Just one man's experience, but my YouTube performance over my Hurricane
Electric tunnel has been strikingly poor lately - so much so that I was
thinking of squashing v6 in my house entirely. Looking for your
experiences/thoughts on whether cutting over to SixXS or Routinghouse could
be a path to 1080p cat video bliss instead.
I haven't noticed any significant performance degradation to Youtube lately over my HE tunnel. My home ISP is Verizon Fios.
Are you experiencing problems _just_ to Youtube, or wider-scale problems in general? If it's the latter, perhaps there's congestion or some other problem between your ISP and HE.
jms
Just one man's experience, but my YouTube performance over my Hurricane
Electric tunnel has been strikingly poor lately
Instead of saying that something is "poor", you might want to do the
operational/technical[1] thing and include things like:
- IPv4 traceroute from your endpoint to the PoP you are using
- IPv6 traceroute over the tunnel to the destination that is "poor"
And depending on things tcpdump/wireshark might be an amazing tool too.
There are apparently some US ISPs who are throttling protocol-41 btw,
which might actually be what your problem is.
Only data will tell though.
I am fairly sure that bringing problems with HE up to them directly or
at least on their forums instead of a mailinglist for Network
Operators[1] will get you better results...
- so much so that I was
thinking of squashing v6 in my house entirely. Looking for your
experiences/thoughts on whether cutting over to SixXS or Routinghouse could
be a path to 1080p cat video bliss instead.
For SixXS it all depends on which ISP network you are located in and
what PoP you select. If you are west-coast, at the moment, you will
likely not get the best performance as there are no PoPs in that area
and thus you would have to cut through the country.
But more importantly: did you consider asking your ISP for native IPv6?
Greets,
Jeroen
I've found HE's support to be surprisingly responsive, even to non (paying) customers. You might reach out to them.
--Blake
I was attempting to determine the lowest-time-cost path to "happy wife". My
candidate paths are "kill v6", "sixxs", "routinghouse" and I was looking
for anecdotes that might lead me to test one over another.
Yes there are better operational approaches if I ditch the "happy wife" &&
low-cost (time) concerns, but it certainly seems that the problem of
reliable high-quality video streams is more complex than a
traceroute/tcpdump are going to indicate. Where is the wireshark button my
Chromecast? What is the PoP I am using for this particular video versus
another? Is this request filled from Google Global Cache or not? I am
choosing not to tilt at these particular windmills.
There are not Amazon reviews for tunnel brokers, so yes, I come to an
operator mailing list.
I was attempting to determine the lowest-time-cost path to "happy wife".
Does your wife care it is IPv4 or IPv6 or just "funny cat videos"?
I think your answer should be clear from that perspective.
As somebody eager to post on NANOG though one would think it prudent and
a good challenge to figure out what the problem is and actually resolve
that problem. You might learn something from it.
My candidate paths are "kill v6", "sixxs", "routinghouse" and I was
looking for anecdotes that might lead me to test one over another.
There are these things called search engines, you might know about them.
Depending on the exact query though, you might or might not get an
appropriate answer.
Remember that the US is a rather large country with a very big network,
and a very big variance in ISPs hence the answers found will not always
match what you will be looking for, especially when you are unable to
provide details of your problem.
Yes there are better operational approaches if I ditch the "happy wife"
&& low-cost (time) concerns, but it certainly seems that the problem of
reliable high-quality video streams is more complex than a
traceroute/tcpdump are going to indicate.
As the first big leg goes over IPv4, traceroutes and such information
can be extremely useful as it might just expose a choke point.
That choke point IS something that people on NANOG maybe could do
something about. Though the direct thing is to contact your ISP. As you
have a tunnel, that means both the IPv4 and IPv6 provider.
As an enduser you could also check the various speedtest sites etc.
I'll provide you also with the SixXS answer as per google(tunnel is
slow): FAQ : Connectivity (Tunnels and Subnets) : The tunnel is slow :: SixXS - IPv6 Deployment & Tunnel Broker
That lists a variety of other things to look at. Definitely meant for
end-users though, not operators.
You can also ask around on Freenode's IPv6 channel
http://webchat.freenode.net/?channels=ipv6&uio=d4
Lots of knowledgeable people there who can help you debug the issue.
Where is the wireshark button my Chromecast?
Does your Chromecast terminate the tunnel?
As you seem to have a @google.com address, you might want to ask
internally about that feature.
What is the PoP I am using for this particular video
versus another?
Is this request filled from Google Global Cache or not?
I am choosing not to tilt at these particular windmills.
It seems you pick the other meaning of PoP.
The meaning I referred to was the Tunnel Broker's PoP, see also:
https://en.wikipedia.org/wiki/List_of_IPv6_tunnel_brokers
And yes, indeed, if you have network issues on the IPv4 leg between your
host and the PoP (eg the IPv4 ISP doing ratelimiting of protocol-41)
then that will also affect your IPv6 traffic.
It is surprising that you have to ask on NANOG about the other kind of
PoP (the google kind), as well, you could ask your colleagues about that
who will be much more able to answer those kind of questions.
There are not Amazon reviews for tunnel brokers, so yes, I come to an
operator mailing list.
Amazon does not sell those things.
Also, depending on the setup chosen, you'll find a wide variety of
(Tunnel Broker) PoPs and thus they all affect what one might actually be
reviewing, hence, better to ask directly at the provider in question.
Greets,
Jeroen
For the record, I would leave my wife if I found her watching funny cat videos. V6 would increase the settlement amount, but she would be history.
IRC is a good suggestion, thanks. They'll likely be helpful.
I see no indication of any throttling from my ISP - I can blast data at
full speed to my home from my server and work (with native v6 connections).
Contacting my ISP (Verizon FiOS) is virtually never a reasonable path to a
solution. I just tried poking at iPerf, but my client and server are wildly
different versions and it seems to be lying to me about my speed
(14748046472308289536 Bytes/sec)
To be clear, I was seeking opinions/experiences on a list that was likely
to have a high occurrence of folk with v6 tunnels. You have etiquette
suggestions, but not YouTube over tunnelbroker suggestions. I apparently
bring out your inner grump? Do you need a hug?
Burning Google engineering time would be a sub-optimal way to get HD cat
videos at home with the least time spent.
IRC is a good suggestion, thanks. They'll likely be helpful.
I see no indication of any throttling from my ISP - I can blast data at
full speed to my home from my server and work (with native v6
connections).
Does that path between your $home and $server go over the tunnel you
find so "slow"?
If so, then you have just nicely excluded that the tunnel is NOT the
problem.
Hence, why traceroutes would be so extremely useful.
Contacting my ISP (Verizon FiOS) is virtually never a
reasonable path to a solution.
google(Verizon FiOS throttle) = 71.900 results. One would almost think
that there might sometimes be issues there.
Also, do realize that the IPv6 path you are using goes over a shared
host (the Tunnel Broker PoP) that has IPv4 and IPv6 capacity that might
be shared in various points of the paths your packets cross.
Did you test at the same time of your "blast data" that the IPv6 Youtube
was working fine?
Another thing, as browsers now do "Happy Eyeballs" (which is really
horrible to diagnose issues with on OSX), did you check if everything is
really going over IPv6? (hence the tcpdump/wireshark).
[..]
To be clear, I was seeking opinions/experiences on a list that was
likely to have a high occurrence of folk with v6 tunnels.
Tunnels are for endusers who still are at ISPs who don't do IPv6 natively.
NANOG has operators who have been running native IPv6 for over a decade.
Hence, StackExchange might be useful for your purpose.
You have
etiquette suggestions, but not YouTube over tunnelbroker suggestions. I
apparently bring out your inner grump? Do you need a hug?
My cat videos are streaming perfectly fine...
Burning Google engineering time would be a sub-optimal way to get HD cat
videos at home with the least time spent.
Interesting, I was not aware they did not care about their eyeballs.
Actually I am very confident lots of folks there would love to dig into
your issue to actually resolve it. As when it is hitting you, it might
hit other customers.
Is that also not why there is this huge SRE department with lots of IPv6
knowledgeable folks?
Greets,
Jeroen
... and the suggestion you've received several times now is, "reach out to HE, as they are quite responsive."
Good luck,
Doug
Not sure I've seen any evidence (or implied) that the tunnel was the
problem. My issue as far as I know is at the application layer and other
end-user experiences seemed a reasonable way to pick a direction. I will
work with HE though and provide them some details.
Agreed, from an end-user perspective it can be often be clear as mud
whether I am using v6, or whether my Chromecast or Android device even
implements happy eyeballs. The relatively new "experiencing problems?"
butter bar that shows up beneath a video with notable buffering problems
(even at low quality levels) sends the user through to details about the
service provider, in this case HE. Over the past couple years YouTube has
been my canary to know when I've received a new IP from Verizon and I need
to go fix my tunnel -- video loading takes fuuuuuuuurever on
Android/Chromecast/GoogleTV (which hints that happy eyeballs, if it exists
for Android, isn't working so well for the YouTube app).
I can't get native v6 at my home -- I'm probably not in a particularly
unique situation. Not to rathole the dicsussion, but as far as I know (save
for some small DSL providers) unless I'm in a gFiber city or happen to be
in the portion of the Comcast network that provides native v6 I'm out of
luck. I don't plan on moving to solve this problem.
Happy Eyeballs is only about TCP session setup race, not how the
established session performs. Normally with bias (headstart) for IPv6,
sometimes (Apple) egoistic and reckless without.
Best regards,
Daniel
Sorry, I wasn't clear. When my tunnel is not functioning correctly my end
hosts still have global v6 addresses and a route. The v6 tcp connections
would fail entirely, so v4 would handily win a tcp setup race. A v4-only
client does not experience huge delays in video loading. I'm not sure happy
eyeballs is implemented in Android.
Not sure I've seen any evidence (or implied) that the tunnel was the
problem. My issue as far as I know is at the application layer and other
end-user experiences seemed a reasonable way to pick a direction. I will
work with HE though and provide them some details.
i have this: yt_
that I should add to a code.google.com location... and will ship you a
copy tomorrow of as well. Running this on my home fios + he-tunnel
bits now to see what result come out.
I'd report that the YT homepage seems to be 'super slow' loading and
that when I stream:
<https://www.youtube.com/watch?v=LDZX4ooRsWs> (was on the YT homepage
as a featured video.. though I am a sucker for the song....)
I seem to stream from: 2607:f8b0:400d:c06::81
qh-in-x81.1e100.net.
that's not TOO far off my homebase, so... it seems reasonable for a
geolocation choice.
Agreed, from an end-user perspective it can be often be clear as mud
whether I am using v6, or whether my Chromecast or Android device even
implements happy eyeballs. The relatively new "experiencing problems?"
butter bar that shows up beneath a video with notable buffering problems
(even at low quality levels) sends the user through to details about the
service provider, in this case HE. Over the past couple years YouTube has
been my canary to know when I've received a new IP from Verizon and I need
to go fix my tunnel -- video loading takes fuuuuuuuurever on
Android/Chromecast/GoogleTV (which hints that happy eyeballs, if it exists
for Android, isn't working so well for the YouTube app).I can't get native v6 at my home -- I'm probably not in a particularly
unique situation. Not to rathole the dicsussion, but as far as I know (save
for some small DSL providers) unless I'm in a gFiber city or happen to be
in the portion of the Comcast network that provides native v6 I'm out of
luck. I don't plan on moving to solve this problem.
i think jjb's report was that 'all' of comcast (consumer at least) is
v6 capable... as a point of reference. I expect the heat-death of the
universe before fiosv6 happens though. (back on that 'simply
embarassing' commentary from 8+ months ago, of course)
-chris
i have this: yt_
funny... part of the filename disappeared here 
./yt_troubleshooting.py
that I should add to a code.google.com location... and will ship you a
copy tomorrow of as well. Running this on my home fios + he-tunnel
bits now to see what result come out.I'd report that the YT homepage seems to be 'super slow' loading and
that when I stream:
<https://www.youtube.com/watch?v=LDZX4ooRsWs> (was on the YT homepage
as a featured video.. though I am a sucker for the song....)I seem to stream from: 2607:f8b0:400d:c06::81
qh-in-x81.1e100.net.
apologies, if I change the 720p I start streaming from:
2607:f8b0:4004:1b::6
which is much closer to verizon-land, so my packets go:
me -> verizon -> he -> google -> he -> verizon -> me
I'm betting that in one direction or the other the he/verizon links
are no-bueno
Hi - does anyone know if DHCPv6 authentication is commonly used in
operational networks? If so, what has been the experience in terms
of DHCPv6 servers being able to discern legitimate clients from
rogue clients?
Thanks - Fred
fred.l.templin@boeing.com
FWIW, loading up a lovely 1080p video now at a time when I am guessing the
HE/VZ links are running a little more hot than not and I'm getting perfect
playback and nload is showing that I hit a max of 67.9Mb/s on my tunnel. I
have not tested with _all_ full hd cat videos, but that sounds like a good
challenge for tonight.
If you are already connected to the network you are going to be deemed as authenticated. I'm unaware of anyone doing dhcp authentication.
Jared Mauch
My clients typically do DHCP authentication in order to have the ability to tell which user has which IP at what time. The challenge with doing this with IPv6 is that the original DHCPv6 spec has no provision for there to be any unique identifier that can be tied to a particular user like DHCPv4 does. RFC 6939 defines a way to fix that, but I have yet to see it implemented by anything.
thanks,
-Randy
Hi Jared,
I am assuming 802.1x (or equivalent) security at L2, but the "link" between
my DHCPv6 client and server is actually a tunnel that may travel over many
network layer hops. So, it is possible for legitimate client A to have its
leases canceled by rogue client B unless DHCPv6 auth or something similar
is used. Yes, rogue client B would also have to be authenticated to connect
to the network the same as legitimate client A, but it could be an "insider
attack" (e.g., where B is a disgruntled employee trying to get back at a
corporate adversary A).
Thanks - Fred
fred.l.templin@boeing.com