[menog] Get Ready For World IPv6 Day Next Week
Owen DeLong
owend at he.net
Thu Jun 2 07:33:18 GMT 2011
On Jun 1, 2011, at 11:20 PM, Ahmed Abu-Abed wrote:
> If an ISP gets calls on World IPv6 Day (W6D) from subscribers complaining that Facebook, Google or Yahoo are not reachable, then its likely misconfigured 6to4 or Teredo service that is falsely indicating a public IPv6 address on the subscribers host computer or home router.
>
> Thus the biggest challenge on W6D will be the subscribers home access side, not the web servers side. This is due to Windows, Linux and Mac OS preferring IPv6 connections over IPv4 if a website has an IPv6 DNS record.
>
No, that is the expected and desirable behavior. The problem is broken IPv6 implementations as you described prior to mentioning
the desired behavior. If you have clients with misconfigured 6to4 or Teredo or otherwise broken IPv6 that thinks there is IPv6
connectivity where none exists, you should work to resolve that fact rather than trying to get vendors to change DNS preference
order (which would cause other damage).
One problem I have noticed in MacOS X is that it will sometimes, even without 6to4 and Teredo hang on to an obsolete IPv6
default route even though there is no IPv6 connectivity left on the interface (Moving from a WiFi network with IPv6 to one without
on a laptop, for example). This will also cause MacOS X to attempt to get to IPv6 sites with long delays before falling back to
IPv4. The easiest way to clear this problem is to open a Terminal window (/Applications/Utilities/Terminal.app) and execute
the following command from an administrator account:
sudo route delete -inet6 default
Hope that's helpful to someone.
>
> W6D will become the norm sooner or later, which is more reason for ISPs to deploy proper IPv6 access all the way to the home using native dual-stack or over a carrier grade v6-in-v4 protocol like TSP, 6RD or L2TP that can work over existing IPv4 modems/CPEs.
Here's hoping it's sooner rather than later. IPv4 is going to get progressively more dysfunctional with monotonically
increasing complications in the relatively near future. This has already started in the APNIC region.
You left 6in4 out of your list of carrier grade protocols, yet, it is cleaner than all the solutions you listed and the
easiest to implement with native direct support in most IPv6 capable CPE.
Owen
>
> Regards,
> -Ahmed
>
> From: Richard Barnes [mailto:richard.barnes at gmail.com]
> Sent: Wednesday, June 01, 2011 9:04 PM
> To: Abdelfattah Abuqayyas
> Cc: menog at menog.net
> Subject: Re: [menog] Get Ready For World IPv6 Day Next Week
>
> Is anyone on this list planning on doing something special for v6 day? Either participating as a web site or doing some IPv6 enabling on the ISP side?
>
> For our part, BBN will be enabling v6 on www.bbn.com, and doing some measurements.
>
> Best,
> --Richard
>
> On Jun 1, 2011 3:32 AM, "Abdelfattah Abuqayyas" <aabuqayyas at citc.gov.sa> wrote:
>
>
> Get Ready For World IPv6 Day Next Week
> By David Strom / May 31, 2011
> <image001.jpg>
>
> Earlier this spring, as anticipated, the last of the IPv4 address blocks was given to the regional Internet registries that dole them out to ISPs and other corporations. Unlike many predictions that go back dozens of years, we have run out of room. Yes, it will take several months before the world is completely run out of address space, and you might be able to find an unused Class C range here or there. But for the most part, you need to get cracking on a transition plan for your company to migrate towards IPv6 now.
>
> Of course, people have been saying this for years now. I recall writing a humorous article back in 1992 or so where I suggested that I start a brokerage service charging for unused address blocks. While it has taken several decades, we have gotten to the point where the end of IPv4 is near. And unlike the predictions for the Rapture, this is an actual event that will need our attention.
>
> To highlight this situation, a group of engineers under the auspices of the Internet Society have set aside next Wednesday, June 8th, to test the new protocol for an entire 24-hour period. Various Web properties will put up IPv6 versions of their sites for the day as demonstrations. And several vendors have begun to assemble copious instructions and advice to help IT network managers figure out their plans.
>
> What is needed for a successful transition? It is a huge undertaking, not unlike the early establishment of the Internet itself.
>
> · Internet service providers need to make IPv6 connectivity available to all of their users. In most cases this means replacing or upgrading routers and other network switchgear to handle the new protocols.
> · Web companies need to offer their services over IPv6. We'll see some of this next Wednesday, when major site operators such as Google, Facebook, Microsoft and Yahoo will provide IPv6 only versions as targets to connect to.
> · Operating system makers may need to implement specific software updates. Most of the modern desktop OSs include support for IPv6 (see the screenshot below from a Mac as an example). If you are running an older version of XP or MacOS, this can be an issue.
> · Backbone providers will need to establish IPv6 peering with each other.This has begun happening, but obviously more peering is needed, and part of next Wednesday's tests will be to find the non-working links in particular connection paths.
> · Hardware and home gateway manufacturers may need to update firmware to support IPv6. OpenDNS has a series of instructions on their site here to enable their "sandbox" to try out IPv6 support for DNS.
>
> Enterprises have basically four different strategies to follow in implementing IPv6:
>
> 1. Dual Stack IPv4 and IPv6 protocols in your routers to connect to an ISP running dual stacks as well. This is probably the simplest solution, but it does break any NAT connections and if you rely on NAT as a primitive security perimeter, you might need to check into this further, since with IPv6, your entire subnet will be directly connected to the Internet.
> 2. 6to4 tunnels. My Mac uses this method, as can be seen with the 2002: prefix in its IPv6 address. What happens here is that the end of the IPv6 address uses the IPv4 address. This has major performance problems and some firewalls will block this particular protocol on port 41.
> 3. Teredo tunnels is an alternative tunneling protocol that has both clients and servers to translate v4 into v6 addresses and vice-versa. Some firewalls block UDP port 3544, which will cause problems.
> 4. Tunnel brokers and miscellaneous other mechanisms for coping.
> Good luck with your transition. And don't put it off any longer: the time has come!
>
>
>
> Abdelfattah ABUQAYYAS, PhD
> ICT Counselor/ www.citc.gov.sa
> P.O. Box 75606, Riyadh 11588, Saudi Arabia
> Mobile +966-556642230; Tel. +966-1-263-9236
> Twitter: http://twitter.com/abuqayyas
> Facebook: abuqayyas at aim.com
>
>
>
>
> -----------------------------------------------------------------------------------
> Disclaimer:
> This message and its attachment, if any, are confidential and may contain legally
> privileged information. If you are not the intended recipient, please contact the
> sender immediately and delete this message and its attachment, if any, from your
> system. You should not copy this message or disclose its contents to any other
> person or use it for any purpose. Statements and opinions expressed in this e-mail
> are those of the sender, and do not necessarily reflect those of the Communications
> and Information Technology Commission (CITC). CITC accepts no liability for damage
> caused by this email.
>
> _______________________________________________
> Menog mailing list
> Menog at menog.net
> http://lists.menog.net/mailman/listinfo/menog
>
>
>
> _______________________________________________
> Menog mailing list
> Menog at menog.net
> http://lists.menog.net/mailman/listinfo/menog
> _______________________________________________
> Menog mailing list
> Menog at menog.net
> http://lists.menog.net/mailman/listinfo/menog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: /pipermail/attachments/20110602/2a6328da/attachment-0001.html
More information about the Menog
mailing list