INET6 -- and why I don't use it

Jeremy Chadwick koitsu at freebsd.org
Wed Mar 5 16:01:43 UTC 2008 

On Wed, Mar 05, 2008 at 03:00:29PM +0000, Vadim Goncharov wrote:
> Makes it harder to debug, etc. Don't want to see anything IPv6 related in
> command output, to let programs to bind on IPv6 addresses, etc.

Changing the Subject (but keeping the thread ID reference), since the
original topic of discussion has now been skewed.

I have the same attitude Vadim does.  Actually, most of my IPv6 fear
isn't so much fear as much as it is annoyance and confusion.  Here's
my list of things, as trivial as they may sound (and I guarantee they
will):

* I'm not familiar with the intricacies of the protocol.  This is
partially my own fault (lack of interest mainly, combined with lack of
need), while I am very familiar with IPv4.

* The last I read about IPv6 in mainstream news, there were major
concerns cited over some of the security aspects of the protocol.  I
also remember reading somewhere that IPv6 was supposed to address issues
like packet spoofing and DoS -- what became of this?

* I have never liked how IPv6 denotes its addresses by using colon-
delimited hexadecimal strings.  I can expand on this if asked, but it's
more than just "they're MAC-like" (which is also true, even though
they're grouped by 16-bit values and not octets).  Reading off an IPv4
address over the phone is bad enough, and typos are even worse.  IPv6?
Good grief.

* Consumer ISPs here in the States do not "pass packets" -- you aren't
given a raw pipe; you're given a physical transport with IPv4 service.
The reality here is that the vast majority will not embrace IPv6 until
there's an actual market/need for it.  No consumer ISP I know of
delegates a customer an IPv6 IP address or netblock.  Backbone providers
support IPv6 now, yup -- and even some peering providers and
datacenter/co-location facilities do.  But they're all in the minority.

* The "we're running out of address space" argument doesn't hold
much ground with me.  Yes, it's getting tight, but it's not THAT tight.
ARIN very regularly returns large amounts of IPv4 space to the world for
use (I used to be subscribed to NANOG, so I'm aware of this).  Want to
do something useful?  Start campaigns to get General Electric and MIT to
give up huge portions of 3/8 and 18/8, respectively.  This is ARIN's
job, and I sure wouldn't want it.

* NAT with IPv4 appears to be "solving" most of the address space issues
in this day and age.  I use quotes because it adds extra complexities
at the same time (port forwarding, for example, is an annoying
requirement, mainly because so many protocols were written during the
days when NAT didn't exist, or are simply badly-written protocols (I'm
looking at you, Microsoft)).  Only once in my life have I seen a single
network so large that it required use of 192.168/16, 172.16/12, and 10/8
all at once.  Another fact is that NAT is **incredibly** integrated in
consumer society now.  The attitude given is "NAT suffices, use it".
Until we can teach people "no, it doesn't suffice, and here's why" and
get people to believe and accept that, it isn't going to change.

* None of my employers (sans my current, Microsoft) have ever bothered
implementing IPv6 on their networks.  What this means for me: I have no
personal *nor professional* reason to advocate or learn about IPv6.
Microsoft, on the other hand, is taking initiative.  But it's been
anything but smooth; the amount of breakage it's caused so far is...
shall I say, very disappointing.  That doesn't mean "IPv6 sucks", but it
does mean "integrating IPv6 into a production network appears to be
painful".  Hence, more animosity towards it by those who don't
understand it.

And last but not least:

* I don't like incorporating "stuff" into my kernel, my utilities, or
my systems in general which I do not use.  I don't want to see an IPv6
address on my machines or my network.  Why?  It's about minimalism.  I
would gladly "embrace" IPv6 if I had reasons to, but I've none,
therefore I do not.

Sufficient?

-- 
| Jeremy Chadwick                                    jdc at parodius.com |
| Parodius Networking                           http://www.parodius.com/ |
| UNIX Systems Administrator                      Mountain View, CA, USA |
| Making life hard for others since 1977.                  PGP: 4BD6C0CB |

More information about the freebsd-stable mailing list