I just checked and determined that there appear to be no records
yet for the WMF servers.
I have to admit to having been negligent in examining the IPv6
readiness of the Mediawiki software. Is it generally working and
ready to go on IPv6?
Does the Foundation have a IPv6 support plan ready t
- Original Message -
> From: "George Herbert"
> I just checked and determined that there appear to be no records
> yet for the WMF servers.
>
> I have to admit to having been negligent in examining the IPv6
> readiness of the Mediawiki software. Is it generally working and
> ready t
I believe the WMF intends to participate in World IPv6 Day [1],
additionally they publish some IPv6 statistics [2]. See also the IPv6
deployment page [3].
[1] http://isoc.org/wp/worldipv6day/
[2] http://ipv6and4.labs.wikimedia.org/
[3] http://wikitech.wikimedia.org/view/IPv6_deployment
Robert
O
In article <19663836.4613.1296766691647.javamail.r...@benjamin.baylink.com>,
Jay Ashworth wrote:
>- Original Message -
>> From: "George Herbert"
>> I have to admit to having been negligent in examining the IPv6
>> readiness of the Mediawiki software. Is it generally working and
>> ready
On Thu, Feb 3, 2011 at 12:58 PM, Jay Ashworth wrote:
> - Original Message -
>> From: "George Herbert"
>
>> I just checked and determined that there appear to be no records
>> yet for the WMF servers.
>>
>> I have to admit to having been negligent in examining the IPv6
>> readiness of
- Original Message -
> From: "River Tarnell"
> It doesn't matter if Apache supports IPv6, since the Internet-facing
> HTTP servers for wikis are reverse proxies, either Squid or Varnish.
> I believe the version of Squid that WMF is using doesn't support IPv6.
Oh, of course.
> As long
On Thu, Feb 3, 2011 at 1:05 PM, River Tarnell wrote:
> Does any useful discussion still take place on that list?
>
> - river.
I don't know; did any ever? 8-)
>It doesn't matter if Apache supports IPv6, since the Internet-facing
>HTTP servers for wikis are reverse proxies, either Squid or
On Thu, Feb 3, 2011 at 1:11 PM, Jay Ashworth wrote:
>> >> (APNIC runs out of IPv4 space to give to providers somewhere around
>> >> August, statistically; RIPE in Feb or March 2012, ARIN in July
>> >> 2012).
>> >ARIN issued the last 5 available /8s to RIRs *today*; we've been
>> >talking about it
In article <30181972.4621.1296767510190.javamail.r...@benjamin.baylink.com>,
Jay Ashworth wrote:
>- Original Message -
>> From: "River Tarnell"
>> As long as the proxy supports IPv6, it can continue to talk to Apache
>> via IPv4; since WMF's internal network uses RFC1918 addresses, it
>>
On Thu, Feb 3, 2011 at 1:11 PM, Jay Ashworth wrote:
> - Original Message -
>> From: "River Tarnell"
>
>> It doesn't matter if Apache supports IPv6, since the Internet-facing
>> HTTP servers for wikis are reverse proxies, either Squid or Varnish.
>> I believe the version of Squid that WMF
In article ,
George Herbert wrote:
>>It doesn't matter if Apache supports IPv6, since the Internet-facing
>>HTTP servers for wikis are reverse proxies, either Squid or Varnish.
>>I believe the version of Squid that WMF is using doesn't support IPv6.
>Ah, yes. That problem. "We're" using that h
On Thu, Feb 3, 2011 at 1:21 PM, George Herbert wrote:
> On Thu, Feb 3, 2011 at 1:11 PM, Jay Ashworth wrote:
>> - Original Message -
>>> From: "River Tarnell"
>>
>>> It doesn't matter if Apache supports IPv6, since the Internet-facing
>>> HTTP servers for wikis are reverse proxies, either
In article ,
George Herbert wrote:
>It's not really a 6to4 NAT per se - it's a 6to4 application level
>proxy. The question is, what does Squid hand off to Apache via a IPv4
>back end connection if the front end connection is IPv6.
I don't think it's useful to think of it in these terms (6to4 an
In article ,
George Herbert wrote:
>Q: Are we doing tproxy between the squids and apache servers?
No. But since you mention it, LVS (Linux kernel-level load balancer) is
used for load balancing, for both Squid and Apache. LVS supports IPv6,
so that shouldn't be an issue.
>(That would be sol
- Original Message -
> From: "River Tarnell"
> Jay Ashworth wrote:
> >- Original Message -
> >> From: "River Tarnell"
> >> As long as the proxy supports IPv6, it can continue to talk to
> >> Apache
> >> via IPv4; since WMF's internal network uses RFC1918 addresses, it
> >> won't
On Thu, Feb 3, 2011 at 1:35 PM, River Tarnell wrote:
> In article ,
> George Herbert wrote:
>>Q: Are we doing tproxy between the squids and apache servers?
>
> No. But since you mention it, LVS (Linux kernel-level load balancer) is
> used for load balancing, for both Squid and Apache. LVS supp
- Original Message -
> From: "George Herbert"
> > It might; how would a 6to4NAT affect blocking?
>
> It's not really a 6to4 NAT per se - it's a 6to4 application level
> proxy. The question is, what does Squid hand off to Apache via a IPv4
> back end connection if the front end connection
On Thu, Feb 3, 2011 at 1:41 PM, Jay Ashworth wrote:
> If we NAT between the squids and the apaches, will that adversely affect
> the ability of MW to *know* the outside site's IP address when that's v6?
>
> You're not just changing addresses, you're changing address *families*;
> is there a stand
In article <9259756.4629.1296769269783.javamail.r...@benjamin.baylink.com>,
Jay Ashworth wrote:
>- Original Message -
>> From: "River Tarnell"
>> Jay Ashworth wrote:
>> >how would a 6to4NAT affect blocking?
>> ISP NATs are a separate issue, and might be interesting[...]
>You misundersto
On Thu, Feb 3, 2011 at 3:50 PM, George Herbert wrote:
> We have a few months, but by the end of 2012, any major site needs to
> be serving IPv6.
Unlikely. ISPs are just going to start forcing users to use NAT more
aggressively, use tunnelling, etc. No residential client is going to
be given a c
In article ,
Brion Vibber wrote:
>On Thu, Feb 3, 2011 at 1:41 PM, Jay Ashworth wrote:
>> If we NAT between the squids and the apaches, will that adversely affect
>> the ability of MW to *know* the outside site's IP address when that's v6?
>> You're not just changing addresses, you're changing a
On Thu, Feb 3, 2011 at 1:53 PM, Aryeh Gregor
wrote:
> On Thu, Feb 3, 2011 at 3:50 PM, George Herbert
> wrote:
>> We have a few months, but by the end of 2012, any major site needs to
>> be serving IPv6.
>
> Unlikely. ISPs are just going to start forcing users to use NAT more
> aggressively, use
In article ,
Aryeh Gregor wrote:
>ISPs are just going to start forcing users to use NAT more
>aggressively, use tunnelling, etc.
ISPs will probably do this, but I don't think it's right to say they'll
*just* do this. In the US, for example, Comcast has been running IPv6
trials for a while, a
On Thu, Feb 3, 2011 at 1:45 PM, Brion Vibber wrote:
> On Thu, Feb 3, 2011 at 1:41 PM, Jay Ashworth wrote:
>
>> If we NAT between the squids and the apaches, will that adversely affect
>> the ability of MW to *know* the outside site's IP address when that's v6?
>>
>> You're not just changing addre
On Thu, Feb 3, 2011 at 4:45 PM, Brion Vibber wrote:
> Front-end proxies need to speak IPv6 to the outside world so they can accept
> connections from IPv6 clients, add the clients' IPv6 addresses to the HTTP
> X-Forwarded-For header which gets passed to the Apaches, and then return the
> response
On Thu, Feb 3, 2011 at 1:53 PM, River Tarnell wrote:
> In article ,
> Brion Vibber wrote:
> >There's no reason to NAT between the squid proxies and apaches -- they
> share
> >a private network, with a private IPv4 address space which is nowhere near
> >being exhausted.
>
> I almost said this, b
In article ,
Anthony wrote:
>Is there a standard for using IPv6 inside X-Forwarded-For headers?
There is no standard for X-Forwarded-For at all.
>I would think you'd need a new header altogether.
Since there's nothing to say what can and can't be put in an XFF header,
the existing header work
I'm glad this thread soon got to the point where we realise the
problem is on the application layer level.
So what are exactly the implications for blocking and related issues
when we will start to see ISP level NATing?
Am I right to assume that we will start seeing requests from say a
global ISP
On Thu, Feb 3, 2011 at 5:10 PM, River Tarnell wrote:
> In article ,
> Anthony wrote:
>>Is there a standard for using IPv6 inside X-Forwarded-For headers?
>
> There is no standard for X-Forwarded-For at all.
Not even a de-facto one?
___
Wikitech-l mai
On Thu, Feb 3, 2011 at 2:14 PM, Anthony wrote:
> On Thu, Feb 3, 2011 at 5:10 PM, River Tarnell wrote:
> > In article
> >
> >,
> > Anthony wrote:
> >>Is there a standard for using IPv6 inside X-Forwarded-For headers?
> >
> > There is no standard for X-Forwarded-For at all.
>
> Not even a de-f
In article ,
Martijn Hoekstra wrote:
>I'm glad this thread soon got to the point where we realise the
>problem is on the application layer level.
If that was the only problem, this would be much simpler.
>So what are exactly the implications for blocking and related issues
>when we will start t
Jay Asworth wrote:
>> As long as the proxy supports IPv6, it can continue to talk to Apache
>> > via IPv4; since WMF's internal network uses RFC1918 addresses, it
>> > won't be affected by IPv4 exhaustion.
> It might; how would a 6to4NAT affect blocking?
If the XFF header is right, from mediawiki
On Thu, Feb 3, 2011 at 5:20 PM, River Tarnell wrote:
> In article ,
> Martijn Hoekstra wrote:
>>So what are exactly the implications for blocking and related issues
>>when we will start to see ISP level NATing?
>
> Users will either need to move to an ISP that supports IPv6, or accept
> that the
On Thu, Feb 3, 2011 at 5:29 PM, Anthony wrote:
> But, "supports IPv6" could be as simple as having an http proxy server
> which sends (fake) IPv6 XFF headers.
>
> By fake, I mean that there's not even a need for the client to
> actually use that IPv6 address, so long as each user/session gets a
>
On Thu, Feb 3, 2011 at 5:01 PM, George Herbert wrote:
> You're making assumptions here that the residential ISPs in the US and
> Asia have stated aren't true...
I'm awfully sure the assumption "customers will not pay for an
Internet connection that only connects to IPv6 addresses" is true, and
wi
On Thu, Feb 3, 2011 at 3:21 PM, Aryeh Gregor
wrote:
> On Thu, Feb 3, 2011 at 5:01 PM, George Herbert
> wrote:
>> You're making assumptions here that the residential ISPs in the US and
>> Asia have stated aren't true...
>
> I'm awfully sure the assumption "customers will not pay for an
> Internet
In article ,
Aryeh Gregor wrote:
>On Thu, Feb 3, 2011 at 5:02 PM, River Tarnell wrote:
>> ISPs will probably do this, but I don't think it's right to say they'll
>> *just* do this. Â In the US, for example, Comcast has been running IPv6
>> trials for a while, and expects to start giving end-user
In article ,
George Herbert wrote:
>On Thu, Feb 3, 2011 at 3:21 PM, Aryeh Gregor
> wrote:
>> Yes, but they'll have IPv4 access as well.
>There won't be much choice when the ISPs run out of IPv4 space to
>allocate new users.
Don't underestimate the ability of ISPs to sell really bad service to
On Thu, Feb 3, 2011 at 6:29 PM, George Herbert wrote:
> There won't be much choice when the ISPs run out of IPv4 space to
> allocate new users.
>
> As I said - we'll see it in Asia soon enough, and then the US down the
> road a bit longer.
You mean, when they have so little IPv4 space that they c
On 04/02/11 08:13, George Herbert wrote:
> On Thu, Feb 3, 2011 at 1:05 PM, River Tarnell wrote:
>> Does any useful discussion still take place on that list?
>>
>>- river.
>
> I don't know; did any ever? 8-)
>
>> It doesn't matter if Apache supports IPv6, since the Internet-facing
>> HTT
On Thu, Feb 3, 2011 at 4:32 PM, Tim Starling wrote:
> On 04/02/11 08:13, George Herbert wrote:
>> [...]
>> Ah, yes. That problem. "We're" using that hacked up Squid 2.7, right?
>>
>> I'm not as involved as I was a couple of years ago, but I was running
>> a large Squid 3.0 and experimental 3.1 s
In article ,
George Herbert wrote:
>Broken IPv6 routing will be evident to the providers and users,
>because nothing will work. I would expect few complaints to us...
>(perhaps naively...)
This is actually more of an issue than you might think... many users
*already* have broken IPv6 connectiv
On 04/02/11 11:39, George Herbert wrote:
> Broken IPv6 routing will be evident to the providers and users,
> because nothing will work. I would expect few complaints to us...
> (perhaps naively...)
There will be complaints. That's what World IPv6 Day is for, besides
raising awareness: it's a day
- Original Message -
> From: "Tim Starling"
> It's not necessary for the main Squid cluster to support IPv6 in order
> to serve the main website via IPv6.
>
> The amount of IPv6 traffic will presumably be very small in the short
> term. We can just set up a single proxy server in each lo
On Thu, Feb 3, 2011 at 6:29 PM, Tim Starling wrote:
> On 04/02/11 11:39, George Herbert wrote:
>> Broken IPv6 routing will be evident to the providers and users,
>> because nothing will work. I would expect few complaints to us...
>> (perhaps naively...)
>
> There will be complaints. That's what
> I would recommend upgrading the Squid cluster because it's run on a
> very significantly old version of the software, lacks several years
> worth of general patches and maintenance, and because it's not THAT
> big a deal. As I mentioned earlier in thread, I spent several years
> running Squid (a
* Martijn Hoekstra [Thu, 3 Feb 2011 23:12:27
+0100]:
> I'm glad this thread soon got to the point where we realise the
> problem is on the application layer level.
>
> So what are exactly the implications for blocking and related issues
> when we will start to see ISP level NATing?
> Am I right t
On 04/02/11 00:29, George Herbert wrote:
> There won't be much choice when the ISPs run out of IPv4 space to
> allocate new users.
It is already the case! Thankfully there is DS-Lite which let you
transport v4 over v6.
CPE is v6 only on the WAN side, if an IPv4 packet is received on LAN
side it
Wouldn't it be nice to just set up ipv6 a test? Something similar to
https://secure.wikimedia.org/ . That way I can just open
https://ipv6.wikimedia.org/wikipedia/en/wiki/Main_Page if I want to
browse Wikipedia using ipv6.
Maarten
Ps. Of course https://secure6.wikimedia.org/ is even better ;-)
On 3 February 2011 21:04, Robert Leverington wrote:
> [2] http://ipv6and4.labs.wikimedia.org/
> [3] http://wikitech.wikimedia.org/view/IPv6_deployment
Someone actually emailed the press queue today asking if we were
participating in IPv6 Day. I passed them those two links and said the
issues we
50 matches
Mail list logo
