"On Thursday, 29 March 2007, a Cisco Systems router, flying
in low Earth Orbit onboard the UK-DMC satellite built by
Surrey Satellite Technology Ltd (SSTL), was successfully
configured by NASA Glenn Research Center to use IPsec and
IPv6 technologies in space."
Its good to know that IPv6 is finally being used along
with encryption! Albeit in outer space, maybe one day we
could all catch up with this "out of this world"
technology that people could now claim is "light years"
ahead of us.
J. Oquendo wrote:
"On Thursday, 29 March 2007, a Cisco Systems router, flying
in low Earth Orbit onboard the UK-DMC satellite built by
Surrey Satellite Technology Ltd (SSTL), was successfully
configured by NASA Glenn Research Center to use IPsec and
IPv6 technologies in space."Its good to know that IPv6 is finally being used along
with encryption! Albeit in outer space, maybe one day we
could all catch up with this "out of this world"
technology that people could now claim is "light years"
ahead of us.
I'm looking forward to a future where pc104/isa bus based routers figure
prominently in the ip core!
Have recently checked the weight requirements for core routers? Seriously heavy lift capacity launch vehicles would be required... not to mention the drag encountered in LEO would likely also be considerable and not yield good uptime.
Best regards,
Christian
I think “core” has a different meaning when the box doing the routing is in LEO or even geosync orbit. It’s not going to be some behemoth pushing 10GigE, it’s going to be a hardened box pushing packets to either the moon, mars, or in-transit craft via RF or laser (depending on bandwidth requirements). I would think weight would be on par with something such as the Hubble (perhaps even lighter).
-brandon
a message of 24 lines which said:
was successfully configured by NASA Glenn Research Center to use
IPsec and IPv6 technologies in space."
Any human on board? Because he would have been able to access useful
content:
The great chicken or the egg dilemma. IPv6 has had operating system and router support for years. But, content providers don't want to deploy it because there aren't enough potential viewers to make it worth the effort. There are concerns about compatibility and breaking IPv4 accessibility just by turning IPv6 on. ISPs don't want to provide IPv6 to end users until there is a killer app on IPv6 that will create demand for end users to actually want IPv6. There hasn't been any reason for end users to want IPv6 - nobody's dumb enough to put desirable content on IPv6 that isn't accessible on IPv4. Until now.
We're taking 10 gigabytes of the most popular "adult entertainment" videos from one of the largest subscription websites on the internet, and giving away access to anyone who can connect to it via IPv6. No advertising, no subscriptions, no registration. If you access the site via IPv4, you get a primer on IPv6, instructions on how to set up IPv6 through your ISP, a list of ISPs that support IPv6 natively, and a discussion forum to share tips and troubleshooting. If you access the site via IPv6 you get instant access to "the goods".
HAHAHAHAHA I always knew that this stuff was the most prevalent and
billable content on the web, but I never thought of using it as a motivating
factor for chage!
Good one!
Scott
a message of 24 lines which said:
> was successfully configured by NASA Glenn Research Center to use
> IPsec and IPv6 technologies in space."
...
We're taking 10 gigabytes of the most popular "adult entertainment"
videos from one of the largest subscription websites on the internet,
and giving away access to anyone who can connect to it via IPv6. ...
*sigh* Off the ground, then into the gutter, eh? From the heights to
the depths ...
First, I find it interesting that you are applying your personal morals to a technical discussion. Actually, I find it sad too.
Second, who said v6 was "the heights"? Many people would argue this actually _lifts_ v6, not drags it down. (And most of those people would further argue v6 should have stayed down.)
Third, where do you work? I work on the Internet. If you are opposed to pr0n, and you work on the Internet, you need to change jobs, FAST. Unless you enjoy self delusion. And don't even think about saying "not on MY network". I don't care if you work for a .gov, there is plenty of nekkid-flesh-bits flying on your network. To think otherwise only proves you are delusional or ignorant.
The only good thing I can say about this proposal is that 10GB is not NEARLY enough to get your typical luser to think about changing their configuration. Therefore, it probably won't have an impact on v6 adoption. (That ghod.)
I'd have to object with such a blanket statement.
I don't think you can say you support IPv6 (from an ISP's point of
view) without DHCPv6, since I don't think anyone at a large ISP
sized scale is going to leave address assignment up to RTADV.
I'm aware that Vista added support for DHCPv6, and I have heard
naught else (aside from the unixes).
So, it's my opinion that IPv6 "may" only recently have started
enjoying the level of operating system support required for
actual ISP-scale use by one major vendor...and I don't know how
commonly deployed Vista is yet.
Patrick W. Gilmore wrote:
The only good thing I can say about this proposal is that 10GB is not
NEARLY enough to get your typical luser to think about changing their
configuration. Therefore, it probably won't have an impact on v6
adoption. (That ghod.)
Nor was it intended to. From what I understand it's an experiment on the
usability of dual-stack servers at this point. Porn happens to be a test
load.
We (myself, previous and current employers) have been deploying dual
stack servers (with published AAAA records) for all sorts of
applications which may or may not give us some reasonable samples of
client behavior (usenet news, ntp servers, open source ftp http mirrors).
Experience would suggest that before content providers can build a
business case for dual stack servers they need to confirm they're not
going to loose eyeballs as a result.
...
Second, who said v6 was "the heights"? ...
My, aren't we serious? Too serious to realize that satellites are a
little higher than I, at least, can reach.
Guess I missed that reference. Silly of me. Fine imagery. Just like the stuff you can get for free if you use a v6 stack.... 
As for being serious, I do believe you were the one who claimed v6 was going "into the gutter", and "the depth". Pot, kettle, black? Actually, you went beyond being serious by implying some type of moral superiority.
Which is fine, you packets can be morally superior to mine....
Yes. Silly of you. I think you may have missed more than the singular reference.
This back and forth has little to do with morality and more to do with opinion.
Yet it begs, how moral is an argument of ‘my opinion is superior to your opinion’?
Such a lashing of another’s opinion under the pretense of removing someone from their lofty perch to restore equality is hardly equality at all.
Everyone is entitled to their opinion. Though, I doubt Mr. Yao was expressing his so strongly.
Gian Anthony Constantine
IPv6 has had operating system and router support for years.
I'd have to object with such a blanket statement.
I have a Cisco 2500 with software from 1999 and a Windows XP box with software from 2001, both supporting IPv6, sitting here... I didn't get my first Mac until 2002, but that one supported IPv6 at that point, too.
I don't think you can say you support IPv6 (from an ISP's point of
view) without DHCPv6, since I don't think anyone at a large ISP
sized scale is going to leave address assignment up to RTADV.
There is a provisioning problem with IPv6, yes. For instance, you can't get an IPv6 address over PPP, like you can with IPv4. But I don't see how DHCPv6 solves that. I can see how _enterprises_ might like DHCPv6, because hosts coming up with the bottom 64 bits of the address is just way to anarchistic for them. But ISPs don't care. They'll just give out prefixes rather than individual addresses, so the router advertisements vs router advertisements + DHCPv6 question never comes up. (Yes, if you have DHCPv6 you still need RAs because DHCPv6 can't give you a default gateway.) And customers rarely connect their hosts directly to ISP-controlled boxes these days, there is usually some kind of home gateway involved.
I have a Cisco 2500 with software from 1999 and a Windows XP box with
software from 2001, both supporting IPv6, sitting here... I didn't
get my first Mac until 2002, but that one supported IPv6 at that
point, too.
It would be foolish to suggest that software implementing IPv6 has
not existed for many years.
It would also be foolish to use "support IPv6" as a blanket
statement, when the features have not truly been usable by more
than bearded geeks.
There is a provisioning problem with IPv6, yes.
Note that the word 'provisioning' is more than just 'addressing'.
A given ISP may or may not directly communicate with end hosts
using any form of DHCP, but the current broadband ISP models which
are de rigeur would not be salient without DHCPv4 on the end hosts,
even if that is only between the set top box and customer.
So it might not be "their job", but it's still an important facet
of the architecture. One could say that although a DHCP department
doesn't exist within ISP's, there would have been a need for a
staffed department in its absence.
I remember the era when we used to deliver "install" floppies to our
prospective customers. And I can tell you they weren't a very good
idea.
Web pages full of instructions, flyers with "simple to follow" steps,
none of them really worked very well either. Even if our iconic
mascots trying to make the instructions friendlier were awfully cute.
What DHCP and PPP did do, was to remove all of that, and make ISP
integration of customer premise something that could "just happen"
without any handholding or bearded geekery.
When you can plug your computer in, and automatically (with no
clicking) get an IPv6 address, have something tell you where your
DNS assist servers, configure web proxies, and solve your dynamic
dns problems (as IPv4 set top boxes do today), then I would allow
you the use of the words 'supports IPv6' rather than 'implements
IPv6'.
On the subject of DNS, I think you are going to find that, since
IPv6 addresses do not pass the 'phone test', IPv6 customers will
have a new emphasis on having their names in DNS. But these are
forward looking statements, and it's equally possible that people
will be moved instead to use presence networks.
A given ISP may or may not directly communicate with end hosts
using any form of DHCP, but the current broadband ISP models which
are de rigeur would not be salient without DHCPv4 on the end hosts,
even if that is only between the set top box and customer.
Sure, but that's because with IPv4, there are only three flavors:
- manual configuration
- PPP
- DHCP
With IPv6, there's of course still manual configuration, but PPP is out because it can't negotiate IPv6 addresses. New in IPv6 is stateless autoconfiguration, which will give you addresses and default gateways, but (so far) not extra info such as DNS addresses.
The situation for DHCP in IPv6 is very different from the one in IPv4: because DHCPv6 was late to the party (IIRC the final RFCs came out around 2003, decent implementations are still not abundant) and we have stateless autoconfig, the focus for DHCPv6 was to provide additional information (those !#$ DNS addresses) and a new trick: prefix delegation. This is a mechanism where routers can lease a prefix from a DHCP server, and then use that prefix in their router advertisements. This is a great tool for provisioning.
The DHCPv6 servers and clients that I tested two years ago didn't even support address assignment to hosts. And note that even when hosts do, and a DHCPv6 server is available, these hosts must still listen for router advertisements because DHCPv6 doesn't provide a default gateway address, like DHCP for IPv4 does.
What DHCP and PPP did do, was to remove all of that, and make ISP
integration of customer premise something that could "just happen"
without any handholding or bearded geekery.
Fortunately, the IETF got things right the sixth time around (?) by adding the stateless autoconfig to IPv6, so these additional mechanisms aren't necessary.
When you can plug your computer in, and automatically (with no
clicking) get an IPv6 address,
Like I said, this part has never been a problem with IPv6.
have something tell you where your DNS assist servers,
There will be a router advertisement option to learn DNS servers. Note though, that this is only an issue for hosts that are IPv6-only, which isn't exactly the typical use case today.
configure web proxies,
??
and solve your dynamic dns problems
Which dynamic DNS problems? It works just fine for me.
On the subject of DNS, I think you are going to find that, since
IPv6 addresses do not pass the 'phone test', IPv6 customers will
have a new emphasis on having their names in DNS.
And exactly how often do people type in the address of their own system...?
A problem with the DNS and IPv6 is that unlike IPv4, you can't pre-populate the DNS so that each host has a valid DNS name as soon as it receives an address. Manual configuration is problematic for more than the obvious reasons: host may use temporary IPv6 addresses with random lower bits to avoid exposing their MAC address. The only reasonable way to solve this is with dynamic DNS updates. This would be bad except that customers will usually have their own prefix in IPv6 so this should be solvable security-wise.
I've heard you say this a few times now, but I am also told by various people in various places that they have succeeded in getting IPv6 addresses assigned using PPPoE. Colour me confused.
Does RFC 2472 have some practical limitations in the real world that I haven't noticed? Or is the problem a simple matter of implementation?
Joe
With IPv4, PPP IPCP will negotiate a whole bunch of stuff, including the addresses of both sides of the link. PPP IP6CP only negotiates a 32-bit unique token for each side which can then be used to create link local addresses.
Two years ago, when I was writing my IPv6 book, I did some testing between an Cisco 2500 and a MacOS 10.4 system to see how IPv6 over PPP behaves, and the result was that it did work, but there was no address assignment from the router to the Mac, not through PPP, because it doesn't support it, and not through router advertisements, for reasons unknown. Probably someone decided that stateless autoconfig on a point to point link didn't make sense.
(Note that the pppd in question is common to both the BSD family and Linux.)
I have no idea what's different in the PPP over ethernet setup, but it could be many things, such as that the PPP implementations do support stateless autoconfig there, or that it's not actual IPv6 over PPP but rather IPv6 over IPv4 or over bridged ethernet.
I'm pretty sure l2tpns has IPv6 support of some sort.
I was planning on trialling it in exactly this setup - LNS services
for L2TP-provided PPPoE ADSL. Has anyone here done this and enabled
IPv6 negotiation?
<off-topic>
Has anyone sorted out the issues relating to end-point IPv6 security
for home PCs now that NAT is removed?
</off-topic>
Adrian
When you can plug your computer in, and automatically (with no
clicking) get an IPv6 address,
Router Advertisements let you automatically configure as many IPv6 addresses as you feel like.
> have something tell you where your DNS assist servers,
Microsoft had an old expired draft with some default anycast IPv6 nameserver addresses:
fec0:0:0:ffff::1
fec0:0:0:ffff::2
fec0:0:0:ffff::3
-- http://tools.ietf.org/id/draft-ietf-ipv6-dns-discovery-04.txt
While this was never accepted by the IETF, I believe windows machines still use these by default if they have no other name servers but do have IPv6 connectivity.
This could be a fairly simple defacto standard if network operators start using it. This is an obvious weak link in the chain at this point tho.
> configure web proxies,
once you have DNS you can use the WPAD proxy auto discovery thingamabob.
and solve your dynamic dns problems (as IPv4 set top boxes do today),
Updating your forward/reverse dns via DNS Update messages isn't that uncommon today.
See:
where hosts are trying to update the root zone with their new names.
So you can get from A to D without requiring DHCPv6.