*...
> 
> you may have but it's wrong.  lte supports ipv4 ipv6 and dual stack contexts.
> 

Correct.  The bearer service (connection perceived by user) can be IPv4-only, 
IPv6-only or dual stack for LTE (more correctly - the Evolved Packet System).

The actual transport (mobile nodes talking to each other conducting signaling 
and tunneling customer traffic) can be IPv4 and/or IPv6.

Regards,

Victor K



>> Cheers,
>> -- jra
>> -- 
>> Jay R. Ashworth  Baylink   
>> j...@baylink.com
>> Designer The Things I Think   RFC 
>> 2100
>> Ashworth & Associates http://baylink.pitas.com 2000 Land Rover 
>> DII
>> St Petersburg FL USA  http://photo.imageinc.us +1 727 647 
>> 1274
>> 
> 
> 

Re: Cogent & HE

[Patrick W. Gilmore]

On Jun 8, 2011, at 7:05 PM, Richard A Steenbergen wrote:
> On Wed, Jun 08, 2011 at 06:39:02PM -0400, Patrick W. Gilmore wrote:
>> 
>> Yes, both refuse to buy transit, yes.  But HE is able, willing, and 
>> even begging to peer; Cogent is not.  These are not "the same thing".
> 
> I'm ready, willing, and lets say for the purposes of this discussion 
> begging to peer with every Tier 1, but some of them aren't willing to 
> peer with me. Does that mean I should stop buying transit and blame them 
> for my resulting lack of global reachability? If I could convince my 
> customers to accept that line of bullshit it would certainly reduce my 
> transit costs, but I have a sneaking suspicion they wouldn't. :)

Your statement and mine are not in contradiction.  I did not say anywhere that 
HE was perfect, only that they are not the same thing.  I stand by what I said. 
 You care to argue the point?

Also, HE is _giving away_ v6 transit.  You don't like it, stop paying your 
bill. :)

Put another way, you don't like how both are acting, then don't buy from 
either.  Why not just peer with both.  Oh, wait, that's right, you can't peer 
with Cogent, but HE is happy to bring up sessions for the cost of a single 
e-mail, and dump (their version of) full v6 routes to you.

Yeah, Richard, totally the same thing


> Ultimately it is the responsibility of everyone who connects to the 
> Internet to make sure they are, you know, actually connected to the 
> Internet. Choosing not to do so and then throwing up your hands and 
> saying "oh I can't help it, they won't peer with me" is not a valid 
> excuse, at least not in my book or the book of anyone who pays me money 
> to deliver their packets. And this isn't even a case of not being ABLE 
> to buy sufficient capacity via a transit path (ala Comcast), this is 
> just two networks who have mutually decided two remain partitioned from 
> each other in the pursuit of long term strategic advantage. Ultimately 
> both parties share responsibility for this issue, and you can't escape 
> that just because you have a tube of icing and some spare time. :)

Things are a bit more complex than that.

You can't simply say "if someone won't peer with you, you must buy transit".  
Otherwise, Cogent would be the only tier one left, since they care about their 
customers less than anyone else.  This is not good for me or the Internet, and 
I refuse to support it.


>> On the flip side, HE is an open peer, even to their own customers, and 
>> _gives away_ free v6 transit.  Taking their free transit & complaining 
>> that they do not buy capacity to Cogent seems more than silly.  Plus, 
>> they are doing that I think is in my best interest as a customer - 
>> open peering.  Trying to make them the bad guy here seems counter 
>> intuitive.
> 
> I know you're not naive enough to think that HE is giving away free IPv6 
> transit purely out of the kindness of their heart. They're doing it to 
> bulk up their IPv6 customer base, so they can compete with larger 
> networks like Cogent, and make a play for Tier 1-dom in exactly the same 
> way that Cogent has done with IPv4. And more power to them for it, it 
> may well be a smart long term strategic move on their part, but with 
> every wannabe Tier 1 network comes partitioning and peering disputes, as 
> they try to trade short term customer pain for long term advantages.

Of course.  The question is not: "Is $COMPANY acting in $COMPANY's best 
interest?"  The answer to that is: Duh.

The question is: "Which $COMPANY's best interests more closely align with 
mine?"  If you have the slightest doubt here, you are highly confused.


> Sorry to all the HE guys, but trying to simultaniously complain about 
> your treatment at the hands of other networks and their peering disputes 
> while emulating their actions is bullshit and you know it. :)

We disagree.  See the first paragraph in this post, HE is not emulating Cogent, 
Telecom Italia, etc.

You are bitching about both HE & Cogent.  If I were paying either for v6 
transit, I would bitch too.  But I am not paying HE - no one is! - and they 
_are_ doing things differently than Cogent.  So why not support the one whose 
long term interests both best fit mine and the Internet's?  (Plus, to be 
honest, I have a lot more faith in Mike & Martin to continue doing what's best 
for me & the Internet than Dave.  And by "a lot more", I mean something on the 
order of "more than 50%" vs. "less than 0.01%".)

-- 
TTFN,
patrick

Re: IPv6 day fun is beginning!

[c...@daydream.com]

>
> Leslie Daigle and Vint Cerf are on the News Hour tonight about World IPv6
> Day.  Watch it if you get a chance.  They did a great job!
>

CJ

Re: IPv6 day non-participants

[George B.]

On Wed, Jun 8, 2011 at 4:31 PM, Jorge Amodio  wrote:
>>> So if you are using a Netscaler with SLB-PT (IPv6 VIP balancing to
>>> IPv4 servers), the entire LB is subject to stop working until they get
>>> this fixed.
>>
>> And this is EXACTLY why we needed World IPv6 Day.
>
> Agreed, right on the money !!
>
> Traffic stats may not say a lot yet due to tunnels and lack of native
> IPv6 connectivity but finding this type of bugs is a major reason to
> do live tests, even if the test fails.

Well, we are still attempting to recreate the problem.  It isn't
something as simple as someone coming in over a tunnel with a small
MTU with a larger advertised MSS.  There is some "magic" that must
happen to actually put the unit in this state.  We ran for 9 hours
before and 9 hours after the hiccup without any problems.

So it is going to take a while before we are ready to test this again
live.  The sooner I can recreate the problem, the better, though.

Re: FreeBSD is initiating IPv6-only validation work [IPv6-only Systems]

[Bjoern A . Zeeb]

On Jun 6, 2011, at 4:14 PM, Cameron Byrne wrote:

Hi,

I wrote that reply the hour your email came in, but didn't want
to send this out earlier to not distract people too much.

> FreeBSD is initiating IPv6-only validation work

I think that's a less scary topic to some readers so I put it into
subject. I hope you don't mind.


> http://www.prweb.com/releases/2011/6/prweb8529718.htm
> 
> My own testing of the Windows 7 shows that, at it's core, it works
> well as IPv6-only for most "web & email" functions. Layering on
> applications like Skype, things start to fall apart.

Well, that really depends on what you are doing and targeting.

I have seen plugins crash a browser if there was no IPv4 anymore,
I have seen timekeeping software to log me an error every few minutes,
I have seen "v6ready certified" multifunction devices to force me to
pretend to print before being able to scan,  I have seen content
scanners falling over, network monitoring tools, web servers not
being ready, yadda yadda yadda.

I have seen a lot of confusing error messages when v4 was tried after
v6 and that hid the actual error messages making debugging a hell.

As an open source person, for example, I could imagine to see every out
of the almost 300k open source projects sf.net is hosting and which do
networking to eventually just work .. well say the more common ones of
them.  I'd love to see s much perl stuff to just work with IPv6,
I'd love software updates of my backup software, that worked well
without IPv4, not to break because the new major version *oops* is
still missing parts of the IPv6 code, jdk to not trouble anymore, 

It's the software that runs in enterprises, SMBs, at ISPs, that is used
with the little tools that if failing put you into blind flying and ruin
your week, ...

I have spent some good time the last 6 months chasing some of these
things and not unsurprisingly some other things worked fairly great
out of the box.   But I also have a list of things to fix still
and I am sure we'll find more the more people are actually looking.

Note well -- this is different to "just no IPv4 address" which still
allows you to still do certain things on AF_INET sockets. This is
returning "Protocol not supported" in that case instead and that really
triggers another series of problems.

Also note well that all these things worked in dual-stack (almost)
flawlessly and we don't want to motivate end users to go IPv6-only at
this point (the much fun it would be;).  It's you people who'll force
them to eventually.  It's embedded folks that want it already in addition
to your mobile world.

Once you stop targeting the top-100 websites and what your parents or
children do and forget about that single voice/chat/file sharing program,
but look at things that run the world these days it's getting more
interesting;-)

I am sure we'll get there, as we are trying to get users and content onto
dual-stack currently, but I don't want us to be there in only another
15 years. Thus starting early, as you and others have done, is the key.

Given the huge number of FreeBSD based things that ``run the Internet'',
and unsurprisingly end users, I hope that it'll help the commercial
vendors, protocol developers, app writers, QA, ... as well to have their
or rather your gear, the daemons, upper layer protocols, etc. working
flawlessly w/o legacy-IP for when the time comes that others want to
reduce mgmt costs and complexity and be able to say "no inet4" as well.

This is the beginning of the journey, and we'll hopefully continue
to head straight into the direction of "done, just works" to be able
to tick that checkbox off soon;)

Regards,
Bjoern

-- 
A lot of the this June 8th World IPv6 Day verbiage was about picking the
right color, not so much for the bikeshed of finally putting IPv6 into
use, but it was hopefully a redpill day for some bluepill people./bz

Re: IPv6 day non-participants

[Jorge Amodio]

>> So if you are using a Netscaler with SLB-PT (IPv6 VIP balancing to
>> IPv4 servers), the entire LB is subject to stop working until they get
>> this fixed.
>
> And this is EXACTLY why we needed World IPv6 Day.

Agreed, right on the money !!

Traffic stats may not say a lot yet due to tunnels and lack of native
IPv6 connectivity but finding this type of bugs is a major reason to
do live tests, even if the test fails.

Next one ? a month seems to be too soon, I guess there is a lot of
useful data to crunch and analyze and fixes to do, but sure we need
more live IPv6 activity.

I think it would be cool if for the next one, some major broadband
access providers take IPv6 down to the end customer, and not just
commercial customers. I know that CPE could be an issue but we need to
reach that layer. It does not help that the test says that my machine
and browser are ready when in the middle I've a brick that won't
work..

Cheers
Jorge

Re: Cogent IPv6

[Ask Bjørn Hansen]

On Jun 8, 2011, at 6:51, Nick Olsen wrote:

> I'm sure someone here is doing IPv6 peering with cogent. We've got a Gig 
> with them, So they don't do that dual peering thing with us. (They do it on 
> another 100Mb/s circuit we have... I despise it.)
> Just kind of curious how they go about it.
> Do they issue you a small IPv6 block for your interface, just like they do 
> for IPv4? Is it a separate session?

Like Mark described, for us too they dropped the goofy dual-session thing for 
IPv4 so we just have an IPv4 and an IPv6 session now.

> Any things to be aware of before  pulling the trigger on it? (Other then them 
> not having connectivity to HE's  IPv6 side of things, Wish they would fix 
> that already...)

Yeah, there's that ...  (We have a couple other providers, too, so we don't 
really care but it's goofy).

Worse, for us, is that their router doesn't respond to neighbor discovery 
requests, so I had to make a static neighbor entry on our router for the 
session to come up.  Not very pretty.  I spent more than an hour on the phone 
with them and they didn't have any ideas (we have plenty other IPv6 sessions 
for transit and peering on the same router that are working fine).

Somewhere on the internets someone anecdotally told they had a Cisco router 
that did the same thing until it was rebooted.   Didn't bother calling them to 
tell them to reboot the router we are on.  :-)

Anyway, I guess the lesson is that they (like most providers, I am sure) don't 
have that much IPv6 experience and they didn't care that much that it didn't 
work right.  Hopefully that attitude will change over the next months.


  - ask

RE: Hotmail?

[Vinny Abello]

On Wed, 8 Jun 2011 01:27:57 -0400, Steve Spence wrote:
That  what I found with most the open source /Linux  mail  products  
that
customizing  and extending can be difficult and a lot of time and 
effort.
The  exchange is one of the easiest ways to roll out large scale web 
base

email  if just  expensive in upfront  costs.

Interns of Hotmail  they initially  use to use  Solaris for the MTA 
and
storage and FreeBSD for the web services ( Apache ) they suppose of 
migrated
windows by now using windows products Again I think this highly 
customize
solution which may not be very useful 
http://en.wikipedia.org/wiki/Hotmail


we went through a similar  search for a high volume  solution which 
we could

customize and brand  right now we using we high a hybrid of
(exchange/Icewarp/Atmail/ two layers  of spam filtering )


As far as commercial packages go, Surgemail is worth a look. Very 
affordable and insanely powerful and customizable. The support team is 
the development team. It's not uncommon for bugs to be fixed in hours to 
day and even new features requests to be added in days to weeks. Runs on 
practically any major OS you prefer...


-Vinny

Re: World IPv6 Only Day.

[fredrik danerklint]

Well, that's another problem.

To make a long story short, the network (not mine and I don't have any kind of 
control over that either) that my customers (including me) are using, did put 
in new equipment (a switch) over a year ago and after that I lost my IPv6 
connection that I had previously. That switch does not support IPv6 it turns 
out.

This is exactly the things that the customers really need to better understand 
and why it's not gonna work for them. 


You did miss a thing:

$ dig mx fredan.se 

;; ANSWER SECTION:
fredan.se.  3597IN  MX  10 mail.fredan.se.

;; ADDITIONAL SECTION:
mail.fredan.se. 3597IN  A   77.105.235.102
mail.fredan.se. 3597IN  2001:4db8:e001::2::17

So I do have a IPv6 connection but not to my customers.

> > How about that one?
> > 
> > (Please reply to the mailing list only)
> 
> You wouldn't be posting to the list... :-)
> 
> Received: from [77.105.232.43] (port=53699 helo=fredan-pc.localnet)
>   by mail.fredan.se with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256)
>   (Exim 4.71) (envelope-from)
>   id 1QURHg-0004ZJ-4d
>   for nanog@nanog.org; Thu, 09 Jun 2011 00:31:32 +0200

-- 
//fredan

Re: Cogent & HE

[Richard A Steenbergen]

On Wed, Jun 08, 2011 at 06:39:02PM -0400, Patrick W. Gilmore wrote:
> 
> Yes, both refuse to buy transit, yes.  But HE is able, willing, and 
> even begging to peer; Cogent is not.  These are not "the same thing".

I'm ready, willing, and lets say for the purposes of this discussion 
begging to peer with every Tier 1, but some of them aren't willing to 
peer with me. Does that mean I should stop buying transit and blame them 
for my resulting lack of global reachability? If I could convince my 
customers to accept that line of bullshit it would certainly reduce my 
transit costs, but I have a sneaking suspicion they wouldn't. :)

Ultimately it is the responsibility of everyone who connects to the 
Internet to make sure they are, you know, actually connected to the 
Internet. Choosing not to do so and then throwing up your hands and 
saying "oh I can't help it, they won't peer with me" is not a valid 
excuse, at least not in my book or the book of anyone who pays me money 
to deliver their packets. And this isn't even a case of not being ABLE 
to buy sufficient capacity via a transit path (ala Comcast), this is 
just two networks who have mutually decided two remain partitioned from 
each other in the pursuit of long term strategic advantage. Ultimately 
both parties share responsibility for this issue, and you can't escape 
that just because you have a tube of icing and some spare time. :)

> These are not the only two networks on the v6 Internet who are 
> bifurcated.  There are some in Europe I know of (e.g. Telecom Italia 
> refuses to buy v6 transit and refuses to peer with some networks), and 
> probably others.  The v6 'Net is _not_ ready for prime time, and won't 
> be until there is a financial incentive to stop the stupidity & ego 
> stroking.
> 
> The Internet is a business.  Vote with your wallet.  I prefer to buy 
> from people who do things that are in MY best interest.  Giving money 
> to Cogent will not put pressure on them peer with HE & Google & 
> everyone else - just the opposite.

Absolutely. This is just like any other IPv4 peering dispute, the only 
difference is IPv6 is so unimportant in the grand scheme of the Internet 
that there hasn't been enough external pressure from customers on either 
side to force a settlement. Shockingly, HE manages to buy plenty of IPv4 
transit to reach Cogent and many other networks, no doubt because they 
wouldn't have any (paying) customers if they didn't. :)

> On the flip side, HE is an open peer, even to their own customers, and 
> _gives away_ free v6 transit.  Taking their free transit & complaining 
> that they do not buy capacity to Cogent seems more than silly.  Plus, 
> they are doing that I think is in my best interest as a customer - 
> open peering.  Trying to make them the bad guy here seems counter 
> intuitive.

I know you're not naive enough to think that HE is giving away free IPv6 
transit purely out of the kindness of their heart. They're doing it to 
bulk up their IPv6 customer base, so they can compete with larger 
networks like Cogent, and make a play for Tier 1-dom in exactly the same 
way that Cogent has done with IPv4. And more power to them for it, it 
may well be a smart long term strategic move on their part, but with 
every wannabe Tier 1 network comes partitioning and peering disputes, as 
they try to trade short term customer pain for long term advantages.

Sorry to all the HE guys, but trying to simultaniously complain about 
your treatment at the hands of other networks and their peering disputes 
while emulating their actions is bullshit and you know it. :)

-- 
Richard A Steenbergenhttp://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)

Re: World IPv6 Only Day.

[Jeff Walter]

On 6/8/2011 3:31 PM, fredrik danerklint wrote:

How about that one?

(Please reply to the mailing list only)

You wouldn't be posting to the list... :-)

Received: from [77.105.232.43] (port=53699 helo=fredan-pc.localnet)
by mail.fredan.se with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256)
(Exim 4.71) (envelope-from)
id 1QURHg-0004ZJ-4d
for nanog@nanog.org; Thu, 09 Jun 2011 00:31:32 +0200


<>

Re: Cogent & HE

[Patrick W. Gilmore]

On Jun 8, 2011, at 4:05 PM, Richard A Steenbergen wrote:
> On Wed, Jun 08, 2011 at 07:48:42PM +, Brielle Bruns wrote:
>> Has been going on for a long while now.  HE even made a cake for 
>> Cogent (IIRC), to no avail.
>> 
>> But, this is not surprising.  A lot of public/major peering issues 
>> with v4 over the past few years has been cogent vs. someone else.
> 
> When two networks are not able to reach each other like this, it usually 
> requires the active willing participation of both parties to allow the 
> situation to continue. In this case, HE is doing *PRECISELY* the same 
> thing that Cogent is doing.

You are incorrect.

Yes, both refuse to buy transit, yes.  But HE is able, willing, and even 
begging to peer; Cogent is not.   These are not "the same thing".

Also, Cogent does not peer with Google either last time I checked.  There may 
be others for all I know.  (I don't buy transit from Cogent.)

These are not the only two networks on the v6 Internet who are bifurcated.  
There are some in Europe I know of (e.g. Telecom Italia refuses to buy v6 
transit and refuses to peer with some networks), and probably others.  The v6 
'Net is _not_ ready for prime time, and won't be until there is a financial 
incentive to stop the stupidity & ego stroking.

The Internet is a business.  Vote with your wallet.  I prefer to buy from 
people who do things that are in MY best interest.  Giving money to Cogent will 
not put pressure on them peer with HE & Google & everyone else - just the 
opposite.

On the flip side, HE is an open peer, even to their own customers, and _gives 
away_ free v6 transit.  Taking their free transit & complaining that they do 
not buy capacity to Cogent seems more than silly.  Plus, they are doing that I 
think is in my best interest as a customer - open peering.  Trying to make them 
the bad guy here seems counter intuitive.

-- 
TTFN,
patrick



> They're refusing to purchase transit, and 
> making the decision to intentionally not carry a full table or have 
> global reachability, in the hopes that it will strengthen their 
> strategic position for peering in the long term (i.e. they both want to 
> be an "IPv6 Tier 1").
> 
> I'm not making a judgement call about the rightness or wrongness of the 
> strategy (and after all, it clearly hasn't been THAT big of an issue 
> considering that it has been this way for MANY months), but to attempt 
> to "blame" one party for this issue is the height of absurdity. PR 
> stunts and cake baking not withstanding, they're both equally complicit.
> 
> -- 
> Richard A Steenbergenhttp://www.e-gerbil.net/ras
> GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
> 

World IPv6 Only Day.

[fredrik danerklint]

How about that one?

(Please reply to the mailing list only)
-- 
//fredan

Re: So... is it time to do IPv6 day monthy yet?

[Jay Ashworth]

- Original Message -
> From: "Mark Andrews" 

> > It certainly sounds like it might be.
> 
> I would do perhaps do one more then do "IPv6 TURN ON DAY" with the
> intent to *leave* the IPv6 enabled. The longer the content providers
> take to switch it on the bigger the switch on load will be. We
> still have a opportunity to ramp up IPv6 for the very big content
> providers.

I dunno; I can see why doing it in 24 hours chunks is useful, still.  But
I think that doing them substantially more frequently than annually 
increases markedly the chance that the people who Learned the Lessons will
still be there to *implement*.

And the responses so far suggest that this interim step might be a Pretty
Neat Idea.

Cheers,
-- jr 'shame Towel Day has passed already' a
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII
St Petersburg FL USA  http://photo.imageinc.us +1 727 647 1274

Re: IPv6 day non-participants

[David Israel]

On 6/8/2011 6:18 PM, Patrick W. Gilmore wrote:

On Jun 8, 2011, at 12:49 PM, George B. wrote:


Was participating until we hit a rather nasty load balancer bug that
took out the entire unit if clients with a short MTU connected and it
needed to fragment packets (Citrix Netscaler running latest code).  No
fix is available for it yet, so we had to shut it down.  Ran for about
9 hours before the "magic" client that blew it up connected.

So if you are using a Netscaler with SLB-PT (IPv6 VIP balancing to
IPv4 servers), the entire LB is subject to stop working until they get
this fixed.

And this is EXACTLY why we needed World IPv6 Day.


It is also probably why doing it again next month is too aggressive, and 
why we probably should have started doing them earlier.  I wonder how 
many bug reports got filed today?


-Dave

Re: IPv6 day non-participants

[Patrick W. Gilmore]

On Jun 8, 2011, at 12:49 PM, George B. wrote:

> Was participating until we hit a rather nasty load balancer bug that
> took out the entire unit if clients with a short MTU connected and it
> needed to fragment packets (Citrix Netscaler running latest code).  No
> fix is available for it yet, so we had to shut it down.  Ran for about
> 9 hours before the "magic" client that blew it up connected.
> 
> So if you are using a Netscaler with SLB-PT (IPv6 VIP balancing to
> IPv4 servers), the entire LB is subject to stop working until they get
> this fixed.

And this is EXACTLY why we needed World IPv6 Day.

Thank you for participating.

-- 
TTFN,
patrick

Re: So... is it time to do IPv6 day monthy yet?

[Mark Andrews]

In message <24415722.168.1307544055966.javamail.r...@benjamin.baylink.com>, Jay 
Ashworth writes:
> It certainly sounds like it might be.
> 
> Cheers,
> -- jra

I would do perhaps do one more then do "IPv6 TURN ON DAY" with the
intent to *leave* the IPv6 enabled.  The longer the content providers
take to switch it on the bigger the switch on load will be.  We
still have a opportunity to ramp up IPv6 for the very big content
providers.

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org

RE: Cogent & HE

[Paul Stewart]

For what it's worth, we have a number of IPv6 peers in place plus IPv6
transit from Level(3), HE, and TiNet. 

For downstream customers, we are currently exporting them 6250 prefixes on
IPv6.

>From TiNet we are getting 6168 prefixes
>From Level(3) we are getting 4933 prefixes
>From HE we are getting 5990 prefixes

Hope this helps a bit ;) 

-p

-Original Message-
From: jayha...@gmail.com [mailto:jayha...@gmail.com] On Behalf Of Jay Hanke
Sent: June-08-11 4:47 PM
To: Paul Stewart
Cc: Ken Chase; nanog@nanog.org
Subject: Re: Cogent & HE

On Wed, Jun 8, 2011 at 3:19 PM, Paul Stewart  wrote:
> Or peer with HE and buy transit from Cogent (or someone on Cogent's
friendly
> list) - this is where I think their strategy is going to go after a while
> with a lot of folks (if they have the option - that's the key).  HE will
> peer with anyone I believe - Cogent has much more stringent "tier1" rules
on
> peering.

How divided is the table? I see about 98 routes transiting Cogent ASN
via a HE connection. Customer has only has HE as v6 upstream. An
previous post listed about a 1300 prefix difference. That's pretty
significant unless it's due to aggregation or something. I'd also be
interested to see the size of the other major carriers v6 tables so I
can patch a whole until the other upstream is ready.

Jay

Re: IPv6 day fun is beginning!

[Joel Jaeggli]

On Jun 7, 2011, at 5:32 PM, Jay Ashworth wrote:

> - Original Message -
>> From: "Matt Ryanczak" 
> 
>> Indeed. Verizon LTE is v6 enabled but the user-agent on my phone
>> denies me an IPv6 experience.
> 
> I thought I'd heard that LTE transport was *IPv6 only*...

you may have but it's wrong.  lte supports ipv4 ipv6 and dual stack contexts.

> Cheers,
> -- jra
> -- 
> Jay R. Ashworth  Baylink   
> j...@baylink.com
> Designer The Things I Think   RFC 2100
> Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII
> St Petersburg FL USA  http://photo.imageinc.us +1 727 647 1274
> 

Re: Be aware of SLAAC adresses

[Jay Ashworth]

- Original Message -
> From: "Jérôme Nicolle" 
 
> Second, it's beeing a little too transparent as the MAC adress may
> reveal the server's manufacturer, approximate manufacturing tdate, or
> the network controler model. Some may use it as a clue to design a
> proper exploit...

Security by obscurity isn't *bad*, it's just one small component of a Defense
in Depth, still worth using if you can.  Necessary, but not sufficient.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII
St Petersburg FL USA  http://photo.imageinc.us +1 727 647 1274

Re: IPv6 day fun is beginning!

[Daniel Roesen]

On Wed, Jun 08, 2011 at 03:48:52PM -0400, Joly MacFie wrote:
> What seems evident, looking at
> http://asert.arbornetworks.com/2011/06/monitoring-world-ipv6-day/ is that a
> lot of folks switched it on - and then switched it off again pretty damn
> quick!

I'd attribute that spike to "people actively testing around for all
those participants actually working".

It was 2am +/- in the night in central europe (which has probably the
biggest IPv6 enabled eyeball population)... what do you expect?
Those who stayed up that late (I didn't) probably poked around at a
few sites, noticed nothing's blowing up in gross colors, and went to
bed. :-)

I'm not surprised at all about the pattern. I would have expected higher
amplitudes though, but given that major sites seem to deliver only
index.html via IPv6, not much of a surprise there as well.

Best regards,
Daniel

-- 
CLUE-RIPE -- Jabber: d...@cluenet.de -- dr@IRCnet -- PGP: 0xA85C8AA0

Youtube?

[Hank Nussbacher]

I am having issues with Youtube getting stuck in i2.ytimg.com - the page 
comes up, a black box for the video but then hangs on i1 or i2.ytimg.com 
on in Firefox - not IE).  IPv6 related?  I have tried via 2 different ISPs 
and all show the same black box.


-Hank

Re: Cogent & HE

[Jay Hanke]

On Wed, Jun 8, 2011 at 3:19 PM, Paul Stewart  wrote:
> Or peer with HE and buy transit from Cogent (or someone on Cogent's friendly
> list) - this is where I think their strategy is going to go after a while
> with a lot of folks (if they have the option - that's the key).  HE will
> peer with anyone I believe - Cogent has much more stringent "tier1" rules on
> peering.

How divided is the table? I see about 98 routes transiting Cogent ASN
via a HE connection. Customer has only has HE as v6 upstream. An
previous post listed about a 1300 prefix difference. That's pretty
significant unless it's due to aggregation or something. I'd also be
interested to see the size of the other major carriers v6 tables so I
can patch a whole until the other upstream is ready.

Jay

Re: AAAA on various websites, but they all forgot to enable them on their nameservers....

[Octavio Alvarez]

On Wed, 08 Jun 2011 02:28:40 -0700, Jeroen Massar  wrote:


It is really nice that folks where able to put  records on their
websites for only 24 hours, but they forgot to put in the glue on their
nameservers.

As such, for the folks testing IPv6-only, a lot of sites will fail
unless they use a recursor that does the IPv4 for them.


In fact. Although a website of mine worked flawlessly in a dual-stack
but it did NOT in an IPv6-only environment. Unfortunately, the problem
has to be fixed in the DNS provider, which though supporting 
records was enough to "support IPv6".

dig -6 +trace is our friend here.

--
Octavio.

Re: Cogent & HE

[Jack Bates]

On 6/8/2011 3:10 PM, Ken Chase wrote:


So we have to buy from BOTH HE and Cogent?! Sounds like market fixing to me! :/

Guess if we do we can advertise that on our webpage... "now with BOTH halves
of the ipv6 internets!"



No, you buy from the provider who doesn't get in disputes and peers with 
both of them. :)



Jack

RE: Cogent & HE

[Paul Stewart]

Or peer with HE and buy transit from Cogent (or someone on Cogent's friendly
list) - this is where I think their strategy is going to go after a while
with a lot of folks (if they have the option - that's the key).  HE will
peer with anyone I believe - Cogent has much more stringent "tier1" rules on
peering.

-p

-Original Message-
From: Ken Chase [mailto:k...@sizone.org] 
Sent: June-08-11 4:10 PM
To: nanog@nanog.org
Subject: Re: Cogent & HE

On Wed, Jun 08, 2011 at 03:05:05PM -0500, Richard A Steenbergen said:
  >global reachability, in the hopes that it will strengthen their 
  >strategic position for peering in the long term (i.e. they both want to 
  >be an "IPv6 Tier 1").
  >
  >I'm not making a judgement call about the rightness or wrongness of the 
  >strategy (and after all, it clearly hasn't been THAT big of an issue 
  >considering that it has been this way for MANY months), but to attempt 
  >to "blame" one party for this issue is the height of absurdity. PR 
  >stunts and cake baking not withstanding, they're both equally complicit.

So we have to buy from BOTH HE and Cogent?! Sounds like market fixing to me!
:/

Guess if we do we can advertise that on our webpage... "now with BOTH halves
of the ipv6 internets!"

/kc
-- 
Ken Chase - k...@heavycomputing.ca skype:kenchase23 +1 416 897 6284 Toronto
Canada
Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151
Front St. W.

Re: Cogent & HE

[Jared Mauch]

On Jun 8, 2011, at 4:10 PM, Ken Chase wrote:

> So we have to buy from BOTH HE and Cogent?! Sounds like market fixing to me! 
> :/
> 
> Guess if we do we can advertise that on our webpage... "now with BOTH halves
> of the ipv6 internets!"

Or neither.  There are other networks that carry a full IPv6 table.  If you are 
behind 174 or 6939 for IPv6 and have other transits, make sure you can use 
those ports as well for your IPv6 activities, even if you're just doing an 
internal trial.

- Jared

RE: Cogent & HE

[Paul Stewart]

Agree 100% - to make it simple and they can both achieve this "IPv6 Tier1
Status" why don't they just peer and then it's win/win.  I know I'm
oversimplifying it but nobody is winning in my opinion today.  The "peeing
contest" could probably be settled in a short period of time and move on.

My two cents worth...

-p


-Original Message-
From: Richard A Steenbergen [mailto:r...@e-gerbil.net] 
Sent: June-08-11 4:05 PM
To: Brielle Bruns
Cc: nanog@nanog.org
Subject: Re: Cogent & HE

On Wed, Jun 08, 2011 at 07:48:42PM +, Brielle Bruns wrote:
> Has been going on for a long while now.  HE even made a cake for 
> Cogent (IIRC), to no avail.
> 
> But, this is not surprising.  A lot of public/major peering issues 
> with v4 over the past few years has been cogent vs. someone else.

When two networks are not able to reach each other like this, it usually 
requires the active willing participation of both parties to allow the 
situation to continue. In this case, HE is doing *PRECISELY* the same 
thing that Cogent is doing. They're refusing to purchase transit, and 
making the decision to intentionally not carry a full table or have 
global reachability, in the hopes that it will strengthen their 
strategic position for peering in the long term (i.e. they both want to 
be an "IPv6 Tier 1").

I'm not making a judgement call about the rightness or wrongness of the 
strategy (and after all, it clearly hasn't been THAT big of an issue 
considering that it has been this way for MANY months), but to attempt 
to "blame" one party for this issue is the height of absurdity. PR 
stunts and cake baking not withstanding, they're both equally complicit.

-- 
Richard A Steenbergenhttp://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)

Re: Cogent & HE

[Jack Bates]

On 6/8/2011 3:05 PM, Richard A Steenbergen wrote:

I'm not making a judgement call about the rightness or wrongness of the
strategy (and after all, it clearly hasn't been THAT big of an issue
considering that it has been this way for MANY months), but to attempt
to "blame" one party for this issue is the height of absurdity. PR
stunts and cake baking not withstanding, they're both equally complicit.

 +1

Also looks like Level3 still hasn't peered with HE, though they have 
fixed their peering to google at least.



Jack

Re: IPv6 day fun is beginning!

[George B.]

On Wed, Jun 8, 2011 at 12:48 PM, Joly MacFie  wrote:
> What seems evident, looking at
> http://asert.arbornetworks.com/2011/06/monitoring-world-ipv6-day/ is that a
> lot of folks switched it on - and then switched it off again pretty damn
> quick!

Or ... folks switched it on and then it switched itself off again
pretty damn fast when their hardware blew up.

Either way would, though, match my experience.

Re: Cogent & HE

[Ken Chase]

On Wed, Jun 08, 2011 at 03:05:05PM -0500, Richard A Steenbergen said:
  >global reachability, in the hopes that it will strengthen their 
  >strategic position for peering in the long term (i.e. they both want to 
  >be an "IPv6 Tier 1").
  >
  >I'm not making a judgement call about the rightness or wrongness of the 
  >strategy (and after all, it clearly hasn't been THAT big of an issue 
  >considering that it has been this way for MANY months), but to attempt 
  >to "blame" one party for this issue is the height of absurdity. PR 
  >stunts and cake baking not withstanding, they're both equally complicit.

So we have to buy from BOTH HE and Cogent?! Sounds like market fixing to me! :/

Guess if we do we can advertise that on our webpage... "now with BOTH halves
of the ipv6 internets!"

/kc
-- 
Ken Chase - k...@heavycomputing.ca skype:kenchase23 +1 416 897 6284 Toronto 
Canada
Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front 
St. W.

Re: Cogent & HE

[Ken Chase]

On Wed, Jun 08, 2011 at 08:02:14PM +, Nathan Eisenberg said:
  >> Has been going on for a long while now.  HE even made a cake for Cogent
  >> (IIRC), to no avail.
  >
  >http://www.flickr.com/photos/77519640@N00/4031195041/

ObMeme[tm]: cake was a lie?

/kc
-- 
Ken Chase - k...@heavycomputing.ca skype:kenchase23 +1 416 897 6284 Toronto 
Canada
Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front 
St. W.

Re: Cogent & HE

[Richard A Steenbergen]

On Wed, Jun 08, 2011 at 07:48:42PM +, Brielle Bruns wrote:
> Has been going on for a long while now.  HE even made a cake for 
> Cogent (IIRC), to no avail.
> 
> But, this is not surprising.  A lot of public/major peering issues 
> with v4 over the past few years has been cogent vs. someone else.

When two networks are not able to reach each other like this, it usually 
requires the active willing participation of both parties to allow the 
situation to continue. In this case, HE is doing *PRECISELY* the same 
thing that Cogent is doing. They're refusing to purchase transit, and 
making the decision to intentionally not carry a full table or have 
global reachability, in the hopes that it will strengthen their 
strategic position for peering in the long term (i.e. they both want to 
be an "IPv6 Tier 1").

I'm not making a judgement call about the rightness or wrongness of the 
strategy (and after all, it clearly hasn't been THAT big of an issue 
considering that it has been this way for MANY months), but to attempt 
to "blame" one party for this issue is the height of absurdity. PR 
stunts and cake baking not withstanding, they're both equally complicit.

-- 
Richard A Steenbergenhttp://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)

RE: Cogent & HE

[Nathan Eisenberg]

> Has been going on for a long while now.  HE even made a cake for Cogent
> (IIRC), to no avail.

http://www.flickr.com/photos/77519640@N00/4031195041/

Re: Cogent & HE

[manny]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 6/8/11 3:48 PM, Brielle Bruns wrote:
> Has been going on for a long while now.  HE even made a cake for Cogent 
> (IIRC), to no avail.
> 
> But, this is not surprising.  A lot of public/major peering issues with v4 
> over the past few years has been cogent vs. someone else.
> 
> Brielle
> --Original Message--
> From: Dennis Burgess
> To: nanog@nanog.org
> Subject: Cogent & HE
> Sent: Jun 8, 2011 1:43 PM
> 
> Just noted that cogent does not have a IPv6 route to any subnet in HE,
> and HE does not have any routes to Cogent!  
> 
> Looks like we have different Global IPv6 tables?  Or does Cogent just
> NOT peer IPv6 peer with anyone else!  
> 
> Dennis
> 
> 
> 
You get what you pay for with Cogent YMMV
-BEGIN PGP SIGNATURE-
Version: GnuPG/MacGPG2 v2.0.12 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJN79U0AAoJEOcnyWxdB1Iro1IIAKxSFxPFbzQ3oTGwr6FR6MQ1
KIf0plsRJstmWmhygvXAwC3C9PUlBlaPqEc+KcI1frrMHNGb1fSmmQLRsxdQ22XX
KIrIHhaYf9W/03twyp5iVNmZLcYKLkDO8SvaW4K0z0KRbMrrIgCkvOeekE28hz7n
q/HTOpvvx+A1npS+wbvl3siIfrUSeXNVOhMm1/noA/VboFbaIhRQmRFh6ypHeZWg
u7hk32DsotWlzJOocSbDda3+MPF4HCCWCN8tKC2WMUybaz2Wp/YRMUeca4fkckmk
w37RVkuglrA3DwhfM+DihOQXoXYRFLMhiT4qb3+uwveolhyPA8q2YOdgLUo+qXA=
=h0uX
-END PGP SIGNATURE-

Re: Cogent & HE

[Fredrik Holmqvist / I2B]

On Wed, 8 Jun 2011 14:43:23 -0500, "Dennis Burgess"
 wrote:

Just noted that cogent does not have a IPv6 route to any subnet in HE,
and HE does not have any routes to Cogent!  


Looks like we have different Global IPv6 tables?  Or does Cogent just
NOT peer IPv6 peer with anyone else!  


Dennis


Hi.

There is some difference in prefix count between the two:

AS6939 6074
AS174  4787

These are prefixes announced to transitcustomer of both HE and Cogent.

--
Fredrik Holmqvist
I2B (Internet 2 Business)
070-740 5033

re: Cogent & HE

[Nick Olsen]

Correct, The only way around this currently is to peer with both cogent and 
HE.
If you have cogent, You can 6to4 w/BGP with HE. I would consider that just 
a patch for the problem. I would do it just for the reachablility. 

Nick Olsen
Network Operations (855) FLSPEED  x106


 From: "Dennis Burgess" 
Sent: Wednesday, June 08, 2011 3:45 PM
To: nanog@nanog.org
Subject: Cogent & HE

Just noted that cogent does not have a IPv6 route to any subnet in HE,
and HE does not have any routes to Cogent!  

Looks like we have different Global IPv6 tables?  Or does Cogent just
NOT peer IPv6 peer with anyone else!  

Dennis

Re: AAAA on various websites, but they all forgot to enable them on their nameservers....

[Igor Gashinsky]

On Wed, 8 Jun 2011, Jeroen Massar wrote:

:: It is really nice that folks where able to put  records on their
:: websites for only 24 hours, but they forgot to put in the glue on their
:: nameservers.
:: 
:: As such, for the folks testing IPv6-only, a lot of sites will fail
:: unless they use a recursor that does the IPv4 for them.

Speaking strictly for myself, we didn't "forget". First of all, 
that's not what World IPv6 Day was supposed to be about -- it's not about 
ipv6-only users, it's about dual-stacking content (if your ISP doesn't 
have enough ip's to dual-stack their recursive resolvers, you have 
bigger problems right now :) ).. 

Also, and more importantly, our data shows that 0.5% of the users can't 
resolve hostnames if we enabled  glue on all resolvers... And, before 
somebody asks, I don't have any data on what happends if you enable 
v6-glue to only 1 of your NS's though :)

-igor

Re: IPv6 day fun is beginning!

[Joly MacFie]

What seems evident, looking at
http://asert.arbornetworks.com/2011/06/monitoring-world-ipv6-day/ is that a
lot of folks switched it on - and then switched it off again pretty damn
quick!


-- 
---
Joly MacFie  218 565 9365 Skype:punkcast
WWWhatsup NYC - http://wwwhatsup.com
 http://pinstand.com - http://punkcast.com
 VP (Admin) - ISOC-NY - http://isoc-ny.org
--
-

Re: Cogent & HE

[Brielle Bruns]

Has been going on for a long while now.  HE even made a cake for Cogent (IIRC), 
to no avail.

But, this is not surprising.  A lot of public/major peering issues with v4 over 
the past few years has been cogent vs. someone else.

Brielle
--Original Message--
From: Dennis Burgess
To: nanog@nanog.org
Subject: Cogent & HE
Sent: Jun 8, 2011 1:43 PM

Just noted that cogent does not have a IPv6 route to any subnet in HE,
and HE does not have any routes to Cogent!  

Looks like we have different Global IPv6 tables?  Or does Cogent just
NOT peer IPv6 peer with anyone else!  

Dennis



-- 
Brielle Bruns
http://www.sosdg.org  /  http://www.ahbl.org

Re: Cogent & HE

[Seth Mattinen]

On 6/8/2011 12:43, Dennis Burgess wrote:
> Just noted that cogent does not have a IPv6 route to any subnet in HE,
> and HE does not have any routes to Cogent!  
> 
> Looks like we have different Global IPv6 tables?  Or does Cogent just
> NOT peer IPv6 peer with anyone else!  
> 

Cogent and HE don't talk anymore, so yeah, you're living in a
partitioned world if you only have Cogent. It's been this way for a while.

~Seth

Cogent & HE

[Dennis Burgess]

Just noted that cogent does not have a IPv6 route to any subnet in HE,
and HE does not have any routes to Cogent!  

Looks like we have different Global IPv6 tables?  Or does Cogent just
NOT peer IPv6 peer with anyone else!  

Dennis

Re: IPv6 day fun is beginning!

[Ryan Pavely]

Are you really on Cook Island in the Pacific or is your email headers 
date timezone string set incorrectly -1000.  Your message won't be read 
by me until tonight shortly after 12:19 am.  Sadly you'll miss IPv6 day :(





  Ryan Pavely
   Net Access Corporation
   http://www.nac.net/


On 6/9/2011 12:19 AM, Paul Graydon wrote:
I've done the same at home, HE tunnel for IPv6.  I've got a Linksys 
WRT54GL running DD-WRT so getting it set up was relatively straight 
forward though I really need to fix the automatic startup script 
that's misbehaving.
Work was another matter, one big headache, to the point where I'm 
wondering if something is interfering.  OpenBSD box running pf acts as 
a router for us, HE tunnel comes up easily and works fine from box. 
rtadvd starts advertising the network range and every machine in the 
office picked it up.  Briefly those workstations running Windows 7 in 
the office were able to use the tunnel (5 mins give or take).  From 
then on I could see outbound and inbound IPv6 traffic on the BSD box, 
but it never seemed to reach the workstations.  Tearing down, 
reconfiguring, checking out every guide under the sun, nothing worked 
:)  Gave up in the end, I'll tackle it later when I've got time to waste.
Would be nice if my $isp would sort out an IPv6 address range for us 
to use properly.


Paul


On 6/8/2011 1:40 AM, Jamie Bowden wrote:

Thanks to HE's tunnel broker service, I've got fully functional dual
stack at home (well, mostly, like most folks, VZ gives me a single
address and I live behind that with NATv4, but otherwise, I loves me
some FiOS) and yesterday went by for me without a hitch, including
accessing Facebook (I'd hear from the wife and kid really quickly if
they weren't working).  For a working tunnel, I put my DIR-825 as the
"DMZ" host behind the cheesy Actiontec router VZ requires, forward all
traffic with zero firewalling to it, and let the D-Link appliance handle
all my firewall needs (and it terminates my v6 tunnel obviously).  The
one thing I haven't quite figured out how to make it do (and maybe it's
just not capable) is use the /48 HE routes to me.  The box insists that
the internal interface be on the same subnet as the external, and it
hands out v6 addresses from that /64.

Jamie

-Original Message-
From: Jared Mauch [mailto:ja...@puck.nether.net]
Sent: Tuesday, June 07, 2011 7:15 PM
To: Iljitsch van Beijnum
Cc: NANOG list
Subject: Re: IPv6 day fun is beginning!


On Jun 7, 2011, at 7:13 PM, Iljitsch van Beijnum wrote:


www.facebook.com has  but doesn't load for me over IPv6, it does

for others though

If you go to www.v6.facebook.com it works, but it seems they have some
problem on their main site.  I am seeing some issues reaching them over
IPv6.

- Jared

Re: IPv6 day non-participants

[Griffiths, Chris]

The ISOC dashboard that Chris mentions is indeed accurate and up to date
from our perspective.  Comcast is definitely an active participant with
our website http://xfinity.comcast.net, which is live with a published
 and is IPv6 reachable.

Thanks
--
Chris Griffiths
Comcast Cable Communications, Inc.


On 6/8/11 12:16 PM, "Chris Grundemann"  wrote:

>ISOC has a red/green dashboard of individual (non)participants:
>http://www.worldipv6day.org/participant-websites/index.html
>
>Cheers,
>~Chris
>
>On Wed, Jun 8, 2011 at 09:59, James Harr  wrote:
>> I noticed that one of our vendors wasn't actually participating when
>> they very publicly put on their home page that they would. So I
>> queried the IPv6 day participation list to see who didn't have 's
>> for their listed website. It turned out to be around 9.5%
>>
>> Before you read the list, here's me shedding responsibility with a
>> list of caveats:
>> - The crappy perl script I am using might be broken. IE - it doesn't
>> think about "foo.com" vs "www.foo.com", HTTP redirection, or any of
>> that.
>> - The organizations in this list may have withdrawn because they found
>> out something was terribly broken.
>> - DNS caching may be skewing the results if the TTLs are long.
>>
>>  SNIP 
>> www.xiphiastec.com Xiphiastec
>> www.pir.orgPublic Interest Registry
>> www.exactabacus.comExact Abacus
>> www.comcast.netComcast
>> www.shazzlemail.comShazzle, LLC
>> www.bangzoom.com   Bangzoom Software Inc
>> www.mihostcgi.com  mihostcgi
>> www.unclesamnames.com  American Domain Names
>> opendns.comOpenDNS
>> www.mutali.rw  Mutali
>> townnews.com   TownNews
>> www.infoblox.com   Infoblox
>> www.ripplecom.net  Ripple Communications
>> www.agame.com  Spil Games
>> www.alexville.com  Alexville Games
>> www.hkirc.hk   Hong Kong Internet Registration
>>Corporation
>> www.hkdnr.hk   Hong Kong Domain Name Registration
>> www.buffalo.feb.govUnited States Office of Personnel
>>Management
>> www.cyberport.hk   Hong Kong Cyberport Management Ltd
>> www.catnix.com CATNIX
>> sucomo.com Sucomo OHG
>> www.mybrighthouse.com  BrightHouse Networks
>> www.it-in.ru   it-in
>> ivancorp.net   Ivanhoe-IT
>> www.forestdaleinc.org  Forestdale Inc
>> www.towerstream.comTowerstream
>> www.intuix.com Intuix LLC
>> suse.org   Novell Inc.
>> www.IronNails.com  IronNails Consultancy
>> www.orbitdiensten.com  Orbit-Diensten
>> madonnaradio.com   Voila
>> www.gov.bc.ca  Government of British Columbia
>> www.zte.com.cn ZTE Corporation
>> www.tamagawa.jpTamagawa Academy & University
>>
>>
>> --
>> ^[:wq^M
>>
>>
>
>
>
>-- 
>@ChrisGrundemann
>weblog.chrisgrundemann.com
>www.burningwiththebush.com
>www.theIPv6experts.net
>www.coisoc.org
>

Re: AAAA on various websites, but they all forgot to enable them on their nameservers....

[Jorge Amodio]

> ...yes, there is a serious lack of v6 enabled eyeballs.  But it's also
> not clear to me from Akamai's stats just how many of the sites they host
> are v6 enabled. 2? 12? 500?

True. I'll go back to their site and dig for more detailed info about
what those "hits" are actually hitting.

Regards
Jorge

Re: IPv6 day fun is beginning!

[Steven Bellovin]

On Jun 7, 2011, at 7:22 58PM,  
 wrote:

> No issues connecting to FB for me on IPv6 (both to www.v6.facebook.com and to 
> the  returned by www.facebook.com now).
> 
> Interesting (perhaps) side note - www.facebook.com has a , but 
> "facebook.com" does not.
> 
> Google / Youtube records are up and running nicely also.
> 
> J.

I was hoping for a v6 Google logo


--Steve Bellovin, https://www.cs.columbia.edu/~smb

Re: IPv6 day fun is beginning!

[Paul Graydon]

I've done the same at home, HE tunnel for IPv6.  I've got a Linksys 
WRT54GL running DD-WRT so getting it set up was relatively straight 
forward though I really need to fix the automatic startup script that's 
misbehaving.
Work was another matter, one big headache, to the point where I'm 
wondering if something is interfering.  OpenBSD box running pf acts as a 
router for us, HE tunnel comes up easily and works fine from box. rtadvd 
starts advertising the network range and every machine in the office 
picked it up.  Briefly those workstations running Windows 7 in the 
office were able to use the tunnel (5 mins give or take).  From then on 
I could see outbound and inbound IPv6 traffic on the BSD box, but it 
never seemed to reach the workstations.  Tearing down, reconfiguring, 
checking out every guide under the sun, nothing worked :)  Gave up in 
the end, I'll tackle it later when I've got time to waste.
Would be nice if my $isp would sort out an IPv6 address range for us to 
use properly.


Paul


On 6/8/2011 1:40 AM, Jamie Bowden wrote:

Thanks to HE's tunnel broker service, I've got fully functional dual
stack at home (well, mostly, like most folks, VZ gives me a single
address and I live behind that with NATv4, but otherwise, I loves me
some FiOS) and yesterday went by for me without a hitch, including
accessing Facebook (I'd hear from the wife and kid really quickly if
they weren't working).  For a working tunnel, I put my DIR-825 as the
"DMZ" host behind the cheesy Actiontec router VZ requires, forward all
traffic with zero firewalling to it, and let the D-Link appliance handle
all my firewall needs (and it terminates my v6 tunnel obviously).  The
one thing I haven't quite figured out how to make it do (and maybe it's
just not capable) is use the /48 HE routes to me.  The box insists that
the internal interface be on the same subnet as the external, and it
hands out v6 addresses from that /64.

Jamie

-Original Message-
From: Jared Mauch [mailto:ja...@puck.nether.net]
Sent: Tuesday, June 07, 2011 7:15 PM
To: Iljitsch van Beijnum
Cc: NANOG list
Subject: Re: IPv6 day fun is beginning!


On Jun 7, 2011, at 7:13 PM, Iljitsch van Beijnum wrote:


www.facebook.com has  but doesn't load for me over IPv6, it does

for others though

If you go to www.v6.facebook.com it works, but it seems they have some
problem on their main site.  I am seeing some issues reaching them over
IPv6.

- Jared

RE: AAAA on various websites, but they all forgot to enable them on their nameservers....

[Schiller, Heather A]

 

-Original Message-
From: Jorge Amodio [mailto:jmamo...@gmail.com] 
Sent: Wednesday, June 08, 2011 1:01 PM
To: Lucy Lynch
Cc: nanog@nanog.org
Subject: Re:  on various websites, but they all forgot to enable
them on their nameservers

>>> http://www.mrp.net/IPv6Day.html
>>
>> The web access column reflects access to internal content or just the

>> home page ?
>
> Mark's notes explain what he tested and clicking on any link shows the

> result of his diagnostics:
>
> http://www.mrp.net//IPv6Day_files/diagnostics/aol.com.html
>
> guessing he didn't do depth probes. Maybe you want to set something
up?

Thanks for the follow up. I noticed that the test only looks for the
html survey file. Just curious since other folks reported that some
content providers are serving the home page via IPv6 but other content
goes via IPv4. Still surprised that Akamai's numbers feel very low,
300+ hits per sec (worldwide) for one of the major CDN is not that
much IHMO, we really need more IPv6 eye-balls connecting.

-J


...yes, there is a serious lack of v6 enabled eyeballs.  But it's also
not clear to me from Akamai's stats just how many of the sites they host
are v6 enabled. 2? 12? 500?

 --heather

Re: IPv6 day non-participants

[Joly MacFie]

I notice that that page currently lists as http://www.bbc.co.uk/  as
unreachable via IPv4 ! ?

j

On Wed, Jun 8, 2011 at 12:16 PM, Chris Grundemann wrote:

> ISOC has a red/green dashboard of individual (non)participants:
> http://www.worldipv6day.org/participant-websites/index.html
>
> Cheers,
> ~Chris
>


-- 
---
Joly MacFie  218 565 9365 Skype:punkcast
WWWhatsup NYC - http://wwwhatsup.com
 http://pinstand.com - http://punkcast.com
 VP (Admin) - ISOC-NY - http://isoc-ny.org
--
-

Re: Microsoft's participation in World IPv6 day

[Daniel Roesen]

On Tue, Jun 07, 2011 at 08:25:59PM +, john.herb...@usc-bt.com wrote:
> Bill Woodcock [mailto:wo...@pch.net] spake:
> >http://support.microsoft.com/kb/2533454/
> >Uh...
> 
> This does rather assume that users can access Google/Bing (both IPv6
> day participants) to search for a solution to the problems they are
> experiencing, and then that they can actually access the KB article...

Given that support.microsoft.com is v4-only, the latter isn't the
problem.

Best regards,
Daniel

-- 
CLUE-RIPE -- Jabber: d...@cluenet.de -- dr@IRCnet -- PGP: 0xA85C8AA0

Re:Re: AAAA on various websites, but they all forgot to enable them on their nameservers.. (Jorge Amodio)(Lucy Lynch)

[Daniel Espejel]

>
>
> You shouldn't. The matter of the fact is that for al leats 24 hours users
> like you and me ... all we can reach the main Webpages for each participant
> in the ipv6 day.
>
> The idea is that this must be all in a transparent manner for the final
> users. If you have an IPv6 supported insfrastructure, then you can try
> http://ipv6.google.com and feel the "power" of IPv6.
>
> A HOSTSV6.TXT file is not prepared for today (nor as actually I know).
>
> The results for this day are expected to be a reference for further IPv6
> deployment and implementation in the near future.
>
> Best regards xD.
> --
>
> Message: 1
> Date: Wed, 8 Jun 2011 11:04:42 -0500
> From: Jorge Amodio 
> Subject: Re:  on various websites, but they all forgot to enable
>them on their nameservers
> To: Daniel Espejel 
> Cc: nanog@nanog.org
> Message-ID: 
> Content-Type: text/plain; charset=ISO-8859-1
>
> > The main objective for today is to access the web services, that's why
> you
> > can't reach a  record for a DNS query for a given NS server.
>
> So if there are no  records from where we ftp6 the HOSTSV6.TXT file ?
>
> -J
>
>
>
> --
>
> Message: 2
> Date: Wed, 8 Jun 2011 09:05:38 -0700 (PDT)
> From: Lucy Lynch 
> Subject: Re:  on various websites, but they all forgot to enable
>them on their nameservers
> To: Daniel Espejel 
> Cc: nanog@nanog.org
> Message-ID: 
> Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
>
> On Wed, 8 Jun 2011, Daniel Espejel wrote:
>
> > Hi.
> >
> > The main objective for today is to access the web services, that's why
> you
> > can't reach a  record for a DNS query for a given NS server.
>
> exactly - this site provides a nice service snapshot:
>
> http://www.mrp.net/IPv6Day.html
>
> >
> > ; <<>> DiG 9.5.1-P3 <<>> www.google.com 
> > ;; global options:  printcmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40029
> > ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 4
> >
> > ;; QUESTION SECTION:
> > ;www.google.com.IN
> >
> > ;; ANSWER SECTION:
> > www.google.com.532907INCNAMEwww.l.google.com.
> > www.l.google.com.150IN2001:4860:4002:802::1010
> >
> > ; <<>> DiG 9.5.1-P3 <<>> www.yahoo.com 
> > ;; global options:  printcmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60816
> > ;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 2, ADDITIONAL: 2
> >
> > ;; QUESTION SECTION:
> > ;www.yahoo.com.IN
> >
> > ;; ANSWER SECTION:
> > www.yahoo.com.284INCNAMEfpfd.wa1.b.yahoo.com.
> > fpfd.wa1.b.yahoo.com.6IN2001:4998:f00c:1fe::3001
> > fpfd.wa1.b.yahoo.com.6IN2001:4998:f011:1fe::3001
> > fpfd.wa1.b.yahoo.com.6IN2001:4998:f011:1fe::3000
> > fpfd.wa1.b.yahoo.com.6IN2001:4998:f00d:1fe::3001
> > fpfd.wa1.b.yahoo.com.6IN2001:4998:f00d:1fe::3000
> > fpfd.wa1.b.yahoo.com.6IN2001:4998:f00c:1fe::3000
> > ; <<>> DiG 9.5.1-P3 <<>> www.facebook.com 
> > ;; global options:  printcmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12079
> > ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
> >
> > ;; QUESTION SECTION:
> > ;www.facebook.com.IN
> >
> > ;; ANSWER SECTION:
> > www.facebook.com.8IN2620:0:1c00:0:face:b00c:0:1
> >
> >
> >
> > ; <<>> DiG 9.5.1-P3 <<>> www.unam.mx 
> > ;; global options:  printcmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42381
> > ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 5
> >
> > ;; QUESTION SECTION:
> > ;www.unam.mx.IN
> >
> > ;; ANSWER SECTION:
> > www.unam.mx.6031IN
>  2001:1218:1:6:d685:64ff:fec4:720b
> >
> > You see? there's a lot of IPv6 activity since a few weeks ago. xD
> >
>
-- 
*Daniel Espejel Pérez
*

Re: IPv6 day fun is beginning!

[Seth Mattinen]

On 6/8/11 1:29 AM, Neil Long wrote:
> 
> On 8 Jun 2011, at 02:13, TJ wrote:
> 
>> On Tue, Jun 7, 2011 at 21:04, Iljitsch van Beijnum
>> wrote:
>>
>>> On 8 jun 2011, at 2:31, TJ wrote:
>>>
 ... and Gmail, too ...
>>>
>>> imap.gmail.com only has IPv4, though.
>>>
>>
>> Good catch, applies to pop & smtp as well.  Baby steps, I guess?
>> /TJ
>>
> 
> Sadly, although I can connect over IPv6 to Gmail an email sent from
> within the browser to an IPv6-only address ( but also an MX) still
> gives the "DNS Error: DNS server returned answer with no data" message.
> 
> Transport is one thing but getting applications working with an IPv6
> world will take longer (not that it is that hard :-) )
> 


I've been doing IPv6 with SMTP and POP3/IMAP for quite a while now
without any magic tricks. In fact, I've found SMTP to be a far better
test in the early days since it's non-interactive and invisible to the
customer if it took time to fall back to IPv4.

~Seth

Re: World of Warcraft may begin using IPv6 on Tuesday

[Ray Soucy]

Just grabbed the Trial and tested it.

Verified that IPv6 is used for World of Warcraft on the Antonidas
server.  It works pretty well actually.

I see they replicated their practice of dropping all ICMP traffic for
IPv6.  Not sure that's the best idea.

Anyone know if they plan to leave it working now and possibly expand
it too all their servers?

Ray

On Wed, Jun 8, 2011 at 6:33 AM, Frank Bulk  wrote:
> More here: http://ipv6.blizzard.com/
>
>        To test IPv6 in World of Warcraft, you'll need to edit your
>        config.wtf file and add the following line:
>
>                SET unlockIPv6 "1"
>
>        This will activate the IPv6 features. If your computer has
>        a valid IPv6 address, you'll be able to check the "Enable
>        IPv6" checkbox from the Network options in the World of
>        Warcraft client. Once in the game, you'll be able to see
>        which type of connection the client has made to the realms
>        next to the latency information.
>
> Frank
>
> -Original Message-
> From: Kevin Day [mailto:toa...@dragondata.com]
> Sent: Saturday, April 23, 2011 1:10 PM
> To: NANOG list
> Subject: World of Warcraft may begin using IPv6 on Tuesday
>
>
> For those that don't know, World of Warcraft is currently the largest online
> role playing game, with somewhere over 12 million subscribers.
>
> Version 4.1 of the game is expected to be released this Tuesday, which will
> be automatically pushed to all clients. The current Beta version of 4.1 has
> full IPv6 support. In the beta, it's automatically enabled if you have
> native IPv6 (non-6to4, non-Teredo). While Blizzard has been pretty silent
> about this, barring a last minute revert or delay of this patch, there are
> suddenly going to be a bunch more users that can potentially use IPv6. And
> these users are the type who are going to be especially sensitive to
> latency, jitter and packet loss, since this is a real-time game platform.
>
> For those of you with Help Desks who have to support users like this, the
> associated setting in the game's Options menu is apparently called "Enable
> IPv6 when available". It's apparently grayed out if you do not have IPv6 at
> all, unchecked by default if you are on 6to4 or Teredo, and checked by
> default if you are on native v6. The tooltip says: "Enables the use of IPv6,
> the technology behind the next-generation Internet. Requires IPv6
> connectivity to the internet. Checking this box without IPv6 connectivity
> may prevent you from playing WoW."
>
> Anyone from Activision/Blizzard who would like to chime in with more
> details? :)
>
> -- Kevin
>
>
>
>



-- 
Ray Soucy

Epic Communications Specialist

Phone: +1 (207) 561-3526

Networkmaine, a Unit of the University of Maine System
http://www.networkmaine.net/

Re: AAAA on various websites, but they all forgot to enable them on their nameservers....

[Jorge Amodio]

>>> http://www.mrp.net/IPv6Day.html
>>
>> The web access column reflects access to internal content or just the
>> home page ?
>
> Mark's notes explain what he tested and clicking on any link shows
> the result of his diagnostics:
>
> http://www.mrp.net//IPv6Day_files/diagnostics/aol.com.html
>
> guessing he didn't do depth probes. Maybe you want to set something up?

Thanks for the follow up. I noticed that the test only looks for the
html survey file. Just curious since other folks reported that some
content providers are serving the home page via IPv6 but other content
goes via IPv4. Still surprised that Akamai's numbers feel very low,
300+ hits per sec (worldwide) for one of the major CDN is not that
much IHMO, we really need more IPv6 eye-balls connecting.

-J

Re: IPv6 day non-participants

[George B.]

Was participating until we hit a rather nasty load balancer bug that
took out the entire unit if clients with a short MTU connected and it
needed to fragment packets (Citrix Netscaler running latest code).  No
fix is available for it yet, so we had to shut it down.  Ran for about
9 hours before the "magic" client that blew it up connected.

So if you are using a Netscaler with SLB-PT (IPv6 VIP balancing to
IPv4 servers), the entire LB is subject to stop working until they get
this fixed.

RE: IPv6 day non-participants

[Matt Frazer]

The list of TownNews domains participating can be found here:

http://www.townnews365.com/ipv6/

> ahwatukee.com
> alpineavalanche.com
> anchoragepress.com
> aransaspassprogress.com
> argus-press.com
> auburnpub.com
> azdailysun.com
> banderabulletin.com
> beatricedailysun.com
> belgrade-news.com
> bigbeargrizzly.net
> billingsgazette.com
> bismarcktribune.com
> bloxcms-ny1.com
> bloxcms.com
> boernestar.com
> bonnercountydailybee.com
> bonnersferryherald.com
> bozemandailychronicle.com
> breezejmu.org
> cameronherald.com
> camplejeuneglobe.com
> carrollcountytimes.com
> casperjournal.com
> cdapress.com
> cdapressextra.com
> chetekalert.com
> chieftain.com
> chippewa.com
> citizen.com
> coastreportonline.com
> codyenterprise.com
> colletontoday.com
> coloradocountycitizen.com
> columbiabasinherald.com
> columbustelegram.com
> coronadonewsca.com
> cumberlink.com
> dailyjournalonline.com
> dailyleader.com
> dailyrecordnews.com
> dailytoreador.com
> democratherald.com
> doaneline.com
> douglas-budget.com
> eastvalleytribune.com
> elgincourier.com
> elkodaily.com
> enterprise-journal.com
> explorernews.com
> farmandranchguide.com
> flatheadnewsgroup.com
> florala.net
> fltimes.com
> forest-blade.com
> fortcampbellcourier.com
> fortstocktonpioneer.com
> fremonttribune.com
> fromthevine.info
> ftleetraveller.com
> gazettetimes.com
> gettysburgtimes.com
> glendalestar.com
> globegazette.com
> goac.com
> gonzalesinquirer.com
> gvnews.com
> hanfordsentinel.com
> helenair.com
> herald-review.com
> heraldextra.com
> hillcountrynews.com
> hmbreview.com
> houstonherald.com
> huskerextra.com
> huskerfootball.com
> iberianet.com
> idahopress.com
> illelections.com
> imperialbeachnewsca.com
> indianapolisrecorder.com
> insidetucsonbusiness.com
> iowastatedaily.com
> jg-tc.com
> journalnet.com
> journalreview.com
> journalstar.com
> journaltimes.com
> katytimes.com
> keepmecurrent.com
> kokomoperspective.com
> lacrossetribune.com
> lakeexpo.com
> leaderadvertiser.com
> leadertelegram.com
> lebanon-express.com
> leecmstraining.com
> leetemplates.com
> livingstonparishnews.com
> lodinews.com
> lompocrecord.com
> lonepeaklookout.com
> loyolaphoenix.com
> madisonvillemeteor.com
> magiccitymagazine.com
> magicvalley.com
> magnoliareporter.com
> marlindemocrat.com
> maysville-online.com
> messenger-index.com
> midwestproducer.com
> minnesotafarmguide.com
> mississippilink.com
> missoulian.com
> mountain-news.com
> mtstandard.com
> murrayledger.com
> muscatinejournal.com
> mycaldwellcounty.com
> mycarrollcountynews.com
> mynwmo.com
> napavalleyregister.com
> navasotaexaminer.com
> nctimes.com
> newjerseyhills.com
> news-expressky.com
> news-graphic.com
> norfolknavyflagship.com
> nwitimes.com
> nwmissourinews.com
> ourcoloradonews.com
> outdoornews.com
> ozarkcountytimes.com
> pantagraph.com
> peoriatimes.com
> portlavacawave.com
> poststar.com
> pressofatlanticcity.com
> priestrivertimes.com
> qctimes.com
> rapidcityjournal.com
> ravallirepublic.com
> riverfloodwatch.com
> rrdailyherald.com
> rrobserver.com
> salamancapress.com
> santamariatimes.com
> savvyshopperdeals.com
> scene262.com
> sealynews.com
> seasidesignal.com
> shoshonenewspress.com
> siouxcityjournal.com
> statehornet.com
> syvnews.com
> taylordailypress.net
> tdn.com
> terrelltribune.com
> tetonvalleynews.net
> the-standard.org
> thechiefleader.com
> thecountrytoday.com
> theeaglepost.us
> thegardenisland.com
> thehuttonews.com
> theorion.com
> theprairiestar.com
> therandolphleader.com
> theroyalregister.com
> thesouthern.com
> thetandd.com
> thevindicator.com
> thewesternnews.com
> thewetumpkaherald.com
> theworldlink.com
> tipofyourfingers.com
> townnews-cms.com
> townnews365.com
> trib.com
> tristate-media.com
> tristateneighbor.com
> utownnews.com
> uvaldeleadernews.com
> voiceoftheironrange.com
> vp-mi.com
> wcfcourier.com
> wereadnatrona.com
> westyellowstonenews.com
> winonadailynews.com
> yourwestvalley.com


-mjf


-Original Message-
From: James Harr [mailto:james.h...@gmail.com] 
Sent: Wednesday, June 08, 2011 12:00 PM
To: nanog
Subject: IPv6 day non-participants

I noticed that one of our vendors wasn't actually participating when
they very publicly put on their home page that they would. So I
queried the IPv6 day participation list to see who didn't have 's
for their listed website. It turned out to be around 9.5%

Before you read the list, here's me shedding responsibility with a
list of caveats:
- The crappy perl script I am using might be broken. IE - it doesn't
think about "foo.com" vs "www.foo.com", HTTP redirection, or any of
that.
- The organizations in this list may have withdrawn because they found
out something was terribly broken.
- DNS caching may be skewing the results if the TTLs are long.

 SNIP 

RE: IPv6 day non-participants

[Matt Frazer]

The list of TownNews domains participating can be found here:

http://www.townnews365.com/ipv6/

-mjf


-Original Message-
From: James Harr [mailto:james.h...@gmail.com] 
Sent: Wednesday, June 08, 2011 12:00 PM
To: nanog
Subject: IPv6 day non-participants

I noticed that one of our vendors wasn't actually participating when
they very publicly put on their home page that they would. So I
queried the IPv6 day participation list to see who didn't have 's
for their listed website. It turned out to be around 9.5%

Before you read the list, here's me shedding responsibility with a
list of caveats:
- The crappy perl script I am using might be broken. IE - it doesn't
think about "foo.com" vs "www.foo.com", HTTP redirection, or any of
that.
- The organizations in this list may have withdrawn because they found
out something was terribly broken.
- DNS caching may be skewing the results if the TTLs are long.

 SNIP 

Re: www.nist.gov over v6 trouble Was: Microsoft's participation in World IPv6 day

[Jeroen Massar]

On 2011-Jun-08 17:26, STARNES, CURTIS wrote:
> Typical long trip via a sixxs.net tunnel. Unlike Hurricane Electric
> (tunnelbroker.net), Sixxs has no US peering that I know of so
> everything has to hit overseas before returning back.

psst.. there is no such thing as "SixXS peering".

Each PoP (http://www.sixxs.net/pops/) is provided by an ISP and that ISP
arranges all the routing. As such, it depends on that ISP how the
routing goes.

But it is always a pleasure to see that people think that SixXS is
equivalent to a full commercial ISP with 24/7 staffing instead of the
two-man hobby project that it truly is ;)

Of course, in case of problems etc don't hesitate to use
http://www.sixxs.net/contact/ and provide the appropriate details so
that they can be relayed to the relevant people. Yes, there is a mail
queue, unfortunately there is also real work to be done, thus can't
resolve the complaint of every single person.

Greets,
 Jeroen

Re: AAAA on various websites, but they all forgot to enable them on their nameservers....

[Lucy Lynch]

On Wed, 8 Jun 2011, Jorge Amodio wrote:


http://www.mrp.net/IPv6Day.html


The web access column reflects access to internal content or just the
home page ?


Mark's notes explain what he tested and clicking on any link shows
the result of his diagnostics:

http://www.mrp.net//IPv6Day_files/diagnostics/aol.com.html

guessing he didn't do depth probes. Maybe you want to set something up?

- Lucy


-J

Re: IPv6 day non-participants

[Chris Grundemann]

ISOC has a red/green dashboard of individual (non)participants:
http://www.worldipv6day.org/participant-websites/index.html

Cheers,
~Chris

On Wed, Jun 8, 2011 at 09:59, James Harr  wrote:
> I noticed that one of our vendors wasn't actually participating when
> they very publicly put on their home page that they would. So I
> queried the IPv6 day participation list to see who didn't have 's
> for their listed website. It turned out to be around 9.5%
>
> Before you read the list, here's me shedding responsibility with a
> list of caveats:
> - The crappy perl script I am using might be broken. IE - it doesn't
> think about "foo.com" vs "www.foo.com", HTTP redirection, or any of
> that.
> - The organizations in this list may have withdrawn because they found
> out something was terribly broken.
> - DNS caching may be skewing the results if the TTLs are long.
>
>  SNIP 
> www.xiphiastec.com             Xiphiastec
> www.pir.org                    Public Interest Registry
> www.exactabacus.com            Exact Abacus
> www.comcast.net                Comcast
> www.shazzlemail.com            Shazzle, LLC
> www.bangzoom.com               Bangzoom Software Inc
> www.mihostcgi.com              mihostcgi
> www.unclesamnames.com          American Domain Names
> opendns.com                    OpenDNS
> www.mutali.rw                  Mutali
> townnews.com                   TownNews
> www.infoblox.com               Infoblox
> www.ripplecom.net              Ripple Communications
> www.agame.com                  Spil Games
> www.alexville.com              Alexville Games
> www.hkirc.hk                   Hong Kong Internet Registration Corporation
> www.hkdnr.hk                   Hong Kong Domain Name Registration
> www.buffalo.feb.gov            United States Office of Personnel Management
> www.cyberport.hk               Hong Kong Cyberport Management Ltd
> www.catnix.com                 CATNIX
> sucomo.com                     Sucomo OHG
> www.mybrighthouse.com          BrightHouse Networks
> www.it-in.ru                   it-in
> ivancorp.net                   Ivanhoe-IT
> www.forestdaleinc.org          Forestdale Inc
> www.towerstream.com            Towerstream
> www.intuix.com                 Intuix LLC
> suse.org                       Novell Inc.
> www.IronNails.com              IronNails Consultancy
> www.orbitdiensten.com          Orbit-Diensten
> madonnaradio.com               Voila
> www.gov.bc.ca                  Government of British Columbia
> www.zte.com.cn                 ZTE Corporation
> www.tamagawa.jp                Tamagawa Academy & University
>
>
> --
> ^[:wq^M
>
>



-- 
@ChrisGrundemann
weblog.chrisgrundemann.com
www.burningwiththebush.com
www.theIPv6experts.net
www.coisoc.org

RE: So... is it time to do IPv6 day monthy yet?

[Dennis Burgess]

Sounds good to me.

---
Dennis Burgess, Mikrotik Certified Trainer 
Link Technologies, Inc -- Mikrotik & WISP Support Services
Office: 314-735-0270 Website: http://www.linktechs.net
LIVE On-Line Mikrotik Training - Author of "Learn RouterOS"


-Original Message-
From: Leo Bicknell [mailto:bickn...@ufp.org] 
Sent: Wednesday, June 08, 2011 10:46 AM
To: NANOG
Subject: Re: So... is it time to do IPv6 day monthy yet?

In a message written on Wed, Jun 08, 2011 at 10:40:56AM -0400, Jay
Ashworth wrote:
> It certainly sounds like it might be.

Why not just leave it on?

-- 
   Leo Bicknell - bickn...@ufp.org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/

Re: AAAA on various websites, but they all forgot to enable them on their nameservers....

[Jorge Amodio]

> http://www.mrp.net/IPv6Day.html

The web access column reflects access to internal content or just the
home page ?

-J

Re: Microsoft's participation in World IPv6 day

[Valdis . Kletnieks]

On Tue, 07 Jun 2011 20:47:43 PDT, Owen DeLong said:

> For all but the most inept of access providers, they will have some ability
> to put customers on IPv6 prior to the day they would have to deploy LSN.

The cynic in me says that guarantees widespread deployment of LSN. :)


pgpfiixYhziVp.pgp
Description: PGP signature

Re: AAAA on various websites, but they all forgot to enable them on their nameservers....

[Lucy Lynch]

On Wed, 8 Jun 2011, Daniel Espejel wrote:


Hi.

The main objective for today is to access the web services, that's why you
can't reach a  record for a DNS query for a given NS server.


exactly - this site provides a nice service snapshot:

http://www.mrp.net/IPv6Day.html



; <<>> DiG 9.5.1-P3 <<>> www.google.com 
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40029
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 4

;; QUESTION SECTION:
;www.google.com.IN

;; ANSWER SECTION:
www.google.com.532907INCNAMEwww.l.google.com.
www.l.google.com.150IN2001:4860:4002:802::1010

; <<>> DiG 9.5.1-P3 <<>> www.yahoo.com 
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60816
;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.yahoo.com.IN

;; ANSWER SECTION:
www.yahoo.com.284INCNAMEfpfd.wa1.b.yahoo.com.
fpfd.wa1.b.yahoo.com.6IN2001:4998:f00c:1fe::3001
fpfd.wa1.b.yahoo.com.6IN2001:4998:f011:1fe::3001
fpfd.wa1.b.yahoo.com.6IN2001:4998:f011:1fe::3000
fpfd.wa1.b.yahoo.com.6IN2001:4998:f00d:1fe::3001
fpfd.wa1.b.yahoo.com.6IN2001:4998:f00d:1fe::3000
fpfd.wa1.b.yahoo.com.6IN2001:4998:f00c:1fe::3000
; <<>> DiG 9.5.1-P3 <<>> www.facebook.com 
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12079
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.facebook.com.IN

;; ANSWER SECTION:
www.facebook.com.8IN2620:0:1c00:0:face:b00c:0:1



; <<>> DiG 9.5.1-P3 <<>> www.unam.mx 
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42381
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 5

;; QUESTION SECTION:
;www.unam.mx.IN

;; ANSWER SECTION:
www.unam.mx.6031IN2001:1218:1:6:d685:64ff:fec4:720b

You see? there's a lot of IPv6 activity since a few weeks ago. xD




--


Message: 1
Date: Wed, 08 Jun 2011 11:28:40 +0200
From: Jeroen Massar 
Subject:  on various websites, but they all forgot to enable them
   on theirnameservers
To: nanog 
Message-ID: <4def40c8.3020...@unfix.org>
Content-Type: text/plain; charset=ISO-8859-1

It is really nice that folks where able to put  records on their
websites for only 24 hours, but they forgot to put in the glue on their
nameservers.

As such, for the folks testing IPv6-only, a lot of sites will fail
unless they use a recursor that does the IPv4 for them.

The root is there, .com does it mostly too (well, a+b have IPv6), but
most sites don't. Thus maybe that can be done next year on the next IPv6
day? :)

At least one step closer, now lets hope that sites also keep that IPv6
address there.

Greets,
 Jeroen

--

$ dig @d.gtld-servers.net ns1.google.com 

; <<>> DiG 9.7.3 <<>> @d.gtld-servers.net ns1.google.com 
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16030
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 4
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;ns1.google.com.IN  

;; AUTHORITY SECTION:
google.com. 172800  IN  NS  ns2.google.com.
google.com. 172800  IN  NS  ns1.google.com.
google.com. 172800  IN  NS  ns3.google.com.
google.com. 172800  IN  NS  ns4.google.com.

;; ADDITIONAL SECTION:
ns2.google.com. 172800  IN  A   216.239.34.10
ns1.google.com. 172800  IN  A   216.239.32.10
ns3.google.com. 172800  IN  A   216.239.36.10
ns4.google.com. 172800  IN  A   216.239.38.10

;; Query time: 123 msec
;; SERVER: 192.31.80.30#53(192.31.80.30)
;; WHEN: Wed Jun  8 11:26:35 2011
;; MSG SIZE  rcvd: 164

$ dig @d.gtld-servers.net ns1.cisco.com 

; <<>> DiG 9.7.3 <<>> @d.gtld-servers.net ns1.cisco.com 
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55271
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;ns1.cisco.com. IN  

;; AUTHORITY SECTION:
cisco.com.  172800  IN  NS  ns1.cisco.com.
cisco.com.  172800  IN  NS  ns2.cisco.com.

;; ADDITIONAL SECTION:
ns1.cisco.com.  172800  IN  A   128.107.241.185
ns2.cisco.com.  172800  IN  A   64.102.255.44

;; Query time: 126 

Re: AAAA on various websites, but they all forgot to enable them on their nameservers....

[Jorge Amodio]

> The main objective for today is to access the web services, that's why you
> can't reach a  record for a DNS query for a given NS server.

So if there are no  records from where we ftp6 the HOSTSV6.TXT file ?

-J

IPv6 day non-participants

[James Harr]

I noticed that one of our vendors wasn't actually participating when
they very publicly put on their home page that they would. So I
queried the IPv6 day participation list to see who didn't have 's
for their listed website. It turned out to be around 9.5%

Before you read the list, here's me shedding responsibility with a
list of caveats:
- The crappy perl script I am using might be broken. IE - it doesn't
think about "foo.com" vs "www.foo.com", HTTP redirection, or any of
that.
- The organizations in this list may have withdrawn because they found
out something was terribly broken.
- DNS caching may be skewing the results if the TTLs are long.

 SNIP 
www.xiphiastec.com Xiphiastec
www.pir.orgPublic Interest Registry
www.exactabacus.comExact Abacus
www.comcast.netComcast
www.shazzlemail.comShazzle, LLC
www.bangzoom.com   Bangzoom Software Inc
www.mihostcgi.com  mihostcgi
www.unclesamnames.com  American Domain Names
opendns.comOpenDNS
www.mutali.rw  Mutali
townnews.com   TownNews
www.infoblox.com   Infoblox
www.ripplecom.net  Ripple Communications
www.agame.com  Spil Games
www.alexville.com  Alexville Games
www.hkirc.hk   Hong Kong Internet Registration Corporation
www.hkdnr.hk   Hong Kong Domain Name Registration
www.buffalo.feb.govUnited States Office of Personnel Management
www.cyberport.hk   Hong Kong Cyberport Management Ltd
www.catnix.com CATNIX
sucomo.com Sucomo OHG
www.mybrighthouse.com  BrightHouse Networks
www.it-in.ru   it-in
ivancorp.net   Ivanhoe-IT
www.forestdaleinc.org  Forestdale Inc
www.towerstream.comTowerstream
www.intuix.com Intuix LLC
suse.org   Novell Inc.
www.IronNails.com  IronNails Consultancy
www.orbitdiensten.com  Orbit-Diensten
madonnaradio.com   Voila
www.gov.bc.ca  Government of British Columbia
www.zte.com.cn ZTE Corporation
www.tamagawa.jpTamagawa Academy & University


-- 
^[:wq^M

Re: AAAA on various websites, but they all forgot to enable them on their nameservers....

[Daniel Espejel]

Hi.

The main objective for today is to access the web services, that's why you
can't reach a  record for a DNS query for a given NS server.


; <<>> DiG 9.5.1-P3 <<>> www.google.com 
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40029
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 4

;; QUESTION SECTION:
;www.google.com.IN

;; ANSWER SECTION:
www.google.com.532907INCNAMEwww.l.google.com.
www.l.google.com.150IN2001:4860:4002:802::1010

; <<>> DiG 9.5.1-P3 <<>> www.yahoo.com 
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60816
;; flags: qr rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.yahoo.com.IN

;; ANSWER SECTION:
www.yahoo.com.284INCNAMEfpfd.wa1.b.yahoo.com.
fpfd.wa1.b.yahoo.com.6IN2001:4998:f00c:1fe::3001
fpfd.wa1.b.yahoo.com.6IN2001:4998:f011:1fe::3001
fpfd.wa1.b.yahoo.com.6IN2001:4998:f011:1fe::3000
fpfd.wa1.b.yahoo.com.6IN2001:4998:f00d:1fe::3001
fpfd.wa1.b.yahoo.com.6IN2001:4998:f00d:1fe::3000
fpfd.wa1.b.yahoo.com.6IN2001:4998:f00c:1fe::3000
; <<>> DiG 9.5.1-P3 <<>> www.facebook.com 
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12079
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.facebook.com.IN

;; ANSWER SECTION:
www.facebook.com.8IN2620:0:1c00:0:face:b00c:0:1



; <<>> DiG 9.5.1-P3 <<>> www.unam.mx 
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42381
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 5

;; QUESTION SECTION:
;www.unam.mx.IN

;; ANSWER SECTION:
www.unam.mx.6031IN2001:1218:1:6:d685:64ff:fec4:720b

You see? there's a lot of IPv6 activity since a few weeks ago. xD




--
>
> Message: 1
> Date: Wed, 08 Jun 2011 11:28:40 +0200
> From: Jeroen Massar 
> Subject:  on various websites, but they all forgot to enable them
>on theirnameservers
> To: nanog 
> Message-ID: <4def40c8.3020...@unfix.org>
> Content-Type: text/plain; charset=ISO-8859-1
>
> It is really nice that folks where able to put  records on their
> websites for only 24 hours, but they forgot to put in the glue on their
> nameservers.
>
> As such, for the folks testing IPv6-only, a lot of sites will fail
> unless they use a recursor that does the IPv4 for them.
>
> The root is there, .com does it mostly too (well, a+b have IPv6), but
> most sites don't. Thus maybe that can be done next year on the next IPv6
> day? :)
>
> At least one step closer, now lets hope that sites also keep that IPv6
> address there.
>
> Greets,
>  Jeroen
>
> --
>
> $ dig @d.gtld-servers.net ns1.google.com 
>
> ; <<>> DiG 9.7.3 <<>> @d.gtld-servers.net ns1.google.com 
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16030
> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 4
> ;; WARNING: recursion requested but not available
>
> ;; QUESTION SECTION:
> ;ns1.google.com.IN  
>
> ;; AUTHORITY SECTION:
> google.com. 172800  IN  NS  ns2.google.com.
> google.com. 172800  IN  NS  ns1.google.com.
> google.com. 172800  IN  NS  ns3.google.com.
> google.com. 172800  IN  NS  ns4.google.com.
>
> ;; ADDITIONAL SECTION:
> ns2.google.com. 172800  IN  A   216.239.34.10
> ns1.google.com. 172800  IN  A   216.239.32.10
> ns3.google.com. 172800  IN  A   216.239.36.10
> ns4.google.com. 172800  IN  A   216.239.38.10
>
> ;; Query time: 123 msec
> ;; SERVER: 192.31.80.30#53(192.31.80.30)
> ;; WHEN: Wed Jun  8 11:26:35 2011
> ;; MSG SIZE  rcvd: 164
>
> $ dig @d.gtld-servers.net ns1.cisco.com 
>
> ; <<>> DiG 9.7.3 <<>> @d.gtld-servers.net ns1.cisco.com 
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55271
> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2
> ;; WARNING: recursion requested but not available
>
> ;; QUESTION SECTION:
> ;ns1.cisco.com. IN  
>
> ;; AUTHORITY SECTION:
> cisco.com.  172800  IN  NS  ns1.cisco.com.
> cisco.com.  172800  IN  NS  ns2.cisco.com.
>
> ;; ADDITIONAL SECTION:
> ns1.cisco.com.  172800  IN  A   128.107.241.185
> ns2.cisco.com.  172800  IN  A   64.102.255.44
>
> ;; Query tim

Re: So... is it time to do IPv6 day monthy yet?

[Leo Bicknell]

In a message written on Wed, Jun 08, 2011 at 10:40:56AM -0400, Jay Ashworth 
wrote:
> It certainly sounds like it might be.

Why not just leave it on?

-- 
   Leo Bicknell - bickn...@ufp.org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/


pgpIjcDqkdO3d.pgp
Description: PGP signature

Re: www.nist.gov over v6 trouble Was: Microsoft's participation in World IPv6 day

[Neil Long]

On 8 Jun 2011, at 16:30, Jay Ford wrote:


On Wed, 8 Jun 2011, Neil Long wrote:

Top of the page it says (now, may have been added)
"Note: This top level web page has been setup to test IPv6  
capabilities and to participate in World IPv6 Day on June 8, 2011.  
This IPv6 web page will be disabled after the end of World IPv6  
Day. Links on this page do not work. This is a copy of the NIST  
website, www.nist.gov, and is only reachable using the IPv6 network  
protocol. To access the entire NIST website, you must use the IPv4  
network protocol."


Yeah, at least they said what they did, but they seem to have a
misunderstanding of how dual-stack clients will use the www.nist.gov  


record.  The result is that they've broken access to their content.


Jay Ford, Network Engineering Group, Information Technology Services
University of Iowa, Iowa City, IA 52242
email: jay-f...@uiowa.edu, phone: 319-335-, fax: 319-335-2951




Oh yes. I fail to see the logic and usefulness of doing that to a web  
site but it is a scientific experiment :-)


Cheers
Neil.

--
Neil Long, Team Cymru
http://www.cymru.com | +1 630 230 5422 | n...@cymru.com






smime.p7s
Description: S/MIME cryptographic signature

Re: www.nist.gov over v6 trouble Was: Microsoft's participation in World IPv6 day

[Christopher Morrow]

On Wed, Jun 8, 2011 at 11:34 AM, Rob V  wrote:
> Interesting ... I seem to stay in North America ... I guess it depends what
> POP you connect to?
>
> traceroute6 to nist.gov (2610:20:6060:aa::a66b) from
> 2001:4978::fe67:cafa, 64 hops max, 12 byte packets
>  1  2001:::1  1.147 ms  0.461 ms  0.413 ms
>  2  gw-525.chi-02.us.sixxs.net  30.235 ms  30.380 ms  30.256 ms
>  3  sixxs.ge-0.0.0-30.core1.chi.bb6.your.org  109.226 ms  29.622 ms  30.270
> ms
>  4  gige-g2-19.core1.chi1.he.net  31.716 ms  31.157 ms  40.147 ms
>  5  10gigabitethernet7-2.core1.nyc4.he.net  47.923 ms  56.877 ms  48.230 ms
>  6  2001:504:f::64  49.124 ms  51.467 ms  50.701 ms
>  7  2600:803:22f::2  63.797 ms  73.429 ms  63.938 ms
>  8  2600:803:22f::2  62.129 ms  68.801 ms  62.511 ms
>  9  2610:20:6060:aa::a66b  59.465 ms  76.910 ms  70.083 ms


 3  gige-g4-12.core1.ash1.he.net (2001:470:0:90::1)  12.26 ms  6.847
ms  14.985 ms
 4  eqx.br6.iad8.verizonbusiness.com (2001:504:0:2::701:1)  7.385 ms
7.783 ms  7.463 ms

he and 701 seem to peer? (judging by hostname on the PTR at least) so
HE, probably does better than sixxs at least for 701 destinations. (of
which nist appears to be one)

>
> -Original Message-
> From: STARNES, CURTIS [mailto:curtis.star...@granburyisd.org]
> Sent: June-08-11 11:27 AM
> To: Christopher Morrow; David Swafford
> Cc: nanog@nanog.org; do-webmas...@nist.gov
> Subject: RE: www.nist.gov over v6 trouble Was: Microsoft's participation in
> World IPv6 day
>
> Typical long trip via a sixxs.net tunnel.
> Unlike Hurricane Electric (tunnelbroker.net), Sixxs has no US peering that I
> know of so everything has to hit overseas before returning back.
>
> Curtis.
>
> -Original Message-
> From: Christopher Morrow [mailto:morrowc.li...@gmail.com]
> Sent: Wednesday, June 08, 2011 10:19 AM
> To: David Swafford
> Cc: nanog@nanog.org; do-webmas...@nist.gov
> Subject: Re: www.nist.gov over v6 trouble Was: Microsoft's participation in
> World IPv6 day
>
> On Wed, Jun 8, 2011 at 6:33 AM, David Swafford 
> wrote:
>> Interesting, I'm having that same issue w/ www.nist.gov this morning.
>> Front page loads fine, but all links return a 404.   Here's my tracert
>> if it
>> helps:
>>
>> tracert www.nist.gov
>> Tracing route to nist.gov [2610:20:6060:aa::a66b] over a maximum of 30
>> hops:
>>  1    <1 ms    <1 ms    <1 ms  2001:1938:2a7::1
>>  2    85 ms    87 ms    84 ms
>> gw-383.phx-01.us.sixxs.net[2001:1938:81:17e::1]
>
> phoenix, az,us
>
>>  3    92 ms    99 ms    86 ms  2001:4de0:1000:a4::1
>>  4    98 ms    87 ms    90 ms
>> 1-3.ipv6.r1.ph.hwng.net[2001:4de0:1000:27::2]
>>  5   136 ms   140 ms   131 ms
>> 3-2.ipv6.r1.at.hwng.net[2001:4de0:1000:15::1]
>>  6   167 ms   167 ms   175 ms
>> 2-1.ipv6.r2.dc.hwng.net[2001:4de0:1000:7::1]
>
> wash-dc, usa
>
>>  7   246 ms   253 ms   245 ms
>> 5-4.ipv6.r2.am.hwng.net[2001:4de0:1000:5::1]
>
> amsterdam, nl! (you seem to have bypassed NIST here...)
>
>>  8   248 ms   247 ms   247 ms
>> AMS-IX.v6.lambdanet.net[2001:7f8:1::a501:3237:1]
>>  9   265 ms   267 ms   265 ms
>> FRA-1-pos413.v6.lambdanet.net[2001:7f0:0:16::1]
>
> Frankfurt, DE
>
>>  10   275 ms   268 ms   268 ms  6b1.fft4.alter.net
>> [2001:7f8::319e:0:1]
>
> w00t! 12702! - 'lab ipv6 network in EMEA'
>
>>  11   268 ms   304 ms   271 ms  gw6.dca6.alter.net [2001:600:c:8::2]
>
> back to DC.
>
>>  12   271 ms   271 ms   270 ms  2600:803:22f::2
>>  13   280 ms   272 ms   268 ms  2600:803:22f::2
>
> 2 more hops and home in bethesda... whooo! long trip!
>
>>  14   270 ms   269 ms   273 ms  2610:20:6060:aa::a66b Trace complete.
>>
>>
>
>
>
>

Re: So... is it time to do IPv6 day monthy yet?

[Patrick Sumby]

+1

I've enjoyed it so far!

On 08/06/2011 16:07, Ryan Pavely wrote:

I was thinking the same thing. Good call :)

Ryan Pavely
Net Access Corporation
http://www.nac.net/


On 6/8/2011 10:40 AM, Jay Ashworth wrote:

It certainly sounds like it might be.

Cheers,
-- jra

Re: www.nist.gov over v6 trouble Was: Microsoft's participation in World IPv6 day

[David Swafford]

Good catch -- I traveled the world and back today on v6!  Overall though the 
day seems to be going well, I've sparked a lot of enthusiasm at work by 
bragging this event (I even made a shirt to promote it :-), and I'd love to see 
this become a regular occurrence.

David.

- Original Message -
From: "Christopher Morrow" 
To: "David Swafford" 
Cc: "Iljitsch van Beijnum" , nanog@nanog.org, 
do-webmas...@nist.gov
Sent: Wednesday, June 8, 2011 11:19:07 AM
Subject: Re: www.nist.gov over v6 trouble Was: Microsoft's participation in 
World IPv6 day

On Wed, Jun 8, 2011 at 6:33 AM, David Swafford  wrote:
> Interesting, I'm having that same issue w/ www.nist.gov this morning.  Front
> page loads fine, but all links return a 404.   Here's my tracert if it
> helps:
>
> tracert www.nist.gov
> Tracing route to nist.gov [2610:20:6060:aa::a66b]
> over a maximum of 30 hops:
>  1    <1 ms    <1 ms    <1 ms  2001:1938:2a7::1
>  2    85 ms    87 ms    84 ms  gw-383.phx-01.us.sixxs.net[2001:1938:81:17e::1]

phoenix, az,us

>  3    92 ms    99 ms    86 ms  2001:4de0:1000:a4::1
>  4    98 ms    87 ms    90 ms  1-3.ipv6.r1.ph.hwng.net[2001:4de0:1000:27::2]
>  5   136 ms   140 ms   131 ms  3-2.ipv6.r1.at.hwng.net[2001:4de0:1000:15::1]
>  6   167 ms   167 ms   175 ms  2-1.ipv6.r2.dc.hwng.net[2001:4de0:1000:7::1]

wash-dc, usa

>  7   246 ms   253 ms   245 ms  5-4.ipv6.r2.am.hwng.net[2001:4de0:1000:5::1]

amsterdam, nl! (you seem to have bypassed NIST here...)

>  8   248 ms   247 ms   247 ms  
> AMS-IX.v6.lambdanet.net[2001:7f8:1::a501:3237:1]
>  9   265 ms   267 ms   265 ms  FRA-1-pos413.v6.lambdanet.net[2001:7f0:0:16::1]

Frankfurt, DE

>  10   275 ms   268 ms   268 ms  6b1.fft4.alter.net [2001:7f8::319e:0:1]

w00t! 12702! - 'lab ipv6 network in EMEA'

>  11   268 ms   304 ms   271 ms  gw6.dca6.alter.net [2001:600:c:8::2]

back to DC.

>  12   271 ms   271 ms   270 ms  2600:803:22f::2
>  13   280 ms   272 ms   268 ms  2600:803:22f::2

2 more hops and home in bethesda... whooo! long trip!

>  14   270 ms   269 ms   273 ms  2610:20:6060:aa::a66b
> Trace complete.
>
>

RE: www.nist.gov over v6 trouble Was: Microsoft's participation in World IPv6 day

[Rob V]

Interesting ... I seem to stay in North America ... I guess it depends what
POP you connect to?

traceroute6 to nist.gov (2610:20:6060:aa::a66b) from
2001:4978::fe67:cafa, 64 hops max, 12 byte packets
 1  2001:::1  1.147 ms  0.461 ms  0.413 ms
 2  gw-525.chi-02.us.sixxs.net  30.235 ms  30.380 ms  30.256 ms
 3  sixxs.ge-0.0.0-30.core1.chi.bb6.your.org  109.226 ms  29.622 ms  30.270
ms
 4  gige-g2-19.core1.chi1.he.net  31.716 ms  31.157 ms  40.147 ms
 5  10gigabitethernet7-2.core1.nyc4.he.net  47.923 ms  56.877 ms  48.230 ms
 6  2001:504:f::64  49.124 ms  51.467 ms  50.701 ms
 7  2600:803:22f::2  63.797 ms  73.429 ms  63.938 ms
 8  2600:803:22f::2  62.129 ms  68.801 ms  62.511 ms
 9  2610:20:6060:aa::a66b  59.465 ms  76.910 ms  70.083 ms


-Original Message-
From: STARNES, CURTIS [mailto:curtis.star...@granburyisd.org] 
Sent: June-08-11 11:27 AM
To: Christopher Morrow; David Swafford
Cc: nanog@nanog.org; do-webmas...@nist.gov
Subject: RE: www.nist.gov over v6 trouble Was: Microsoft's participation in
World IPv6 day

Typical long trip via a sixxs.net tunnel.
Unlike Hurricane Electric (tunnelbroker.net), Sixxs has no US peering that I
know of so everything has to hit overseas before returning back.

Curtis.

-Original Message-
From: Christopher Morrow [mailto:morrowc.li...@gmail.com] 
Sent: Wednesday, June 08, 2011 10:19 AM
To: David Swafford
Cc: nanog@nanog.org; do-webmas...@nist.gov
Subject: Re: www.nist.gov over v6 trouble Was: Microsoft's participation in
World IPv6 day

On Wed, Jun 8, 2011 at 6:33 AM, David Swafford 
wrote:
> Interesting, I'm having that same issue w/ www.nist.gov this morning.  
> Front page loads fine, but all links return a 404.   Here's my tracert 
> if it
> helps:
>
> tracert www.nist.gov
> Tracing route to nist.gov [2610:20:6060:aa::a66b] over a maximum of 30 
> hops:
>  1    <1 ms    <1 ms    <1 ms  2001:1938:2a7::1
>  2    85 ms    87 ms    84 ms  
> gw-383.phx-01.us.sixxs.net[2001:1938:81:17e::1]

phoenix, az,us

>  3    92 ms    99 ms    86 ms  2001:4de0:1000:a4::1
>  4    98 ms    87 ms    90 ms  
> 1-3.ipv6.r1.ph.hwng.net[2001:4de0:1000:27::2]
>  5   136 ms   140 ms   131 ms  
> 3-2.ipv6.r1.at.hwng.net[2001:4de0:1000:15::1]
>  6   167 ms   167 ms   175 ms  
> 2-1.ipv6.r2.dc.hwng.net[2001:4de0:1000:7::1]

wash-dc, usa

>  7   246 ms   253 ms   245 ms  
> 5-4.ipv6.r2.am.hwng.net[2001:4de0:1000:5::1]

amsterdam, nl! (you seem to have bypassed NIST here...)

>  8   248 ms   247 ms   247 ms  
> AMS-IX.v6.lambdanet.net[2001:7f8:1::a501:3237:1]
>  9   265 ms   267 ms   265 ms  
> FRA-1-pos413.v6.lambdanet.net[2001:7f0:0:16::1]

Frankfurt, DE

>  10   275 ms   268 ms   268 ms  6b1.fft4.alter.net 
> [2001:7f8::319e:0:1]

w00t! 12702! - 'lab ipv6 network in EMEA'

>  11   268 ms   304 ms   271 ms  gw6.dca6.alter.net [2001:600:c:8::2]

back to DC.

>  12   271 ms   271 ms   270 ms  2600:803:22f::2
>  13   280 ms   272 ms   268 ms  2600:803:22f::2

2 more hops and home in bethesda... whooo! long trip!

>  14   270 ms   269 ms   273 ms  2610:20:6060:aa::a66b Trace complete.
>
>

Re: www.nist.gov over v6 trouble Was: Microsoft's participation in World IPv6 day

[Jay Ford]

On Wed, 8 Jun 2011, Neil Long wrote:

Top of the page it says (now, may have been added)
"Note: This top level web page has been setup to test IPv6 capabilities and 
to participate in World IPv6 Day on June 8, 2011. This IPv6 web page will be 
disabled after the end of World IPv6 Day. Links on this page do not work. 
This is a copy of the NIST website, www.nist.gov, and is only reachable using 
the IPv6 network protocol. To access the entire NIST website, you must use 
the IPv4 network protocol."


Yeah, at least they said what they did, but they seem to have a
misunderstanding of how dual-stack clients will use the www.nist.gov 
record.  The result is that they've broken access to their content.


Jay Ford, Network Engineering Group, Information Technology Services
University of Iowa, Iowa City, IA 52242
email: jay-f...@uiowa.edu, phone: 319-335-, fax: 319-335-2951

RE: www.nist.gov over v6 trouble Was: Microsoft's participation in World IPv6 day

[STARNES, CURTIS]

Typical long trip via a sixxs.net tunnel.
Unlike Hurricane Electric (tunnelbroker.net), Sixxs has no US peering that I 
know of so everything has to hit overseas before returning back.

Curtis.

-Original Message-
From: Christopher Morrow [mailto:morrowc.li...@gmail.com] 
Sent: Wednesday, June 08, 2011 10:19 AM
To: David Swafford
Cc: nanog@nanog.org; do-webmas...@nist.gov
Subject: Re: www.nist.gov over v6 trouble Was: Microsoft's participation in 
World IPv6 day

On Wed, Jun 8, 2011 at 6:33 AM, David Swafford  wrote:
> Interesting, I'm having that same issue w/ www.nist.gov this morning.  
> Front page loads fine, but all links return a 404.   Here's my tracert 
> if it
> helps:
>
> tracert www.nist.gov
> Tracing route to nist.gov [2610:20:6060:aa::a66b] over a maximum of 30 
> hops:
>  1    <1 ms    <1 ms    <1 ms  2001:1938:2a7::1
>  2    85 ms    87 ms    84 ms  
> gw-383.phx-01.us.sixxs.net[2001:1938:81:17e::1]

phoenix, az,us

>  3    92 ms    99 ms    86 ms  2001:4de0:1000:a4::1
>  4    98 ms    87 ms    90 ms  
> 1-3.ipv6.r1.ph.hwng.net[2001:4de0:1000:27::2]
>  5   136 ms   140 ms   131 ms  
> 3-2.ipv6.r1.at.hwng.net[2001:4de0:1000:15::1]
>  6   167 ms   167 ms   175 ms  
> 2-1.ipv6.r2.dc.hwng.net[2001:4de0:1000:7::1]

wash-dc, usa

>  7   246 ms   253 ms   245 ms  
> 5-4.ipv6.r2.am.hwng.net[2001:4de0:1000:5::1]

amsterdam, nl! (you seem to have bypassed NIST here...)

>  8   248 ms   247 ms   247 ms  
> AMS-IX.v6.lambdanet.net[2001:7f8:1::a501:3237:1]
>  9   265 ms   267 ms   265 ms  
> FRA-1-pos413.v6.lambdanet.net[2001:7f0:0:16::1]

Frankfurt, DE

>  10   275 ms   268 ms   268 ms  6b1.fft4.alter.net 
> [2001:7f8::319e:0:1]

w00t! 12702! - 'lab ipv6 network in EMEA'

>  11   268 ms   304 ms   271 ms  gw6.dca6.alter.net [2001:600:c:8::2]

back to DC.

>  12   271 ms   271 ms   270 ms  2600:803:22f::2
>  13   280 ms   272 ms   268 ms  2600:803:22f::2

2 more hops and home in bethesda... whooo! long trip!

>  14   270 ms   269 ms   273 ms  2610:20:6060:aa::a66b Trace complete.
>
>

Re: www.nist.gov over v6 trouble Was: Microsoft's participation in World IPv6 day

[Neil Long]

On 8 Jun 2011, at 07:15, Andrew Koch wrote:

On Wed, Jun 8, 2011 at 00:59, Iljitsch van Beijnum  
 wrote:
BTW, how are you guys dealing with path MTU discovery for IPv6?  
I've seen a few sites that have problems with this, such as www.nist.gov 
, >



Speaking of www.nist.gov, I am getting the front page to load, but all
links are returning a 404 Not Found when browsing via v6

Andrew Koch
andrew.k...@gawul.net




Top of the page it says (now, may have been added)
"Note: This top level web page has been setup to test IPv6  
capabilities and to participate in World IPv6 Day on June 8, 2011.  
This IPv6 web page will be disabled after the end of World IPv6 Day.  
Links on this page do not work. This is a copy of the NIST website, www.nist.gov 
, and is only reachable using the IPv6 network protocol. To access the  
entire NIST website, you must use the IPv4 network protocol."


Cheers
Neil


--
Neil Long, Team Cymru
http://www.cymru.com | +1 630 230 5422 | n...@cymru.com






smime.p7s
Description: S/MIME cryptographic signature