IPv6 has added many new words and ideas to the lexicon of IT professionals. One of the least expected: deprecate.
The dictionary (dictionary.com) says that deprecate means “to express earnest disapproval of”, to “urge reasons against” or, oddly, “to pray for deliverance from”. In the IT world the world a thing being ‘deprecated’ is a thing being removed from use and (hopefully) replaced with something better. And many things have been deprecated in IPv6’s journey to replace IPv4 as the mechanism for getting packets from near to far.
I’m sure the list is longer than even I realize but there are many ideas/implementations/technologies that IPv6 once employed that have since been deprecated. A few examples:
IPv4-compatible IPv6 Addresses. Status: Deprecated.
Used in the ‘early’ days of IPv6 migration efforts to represent an IPv4 address as an IPv6 address (for tunneling IPv6 through IPv4 networks when there was no v6 router along the journey). Ninety-six zeros added to the beginning of an IPv4 address and you’re done. 18.104.22.168 (v4) becomes ::22.214.171.124 (v6). But no matter; it has been deprecated. Evidence of such is presented in places like RFC 4291 (section 2.5.5 and 126.96.36.199) where it is stated:
The “IPv4-Compatible IPv6 address” is now deprecated because the current IPv6 transition mechanisms no longer use these addresses. New or updated implementations are not required to support this address type.
Site-Local Addresses. Status: Deprecated.
That’s right. Toss FEC0::/10 into the waste basket. That big ol’ chunk of addresses is formally deprecated by RFC 3879. The implementation of site-local addressing presented many problems that were ultimately considered too difficult to overcome. So we kicked the whole address structure to the curb and replaced it with unique-local addressing.
The 6bone. Status: Deprecated.
The 6bone was an early IPv6 test network that made use of the 3ff3::/16 prefix. It was used by early v6-ers to test and develop IPv6. We owe a lot to the 6bone but IPv6 outgrew it. The network was officially decommissioned on 6/6/06 (geeks to have their moments of flare, don’t they!?). I was teaching an IPv6 class that day. We had a solemn moment of silence to commemorate the 6bone’s deprecation.
ipv6.exe (Windows XP). Status: Deprecated.
Microsot’s original IPv6 command-line IPv6 configuration tool. Windows XP had no GUI for v6 configuration so you had to use either ipv6.exe or netsh. XP was Microsoft’s only OS to ever support ipv6.exe and the all command-line control over IPv6 is now done using netsh. Configuring IPv6 using netsh allows you to make extensive use of your keyboard (command are very long when using netsh in non-interactive mode) but it is an awesome utility.
NAT-PT and NAPT-PT. Status: Deprecated.
The original mechanism for translating packets from IPv6 to IPv4. These guys were big deals in their day but, being packed with many technical issues, were formally tossed aside (e.g. deprecated) in 2007 by RFC 4966.
The Type 0 Routing Header. Status: Deprecated.
A lot of time and energy was spent defining the Type 0 routing header in the original IPv6 RFC (RFC 2460). In the end it provided a lot more benefit to would-be attackers than v6 administrators. The problems with the header, which are of a DoS nature, were nicely presented back in 2007 where it was demonstrated that the Type 0 Routing Header was of much more value to the Legion of Doom than it was the Hall of Justice. The extension header was deprecated by RFC 5095 the same year.
Your valid yet older SLAAC IPv6 addresses. Status: Valid (but deprecated).
Even your OS will treat you to the word ‘deprecated’ from time-to-time. Valid (autoconfigured) addresses have three distinct phases to their life: tentative, preferred and deprecated (in that order). A deprecated IPv6 address is a valid-for-use IPv6 address (e.g. you can send packets using it) for existing connections (connections that were made while the address was in its preferred state) but should not be used for making any new connections. The RFC is careful to use the word “should”. If the only valid address available is deprecated the RFC says an OS may source a new session using the deprecated address.
So what’s the point? A few things:
- The word ‘deprecate’ is used a lot in IPv6’s literature.
- IPv6 has been (and will continue to be) a journey. As a community we do our best but occasionally realize that seemingly good ideas don’t pan out in production. So we adapt. We replace. We deprecate. Get used to seeing the word ‘deprecated’ when dealing with IPv6’s evolution.
- Be careful what you read. There are truckloads of content on the Internet talking about, well, everything …including IPv6. Be careful what you read and pay particular attention to the date it was posted. There is no shortage of documentation on the Internet (and in published books) that is old, outdated and [now] wrong. Forum posts, technet articles, blog posts, networking conference presentations, etc, all have a lot to offer …assuming the knowledge they share hasn’t been deprecated.
Colin Weaver is co-owner and lead instructor at ITdojo, Inc., a network security and information assurance training center and consulting firm located in Virginia Beach, VA. His passion for technology, networks, and security has led him to become enthralled with the idea of IPv6 and its implementation. In this blog he will share with you glimpses of what he has learned and a hint at what you’ll learn in his classes. Visit https://www.itdojo.com to learn more about ITdojo IPv6 course offerings.