Matthew Kaufman <matthew@matthew.at> writes:
My Desktop is not able to make any IPv4 socket connections anymore. I get "Protocol not supported". So there are IPv6-only users, already bitten by no AAAA. So that's -1 from me.
Sounds to me like you're not on The Internet any more.
in <http://www.merit.edu/mail.archives/nanog/2001-04/msg00294.html> we see: (*2) Q: But what IS the Internet? A: "It's the largest equivalence class in the reflexive, transitive, symmetric, closure of the relationship 'can be reached by an IP packet from'". Seth Breidbart by which definition, matthew's observation would be correct. folks who want to run V6 only and still be "on the internet" will need proxies for a long while. folks who want to run V6 only *today* and not have any proxies *today* are sort of on their own -- the industry will not cater to market non-forces. -- Paul Vixie KI6YSY
On May 14, 2011, at 12:47 PM, Paul Vixie wrote:
Matthew Kaufman <matthew@matthew.at> writes:
My Desktop is not able to make any IPv4 socket connections anymore. I get "Protocol not supported". So there are IPv6-only users, already bitten by no AAAA. So that's -1 from me.
Sounds to me like you're not on The Internet any more.
in <http://www.merit.edu/mail.archives/nanog/2001-04/msg00294.html> we see:
(*2) Q: But what IS the Internet? A: "It's the largest equivalence class in the reflexive, transitive, symmetric, closure of the relationship 'can be reached by an IP packet from'". Seth Breidbart
by which definition, matthew's observation would be correct. folks who want to run V6 only and still be "on the internet" will need proxies for a long while. folks who want to run V6 only *today* and not have any proxies *today* are sort of on their own -- the industry will not cater to market non-forces.
I think that the real question is, when will people who are running IPv4 only not be on the Internet by this definition ? Regards Marshall
-- Paul Vixie KI6YSY
From: Marshall Eubanks <tme@americafree.tv> Date: Sat, 14 May 2011 13:02:16 -0400
I think that the real question is, when will people who are running IPv4 only not be on the Internet by this definition ?
is there an online betting mechanism we could use, that we all think will still be in business decades from now when the truth is known? if we're going to start picking the month and year when IPv4 is the new "PDP-11 compatibility mode" (that's a VAX reference), where the winner is whoever comes closest without going over, my pick is July 2021, and i'm in for $50.
On Sat, May 14, 2011 at 1:06 PM, Paul Vixie <vixie@isc.org> wrote:
From: Marshall Eubanks <tme@americafree.tv> Date: Sat, 14 May 2011 13:02:16 -0400
I think that the real question is, when will people who are running IPv4 only not be on the Internet by this definition ?
is there an online betting mechanism we could use, that we all think will still be in business decades from now when the truth is known?
if we're going to start picking the month and year when IPv4 is the new "PDP-11 compatibility mode" (that's a VAX reference), where the winner is whoever comes closest without going over, my pick is July 2021, and i'm in for $50.
Two suggestions: 1. Predict the condition, not the date. In other words, not "Condition X will occur at Y" but "At Y, condition X will be true." The problem with predicting the date is that the bet can't close until the condition occurs. That leaves an unbounded case. 2. Measurability. How do you measure, "IPv4 is the new PDP-11 compatibility mode?" Try something like, "In the month of July 2021, X% of the network traffic by packet count on the top 5 Internet carriers will contain IPv4 packets. " Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
From: Paul Vixie <vixie@isc.org> To: nanog@nanog.org Subject: Re: Yahoo and IPv6 Date: Sat, 14 May 2011 17:06:45 +0000
From: Marshall Eubanks <tme@americafree.tv> Date: Sat, 14 May 2011 13:02:16 -0400
I think that the real question is, when will people who are running IPv4 only not be on the Internet by this definition ?
is there an online betting mechanism we could use, that we all think will still be in business decades from now when the truth is known? if we're going to start picking the month and year when IPv4 is the new "PDP-11 compatibility mode" (that's a VAX reference), where the winner is whoever comes closest without going over, my pick is July 2021, and i'm in for $50.
You could probably interest the University of Iowa College of Business in it. See: <http://tippie.uiowa.edu/iem/index.cfm> The genesis of of this project was a 'futures' exchange on candidates for the office of President of the United States. It's had an amazing track- record of identifying 'winners' there.
When the RIAA and friends in congress and international chapter affiliates make it illegal to share a network address. Sorry that is when we turn them back on!! Christian de Larrinaga On 14 May 2011, at 19:27, "John Levine" <johnl@iecc.com> wrote:
I think that the real question is, when will people who are running IPv4 only not be on the Internet by this definition ?
Probably never. What would be the incentive to turn off the NAT gateways?
R's, Joh
On 14 mei 2011, at 18:47, Paul Vixie wrote:
folks who want to run V6 only and still be "on the internet" will need proxies for a long while. folks who want to run V6 only *today* and not have any proxies *today* are sort of on their own -- the industry will not cater to market non-forces.
And clearly that situation can be kept that way for a long time by simply not serving them anything over IPv6. But is that wat we want? Currently IPv4 is pretty good but that's not going to last once 1.5 NATs on average between any two points grows to 3.8 of them, with 1.7 starved for address/port combinations*. At that point you can technically still be 100% connected using just IPv4, but it won't be much fun anymore. * numbers pulled out of the air by yours truly, but based on two consumers with home NAT today and with additional carrier NAT in the future. I've been on IPv6 for a long time. When I started with IPv6, the only applications (to use the term loosely) that understood v6 were ping6 and traceroute6. These days, I think the only thing I wouldn't be able to do over IPv6 is print. It used to be that IPv6 pingtimes were 2 - 3 times worse than IPv4 pingtimes. They're pretty much the same 80% of the time now. I used to have 8 IPv4 addresses, enough for most of my computers. I have one now, with mandatory NAT. When I move later this year I may very well only have a partial IPv4 address. The times are a-changing.
dditional carrier NAT in the future.
I've been on IPv6 for a long time. When I started with IPv6, the only applications (to use the term loosely) that understood v6 were ping6 and traceroute6. These days, I think the only thing I wouldn't be able to do over IPv6 is print. And I've been able to print using IPv6 on the $200 HP ethernet/wireless
On 05/14/2011 01:59 PM, Iljitsch van Beijnum wrote: printer I bought over 18 months ago... Times are changing. But we have to get naming squared away. Typing IPv6 addresses is for the birds, and having everyone have to go fuss with a DNS provider isn't a viable solution. - Jim
Jim Gettys <jg@freedesktop.org> writes:
... we have to get naming squared away. Typing IPv6 addresses is for the birds, and having everyone have to go fuss with a DNS provider isn't a viable solution.
perhaps i'm too close to the problem because that solution looks quite viable to me. dns providers who don't keep up with the market (which means ipv6 and dnssec in this context) will lose business to those who do. -- Paul Vixie KI6YSY
Jim Gettys<jg@freedesktop.org> writes:
... we have to get naming squared away. Typing IPv6 addresses is for the birds, and having everyone have to go fuss with a DNS provider isn't a viable solution. perhaps i'm too close to the problem because that solution looks quite viable to me. dns providers who don't keep up with the market (which means ipv6 and dnssec in this context) will lose business to those who do. I don't believe it is currently viable for any but the hackers out
On 05/14/2011 07:39 PM, Paul Vixie wrote: there, given my experience during the Comcast IPv6 trial. Typing V6 addresses (much less remembering them) is a PITA. You are asking people who don't even know DNS exists, to bother to establish another business relationship (or maybe DNS services might someday be provided by their ISP). If you get past that hurdle they get to type long IPv6 addresses into a web page they won't remember where it was the year before when they did this the last time to add a machine to their DNS. The way this "ought" to work for clueless home users (or cluefull users too, for that matter) is that, when a new machine appears on a network, it "just works", by which I mean that a globally routeable IPv6 address appears in DNS without fussing around using the name that was given to the machine when it was first booted, and that a home user's names are accessible via secondaries even if they are off line. And NXDOMAIN should work the way it was intended, for all the reasons you know better than I. This is entirely possible ;-). Just go ask Evan Hunt what he's been up to with Dave Taht recently.... - Jim Right now, IPv6 is worse than IPv4 for home users; we need
Date: Mon, 16 May 2011 14:37:46 -0400 From: Jim Gettys <jg@freedesktop.org>
perhaps i'm too close to the problem because that solution looks quite viable to me. dns providers who don't keep up with the market (which means ipv6+dnssec in this context) will lose business to those who do.
I don't believe it is currently viable for any but the hackers out there, given my experience during the Comcast IPv6 trial. Typing V6 addresses (much less remembering them) is a PITA.
You are asking people who don't even know DNS exists, to bother to establish another business relationship (or maybe DNS services might someday be provided by their ISP).
actually, i'm asking the opposite. only hackers run their own dns mostly; the vast majority of users who don't know what ipv6 or dnssec are, are already outsourcing to ultradns/neustar, or verisign, or dyn.com, etc, or for recursive they're using opendns, google dns, etc. these companies can either add the new services and do outreach to their customer bases, or they can allow their competitors to do so. of those who still run their own dns, the vast majority actually do know the dnssec and ipv6 issues facing them.
If you get past that hurdle they get to type long IPv6 addresses into a web page they won't remember where it was the year before when they did this the last time to add a machine to their DNS.
i've been using ipv6 dual stack for ten years at ISC and for one year at home (i was comcast's first north american dual stack native customer) and the only time i type long ipv6 addresses is when editing dns zone files or configuring routers and hosts. i think your experiences may have been worse than mine and i'll be interested in knowing whether they're common.
The way this "ought" to work for clueless home users (or cluefull users too, for that matter) is that, when a new machine appears on a network, it "just works", by which I mean that a globally routeable IPv6 address appears in DNS without fussing around using the name that was given to the machine when it was first booted, and that a home user's names are accessible via secondaries even if they are off line.
this is why ISC DHCP and ISC BIND can communicate using RFC 2136 DNS dynamic updates, secured with RFC 2845 transaction signatures. once you get this running then you don't have to type ipv6 addresses anywhere. and i know that infoblox and other BIND Inside appliance vendors have the same capability, and that Cisco and other DNS/DHCP vendors can also participate in these open standards pretty much out of the box. this is what i worked on when i first found out about IETF back in 1995 or so. it's all done now you just have to learn it and deploy it. (and if you don't think end users ought to have to learn how to configure their DHCP to talk to their DNS, i will point them at a half dozen appliance and outsourcing vendors who can take the ones and zeroes out of this for them.)
And NXDOMAIN should work the way it was intended, for all the reasons you know better than I.
while i agree, i don't think the people who are substituting positive responses for NXDOMAIN care at all what you think or what i think, so i'm going to focus on what can be done which is advancing robust solutions.
This is entirely possible ;-). Just go ask Evan Hunt what he's been up to with Dave Taht recently....
more appliance vendors including open source are definitely welcome. the pool is large enough for everybody to swim in it.
In message <51008.1305573225@nsa.vix.com>, Paul Vixie writes:
Date: Mon, 16 May 2011 14:37:46 -0400 From: Jim Gettys <jg@freedesktop.org>
perhaps i'm too close to the problem because that solution looks quite viable to me. dns providers who don't keep up with the market (which means ipv6+dnssec in this context) will lose business to those who do.
I don't believe it is currently viable for any but the hackers out there, given my experience during the Comcast IPv6 trial. Typing V6 addresses (much less remembering them) is a PITA.
You are asking people who don't even know DNS exists, to bother to establish another business relationship (or maybe DNS services might someday be provided by their ISP).
actually, i'm asking the opposite. only hackers run their own dns mostly; the vast majority of users who don't know what ipv6 or dnssec are, are already outsourcing to ultradns/neustar, or verisign, or dyn.com, etc, or for recursive they're using opendns, google dns, etc. these companies can either add the new services and do outreach to their customer bases, or they can allow their competitors to do so.
of those who still run their own dns, the vast majority actually do know the dnssec and ipv6 issues facing them.
If you get past that hurdle they get to type long IPv6 addresses into a web page they won't remember where it was the year before when they did this the last time to add a machine to their DNS.
i've been using ipv6 dual stack for ten years at ISC and for one year at home (i was comcast's first north american dual stack native customer) and the only time i type long ipv6 addresses is when editing dns zone files or configuring routers and hosts. i think your experiences may have been worse than mine and i'll be interested in knowing whether they're common.
The way this "ought" to work for clueless home users (or cluefull users too, for that matter) is that, when a new machine appears on a network, it "just works", by which I mean that a globally routeable IPv6 address appears in DNS without fussing around using the name that was given to the machine when it was first booted, and that a home user's names are accessible via secondaries even if they are off line.
this is why ISC DHCP and ISC BIND can communicate using RFC 2136 DNS dynamic updates, secured with RFC 2845 transaction signatures. once you get this running then you don't have to type ipv6 addresses anywhere. and i know that infoblox and other BIND Inside appliance vendors have the same capability, and that Cisco and other DNS/DHCP vendors can also participate in these open standards pretty much out of the box. this is what i worked on when i first found out about IETF back in 1995 or so. it's all done now you just have to learn it and deploy it. (and if you don't think end users ought to have to learn how to configure their DHCP to talk to their DNS, i will point them at a half dozen appliance and outsourcing vendors who can take the ones and zeroes out of this for them.)
Or the host can talk directly to the DNS server. TSIG can scale up to millions of clients with their own keys which may or may not be share between machines. Just because nameservers currently have the keys in flat configuration files doesn't mean that it has to stay that way. The keys could just as easily be in a seperate database which the nameserver only reads. Similarly SIG(0) could be used using KEY records stored in the DNS itself. I believe MacOS already supports TSIG directly though they don't call it that. Windows could also add support to TSIG in addition to GSS-TSIG for the non enterprise customers. This really isn't hard. You just store a keyname/secret pair for the machine to use at boot time. MacOS calls is account/password from memory. The hard part is convincing people to do it by default. This is nothing more than what the dynamic DNS vendors have been doing for the last decade. If you want a custom zone you pay $X per month extra otherwise you get the default zone for the ISP which doesn't have to be the ISP's zone. machine{.subdomain}*.<cust-unique>.example.net And as the updates are signed you can accept them from anywhere in the world.
And NXDOMAIN should work the way it was intended, for all the reasons you know better than I.
while i agree, i don't think the people who are substituting positive responses for NXDOMAIN care at all what you think or what i think, so i'm going to focus on what can be done which is advancing robust solutions.
This is entirely possible ;-). Just go ask Evan Hunt what he's been up to with Dave Taht recently....
more appliance vendors including open source are definitely welcome. the pool is large enough for everybody to swim in it.
-- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
On 5/16/2011 3:13 PM, Paul Vixie wrote:
Date: Mon, 16 May 2011 14:37:46 -0400 From: Jim Gettys<jg@freedesktop.org>
perhaps i'm too close to the problem because that solution looks quite viable to me. dns providers who don't keep up with the market (which means ipv6+dnssec in this context) will lose business to those who do. I don't believe it is currently viable for any but the hackers out there, given my experience during the Comcast IPv6 trial. Typing V6 addresses (much less remembering them) is a PITA. You are asking people who don't even know DNS exists, to bother to establish another business relationship (or maybe DNS services might someday be provided by their ISP). actually, i'm asking the opposite. only hackers run their own dns mostly; the vast majority of users who don't know what ipv6 or dnssec are, are already outsourcing to ultradns/neustar, or verisign, or dyn.com, etc, or
I think that what you probably meant to say was: "... outsourcing to Affilias, Amazon Route 53, DNS Made Easy, DNS.com, Dyn/Dynect, EasyDNS, GoDaddy, Netriplex, UltraDNS, Verisign, Zerigo, etc." ^^ Those are the commercial anycast DNS services that I know of presented in a simple non-preferential alphabetical order. I happen to know, because I did parts of the implementation, that DNS Made Easy provides anycast IPv6 DNS to all customers (available on all servers if they like).
for recursive they're using opendns, google dns, etc. these companies can either add the new services and do outreach to their customer bases, or they can allow their competitors to do so.
of those who still run their own dns, the vast majority actually do know the dnssec and ipv6 issues facing them.
If you get past that hurdle they get to type long IPv6 addresses into a web page they won't remember where it was the year before when they did this the last time to add a machine to their DNS. i've been using ipv6 dual stack for ten years at ISC and for one year at home (i was comcast's first north american dual stack native customer) and the only time i type long ipv6 addresses is when editing dns zone files or configuring routers and hosts. i think your experiences may have been worse than mine and i'll be interested in knowing whether they're common.
The way this "ought" to work for clueless home users (or cluefull users too, for that matter) is that, when a new machine appears on a network, it "just works", by which I mean that a globally routeable IPv6 address appears in DNS without fussing around using the name that was given to the machine when it was first booted, and that a home user's names are accessible via secondaries even if they are off line. this is why ISC DHCP and ISC BIND can communicate using RFC 2136 DNS dynamic updates, secured with RFC 2845 transaction signatures. once you get this running then you don't have to type ipv6 addresses anywhere. and i know that infoblox and other BIND Inside appliance vendors have the same capability, and that Cisco and other DNS/DHCP vendors can also participate in these open standards pretty much out of the box. this is what i worked on when i first found out about IETF back in 1995 or so. it's all done now you just have to learn it and deploy it. (and if you don't think end users ought to have to learn how to configure their DHCP to talk to their DNS, i will point them at a half dozen appliance and outsourcing vendors who can take the ones and zeroes out of this for them.)
And NXDOMAIN should work the way it was intended, for all the reasons you know better than I. while i agree, i don't think the people who are substituting positive responses for NXDOMAIN care at all what you think or what i think, so i'm going to focus on what can be done which is advancing robust solutions.
This is entirely possible ;-). Just go ask Evan Hunt what he's been up to with Dave Taht recently.... more appliance vendors including open source are definitely welcome. the pool is large enough for everybody to swim in it.
On May 16, 2011, at 11:37 AM, Jim Gettys wrote:
On 05/14/2011 07:39 PM, Paul Vixie wrote:
Jim Gettys<jg@freedesktop.org> writes:
... we have to get naming squared away. Typing IPv6 addresses is for the birds, and having everyone have to go fuss with a DNS provider isn't a viable solution. perhaps i'm too close to the problem because that solution looks quite viable to me. dns providers who don't keep up with the market (which means ipv6 and dnssec in this context) will lose business to those who do. I don't believe it is currently viable for any but the hackers out there, given my experience during the Comcast IPv6 trial. Typing V6 addresses (much less remembering them) is a PITA.
You are asking people who don't even know DNS exists, to bother to establish another business relationship (or maybe DNS services might someday be provided by their ISP).
If you get past that hurdle they get to type long IPv6 addresses into a web page they won't remember where it was the year before when they did this the last time to add a machine to their DNS.
The way this "ought" to work for clueless home users (or cluefull users too, for that matter) is that, when a new machine appears on a network, it "just works", by which I mean that a globally routeable IPv6 address appears in DNS without fussing around using the name that was given to the machine when it was first booted, and that a home user's names are accessible via secondaries even if they are off line. And NXDOMAIN should work the way it was intended, for all the reasons you know better than I.
This is entirely possible ;-). Just go ask Evan Hunt what he's been up to with Dave Taht recently.... - Jim
Right now, IPv6 is worse than IPv4 for home users; we need
How so? It's not like you can even reach anything at home now, let alone reach it by name. Owen
In message <80660.1305606174@nsa.vix.com>, Paul Vixie writes:
From: Owen DeLong <owen@delong.com> Date: Mon, 16 May 2011 16:12:27 -0700
... It's not like you can even reach anything at home now, let alone reach it by name.
that must and will change. let's be the generation who makes it possible.
+1 -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
Subject: Re: Yahoo and IPv6 Date: Tue, May 17, 2011 at 04:22:54AM +0000 Quoting Paul Vixie (vixie@isc.org):
From: Owen DeLong <owen@delong.com> Date: Mon, 16 May 2011 16:12:27 -0700
... It's not like you can even reach anything at home now, let alone reach it by name.
that must and will change. let's be the generation who makes it possible.
I'd like to respond to this by stating that I support this fully, but I'm busy making sure I can reach my machines at home from the IPv6 Internet. By name. ;-) -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 HELLO KITTY gang terrorizes town, family STICKERED to death!
On May 17, 2011, at 2:07 AM, Mans Nilsson wrote:
Subject: Re: Yahoo and IPv6 Date: Tue, May 17, 2011 at 04:22:54AM +0000 Quoting Paul Vixie (vixie@isc.org):
From: Owen DeLong <owen@delong.com> Date: Mon, 16 May 2011 16:12:27 -0700
... It's not like you can even reach anything at home now, let alone reach it by name.
that must and will change. let's be the generation who makes it possible.
I'd like to respond to this by stating that I support this fully, but I'm busy making sure I can reach my machines at home from the IPv6 Internet. By name. ;-)
I think my statement has been taken out of context and misunderstood. I was responding to a claim that having to understand DNS to reach your IPv6 boxes by name was somehow a step backwards from IPv4. My point was that at least in IPv6, you can reach your boxes whereas with IPv4, you couldn't reach them at all (unless you used a rendezvous service and preconfigured stuff). To me, pre-configuring DNS through the web interface for one of the free DNS services with the IPv6 address is not any more difficult than setting up one of the rendezvous services (most of which you have to pay for if you want any real utility). To my mind, IPv6 is a giant leap forward here, not a step backwards. At least you can reach your stuff, even if the administration of the naming process isn't 100% automated and perfect just yet. Owen
On 5/17/2011 5:25 AM, Owen DeLong wrote:
My point was that at least in IPv6, you can reach your boxes whereas with IPv4, you couldn't reach them at all (unless you used a rendezvous service and preconfigured stuff).
Actually almost everyone will *still* need a rendezvous service as even if there isn't NAT66 (which I strongly suspect there will be, as nobody has magically solved the rest of the renumbering problems) there will still be default firewall filters that the average end-user won't know how or why to change (and in some cases won't even have access to the CPE). For the former we can only hope that NAT66 box builders can get guidance from IETF rather than having IETF stick its collective head in the sand... for the latter the firewall traversal has a chance of being more reliable than having to traversal both filtering and address translation. Matthew Kaufman
On May 17, 2011, at 8:55 AM, Matthew Kaufman wrote:
On 5/17/2011 5:25 AM, Owen DeLong wrote:
My point was that at least in IPv6, you can reach your boxes whereas with IPv4, you couldn't reach them at all (unless you used a rendezvous service and preconfigured stuff).
Actually almost everyone will *still* need a rendezvous service as even if there isn't NAT66 (which I strongly suspect there will be, as nobody has magically solved the rest of the renumbering problems) there will still be default firewall filters that the average end-user won't know how or why to change (and in some cases won't even have access to the CPE).
PI solves the majority of the renumbering problems quite nicely and is readily available for most orgs. now. Beyond that, I think you will see firewalls become much easier for the average person to manage and it will become a simple matter of making an http (hopefully https) connection to the home gateway and telling it which service (by name, such as VNC, HTTP, HTTPs, etc. from a pull-down) and which host (ideally by name, but, may have other requirements here) to permit. Some firewalls already come pretty close to that. There is also talk (for better or worse) of having something like UPNP, but, without the NAT for enabling such services. No rendezvous server required.
For the former we can only hope that NAT66 box builders can get guidance from IETF rather than having IETF stick its collective head in the sand... for the latter the firewall traversal has a chance of being more reliable than having to traversal both filtering and address translation.
I'm still hoping that we just don't have NAT66 box builders. So far, it's working out that way. Owen
Date: Tue, 17 May 2011 11:07:17 +0200 From: Mans Nilsson <mansaxel@besserwisser.org>
... It's not like you can even reach anything at home now, let alone reach it by name.
that must and will change. let's be the generation who makes it possible.
I'd like to respond to this by stating that I support this fully, but I'm busy making sure I can reach my machines at home from the IPv6 Internet. By name. ;-)
:-). to be clear, the old pre-web T1 era internet did not have much content but what content there was, was not lopsided. other than slip and ppp there weren't a lot of networks one would call "access" and a smaller number of networks one would call "content". i am not wishing for that, i like the web, i like content, i know there will be specialized networks for access and content. but i also think (as jim gettys does) that we ought to be able to get useful work done without being able to reach the whole internet all the time. that's going to mean being able to reach other mostly-access networks in our same neighborhoods and multitenant buildings and towns and cities, directly, and by name. it does not mean being able to start facebook 2.0 out of somebody's basement, but it does mean being able to run a personal smtp or web server in one's basement and have it mostly work for the whole internet and work best for accessors who are close by and still work even when the "upstream" path for the neighborhood is down.
On 05/17/2011 08:56 AM, Paul Vixie wrote:
Date: Tue, 17 May 2011 11:07:17 +0200 From: Mans Nilsson<mansaxel@besserwisser.org>
... It's not like you can even reach anything at home now, let alone reach it by name. that must and will change. let's be the generation who makes it possible. I'd like to respond to this by stating that I support this fully, but I'm busy making sure I can reach my machines at home from the IPv6 Internet. By name. ;-) :-).
to be clear, the old pre-web T1 era internet did not have much content but what content there was, was not lopsided. other than slip and ppp there weren't a lot of networks one would call "access" and a smaller number of networks one would call "content". i am not wishing for that, i like the web, i like content, i know there will be specialized networks for access and content. but i also think (as jim gettys does) that we ought to be able to get useful work done without being able to reach the whole internet all the time. that's going to mean being able to reach other mostly-access networks in our same neighborhoods and multitenant buildings and towns and cities, directly, and by name. it does not mean being able to start facebook 2.0 out of somebody's basement, but it does mean being able to run a personal smtp or web server in one's basement and have it mostly work for the whole internet and work best for accessors who are close by and still work even when the "upstream" path for the neighborhood is down.
This is all very confusing to me. How are meaningful names going to assigned automatically? Right now I see something like ool-6038bdcc.static.optonline.net for one of our servers, how does this mean anything to anyone else? -- Stephen Clark *NetWolves* Sr. Software Engineer III Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.clark@netwolves.com http://www.netwolves.com
On May 17, 2011, at 8:49 AM, Steve Clark wrote:
On 05/17/2011 08:56 AM, Paul Vixie wrote:
Date: Tue, 17 May 2011 11:07:17 +0200 From: Mans Nilsson<mansaxel@besserwisser.org>
... It's not like you can even reach anything at home now, let alone reach it by name. that must and will change. let's be the generation who makes it possible. I'd like to respond to this by stating that I support this fully, but I'm busy making sure I can reach my machines at home from the IPv6 Internet. By name. ;-) :-).
to be clear, the old pre-web T1 era internet did not have much content but what content there was, was not lopsided. other than slip and ppp there weren't a lot of networks one would call "access" and a smaller number of networks one would call "content". i am not wishing for that, i like the web, i like content, i know there will be specialized networks for access and content. but i also think (as jim gettys does) that we ought to be able to get useful work done without being able to reach the whole internet all the time. that's going to mean being able to reach other mostly-access networks in our same neighborhoods and multitenant buildings and towns and cities, directly, and by name. it does not mean being able to start facebook 2.0 out of somebody's basement, but it does mean being able to run a personal smtp or web server in one's basement and have it mostly work for the whole internet and work best for accessors who are close by and still work even when the "upstream" path for the neighborhood is down.
This is all very confusing to me. How are meaningful names going to assigned automatically?
dynamic dns updates seems like an obvious choice.
Right now I see something like ool-6038bdcc.static.optonline.net for one of our servers, how does this mean anything to anyone else?
-- Stephen Clark *NetWolves* Sr. Software Engineer III Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.clark@netwolves.com http://www.netwolves.com
Date: Tue, 17 May 2011 11:49:47 -0400 From: Steve Clark <sclark@netwolves.com>
This is all very confusing to me. How are meaningful names going to assigned automatically?
It'll probably be a lot like Apple's and Xerox's various multicast naming systems if we want it to work in non-globally connected networks.
Right now I see something like ool-6038bdcc.static.optonline.net for one of our servers, how does this mean anything to anyone else?
It wouldn't of course. I'm sorry if my earlier words on this were useless. Dave Taht gave a wonderful talk a few weeks ago ("Finishing the Internet", see http://amw.org/prog11.pdf) during which he had us start an rsync from his wireless laptop to as many of ours as could run rsync, and then had the conference organizer turn off the upstream link. He noted that those of us using the local resource (a giant file, either an ISO or a MPEG or similar) were still getting work done whereas those of us trying to "use the internet" were dead in the water. Then, referring to his time in Nicaragua he said that he has a lot of days like this and he'd like more work to be possible when only local connectivity was available. Compelling stuff. Pity there's no global market for localized services or we'd already have it. Nevertheless this must and will get fixed, and we should be the generation who does it.
Paul Vixie <vixie@isc.org> wrote:
This is all very confusing to me. How are meaningful names going to assigned automatically?
It'll probably be a lot like Apple's and Xerox's various multicast naming systems if we want it to work in non-globally connected networks.
Or perhaps user-relative names. http://www.brynosaurus.com/pub/net/uia-osdi.pdf Tony. -- f.anthony.n.finch <dot@dotat.at> http://dotat.at/ Rockall, Malin, Hebrides: South 5 to 7, occasionally gale 8 at first in Rockall and Malin, veering west or northwest 4 or 5, then backing southwest 5 or 6 later. Rough or very rough. Occasional rain. Moderate or good, occasionally poor.
Paul Vixie wrote:
time in Nicaragua he said that he has a lot of days like this and he'd like more work to be possible when only local connectivity was available.
Compelling stuff. Pity there's no global market for localized services or we'd already have it. Nevertheless this must and will get fixed, and we should be the generation who does it.
I have found that the general theme is to move services that were traditionally available inside an office network (source control, email, ticketing/bug tracking systems, storing documents, corporate "wikis" etc.) to an external place, perhaps even outsourced to one of the virtual server or "software as a service" providers. I am not a particular fan of that trend, but I can see the pros and cons of doing it. It doesn't look like that's going to stop any time soon, let alone be (partially) reversed. Regards, Jeroen -- http://goldmark.org/jeff/stupid-disclaimers/ http://linuxmafia.com/~rick/faq/plural-of-virus.html
Steve Clark wrote:
This is all very confusing to me. How are meaningful names going to assigned automatically? Right now I see something like ool-6038bdcc.static.optonline.net for one of our servers, how does this mean anything to anyone else?
Does http://وزارة-الأتصالات.مصر/ mean more to you? Or http://xn--4gbrim.xn----ymcbaaajlc6dj7bxne2c.xn--wgbh1c which is what it translates to in your browser. Just saying... ;-) -- http://goldmark.org/jeff/stupid-disclaimers/ http://linuxmafia.com/~rick/faq/plural-of-virus.html
Right now I see something like ool-6038bdcc.static.optonline.net for one of our servers, how does this mean anything to anyone else?
Does http://وزارة-الأتصالات.مصر/ mean more to you?
Or http://xn--4gbrim.xn----ymcbaaajlc6dj7bxne2c.xn--wgbh1c which is what it translates to in your browser.
Actually, it translates to http://xn----rmckbbajlc6dj7bxne2c.xn--wgbh1c/ in the browser which then redirects to the URL that you quoted above. Got to pay attention to these details if you want to keep up your troubleshooting skills. --Michael Dillon
Subject: Re: Yahoo and IPv6 Date: Tue, May 17, 2011 at 12:56:37PM +0000 Quoting Paul Vixie (vixie@isc.org):
:-).
to be clear, the old pre-web T1 era internet did not have much content but what content there was, was not lopsided. other than slip and ppp there weren't a lot of networks one would call "access" and a smaller number of networks one would call "content". i am not wishing for that, i like the web, i like content, i know there will be specialized networks for access and content. but i also think (as jim gettys does) that we ought to be able to get useful work done without being able to reach the whole internet all the time. that's going to mean being able to reach other mostly-access networks in our same neighborhoods and multitenant buildings and towns and cities, directly, and by name. it does not mean being able to start facebook 2.0 out of somebody's basement, but it does mean being able to run a personal smtp or web server in one's basement and have it mostly work for the whole internet and work best for accessors who are close by and still work even when the "upstream" path for the neighborhood is down.
Now I seem to have got time enough to fully agree with you. The next facebook will start in a low-price datacenter. These facilities did not exist as products before, and it can be argued that the access/content separation does drive that market -- as long as I had working Internet (as opposed to access class "Internet" ) at home, I had no use for a colo. Still, the centralization of content into a few networks does raise a number of issues -- mostly regarding stability. Do note here that several factors negatively impact stability, be they technical, economical or legal. Peter Löthberg long ago advocated a network interconnection model that was pretty local (and I believe he still does). Peer often and everywhere. That would take care of packets getting through (as long as we all have unique addresses to point at; v6 fixes this) The services that take the Net from being a graph problem for nerds with BGP CLI access into what it has become need to undergo similar fine-graining to keep up. Oh, sorry, got carried away. -- Måns Nilsson primary/secondary/besserwisser/machina MN-1334-RIPE +46 705 989668 My life is a patio of fun!
On 2011-05-14 13:25, Jim Gettys wrote:
On 05/14/2011 01:59 PM, Iljitsch van Beijnum wrote:
I've been on IPv6 for a long time. When I started with IPv6, the only applications (to use the term loosely) that understood v6 were ping6 and traceroute6. These days, I think the only thing I wouldn't be able to do over IPv6 is print.
And I've been able to print using IPv6 on the $200 HP ethernet/wireless printer I bought over 18 months ago...
And a $100 Samsung laser printer here, sold as long ago as 15 months. (Also an expensive color laser copier Ricoh started producing in 2007, although I don't know if it shipped with an IPv6-capable firmware.) Even printing isn't the last holdout. :-) Home entertainment devices, on the other hand... :-( Jima
participants (20)
-
David Miller -
Firsthand -
Iljitsch van Beijnum -
Jeroen van Aart -
Jim Gettys -
Jima -
Joel Jaeggli -
John Levine -
Mans Nilsson -
Mark Andrews -
Marshall Eubanks -
Matthew Kaufman -
Michael Dillon -
Owen DeLong -
Paul Vixie -
Robert Bonomi -
Steve Clark -
Tony Finch -
Valdis.Kletnieks@vt.edu -
William Herrin