Wasted IP ranges
I can't find the article now, but apparently there are whole /8 blocks assigned to private companies that can't possibly be using them all.
Just take them back into the pool and re-use them.
The allocation of internet addresses using the IPv4 protocol in Latin America and the Caribbean has hit a critical stage, the region's registry (LACNIC) warned on Tuesday. It said that its IPv4 address pool had been "officially exhausted" and urged businesses and governments in the geographical area – which spreads from the …
>but the real question is : who really owns IP addresses?
This is a question that has been dug over for some years, current thinking and practise is that if the address range was assigned prior to the establishment of ARIN to an organisation then it is owned by assignee.About the only leverage ARIN have over these addresses is the annual maintenance fee they charge.
However, addresses assigned by ARIN are more like telephone numbers.
The companies paid a pretty penny for those IP addresses
The organisations paid nothing for them - they asked for them when IPv4 was still young and no-one had thought about the concept of address exhaustion. IANA asked the companies to return them several years ago in exchange for smaller blocks (e.g. /16 - still plenty for most people) but only one university complied with the request - all of the others either flatly refused or (in some cases) ignored the request and did not bother to reply.
There's surely a good case here for an IPV4 address tax! Someone with a /8 block is likely to rapidly relinquish most of it, when a tax demand for 2^24 pounds/dollars/euros per annum arrives (about 4 million). Whereas the /30 block I have at home would cost me (via my ISP) an extra £4 per annum, which I'd happily pay. Heck, several times that wouldn't hurt much for any addresses actually being used.
Might even make ipv6 popular. People used to live in darkness rather than pay a windows tax. (NB, small W, 17th century).
Here you go:
http://en.wikipedia.org/wiki/List_of_assigned_/8_IPv4_address_blocks
Some stand-out figures there. HP have not one, but two /8 ranges. Lots owned by the US military, too. And Haliburton - why on earth would a medium sized civil engineering firm need their own /8?
GJC
HP has more than just two /8's. They have those allocations from IANA but they also have blocks from ARIN (not a /8 though).
66.179.1.0 - 66.179.1.63
12.130.88.0 - 12.130.88.127
12.130.88.128 - 12.130.88.255
64.106.255.0 - 64.106.255.63
208.246.182.0 - 208.246.182.255
207.18.199.0 - 207.18.199.255
208.196.166.0 - 208.196.166.255
64.244.120.96 - 64.244.120.127
How much address space does HP need? Two /8's is more than enough for a company 10 times their size.
I expect you'll find that they have ranges originally assigned to DEC and Compaq, and to other minor acquisitions. IP address space has been treated as an asset in mergers and acquisitions for many years. And who says that large companies with hundreds of sites and many thousands of machines are wasting space to a significant extent anyway? You have to structure your address assignments somehow. Also, renumbering to release a "spare" range is an operational nightmare generally reckoned to cost megabucks for a large enterprise network.
Oh, and when will I be able to reach Vulture Central via IPv6?
It shouldn't be forgotten that IANA are still holding on to the [240/8..255/8] address ranges for "future use".
Whilst the [224/8..239/8] is largely free, because it is reserved for multicast, bringing this block into general use may be problematic and is likely to cause problems.
Hah! I'm sure that's what they're going to do, and not just roll out CGN to their end users.
BAHAHAHAHAHAHAHA
The cable ISPs in Mexico have been doing CGN since forever. Those cheap bastards have done that to "save" on buying IP blocks. It also breaks a lot of stuff on the 'net. In fact, my first "experience" with NAT was thanks to those guys.
It's just another good reason for IPv6 to kill NAT forever.
NAT and security are not the same thing. You can have a policy which allows only outbound connections without NAT; and equally you can have NAT without security. Have you looked how a Cone NAT works? Did you realise that while you are making an outbound connection, *anyone* can connect inbound to the same port? A number of peer-to-peer applications rely on this behaviour. Besides, most malware is now picked up by people connecting outbound, via websites or E-mail attachments.
So NAT is not the reason people aren't deploying IPv6. It's because deploying it generates no benefit *to the user themselves* and therefore people have no incentive to bother with it - and it's just one more thing to break.
Most ISPs don't do it because it increases their support overheads whilst not increasing the usefulness of the connection for the vast majority of their users.
And although it would be relatively easy for content providers to put their stuff on IPv6, most don't bother because they know all their users have access to IPv4 resources anyway. And yes, Vulture Central is a perfectly good example of this.
$ dig +short www.theregister.co.uk aaaa
$
No business case = no return on investment = no deployment.
"Sell Stephen Fry to Latin America!"
When they call him a national treasure, I don't think they have the piratey glittery sort you can sell or plunder in mind.
Besides, I'd miss the arguments on QI between Stephen Fry and David Mitchell about who gets more facts wrong on their respective broadcasts...
> making IPv6 back compatible with IPv4
Do you seriously imagine that wouldn't have been done if it was physically possible?
An IPv4-only host cannot interpret or create a packet that is not in IPv4 format. So there is no such thing as a backwards compatible solution whereby an IPng-only host can communicate directly with an IPv4-only host. Logically, that requires that we have some or all of dual-stack hosts, IP-in-IP tunnels, and IPv4-IPng translators. We have all three.
You can argue that IPv6 could have been more similar to IPv4, but it was physically impossible to make it backwards-compatible.
I don't hear of much IP networking over radio these days, 1200 baud isn't very attractive today for that task even though it'd be more than appropriate for short simple messages.
I think the 44/8 network will soon go public domain as should many other /8's too. I did enquire with IANA regarding an equivalent v6 prefix but apparently there are no plans.
We have some servers colo'd with a big ISP. Despite telling them that everything would be behind a single-IP firewall, so we would only need 1 address for our equipment, they gave us a /28 block, not a /30 block that we actually needed. That's 12 "wasted" addresses just for us.
Is there a sensible way of sharing the cost of the necessary infrastructure upgrades around the world that doesn't invite gaming?
The real problem seems that the address shortage has yet to affect large parts of the service providers - the US can probably survive with its IPv4 addresses for another 1000 years (famous last words!). I suspect governments are reluctant to require IPv6 deployments partly out of consideration of the costs (anti-competitive); lack of technical skills (both in companies and regulators) and ignorance and possibly even because IPv6 is far from perfect. Quick fixes with layers of NAT are so much more inviting.
I wonder if, for example, the EU mandated IPv6 capable equipment for (imported) switches, routers, et al. whether that would have a similar effect on the industry that standards power consumption in stand-by or vehicle emissions have had. Once the endpoints can handle dual-stack then network upgrades can be handled with a minimum of disruption.
There are no /infrastructure/ overheads. The only changes needed are in software stacks and the necessary software is almost everywhere except the domestic router. As for government mandates ... the US mandated IPv6-compatilibity for all new kit about a decade ago. It's had no effect that *I* can see. You're probably right about technical skills, though that's less of an IPv6-specific problem and more of a general gripe against humanity.
Nevertheless, I suspect the real story here will be in six months time when we learn that the sky hasn't fallen in because, shock, if a vendor *really* has no alternative then yes they can put IPv6-capable firmware in (new) routers and so ISPs can still deliver something to (new) customers that works.
Excuse me, please, but you fail to take into account all those devices with the ip stack directly made on silicon. Not to mention those oldies that need a jtag interface to program because they aren't built on top of an os.
Moreover, the cost of upgrading those of them that CAN be upgraded isn't small.
Albert.
1) RFC7040
2) The infrastructure needs to be in place first. IANA should have forced the local registrars to "entice" the customers to have an IPv6 plan years ago. When they ask for an allocation, they should have been told to prepare an IPv6 plan for when they need more addresses in the future. When they need more addresses, if they don't an IPv6 plan, then no more addresses. If they did, then to get more addresses they have to start to deploy the plan and be completed by the time they need more address space. This should have been done a decade ago.
>That could easily be IPv6 with RFC7040 translation
Shame RFC 7040 "Public 4over6" was only published in November 2013 and "Lightweight 4over6" is still work in progress. Rfc7040 was needed back in circa 2000 when the 3g networks were being designed...
Do we conclude that the IETF are finally beginning to listen? and hence in a few more years they may actually develop a workable migration plan?
> 1) RFC7040
That's only one out of many, many specs for tunnelling v4 over v6 or v6 over v4, going back almost 20 years. A mixed infrastructure has always been assumed.
> When they ask for an allocation, they should have been told to prepare an IPv6 plan
afaik, the registries have been at the forefront of inciting ISPs to prepare for IPv6 for about the last ten years. The fact that many ISPs and large enterprises simply chose to ignore the problem is definitely not the fault of the registries.
Ha! That's because the architects of IPv6 wanted to kill IPv4 and it's devil child, NAT, with fire. So they ensured that the new protocol was inherently incapable of allowing intermediate nodes to tinker with the source address of packets, and other Spanish practices. The result is a protocol with both technical and political problems. I suspect that many people are holding off implementation until "IPv6bis" comes out, with these issues addressed.
-bis (twice) and -ter (thrice) are suffixes that ITU put on to specifications to indicate the second and third revision of that specification.
Eg, the first 600 baud standard was V22, this allowed 1200bps and was shortly followed by V22bis, which allowed 2400bps.
Basically, he's saying the current spec is bollocks and we'll wait for V2.
The problem with hanging around for "version two" of IPv6 is that the space in the IP header that specifies version is only 4 bits long which means a maximum of 16 versions ever (unless you break the format completely, which rather undermines the point of "waiting for the next version which will integrate better"). And we're already up to v6.
"no specification for routing ipv4 onto ipv6 was made as part of the standard"
Wouldn't have helped. There *is* almost two decades of "best practice" on how to run a dual-stack solution on any given, so anyone with a network device who actually gives a shit has been able to make their device mix and match both protocols. Any extension to IPv4 to make IPv6 easier would be (has been?) ignored. Any support in IPv6 to make IPv4-interoperability would be (has been) impolemented only by those who give enough of a shit to be IPv6-ready.
"mobil devices were allowed to have ipv4 addresses"
Mmm, because forcing a second class experience on anyone who spends several hundred quid on their new shiny is going to get everyone on-board, from Apple all the way down to the little guys like Stephen Fry.
"There *is* almost two decades of "best practice" on how to run a dual-stack solution"
Dual stack is the problem, not the solution. As soon as you're connected to The Internet on IPv4, you gain no benefit from connecting on IPv6, so it withers away.
Therefore, "migration" needs a sane way to run IPv6-only - but obviously still be able to talk to the Internet. There are a bunch of things proposed like NAT64, 464XLAT, DS-Lite (not the console). They're all a pain and they're all broken for various definitions of broken. As for RFC7040, it "is not recommended for new deployments" (their words, first paragraph)
There are numerous issues with IPv6. Privacy issues being the obvious glaring one, despite the supposed randomized use of the devices MAC as part of the address.
If IPv6 wasn't flawed we would all be on it now, with IPv4 left for the ghost net, outlaws/crims and lagards.
We need IPvNG with large scale proxying to legacy IPv4 by the regional number authorities for ~ 10 years.
If IPv6 wasn't flawed we would all be on it now, with IPv4 left for the ghost net, outlaws/crims and lagards.
Much as I'd like to think that it is technical issues holding back adoption, I somehow doubt that this is really the case. But if anyone knows how to use and abuse the protocol then you can be sure if it's the internet's more nefarious denizens.
> Privacy issues being the obvious glaring one
Privacy? Fucking privacy is what stops you? So NAT 3-cards scam trick with IPs is a good thing now? Yeah, I can't see a problem with that argument. Appart from the fact that it's a steaming pile of smelly bovine droppings, that is.
The vast bulk of routers in the world are in homes and are managed by Joe Sixpack. These are typically the ADSL + router combo boxes.
Joe Sixpack has a hard enough time setting up a local IPV4 network (NAS + printer + telly + wifi for the ithings).
If IPVx is to ever find favour, it has to be at least as simple as that. It also has to work with existing kit.
It's generally recognised that homenets will soon be much more complicated than today, with several routers and several physical links (wires, glass or wireless). So Joe Sixpack's problem will get a lot harder. It will get solved by IPv6 (for more felxibility and features than IPv4+NAT) and smart routers that configure themselves. It's not science fiction; there's running code.
.... I do not think it means what you think it means.
It just means that there are no more available for free. Which means that addresses now have real value. I'm not sure about what that value should be in Latin America and the Caribbean, but in the US the value is probably around $100 per address (we pay well under a dollar per address per month, so a speculative value based on increased demand is probably around there).
Once people realize that addresses have actual value and shouldn't be wasted, that means we can start making better use of NAT, reverse proxies, etc. and less use of things like overzealous subnetting (does every minor CoLo or hosting customer, for example, really need their own subnet in an age of ubiquitous wire-speed, non-blocking, layer 3 switching?).
IMHO, most of the "Internet of Things" trend is still a solution looking for a problem, and unless manufacturers come up with some more intelligent offerings it's not going to be a big deal.
This post has been deleted by its author
If you follow that logic then we end up with at least three problems we don't want:
1. The digital divide starts to follow economic divisions more and more closely as people get priced out of being able to have a unique address to use.
2. It becomes more difficult and costly to address things on the internet. The whole point of the internet is that it makes this easy. The address space is supposed to be huge, that's why early adopter companies like HP have such enormous IPv4 blocks (which in retrospect were too large, but serve to make a point about the original vision for how addresses were to operate).
3. We end up having to police who has which address when, because there will be a strong financial motivation to use one address more than once. The mechanisms required to ensure this doesn't happen will be far more troublesome than a shift to IPv6, and defeat the whole "IPv4 is more private" argument, which IMHO does not stand up anyway.
Reclamation of existing blocks is unworkable and doesn't do much at all to help.
Take a look at http://www.potaroo.net/tools/ipv4/ for details on consumption rates.
As an example, ARIN (the North American registry) handed out the equivalent of two /8 blocks in about 18 months (prior to getting into their last /8 policy). To reclaim one of these big blocks from a company would take 6-12 months just to plan the effort (ever thought about what it would be like to re-number your entire, global network and try to have everyone and every server still working on Monday? How many times have you thrown in an IPv4 address directly into a config file rather than using a DNS name? Can you find all of those spots again?)
The pain/reward tradeoff just isn't there. Reclaiming from those organizations rapidly turns into a business continuity discussion.
As for mobile: the 3GPP mandates support for IPv6 in their LTE standards. Not every carrier deploys it, but some do. One example? Over 50% of their internet traffic is now IPv6. http://www.worldipv6launch.org/measurements/
Learn IPv6. Experiment with it. Play with it at home using a free tunnelbroker. It's easier than you think, and far better than the alternatives (CGNAT, multiple layers of NAT, damage to/end of the end-to-end principle, etc etc)
"Reclamation of existing blocks is unworkable and doesn't do much at all to help"
It probably makes things worse. Re-allocating any spare address you can find to any customer anywhere who wants one rapidly leads to routing tables that require 2^32 entries (at least for routers outside your domestic premises). Since most routers don't have several dozen gigs of spare RAM their only option is to "punt" the problem upstream onto a bigger router. That doesn't scale well.
In IPv6, you have so much free address space that you can keep address prefixes largely in line with topological reality. Routing is then much simpler and scalable.
If ARIN actually wanted to help with the adoption of IPv6, they would make it more cost effective (i.e. free) to at least get your feet wet with it. As far as I know, there's no way to get a free "test" block of IPv6 addresses from ARIN for experimenting with a publicly accessible IPv6 setup. At the very least, they should have made IPv6 addresses available for people with existing direct IPv4 allocations. If I had access to an IPv6 block and I didn't have to try to justify an associated cost with management for something that is just being tested, I'd definitely show more interest in playing around with it.
Think about it. A large portion of the "value" associated with an IPv4 address is because of supply and demand. For IPv6, the "demand" is essentially not there, not because so few people are deploying it, but because there are so many addresses available that every micro-organism could be assigned one and we'd still have plenty to spare. This eats into ARIN's bottom line, so they have to start out by establishing a dollar value for IPv6 that's not anywhere close to its real value (e.g. millionths of a cent per IP)
Anyone who cared could try this out for free anytime during the last 15 years. Myself, I originally signed up for a plain tunnel (but no /64) from (IIRC) BT back when they were running experimental IPv6 services. Around 13 years back, I switched to a /64 from sixxs.net and used it for a decade. That was totally free; you can set up a tunnel and then get /64s in addition. You do need to register with RIPE, but that's not overly onerous. There are several other providers, e.g. he.net, and there have been since the days of 6bone.
Today, I have native IPv6 from my ISP, so every device on the network gets an IPv4 NAT address and IPv6 global address with no user action required.
"As far as I know, there's no way to get a free "test" block of IPv6 addresses from ARIN for experimenting with a publicly accessible IPv6 setup."
From ARIN? No. Free IPv6 blocks? Sure; many tunnel brokers provide this. I use https://tunnelbroker.net/ while others use https://www.sixxs.net/ and Wikipedia even has a list of IPv6 tunnel brokers. Tunnelbroker.net (provided by Hurricane Electric) lets you request an IPv6 /48 once you've got things working. 65,536 IPv6 subnets, for free, should get you started on the learning curve. You can enable it on just a few test internal networks first, and make your own plan forward from there.
IPv6 doesn't have any technical problems that are any worse than IPv4. In fact, I would say that IPv6 is a vast improvement on IPv4, if only it could succeed in weaning the sheep away from NAT.
I have built and run IPv6 networks since 1996 when I first learnt about it, and it was only available on FreeBSD via the Kame implementation. It is no more complicated to run than IPv4 was. The biggest headache I ever had was keeping track of address assignments, because so many addresses were available to me.
People who worry that IPv6 provides no privacy, and that they will lose it if they switch from IPv4 really need to explain to me just what privacy advantage IPv4 offers that they stand to lose in a switch to IPv6. And they need to speak slowly and clearly lest I don't understand their speech.
Even via tunneling, I often get better performance using IPv6 native than I do with IPv4, simply because my packets don't get touched by a bunch of middleboxes trying to "protect" my data stream with NAT. I tell you, the most sulphurous, smelliest, hottest circle of hell awaits the devils who foisted NAT on the networking community.
Regarding IPv6 in LACNIC, the only reason I could see for the slow uptake of IPv6 comes in a single phrase, "Internet Service Providers". For whatever reason, they refuse to provide native IPv6 transit service where I live. If it is the same elsewhere, then that industry, as a class, needs to be taken to the back of the barn and given a "gentle reminder" about their duty of providing connectivity for their existing and new customers, perhaps with a few 50 mm rounds of artillery.
I check every year with the local ISP's, and every year, they return with nothing but empty promises that they will provide native IPv6 transit service by the end of the year. WE ARE STILL WAITING, folks.
The only way I can explain the no-apparent-plan attitude from ISPs over IPv6 is basic incompetence.
They should be supplying customers with compatible hardware. They should be installing compatible hardware. When I was still running Win XP, that had IPv6 as an option, which is the epitome of something not being new.
I used to use an ISP who didn't admit to knowing what IPv6 was
My current ISP supplied me with a router which I use. They do have a plan, but they don't need to implement it yet. They have done trials and give instructions for setting up the router. It still looks a bit hairy as an exercise, but it's one of the reasons I picked them.
Even without using IPv6, switching ISPs gave me vastly improved performance. IPv6 looks like a useful indicator for ISP competence.
<rant>
IPV6 has never been adopted because it sucks. It came into being at a time when 32 bit computing was pushing limits, so some idiot decided to jump to a 128 bit ( so we would never run out) hex notation instead of moving to 48 or 64 bits tagging on a couple more octets on the front that were implied zero. While they were at it they made it 100% incompatible with the current scheme, from notation to packet headers to "FIX" the problems with IP.
Tossing backward compatability was abundantly stupid; similar arguments were used to try and get CPU's to use 128 bit addressing. Fortunately level headed engineers shot most of that stupidity down. Even today most hardware doesn't decode more than 48 address bits because it's approaches pointless. 2^64 is a fraking big number. It all goes back to the old story of paying me a penny a day but double my salary every day for a month. Most people can't even grok compound interest. When you repeatedly DOUBLE something, the numbers get really really really big down the line. I wonder, if INTEL had a chance to rethink the 64-bit "ITANIUM" RISC vs x86 compatability if AMD would even be around.
(TCP)/IP itself was somewhat slow in widespread adoption. Internal networks runing IPX/burst were noticeably faster without the added overhead of IP packetization. It was adopted because it was fairly simple and allowed compartmentalizing and routing traffic more easily in wide area environment than other solutions at the time. ( I want an X.25 PAD! ). IPV6 packet overhead is a topic for another thread.
Changing an IP address from a 32 bit entity to a 64 bit one could have been done with a minimum of fuss, about the same as 'time_t' moving from a signed 32 to 64 bit entity. Once the libraries were adjusted, and the packet headers re-aligned, with some compatible extent marker traffic could have been trivially routed by the network stacks, but noooooo....
I'm a geek, I dissect packets for a living, but Im sorry 55.125.145.200.55.101 is a bit easier to grok than 45:26:AF:B7:2C:5A:99:27:39:87:26:45:67:89:FA:4C. Now just at a glance can you tell if I have all 128 bits there? And before you hand me the leave out zero's crap, don't even go there. I can't remember the rules. FF::01 but not FF:07::05::01, blah, blah. and if you don't need all that then why did you put it there in the first place? Don't get me started on the MAC address bullsh*t.
We "ran out" of phone numbers too. We fixed it by adding numbers to the front
7657 -> 5-7657-> 495-6757 -> 703-495-6757 -> 01+ 703-495-6757
Not by re-creating completely new dialing rules and changing to hex dialpads on the phones.
For 95% of folks NAT is quite sufficient and adds a modicum of security to most networks. As I recall IPV5 was on the right track then de-railed. Religious rants on NAT do not impress.
</rant>
PS Yea, I'm old. I've been doing this a LONG time, and I miss NOVELL. :).
> I miss NOVELL
You should be pleased then, because IPv6 borrowed its separation between the routing prefix and the interface identifier from Novell, who borrowed it from Xerox XNS. The automatic configuration of IPv6 hosts was also inspired by Novell, along with Appletalk and DECnet.
As I noted in an earlier comment on this thread, backwards compatibility is dreamware. Phones have always used variable length addresses, so adding digits was pretty easy. IPv4 uses strictly fixed length addresses, so adding extra bits is automatically incompatible.
Yes, I'm an old fart too, and I am fed up with glitches and limitations caused by NAT. Fortunately my home ISP and my work network both have native IPv6. It isn't hard, it doesn't suck, so let's all just do it...
Let's say I have a dedicated server (or VPS?) somewhere that has IPv6:
* is it possible to set up a vpn (Linux-based) so that my local IPv6 traffic goes out over that link with a specific IPv6 address?
* would I be able to use the same tunnel and some config on the remote server to assign specific IPv6 addresses to, eg, my local toaster, fridge, etc.?
My local ISP doesn't support IPv6, so I'm trying to figure out how to dip my toe into IPv6 waters, so to speak...
I personally find the he.net broker and setup to be the best, and fastest.
he.net have endpoints in the UK, USA. and own the links between them, and as under utilised, I find them faster for international links than ipv4!
Compare my ipv4 traceroute from my UK server to my US-West server with the ipv6 equivalent (uk using free he.net london pop - us-west has native ipv6)
catflap.dyslexicfish.net (::)
Packets Pings
Host Loss% Snt Last Avg Best Wrst StDev
1. DyslexicFish-1.tunnel.tserv5.lon1.ipv6.he.net 0.0% 38 10.9 11.2 10.3 13.1 0.4
2. v316.core1.lon1.he.net 0.0% 38 15.7 10.1 5.9 23.8 4.5
3. 10ge3-1.core1.lon2.he.net 0.0% 38 7.6 9.3 5.9 17.9 3.8
4. 100ge1-1.core1.nyc4.he.net 0.0% 38 73.0 75.2 71.5 84.5 4.2
5. 10ge10-3.core1.lax1.he.net 0.0% 38 140.3 137.5 133.0 146.3 4.4
6. 10ge1-3.core1.lax2.he.net 0.0% 38 132.4 135.9 132.4 153.1 4.4
7. ge-0-7-0-24.r04.lsanca03.us.ce.gin.ntt.net 0.0% 38 133.8 134.2 133.0 142.3 1.7
8. catnip.dyslexicfish.net 0.0% 37 134.4 135.2 134.1 147.0 2.2
catflap.dyslexicfish.net (0.0.0.0)
Packets Pings
Host Loss% Snt Last Avg Best Wrst StDev
1. 91.109.5.254 0.0% 53 0.8 1.6 0.4 26.2 4.3
2. ldc5-cr5.core.webfusion.com 0.0% 53 1.5 2.6 0.5 65.5 8.8
3. 109.104.95.101 0.0% 53 6.7 10.7 5.9 158.9 22.6
4. ldn-b5-link.telia.net 0.0% 53 6.4 7.3 5.8 51.9 6.3
5. ldn-bb2-link.telia.net 0.0% 53 6.1 9.8 5.5 91.6 13.3
6. ash-bb4-link.telia.net 0.0% 53 80.7 82.2 79.9 122.0 7.3
7. las-bb1-link.telia.net 0.0% 53 143.3 143.6 142.7 153.4 1.8
8. las-b3-link.telia.net 0.0% 53 153.4 156.3 152.5 203.8 9.3
9. 208.90.35.66 0.0% 52 153.3 153.1 152.2 161.0 1.1
10. v107.r6.lax2.trit.net 0.0% 52 143.3 143.3 142.8 143.8 0.0
11. arpnetworks-lax2-gw.cust.trit.net 0.0% 52 154.0 156.2 153.4 192.1 6.5
12. catnip.dyslexicfish.net 0.0% 52 153.9 154.0 153.3 156.5 0.4
" Let's say I have a dedicated server (or VPS?) somewhere that has IPv6:
* is it possible to set up a vpn (Linux-based) so that my local IPv6 traffic goes out over that link with a specific IPv6 address?
* would I be able to use the same tunnel and some config on the remote server to assign specific IPv6 addresses to, eg, my local toaster, fridge, etc.?
My local ISP d1oesn't support IPv6, so I'm trying to figure out how to dip my toe into IPv6 waters, so to speak...
If I understand you correctly, you have a server with native ipv6, and you want to use it to give your home network ipv6 via an ipv4 tunnel from home to server.
Yes, ip6 in ip4 capability exists in linux, and yes, you can configure the server to route some of your ip address range down the tunnel to your home lan.
Your home lan simply becomes an ipv6 subnet of your server.
However it's much easier, and cleaner to get a free tunnel from an ipv6 provider. You won't need to rely on the server for connectivity, and you will get your own ip6 /64 dedicated to your lan (and all 2↑64 devices you own!)
He.net is quick, free, reliable, so much so that I have my home router (he.net allows more than one independent tunnel - i have one set up at home, and another on the uk server) set to prefer ipv6 over ipv4 if the remote site supports it.
$ dig +short www.theregister.co.uk aaaa
$ dig +short www.theregister.co.uk any
92.52.96.89
$
Nope, no IPv6 for theregister yet, still.
user@router> show route table inet6.0 aspath-regex ".* 15395"
inet6.0: 17967 destinations, 33611 routes (17966 active, 0 holddown, 2 hidden)
+ = Active Route, - = Last Active, * = Both
2a00:1a48::/32 *[BGP/170] 1w0d 12:10:09, MED 114022, localpref 200
Rackspace do do IPv6, and going by the address range have done for years.
SSL would be nice too, btw.
...my (cable) ISP only provides one IPv4 address. It's up to me to provide NAT addresses to all my stuff, namely 1 pc, 1 notebook, 2 smartphones, 1 cheap android fondleslab and a PS3.
I seriously doubt they would provide me more than 1 address FOR FREE if they ran IPv6. They are all over the place, charging for extra TV points-of-access, given the fact it doesn't cost more TO THEM to run the cable for 1 or 50 TVs, after those 50 or so feet of cable are laid in. Even worse, they encoded the set-top boxes, so your off-the-shelf TV doesn't work without their set-top box, or you could have 2 TVs changing channels in unison, (which is pretty common in sports bars).
Our version of FCC (ANATEL) is a bloody, bought-off, sick joke, regarding any technical limitation over what is considered illegal and abusive charging.
If they (ISPs) ever threatened to charge for extra addresses, the standard retort is: I bloody bought BANDWIDTH, and I can bloody hook up as many gadgets I like on it. They are prying my ability to run multiple stuff without extra cost off from MY COLD DEAD HANDS, AND OVER MY DEAD BODY.
Of course, I can still run a IPv6 router and NAT it down to IPv4, right? No?