Just last week (July 12, 2012), the Chief Information Officers Council released this updated version of the Roadmap Toward IPv6 Adoption for the Federal Government to help with the upcoming deadlines for September of 2012 and September 2014. It highlights the history as well as the government’s vision for IPv6. To read the original article […]
I recently read a few articles from around the the Internet regarding the debate surrounding the use of /64 or /126 prefixes on P2P links. Here is a response I left on another site: “The idea of using /126′s is little more than scar tissue from our experience with IPv4. It is the application of […]
June 8th, 2011 is World IPv6 Day! If you aren’t already running IPv6 this is as good a time as any to get your systems set up to play on the IPv6 Internet. Head over to the official World IPv6 Day web site and get going. http://worldipv6day.org/
Network Address Translation – A Black Mark on IPv4’s Name
Why do people use Network Address Translation?
Because they always have, that’s why. “That’s the way we’ve always done it” is one of the dumbest reasons we do things. It precludes continued thought and absolves us the responsibility to think about why we are doing something. Network Address Translation (NAT) has been a bellwether of the Internet world for so long that many of us can’t remember a time without it. Many in the business rally around its role as a mechanism of security in our networks, “hiding the internal network” from the outside world. When presented in such a light it certainly sounds compelling. Being hidden from the evil, nasty outside world? Yeah! I-want-to-go-to-there.
…about the IP address of your default router (default gateway in IPv4-speak).
It’s tough to argue against the fact that most IPv6 addresses are not much fun to type. Being four times longer than IPv4 addresses and expressed in hexadecimal means things can get ugly on the keyboard pretty quickly. For people in the IT field one very common mechanism for testing IP connectivity is to ping the default gateway. And in IPv4 networks, the default gateway is always different for every layer-3 network. It has now been a thousand bajillion times in my career when I have either asked someone or told someone what the default gateway is for a host who is having connectivity problems. In IPv6 the ability (or inability) to ping the default router is just as helpful as it ever was in IPv4. But there are a few apparent problems/challenges:
I wrote this post several years ago. By writing it I was trying to get people to begin to think about how the size of the IPv6 address space, when combined with RFID technologies, was going to change everything about how they manage their lives. I wrote this way before NetFlix began streaming content, before Amazon’s Kindle and before the iPad. When I recently re-read the post I laughed at how so much of what I wrote was already possible or being done in a completely new and innovative way (e.g. better than I had foreseen). The sum total of innovation made by forward-thinking individuals continues to take the capacity of technology to places we seldom imagine. Things once thought laughable and impossible become reality in short order. So I present the blog post below as a still relevant reflection on where I saw (and still see) things heading. And here it is:
The IANA (Internet Assigned Number Authority) distributes IPv6 address to RIR’s (Regional Internet Registry’s) around the world. At the moment there are five RIR’s and each of them is responsible for allocating IPv6 address space to ISP’s (Internet Service Providers) and, in some cases, End-User organizations. Once a block of addresses is allocated to an ISP it becomes their responsibility to distribute the address space to their customer base.
The IPv6 address space is huge. On paper each IPv6 subnet (/64) supports more than 18.4 quintillion hosts (millions, billions, trillions, quadrillions and then quintillions). It’s an amazingly large number. By every conceivable measure today we can’t contemplate a situation where anything but the tiniest portion of that address space will actually be utilized. Assuming you never have more than a few hundred nodes on each local segment (a common and best practice using today’s technologies) the randomly generated addresses of your nodes are effectively hidden within the total number of possibilities. Actually finding one of your nodes using an ICMP ping sweep becomes almost impossible. We are no longer talking about playing the networking equivalent of Where’s Waldo?, that would be easy. This is something completely different.
Most DNS servers these days are glad to resolve IPv6 addresses from clients who send the queries packaged in IPv4 packets. In the grand scheme of things the DNS servers don’t care how you sent the question, they just care about the question. And because almost everybody still relies heavily upon IPv4, most of us who are trying to push toward IPv6 have been satisfied to get our AAAA resolutions using IPv4 as the transport. But if you want to start being more ‘pure’ in your IPv6 deployments you need to give your system the ability to not only send IPv6 packets out into the Internet, you also need to learn where it is you are going via IPv6 as well. Put plainly, you need to configure your system to get its IPv6 name resolution using IPv6 packets.
“You hear that? That is the sound of inevitability…” – Agent Smith, The Matrix.
You will migrate to IPv6. It is happening. You will not be able to resist. The IANA gave out the last IPv4 allocations on 2/1/2011. There are no more. As I write, the RIR’s will completely run out of IPv4 addresses within days. Not years, not months …days.
One very cool and highly promoted feature of IPv6 is stateless address autoconfiguration. If you don’t already know, this feature enables a node to automatically derive its IPv6 address(es) without the help of of a DHCP server. That is a big departure from the world of IPv4. In IPv4 you either had to manually configure your IP addresses or you had to use DHCP. IPv6 has added address autoconfiguration as a third (and typically default) option.
The beloved UNC path name, familiar to all who administer Microsoft. After all these years there is something comfortable and familiar in the simple act of cracking open open that run line and busting out a pair of backslashes followed by the name or IP address to which I want to connect. Simple. Easy. Classic.