For those that don't know, World of Warcraft is currently the largest online role playing game, with somewhere over 12 million subscribers.
Version 4.1 of the game is expected to be released this Tuesday, which will be automatically pushed to all clients. The current Beta version of 4.1 has full IPv6 support. In the beta, it's automatically enabled if you have native IPv6 (non-6to4, non-Teredo). While Blizzard has been pretty silent about this, barring a last minute revert or delay of this patch, there are suddenly going to be a bunch more users that can potentially use IPv6. And these users are the type who are going to be especially sensitive to latency, jitter and packet loss, since this is a real-time game platform.
For those of you with Help Desks who have to support users like this, the associated setting in the game's Options menu is apparently called "Enable IPv6 when available". It's apparently grayed out if you do not have IPv6 at all, unchecked by default if you are on 6to4 or Teredo, and checked by default if you are on native v6. The tooltip says: "Enables the use of IPv6, the technology behind the next-generation Internet. Requires IPv6 connectivity to the internet. Checking this box without IPv6 connectivity may prevent you from playing WoW."
Anyone from Activision/Blizzard who would like to chime in with more details? 
-- Kevin
I can't say that I'm from Blizzard, but I'm *seriously* impressed by
them for making this happen. Kudos to Blizzard!
Tom
In the beta, it's automatically enabled if you have native IPv6 (non-6to4, non-Teredo).
[...]
For those of you with Help Desks who have to support users like this, the associated setting in the game's Options menu is apparently called "Enable IPv6 when available". It's apparently grayed out if you do not have IPv6 at all, unchecked by default if you are on 6to4 or Teredo, and checked by default if you are on native v6. The tooltip says: "Enables the use of IPv6, the technology behind the next-generation Internet. Requires IPv6 connectivity to the internet. Checking this box without IPv6 connectivity may prevent you from playing WoW."
The PTR notes don't seem to indicate that it will be enabled by default in any way when it goes live (it may be behaving as you describe specifically for data-gathering purposes in PTR, but it doesn't look like they intend to do that in live):
The Network category contains the options "Optimize network for speed" and "Enable IPv6 when available". "Optimize network for speed" will be enabled by default, and will send packets more frequently at the cost of higher bandwidth. The higher bandwidth may lead to disconnects for some players who have limited bandwidth. Players getting disconnected frequently should try unchecking this box.
That call-out to the "optimize network" being enabled by default, with no such reference to the IPv6, leads me to believe that it'll be "proactive only" in the short-term. Probably until they see what the wider impact and problems are from non-PTR folks who test it out.
D
I arranged a test this morning. With a laptop running 4.1 on a dual-stack network the IPv6 option is greyed out under Network Options.
I'm assuming your suggestion that the Blizzard servers are not yet enabled is probably correct, but that the clients now have capability.
Would be interesting to know what they consider a 'valid IPv6 connection'.
Tim
Well, with full native IPv6 on ethernet using ARIN direct assigned addresses, it's still
grayed out. I'm going to send in a support request and ask why it doesn't work.
Owen
More here: http://ipv6.blizzard.com/
To test IPv6 in World of Warcraft, you'll need to edit your
config.wtf file and add the following line:
SET unlockIPv6 "1"
This will activate the IPv6 features. If your computer has
a valid IPv6 address, you'll be able to check the "Enable
IPv6" checkbox from the Network options in the World of
Warcraft client. Once in the game, you'll be able to see
which type of connection the client has made to the realms
next to the latency information.
Frank
Just grabbed the Trial and tested it.
Verified that IPv6 is used for World of Warcraft on the Antonidas
server. It works pretty well actually.
I see they replicated their practice of dropping all ICMP traffic for
IPv6. Not sure that's the best idea.
Anyone know if they plan to leave it working now and possibly expand
it too all their servers?
Ray
Just grabbed the Trial and tested it.
Verified that IPv6 is used for World of Warcraft on the Antonidas
server. It works pretty well actually.
I see they replicated their practice of dropping all ICMP traffic for
IPv6. Not sure that's the best idea.
It's *never* been a good idea let alone a best idea however it was
the only solution to a problem in the last millinium and really
should only be deploy to protect those 20 year old boxes that still
have that problem.
Way to much of security so called "best practice" isn't and actually
has deterimental effects that outweigh any benifits.
Mark
I'm not sure the best way to fix this as there's all these common misconceptions about technology out there.
MYTHS:
TCP/53 is only for zone transfers
ICMP is a security risk/ddos avenue
Internal networks must be secured with NAT
A firewall is the only way to secure the perimiter
In fact for IPv6, ICMP is more important vs less. Firewalls frequently harm and don't block data going out. TCP/53 is needed for EDNS. IPv6 doesn't have the concept of NAT, or at least not in the same way as people use 1918 space at home and in IT networks...
I'm not sure the best way to deal with this. There's a lot of netadmins (perhaps myself included) that operate in a universe where they treat these items as fact, real and even on an audit-checklist.
When it comes to enabling IPv6 on your NOC or corporate network, how will they respond? "Wait, they will have a globally routed IP address? How do I NAT that?"
It does alter the environment of enforcing a security policy. Then again with all this "cloud" stuff (should that read return to mainframe processing days?), it may not matter as much since what you're securing will be "in the cloud", a remote location that has a pre-existing security policy that meets whatever your standards are (FIPS, FISMA, the auditors, etc..)
- Jared
tcp/53 is needed when EDNS is _not_ available and DNS message size exceeds 512 bytes. UDP fragments are (sometimes) necessary for EDNS.
So, that adds to your MYTHS section:
Fragmented packets (like ICMP) are always a security risk and DDoS vector
michael