Wouldn't it be nice to just set up ipv6 a test? Something similar to
https://secure.wikimedia.org/ . That way I can just open
https://ipv6.wikimedia.org/wikipedia/en/wiki/Main_Page if I want to
browse Wikipedia using ipv6.
Maarten
Ps. Of course https://secure6.wikimedia.org/ is even better
On 3 February 2011 21:04, Robert Leverington rob...@rhl.me.uk wrote:
[2] http://ipv6and4.labs.wikimedia.org/
[3] http://wikitech.wikimedia.org/view/IPv6_deployment
Someone actually emailed the press queue today asking if we were
participating in IPv6 Day. I passed them those two links and
On 04/02/11 00:29, George Herbert wrote:
snip
There won't be much choice when the ISPs run out of IPv4 space to
allocate new users.
It is already the case! Thankfully there is DS-Lite which let you
transport v4 over v6.
CPE is v6 only on the WAN side, if an IPv4 packet is received on LAN
side
I just checked and determined that there appear to be no records
yet for the WMF servers.
I have to admit to having been negligent in examining the IPv6
readiness of the Mediawiki software. Is it generally working and
ready to go on IPv6?
Does the Foundation have a IPv6 support plan ready
- Original Message -
From: George Herbert george.herb...@gmail.com
I just checked and determined that there appear to be no records
yet for the WMF servers.
I have to admit to having been negligent in examining the IPv6
readiness of the Mediawiki software. Is it generally
I believe the WMF intends to participate in World IPv6 Day [1],
additionally they publish some IPv6 statistics [2]. See also the IPv6
deployment page [3].
[1] http://isoc.org/wp/worldipv6day/
[2] http://ipv6and4.labs.wikimedia.org/
[3] http://wikitech.wikimedia.org/view/IPv6_deployment
Robert
In article 19663836.4613.1296766691647.javamail.r...@benjamin.baylink.com,
Jay Ashworth j...@baylink.com wrote:
- Original Message -
From: George Herbert george.herb...@gmail.com
I have to admit to having been negligent in examining the IPv6
readiness of the Mediawiki software. Is it
On Thu, Feb 3, 2011 at 12:58 PM, Jay Ashworth j...@baylink.com wrote:
- Original Message -
From: George Herbert george.herb...@gmail.com
I just checked and determined that there appear to be no records
yet for the WMF servers.
I have to admit to having been negligent in
- Original Message -
From: River Tarnell r.tarn...@ieee.org
It doesn't matter if Apache supports IPv6, since the Internet-facing
HTTP servers for wikis are reverse proxies, either Squid or Varnish.
I believe the version of Squid that WMF is using doesn't support IPv6.
Oh, of course.
On Thu, Feb 3, 2011 at 1:05 PM, River Tarnell r.tarn...@ieee.org wrote:
Does any useful discussion still take place on that list?
- river.
I don't know; did any ever? 8-)
It doesn't matter if Apache supports IPv6, since the Internet-facing
HTTP servers for wikis are reverse proxies,
On Thu, Feb 3, 2011 at 1:11 PM, Jay Ashworth j...@baylink.com wrote:
(APNIC runs out of IPv4 space to give to providers somewhere around
August, statistically; RIPE in Feb or March 2012, ARIN in July
2012).
ARIN issued the last 5 available /8s to RIRs *today*; we've been
talking about it
In article 30181972.4621.1296767510190.javamail.r...@benjamin.baylink.com,
Jay Ashworth j...@baylink.com wrote:
- Original Message -
From: River Tarnell r.tarn...@ieee.org
As long as the proxy supports IPv6, it can continue to talk to Apache
via IPv4; since WMF's internal network uses
On Thu, Feb 3, 2011 at 1:11 PM, Jay Ashworth j...@baylink.com wrote:
- Original Message -
From: River Tarnell r.tarn...@ieee.org
It doesn't matter if Apache supports IPv6, since the Internet-facing
HTTP servers for wikis are reverse proxies, either Squid or Varnish.
I believe the
In article aanlktikbwloyhzy4jln6jwkphfjotgo-ppqxfwupf...@mail.gmail.com,
George Herbert george.herb...@gmail.com wrote:
It doesn't matter if Apache supports IPv6, since the Internet-facing
HTTP servers for wikis are reverse proxies, either Squid or Varnish.
I believe the version of Squid that WMF
On Thu, Feb 3, 2011 at 1:21 PM, George Herbert george.herb...@gmail.com wrote:
On Thu, Feb 3, 2011 at 1:11 PM, Jay Ashworth j...@baylink.com wrote:
- Original Message -
From: River Tarnell r.tarn...@ieee.org
It doesn't matter if Apache supports IPv6, since the Internet-facing
HTTP
In article AANLkTinQPPu_j=0emuaf2xojthqsxdluw0btggu8z...@mail.gmail.com,
George Herbert george.herb...@gmail.com wrote:
It's not really a 6to4 NAT per se - it's a 6to4 application level
proxy. The question is, what does Squid hand off to Apache via a IPv4
back end connection if the front end
In article AANLkTi=OnSreaXMi3Gc+0==tzoq1jfix63xrkthv6...@mail.gmail.com,
George Herbert george.herb...@gmail.com wrote:
Q: Are we doing tproxy between the squids and apache servers?
No. But since you mention it, LVS (Linux kernel-level load balancer) is
used for load balancing, for both Squid
- Original Message -
From: River Tarnell r.tarn...@ieee.org
Jay Ashworth j...@baylink.com wrote:
- Original Message -
From: River Tarnell r.tarn...@ieee.org
As long as the proxy supports IPv6, it can continue to talk to
Apache
via IPv4; since WMF's internal network uses
On Thu, Feb 3, 2011 at 1:35 PM, River Tarnell r.tarn...@ieee.org wrote:
In article AANLkTi=OnSreaXMi3Gc+0==tzoq1jfix63xrkthv6...@mail.gmail.com,
George Herbert george.herb...@gmail.com wrote:
Q: Are we doing tproxy between the squids and apache servers?
No. But since you mention it, LVS
- Original Message -
From: George Herbert george.herb...@gmail.com
It might; how would a 6to4NAT affect blocking?
It's not really a 6to4 NAT per se - it's a 6to4 application level
proxy. The question is, what does Squid hand off to Apache via a IPv4
back end connection if the
On Thu, Feb 3, 2011 at 1:41 PM, Jay Ashworth j...@baylink.com wrote:
If we NAT between the squids and the apaches, will that adversely affect
the ability of MW to *know* the outside site's IP address when that's v6?
You're not just changing addresses, you're changing address *families*;
is
In article 9259756.4629.1296769269783.javamail.r...@benjamin.baylink.com,
Jay Ashworth j...@baylink.com wrote:
- Original Message -
From: River Tarnell r.tarn...@ieee.org
Jay Ashworth j...@baylink.com wrote:
how would a 6to4NAT affect blocking?
ISP NATs are a separate issue, and might
On Thu, Feb 3, 2011 at 3:50 PM, George Herbert george.herb...@gmail.com wrote:
We have a few months, but by the end of 2012, any major site needs to
be serving IPv6.
Unlikely. ISPs are just going to start forcing users to use NAT more
aggressively, use tunnelling, etc. No residential client
In article aanlktikpg8sdnmgwkn2xmw2agqok1gdyuiopf7qbm...@mail.gmail.com,
Brion Vibber br...@pobox.com wrote:
On Thu, Feb 3, 2011 at 1:41 PM, Jay Ashworth j...@baylink.com wrote:
If we NAT between the squids and the apaches, will that adversely affect
the ability of MW to *know* the outside
In article aanlktikgm845zovsgqpdvq81juhn8wm3rwzcxvbqn...@mail.gmail.com,
Aryeh Gregor simetrical+wikil...@gmail.com wrote:
ISPs are just going to start forcing users to use NAT more
aggressively, use tunnelling, etc.
ISPs will probably do this, but I don't think it's right to say they'll
On Thu, Feb 3, 2011 at 1:45 PM, Brion Vibber br...@pobox.com wrote:
On Thu, Feb 3, 2011 at 1:41 PM, Jay Ashworth j...@baylink.com wrote:
If we NAT between the squids and the apaches, will that adversely affect
the ability of MW to *know* the outside site's IP address when that's v6?
You're
On Thu, Feb 3, 2011 at 4:45 PM, Brion Vibber br...@pobox.com wrote:
Front-end proxies need to speak IPv6 to the outside world so they can accept
connections from IPv6 clients, add the clients' IPv6 addresses to the HTTP
X-Forwarded-For header which gets passed to the Apaches, and then return
On Thu, Feb 3, 2011 at 1:53 PM, River Tarnell r.tarn...@ieee.org wrote:
In article aanlktikpg8sdnmgwkn2xmw2agqok1gdyuiopf7qbm...@mail.gmail.com,
Brion Vibber br...@pobox.com wrote:
There's no reason to NAT between the squid proxies and apaches -- they
share
a private network, with a private
In article AANLkTi=nsymtrlv7dwrpixj-wnrpjkvgwyixs+zjc...@mail.gmail.com,
Anthony wikim...@inbox.org wrote:
Is there a standard for using IPv6 inside X-Forwarded-For headers?
There is no standard for X-Forwarded-For at all.
I would think you'd need a new header altogether.
Since there's nothing
I'm glad this thread soon got to the point where we realise the
problem is on the application layer level.
So what are exactly the implications for blocking and related issues
when we will start to see ISP level NATing?
Am I right to assume that we will start seeing requests from say a
global ISP
On Thu, Feb 3, 2011 at 5:10 PM, River Tarnell r.tarn...@ieee.org wrote:
In article AANLkTi=nsymtrlv7dwrpixj-wnrpjkvgwyixs+zjc...@mail.gmail.com,
Anthony wikim...@inbox.org wrote:
Is there a standard for using IPv6 inside X-Forwarded-For headers?
There is no standard for X-Forwarded-For at
On Thu, Feb 3, 2011 at 2:14 PM, Anthony wikim...@inbox.org wrote:
On Thu, Feb 3, 2011 at 5:10 PM, River Tarnell r.tarn...@ieee.org wrote:
In article
AANLkTi=nsymtrlv7dwrpixj-wnrpjkvgwyixs+zjc...@mail.gmail.comnsymtrlv7dwrpixj-wnrpjkvgwyixs%2bzjc...@mail.gmail.com
,
Anthony
In article aanlktim3ht9hxau3sgwmfu9mph9gb2rx2misg3vmc...@mail.gmail.com,
Martijn Hoekstra martijnhoeks...@gmail.com wrote:
I'm glad this thread soon got to the point where we realise the
problem is on the application layer level.
If that was the only problem, this would be much simpler.
So what
Jay Asworth wrote:
As long as the proxy supports IPv6, it can continue to talk to Apache
via IPv4; since WMF's internal network uses RFC1918 addresses, it
won't be affected by IPv4 exhaustion.
It might; how would a 6to4NAT affect blocking?
If the XFF header is right, from mediawiki POV an
On Thu, Feb 3, 2011 at 5:20 PM, River Tarnell r.tarn...@ieee.org wrote:
In article aanlktim3ht9hxau3sgwmfu9mph9gb2rx2misg3vmc...@mail.gmail.com,
Martijn Hoekstra martijnhoeks...@gmail.com wrote:
So what are exactly the implications for blocking and related issues
when we will start to see ISP
On Thu, Feb 3, 2011 at 5:29 PM, Anthony wikim...@inbox.org wrote:
But, supports IPv6 could be as simple as having an http proxy server
which sends (fake) IPv6 XFF headers.
By fake, I mean that there's not even a need for the client to
actually use that IPv6 address, so long as each
On Thu, Feb 3, 2011 at 5:01 PM, George Herbert george.herb...@gmail.com wrote:
You're making assumptions here that the residential ISPs in the US and
Asia have stated aren't true...
I'm awfully sure the assumption customers will not pay for an
Internet connection that only connects to IPv6
On Thu, Feb 3, 2011 at 3:21 PM, Aryeh Gregor
simetrical+wikil...@gmail.com wrote:
On Thu, Feb 3, 2011 at 5:01 PM, George Herbert george.herb...@gmail.com
wrote:
You're making assumptions here that the residential ISPs in the US and
Asia have stated aren't true...
I'm awfully sure the
In article AANLkTi=1foHsEOh25Dr+Df2N4DFXj4iKU0SWXg1xXWP=@mail.gmail.com,
Aryeh Gregor simetrical+wikil...@gmail.com wrote:
On Thu, Feb 3, 2011 at 5:02 PM, River Tarnell r.tarn...@ieee.org wrote:
ISPs will probably do this, but I don't think it's right to say they'll
*just* do this. Â In the US,
In article AANLkTi=enp2_sy+g2dt_sw0oq8-05_jjcojgxsdt0...@mail.gmail.com,
George Herbert george.herb...@gmail.com wrote:
On Thu, Feb 3, 2011 at 3:21 PM, Aryeh Gregor
simetrical+wikil...@gmail.com wrote:
Yes, but they'll have IPv4 access as well.
There won't be much choice when the ISPs run out of
On Thu, Feb 3, 2011 at 6:29 PM, George Herbert george.herb...@gmail.com wrote:
There won't be much choice when the ISPs run out of IPv4 space to
allocate new users.
As I said - we'll see it in Asia soon enough, and then the US down the
road a bit longer.
You mean, when they have so little
On 04/02/11 08:13, George Herbert wrote:
On Thu, Feb 3, 2011 at 1:05 PM, River Tarnell r.tarn...@ieee.org wrote:
Does any useful discussion still take place on that list?
- river.
I don't know; did any ever? 8-)
It doesn't matter if Apache supports IPv6, since the Internet-facing
On Thu, Feb 3, 2011 at 4:32 PM, Tim Starling tstarl...@wikimedia.org wrote:
On 04/02/11 08:13, George Herbert wrote:
[...]
Ah, yes. That problem. We're using that hacked up Squid 2.7, right?
I'm not as involved as I was a couple of years ago, but I was running
a large Squid 3.0 and
In article AANLkTikS7Kcenbz94UjhfOYi6usRGSSf5VBrQCpK=v...@mail.gmail.com,
George Herbert george.herb...@gmail.com wrote:
Broken IPv6 routing will be evident to the providers and users,
because nothing will work. I would expect few complaints to us...
(perhaps naively...)
This is actually more
On 04/02/11 11:39, George Herbert wrote:
Broken IPv6 routing will be evident to the providers and users,
because nothing will work. I would expect few complaints to us...
(perhaps naively...)
There will be complaints. That's what World IPv6 Day is for, besides
raising awareness: it's a day
- Original Message -
From: Tim Starling tstarl...@wikimedia.org
It's not necessary for the main Squid cluster to support IPv6 in order
to serve the main website via IPv6.
The amount of IPv6 traffic will presumably be very small in the short
term. We can just set up a single proxy
On Thu, Feb 3, 2011 at 6:29 PM, Tim Starling tstarl...@wikimedia.org wrote:
On 04/02/11 11:39, George Herbert wrote:
Broken IPv6 routing will be evident to the providers and users,
because nothing will work. I would expect few complaints to us...
(perhaps naively...)
There will be
I would recommend upgrading the Squid cluster because it's run on a
very significantly old version of the software, lacks several years
worth of general patches and maintenance, and because it's not THAT
big a deal. As I mentioned earlier in thread, I spent several years
running Squid (at
48 matches
Mail list logo