INET6 -- and why I don't use it

Mark Andrews Mark_Andrews at isc.org
Wed Mar 5 22:31:50 UTC 2008 

> On Wed, Mar 05, 2008 at 03:00:29PM +0000, Vadim Goncharov wrote:
> > Makes it harder to debug, etc. Don't want to see anything IPv6 related in
> > command output, to let programs to bind on IPv6 addresses, etc.
> 
> Changing the Subject (but keeping the thread ID reference), since the
> original topic of discussion has now been skewed.
> 
> I have the same attitude Vadim does.  Actually, most of my IPv6 fear
> isn't so much fear as much as it is annoyance and confusion.  Here's
> my list of things, as trivial as they may sound (and I guarantee they
> will):
> 
> * I'm not familiar with the intricacies of the protocol.  This is
> partially my own fault (lack of interest mainly, combined with lack of
> need), while I am very familiar with IPv4.

	And you never will be familiar unless you use it.

> * The last I read about IPv6 in mainstream news, there were major
> concerns cited over some of the security aspects of the protocol.  I
> also remember reading somewhere that IPv6 was supposed to address issues
> like packet spoofing and DoS -- what became of this?

	Someone was feeding you a load of horse @$$!.
 
> * I have never liked how IPv6 denotes its addresses by using colon-
> delimited hexadecimal strings.  I can expand on this if asked, but it's
> more than just "they're MAC-like" (which is also true, even though
> they're grouped by 16-bit values and not octets).  Reading off an IPv4
> address over the phone is bad enough, and typos are even worse.  IPv6?
> Good grief.

	128 bit numbers are big in whatever presentation format you
	choose.  Groups of 4 digits are one much easier for a human
	to copy and enter correctly than longer strings.  Did you
	ever wonder why Mastecard and Visa use groups of 4 digits
	on their cards? 
 
> * Consumer ISPs here in the States do not "pass packets" -- you aren't
> given a raw pipe; you're given a physical transport with IPv4 service.
> The reality here is that the vast majority will not embrace IPv6 until
> there's an actual market/need for it.  No consumer ISP I know of
> delegates a customer an IPv6 IP address or netblock.  Backbone providers
> support IPv6 now, yup -- and even some peering providers and
> datacenter/co-location facilities do.  But they're all in the minority.

	Consumer ISP's in the US are actively getting ready to turn
	on IPv6.  Some already have.
 
> * The "we're running out of address space" argument doesn't hold
> much ground with me.  Yes, it's getting tight, but it's not THAT tight.
> ARIN very regularly returns large amounts of IPv4 space to the world for
> use (I used to be subscribed to NANOG, so I'm aware of this).  Want to
> do something useful?  Start campaigns to get General Electric and MIT to
> give up huge portions of 3/8 and 18/8, respectively.  This is ARIN's
> job, and I sure wouldn't want it.

	Which would buy a few extra months if the wern't already
	using the address space.
	
> * NAT with IPv4 appears to be "solving" most of the address space issues
> in this day and age.  I use quotes because it adds extra complexities
> at the same time (port forwarding, for example, is an annoying
> requirement, mainly because so many protocols were written during the
> days when NAT didn't exist, or are simply badly-written protocols (I'm
> looking at you, Microsoft)).  Only once in my life have I seen a single
> network so large that it required use of 192.168/16, 172.16/12, and 10/8
> all at once.  Another fact is that NAT is **incredibly** integrated in
> consumer society now.  The attitude given is "NAT suffices, use it".
> Until we can teach people "no, it doesn't suffice, and here's why" and
> get people to believe and accept that, it isn't going to change.

	NAT just introduces additional problems.  Double NAT
	introduces even more problems and is will end up being
	laughed off the planet as a joke when ISP's attempt it.
	In otherwords we have already made as much saving as we
	can with NAT.

	We would have run out of addresses years ago without the
	NAT's that are currently deployed.
 
> * None of my employers (sans my current, Microsoft) have ever bothered
> implementing IPv6 on their networks.  What this means for me: I have no
> personal *nor professional* reason to advocate or learn about IPv6.
> Microsoft, on the other hand, is taking initiative.  But it's been
> anything but smooth; the amount of breakage it's caused so far is...
> shall I say, very disappointing.  That doesn't mean "IPv6 sucks", but it
> does mean "integrating IPv6 into a production network appears to be
> painful".  Hence, more animosity towards it by those who don't
> understand it.

	What can I say, short sighted employers.
 
> And last but not least:
> 
> * I don't like incorporating "stuff" into my kernel, my utilities, or
> my systems in general which I do not use.  I don't want to see an IPv6
> address on my machines or my network.  Why?  It's about minimalism.  I
> would gladly "embrace" IPv6 if I had reasons to, but I've none,
> therefore I do not.
> 
> Sufficient?
> 
> -- 
> | Jeremy Chadwick                                    jdc at parodius.com |
> | Parodius Networking                           http://www.parodius.com/ |
> | UNIX Systems Administrator                      Mountain View, CA, USA |
> | Making life hard for others since 1977.                  PGP: 4BD6C0CB |
> 
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the freebsd-stable mailing list