back to article China again signals desire to shape IPv6 standards

China's Central Cyberspace Administration has revealed a plan for further and faster adoption of IPv6 across the nation and outlined plans to drive new developments for the protocol. The Middle Kingdom's updated IPv6 ambitions were detailed yesterday in an announcement of the "2022 Work Arrangement for Further Promoting the …

  1. tip pc Silver badge
    Holmes

    Just how would everything being internet addressable be helpful for china?

    I really can’t think why having everything in your home being internet addressable could be useful for the Chinese state.

    But China is all-in on IPv6 for advancement of the standard. The new plan calls for the nation to be "actively participating in the formulation of international standards for the next-generation internet," by accelerating R&D on key technologies for IPv6 security, including "network security management, supervision and inspection."

    Those last 3 points are useful for everyone aren’t they, we all want those things to ensure the integrity and privacy of our home and work systems.

    Am I looking at this wrong?

    Could it be that the Chinese state are promoting these things to ensure "network security management, supervision and inspection." of its citizens systems so they can greater enhance their wellbeing?

    It’ll be like smart meters, trying to be sold as a useful tool for consumers with the added sting of things not talked about at deployment but become used in the following years against consumers.

    1. Phil O'Sophical Silver badge
      Big Brother

      Re: Just how would everything being internet addressable be helpful for china?

      You think that every citizen will be issued with a New IP address at birth, to ensure that the state can "look after" them?

      1. Lis

        Re: Just how would everything being internet addressable be helpful for china?

        You mean, for instance, National Insurance numbers?

        1. Nightkiller

          Re: Just how would everything being internet addressable be helpful for china?

          Last time I checked, my National Insurance Number could not tell me where I am eating lunch at the moment.

          1. Martin Summers

            Re: Just how would everything being internet addressable be helpful for china?

            "Last time I checked, my National Insurance Number could not tell me where I am eating lunch at the moment."

            Strange, it told me you were eating it at your desk.

          2. Yes Me Silver badge

            Re: Just how would everything being internet addressable be helpful for china?

            And neither would that fantasy of an IPv6 address issued at birth do so either. That isn't actually how the Internet works, regardless of the IP version number. And the Chinese participants in Internet standardisation, of whom there have been many for many years, do know how the Internet works.

  2. sreynolds Silver badge

    Oh come on...

    How else are they going to spy on. oppress, manipulate and control the masses? With bog standard IPv6? Surely not.

  3. Gene Cash Silver badge

    This makes me not want to use IPv6

    China only does stuff that benefits China and its repression and control.

    If IPv6 didn't assist that, China wouldn't give a damn about it.

    1. FlamingDeath Silver badge

      Re: This makes me not want to use IPv6

      It must be wonderful living in the benevolent country you currently reside in, which country is that?

      We all might move there, if it exists

      1. LDS Silver badge

        "We all might move there, if it exists"

        Still it looks there are a few countries where a lot of people try to move in, others where people don't try to move in at all, and many from where a lot of people try to move out, risking their lives in long and dangerous journeys... do you ever asked yourself why?

      2. Yes Me Silver badge
        Headmaster

        Re: This makes me not want to use IPv6

        Sigh. IPv6 is no more, and no less, a privacy risk than IPv4. Perhaps the only difference is that privacy has been a matter of concern since very early in the development of IPv6, and was completely ignored during the design of IPv4.

        The major risks to your privacy are in the upper layer protocols, which are identical for IPv4 and IPv6.

        It won't have escaped your notice that incidents such as the infamous hacking of baby alarms, and the vast majority of other attacks and scams, took place on NATted IPv4 networks. NAT is neither a security nor a privacy tool.

  4. Anonymous Coward
    Anonymous Coward

    Then can we get rid all all of the 6-to-4 gateways? That'll protect my networks from direct access by China.

  5. Totally not a Cylon Silver badge
    Boffin

    IPv8 anyone?

    Maybe it's time to consider a new network addressing system.

    One which can cope with interplanetary networks....

    Otherwise we'll end up using MuskNet........

    1. Bartholomew Bronze badge
      Meh

      Re: IPv8 anyone?

      Interplanetary networks have a totally different requirement to local networks, store and forward when connection is available, massive amount of redundancy (forward error correction) to hopefully avoid the need for any retransmission.

      Neptune is the furthest planet from the Sun (4.298 billion km to 4.7 billion km from earth, which is about 14337 to 15678 light seconds away) waiting 24-30 hours for a TCP three way-handshake, is not really not really practical means of communication. IP is just not practical for interplanetary communications.

      Musk's space junk is in low earth orbit with a minimum altitude of 550km (~0.0018 light seconds) and because the refractive index of glass ~1.5 (used in fibre-optic cables) is greater than the refractive index of air/vacuum ~1.0, on paper starlink should always have a lower latency (unless your destination is less than 733km of fibre-optic cable away from the source, but with additional delay of repeater every 100 km on fibre, in reality you are probably taking less than 30% of that). So no special modifications to TCP/IP is needed for it to function correctly on MuskNet.

      1. Alan Brown Silver badge

        Re: IPv8 anyone?

        "IP is just not practical for interplanetary communications"

        It's pushing it for geosyncyhronous orbit (always was) and probably impractical even as close as the moon

        Just to give an idea how much latency affects things:

        When New Zealand moved its 64kb/s national circuit (yes really, an entire country could run on that little bandwidth, especially when paying $100k/month++ for it) from satellite to submarine cable in ~1996, IP traffic throughout nearly TREBLED from one week to the next

        Just because IP "keeps working" at higher latencies, doesn't mean it works "well" - it becomes intolerable for humans very quickly and dies entirely not long after that

        1. R Soul

          Re: IPv8 anyone?

          Just because IP "keeps working" at higher latencies, doesn't mean it works "well" - it becomes intolerable for humans very quickly and dies entirely not long after that

          Latency is principally a layer-2 issue that's governed by the speed of light. IP is layer 3.

          1. Bartholomew Bronze badge

            Re: IPv8 anyone?

            Surely you mean a layer 1 issue, the physical layer, where the laws of physics apply.

            1. Brewster's Angle Grinder Silver badge
              Coat

              Re: IPv8 anyone?

              Are the laws of physics not layer 0? (Well, the real laws are probably layer -1, since in practice you'lll be using an effective theory, not the real thing, at layer 0.)

          2. david 12 Silver badge

            Re: IPv8 anyone?

            TCP latency is chiefly a layer 3 issue.

            At layer 2, IP is the wrong protocol for high-loss and low-bandwidth channels, which unavoidably creates level-3 latency, even if TCP wasn't the wrong protocol.

        2. Yes Me Silver badge

          Re: IPv8 anyone?

          Which is why there has been research work for quite a long time on how to handle those very long delays. The problem has little to do with addressing; IPv6 really does have enough addresses...

          See all these documents for example.

      2. Roland6 Silver badge

        Re: IPv8 anyone?

        >Interplanetary networks have a totally different requirement to local networks

        I assume you define "local networks" as earth-based. Remember the core Internet Protocol Suite was originally designed for use over low speed (by today's standards) WANs. It wasn't that long ago that using TCP/IP directly over satellite links was a poor use of the medium and protocols and gateways were developed that better supported this environment, yet I still communicated with some system at the other end of a (9600 baud) satellite link using its unique IPv4 address.

        So don't see why Internet addressing can't allow for Interplanetary networking consistent with the unique end-to-end connectivity principles that many that complain about NAT espouse. Just don't expect to be able to use FTP et al.

        Digressing, if we ever really get quantum computers then I suspect we will also have quantum networks...

        1. Anonymous Coward
          Anonymous Coward

          Re: IPv8 anyone?

          .. using quantum entanglement - and then listening in is really off the agenda (so it either won't happen or will be kept stupidly expensive).

      3. JonDoe

        Re: IPv8 anyone?

        "IP is just not practical for interplanetary communications."

        I thought that was what IP stood for...

      4. Kernel

        Re: IPv8 anyone?

        "but with additional delay of repeater every 100 km on fibre,"

        That's a truly ancient system - all the long-haul, high capacity, fibre systems I've worked on (and there's been more than a few) have used DWDM and analogue amplifiers every 100km or so, which renders the in ground (or sea) infrastructure modulation and channel capacity agnostic, ie., you can mix 10gb/s and 100gb/s channels on the same fibre and upgrade channels to higher speeds just by changing out the transponders at each end of the link.

        Repeaters on long-haul fibre are a 1990's (or earlier) technology.

        1. tip pc Silver badge

          Re: IPv8 anyone?

          That's a truly ancient system - all the long-haul, high capacity, fibre systems I've worked on (and there's been more than a few) have used DWDM and analogue amplifiers every 100km or so, which renders the in ground (or sea) infrastructure modulation and channel capacity agnostic, ie., you can mix 10gb/s and 100gb/s channels on the same fibre and upgrade channels to higher speeds just by changing out the transponders at each end of the link.

          Repeaters on long-haul fibre are a 1990's (or earlier) technology.

          I was going to write much the same.

    2. Anonymous Coward
      Anonymous Coward

      musknet

      Once His Muskiness fucks off to Mars (or wherever else is his home planet), why would anyone need or want to keep in touch with him?

      1. Anonymous Coward
        Anonymous Coward

        Re: musknet

        To check that he's not on his way back?

  6. Amentheist
    Flame

    "adds security and management features"

    We know how that works out in the real world don't we, Intel.

    1. Giles C Silver badge

      Re: "adds security and management features"

      The early drafts of ipv6 were meant to use IPsec encryption for all comms but it was dropped from the standards.

      RFC 6434 Dropped this to a recommendation so naturally everyone shifted to unencrypted comms.

      1. Yes Me Silver badge

        Re: "adds security and management features"

        IPSec has its role but actually it's TLS that saved the universe. A more accurate statement is that everyone shifted to TLS for encryption.

  7. VoiceOfTruth

    IPv6 is ugly and it's hard to read

    If it wasn't it would probably already be used more widely. It's the Sendmail configuration file vs Exim or Postfix.

    1. Alan Brown Silver badge

      Re: IPv6 is ugly and it's hard to read

      you can rewrite IPv6 in IPv4ish if you want - but it's even more ugly and hard to read

      I'd far rather go to 2001:4860:4860::8844 than 32.1.72.96.72.96.0.0.0.0.0.0.0.0.0.136.68

      As for sendmail vs exim/postfix - I can write sendmail.cf configs in my sleep without even bothering with m4, however I STILL believe exim or postfix run rings around it AND are much simpler to setup/debug (the problem with using a swiss army knife like sendmail to eat your soup is that it's easier, less cumbersome to use a spoon and you tend not to need to clean "gunk" out of the workings afterwards)

      Nonetheless I have manglement who insist we use sendmail "Because we don't understand postfix/exim" - and you wonder why there are still security breaches everywhere involving years-stale software with mindsets like that...

      1. Anonymous Coward
        Anonymous Coward

        Re: IPv6 is ugly and it's hard to read

        I can write sendmail.cf configs in my sleep without even bothering with m4

        Personally I think that sendmail.cf must have been designed in the 60s on account of appearing like someone was high when they did it. But respect if you can do it without m4.

  8. TeeCee Gold badge

    IPV6 adoption.

    Actually, the elephant in the room is that it's not users / consumers or management dragging their feet here.

    The big pushback comes from the technical staff who really like the ability to have the whole address structure memorised and refuse point-blank to address destinations by their DNS name. You think users are hidebound luddites averse to change? We make them look like technical mayflies...

    1. tip pc Silver badge

      Re: IPV6 adoption.

      Actually, the elephant in the room is that it's not users / consumers or management dragging their feet here.

      The big pushback comes from the technical staff who really like the ability to have the whole address structure memorised and refuse point-blank to address destinations by their DNS name. You think users are hidebound luddites averse to change? We make them look like technical mayflies...

      with thousands of switches, routers & servers to cater for there is no chance most of us will remember individual IP addresses.

      it is important to know what vlans and their associated subnets stuff is in though, also point to point links need the smallest address pools possible so /64's are no use there /126's giving 2 useable addresses are used.

      there are numerous other reasons why techies have not adopted ipv6, memorising IP's is most definitely not a reason for not using it.

      1. Alan Brown Silver badge

        Re: IPV6 adoption.

        "also point to point links need the smallest address pools possible"

        Point to point links don't need an IP address AT ALL and didn't under IPv4 either.

        Just because you assigned them a /30 or a /32 doesn't mean that's the way it has to be and why keep propagating bad IPv4 practice into IPv6?

        1. Yes Me Silver badge

          Re: IPV6 adoption.

          Because it isn't bad practice? It sure makes traceroutes more useful, for example. Assigning a /127 to a p2p link is somewhat standard practice and has been for many years.

          1. This post has been deleted by its author

        2. tip pc Silver badge

          Re: IPV6 adoption.

          Point to point links don't need an IP address AT ALL and didn't under IPv4 either.

          if I don't use a /30 or /126 how do I tell my routing protocols what its neighbours should be and ensure that only the neighbours I want are reachable on that segment without fear that someone else could introduce a new router and try and interfere with my routing (yes I use passwords for route sharing but belt and braces help)

          I can use /29's or /125's if i need more than 2 hosts but less than 6 etc etc.

          I suspect if I had written "point to point L3 links" that may have been clearer for you.

  9. Roland6 Silver badge

    Time for the Internet to become less US-centric..

    >"Trying to have the ITU adopt New IP has earned China the ire of groups including the Internet Society and the European Telecommunications Network Operators' Association"

    Makes sense for the new Internet to be International Standards-based, also for the new Internet to be governed by International (ie. non-US-HQ'd) organisations. The surprise is that the Internet Society et al aren't leading the initiative...

    1. Alan Brown Silver badge

      Re: Time for the Internet to become less US-centric..

      1: It IS international standards based

      2: The international TELECOMMUNICATIONS union is mostly a closed shop which has spent the last 160 years keeping as many players OUT as possible. Their mindset is "We dictate the direction where the technology will follow - and the amount of bandwidth you will require"

      IETF documents are open and freely available, Good luck getting the full set of ITU ones for less than seven figures USD

      "Governed" in this case is another word for "controlled and muzzled", something the Chinese in particular (but authoritarians in general) are very keen on when it colmes to information flow

      1. Roland6 Silver badge

        Re: Time for the Internet to become less US-centric..

        >1: It IS international standards based

        That is very different to Iinternational Standards based.

        >2: The international TELECOMMUNICATIONS union is mostly a closed shop

        Agree, however, they are not US-centric and directly subject to US law etc. The ITU whilst having many negatives have managed to largely keep the international telephone network running outside of national politics.

        The main principle is whether you believe the Internet is just an extension of US imperialism or something for the world. If it is something for the world then I suggest given recent history the need is to get the responsibility and control of the Standards and operations outside of the US and into appropriate International bodies. If the IETF and Internet Society aren't prepared to take the lead then they can't object when others do.

        1. R Soul

          Re: Time for the Internet to become less US-centric..

          The ITU whilst having many negatives have managed to largely keep the international telephone network running outside of national politics.

          You are delusional.

          The ITU does not run the international telephone network. It doesn't run anything. It never has.

          It doesn't interfere in national politics or operational matters: local numbering schemes, regulation, pricing, call routing, etc. What goes on inside a country's borders is nobody else's business. The ITU is deeply involved in international geopolitics and telephony arrangements: what is and isn't a country, who gets an E.164 code point and what it is used for, cross-border tariff arrangements, etc. It fact, that's the ITU's core mission - apart from preserving its bloated and expensive bureaucracy.

          BTW the Internet is something for the whole world. It's never been an extension of US imperialism.

          It's largely an accident of history that global co-ordination of the Internet is done by a multistakeholder US non-profit, iCANN. Before ICANN existed, no governments cared about Internet governance. The US government realised some degree of adult supervision was needed and that body had to have support from industry and other key sectors (which included governments). ICANN was the result.

          And while ICANN is flawed, it is light years ahead of what the ITU could have done if they'd been in charge. For starters, anyone can participate in ICANN and be heard. It costs nothing. Unlike the ITU where you have to pay $$$ in membership fees that can only be afforded by governments and multibillion businesses.

        2. Yes Me Silver badge
          Flame

          Re: Time for the Internet to become less US-centric..

          "If the IETF and Internet Society aren't prepared to take the lead then they can't object when others do."

          That is an absurd statement. The Internet Society was founded in 1992 and has been international since day 1. (I know because I was a pioneer member and I'm very definitely not American). The IETF started in 1986, has always been open to any adult human, and held its first international meeting in 1993 (Amsterdam).** Nowadays, it has an explicit policy of rotating the meetings round the world - the first post-COVID meeting was last month in Austria.

          The Internet stopped being US-centric a long time ago; it's hard to define a specific date, but it was clearly before the Web took off in 1995. The first web site was in Switzerland, after all - except that it was in France, too, since the CERN site straddles the border and all the comms links ended in a building on French soil.

          ** Actually, it held a meeting in Vancouver in 1990, because the planned venue in the US fell through at the last minute.

      2. Anonymous Coward
        Anonymous Coward

        Re: Time for the Internet to become less US-centric..

        "Good luck getting the full set of ITU ones for less than seven figures USD"

        ITU standards docs are in the public domain and freely available to everyone at no cost. You just can't get access to these while they are in development because that's for members only.

        Your comments about ITU-T - the telecoms bit of the ITU - are spot on though. There's almost no tech sector participation. Even the big telcos have voted with their feet. Which leaves a gaping hole that get filled by regulators and government officials who don't write code or run/design networks. That's reflected in the technical quality and relevance of most of ITU-T's output since it lost the 1980's protocol wars. There's a long list of epic fails: X.400, X.500, H.323, etc.

      3. tip pc Silver badge

        Re: Time for the Internet to become less US-centric..

        IETF parent organisation Is the internet society

        https://en.wikipedia.org/wiki/Internet_Society

        The Internet Society (ISOC) is an American nonprofit advocacy organization founded in 1992 with local chapters around the world. Its mission is "to promote the open development, evolution, and use of the Internet for the benefit of all people throughout the world." It has offices in Reston, Virginia, U.S., and Geneva, Switzerland.

        The ITU is a UN organisation.

        https://en.wikipedia.org/wiki/International_Telecommunication_Union

        The International Telecommunication Union is a specialized agency of the United Nations responsible for many matters related to information and communication technologies.[1] It was established on 17 May 1865 as the International Telegraph Union, making it the oldest UN agency.[2]

        I suspect china preferred the older non US entity for obvious reasons.

        1. Roland6 Silver badge

          Re: Time for the Internet to become less US-centric..

          @tip pc

          Thanks for putting it very clearly the problem.

          Fundamentally, the Internet Society/IETF has done the typically 'techie' thing and not thought sufficiently about the politics and so has left the door open for others. The Internet Society needs to cosy up to the UN and ITU and get themselves accredited as being the UN specialised agency for all things "Data communications networking" - which encapsulates the Internet and any future incarnation. Then China's approach could be simply referred to the Internet Society for consideration...

          Obviously, it just needs to finesse the mechanisms by which desireable technical change can be made as per current IETF processes, yet have available the full ITU bureaucratic process for those proposals (typically from governments) that need detailed consideration such as China's proposal...

          1. This post has been deleted by its author

          2. Anonymous Coward
            Anonymous Coward

            Re: Time for the Internet to become less US-centric..

            Good luck making that happen any time this side of the heat death of the universe.

          3. Yes Me Silver badge
            Headmaster

            Re: Time for the Internet to become less US-centric..

            Fundamentally, the Internet Society/IETF has done the typically 'techie' thing and not thought sufficiently about the politics

            Sorry, you cannot mix the two like that. ISOC's role is policy and they have thought about it a lot, and lobbied (with the ITU in particular) when appropriate. But ISOC is an NGO, is not politically aligned, and could never, ever become a tool of the UN.

            The IETF is explicitly not concerned with policy. But it does have active liaisons with many Standards Development Organisations, naturally including the ITU, for technical coordination.

            1. Roland6 Silver badge

              Re: Time for the Internet to become less US-centric..

              > ISOC's role is policy and they have thought about it a lot, and lobbied (with the ITU in particular) when appropriate.

              And therein lies a problem - which china are attempting to exploit, ISOC currently can only lobby the ITU, ie. it is subservient to and outside of the ITU decision making process...

              Mind you, if the ITU accept China's proposal, I'm not sure how it would get implemented (ie. become part of the Internet ISOC oversee's and IETF defines).

        2. Yes Me Silver badge
          Headmaster

          Re: Time for the Internet to become less US-centric..

          Wikipedia tells a lie: although ISOC is incorporated in the USA, its scope and membership is worldwide.

          You are correct that China feels comfortable with the ITU. Wanna know why? Look here!

    2. Anonymous Coward
      Anonymous Coward

      Re: Time for the Internet to become less US-centric..

      I presume you were being sarcastic.

      A new internet - whatever that is - run by a UN-like entity would be an almighty clusterfuck of delays, cluelessness and delusion. It would also stifle innovation. Just imagine how bad it would be if governments got to decide on what mail or web or voip protocols were allowed on this new internet, To pick just one example. Choices wouldn't be made based on technical or engineering merit.

      1. tip pc Silver badge

        Re: Time for the Internet to become less US-centric..

        A new internet - whatever that is - run by a UN-like entity would be an almighty clusterfuck of delays, cluelessness and delusion. It would also stifle innovation. Just imagine how bad it would be if governments got to decide on what mail or web or voip protocols were allowed on this new internet, To pick just one example. Choices wouldn't be made based on technical or engineering merit.

        Imagine how long it would take them to introduce some new ip numbering scheme?

        1. Roland6 Silver badge

          Re: Time for the Internet to become less US-centric..

          >Imagine how long it would take them to introduce some new ip numbering scheme?

          That might be a benefit for a mature platform; no one really wants (unless it is earth-shatteringly good) a replacement to the IPv6 numbering scheme within the next 25 years or so...

  10. Bartholomew Bronze badge
    Coat

    Sounds like a fantastic idea

    IPv6 makes every device directly accessible from the internet. So I'm picturing all the Internet of Trash devices which due to price point will have no firewall an minimal security features, could be very interesting. For some reason I'm picturing a botnet of fridges à la Silicon Valley. Or maybe a botnet of toasty toasters, could be brilliant.

    1. TimMaher Silver badge
      Thumb Up

      Re: directly accessible

      Not on my network.

      Thank you IPV4 and NAT on the outside, some link local 6 on the inside.

    2. DougMac

      Re: Sounds like a fantastic idea

      My IPv6 networks all live behind firewalls, why would China be any different?

      1. Bartholomew Bronze badge

        Re: Sounds like a fantastic idea

        Smart people can firewall IPv6 devices, but is that the default behaviour for the average person. Most people just want to plug something in, for it to work the way they think it should work (magic?) and never give a thought about it ever again.

        I agree that everything inside China will be protected from the big bad world by the great firewall of China (AKA China's Internet censorship infrastructure), but what about the rest of the worlds devices ? What will be the default for IPv6 devices, direct access or some or most devices behind firewalls ?

        1. Yes Me Silver badge

          Re: Sounds like a fantastic idea

          "is that the default behaviour for the average person"

          Yes. Because any off-the-shelf customer edge router will have the IPv6 firewall switched on by default, exactly like the IPv4 firewall. The difference is that the IPv6 firewall is simpler, because it doesn't have to do the nonsense of port mapping required by the IPv4 NAT.

    3. Alan Brown Silver badge

      Re: Sounds like a fantastic idea

      "Addressable" is not "accessible"

      The large number of IPv4 tunnels in place to deal with the shortfall of addressing has made mincemeat of many firewalls by allowing them to be sidestepped once you know where to look. Dahua camera botnets are a direct result of that kind of kludge

      NAT is not a firewall and most "IPv4 firewalls" offer little protection against being backdoored whilst alnmost NONE of them firewall OUTBOUND traffic to protect the network against potentially compromised internal devices

      Virtually all dual-stack routers firewall IPv4 and IPv6 identically (and have done for 15+ years) in any case, so whataboutisms claiming that IPv6 firewalling is "too hard" are really showing their pitiful lack of actual experience with the protocol

      1. Bartholomew Bronze badge

        Re: Sounds like a fantastic idea

        The difference between "Addressable" is not "accessible" is one bug.

      2. Anonymous Coward
        Anonymous Coward

        Re: Sounds like a fantastic idea

        I had to deal w IPv4 to IPv6 migrations long ago in a place where such a migration would take a lot of time.

        One of the immediate issues from a security perspective is what to do with extensible headers. Given that they are an excellent vehicle for covert data tunnels I'd say drop them at the firewall, but you can bet your Sunday shoes that some moronic monopoly will insist on using it to serve its own needs and we'll thus be stuck with their bastardisation and inherent security risks.

        Simple example: Microsoft (ab)use of Kerberos.

        On of the issues with updates to established standards is improvements that can have unintentional and potentially ugly side effects. Not everyone on your network has benign intentions.

        1. Yes Me Silver badge

          Re: Sounds like a fantastic idea

          Actually the observed fact is that most IPv6 extension headers don't work across the Internet, because enterprise firewalls drop them, so while this may have been a concern in the early days of IPv6 deployment, it's become impossible to deploy unusual extension headers outside a limited domain.

    4. Yes Me Silver badge

      Re: Sounds like a fantastic idea

      IPv6 makes every device directly accessible from the internet

      Nonsense. It makes every device that needs to be accessible, and no others, accessible. (You may have heard of the technology, because it's been around longer than IPv6: it's called a firewall.)

      The difference from IPv4+NAT is only that a device's individual address is known outside the firewall. Some people believe that matters; I don't, because firewalls work just as well now as they did 25 years ago. Devices that are not accessible via the firewall are not accessible, with or without NAT.

      To say that another way, Net 10 hosts are safe because of the firewall, not because of the NAT. People get confused because the NAT and the firewall are in the same box, but the safety comes from the firewall - just as it does for IPv6.

  11. msobkow Silver badge

    Once again, China demonstrates more wisdom than the west, where the almighty dollar decides whether anything ever gets upgraded. :(

    1. Anonymous Coward
      Anonymous Coward

      Is wisdom the right word to use when a bullet to the back of the head or 30+ years in a re-education camp is the persuasive factor to ensure compliance?

    2. Anonymous Coward
      Anonymous Coward

      When you live in a Chinese city, your neighborhood has a certain status level that determines how much tax you pay. If you want to move to a nicer, higher-status neighborhood, you have to start by paying taxes at the higher rate for some period of time.

      Once you get past a certain age, you are no longer eligible to move to a higher-status neighborhood.

      You’ll never catch me setting foot in that country ever again.

      1. Claverhouse Silver badge

        Actually interesting.

        However, in Britain at least, people with bigger houses, or in higher-status neighbourhoods do pay higher Council Tax/Rates already. = Local Taxes.

        .

        Recently this was the determinant for the alleged Energy Grant that has been allocated to the households in the lower CT bands. [ Entirely privately, though I should benefit, and would be grateful: I reckon it would be better to spend all that money on tackling the recent energy price increase at source, with strong-arming the energy companies --- plus there is a minute possibility that the extra bureaucracy involved with this grant will have a cost of its own. ]

      2. Roland6 Silver badge

        >When you live in a Chinese city, your neighborhood has a certain status level that determines how much tax you pay. If you want to move to a nicer, higher-status neighborhood, you have to start by paying taxes at the higher rate for some period of time.

        I can see the Minister for the 18th Century picking up on this, it would slow upwards mobility - must keep the proles in their place.

  12. Jim Willsher

    We can pontificate all we like. The fact that IPv6 adoption is hovering around 37% a full ten years since IPv6 Day tells us that it has been a fundamental flop. We can all speculate on the reasons - firewalls, ability to memorise addresses etc. But TEN YEARS? Really?

    Fail.

    1. Yes Me Silver badge

      Not hovering

      It's not hovering, it's steadily climbing. This will continue as more and more ISPs (especially mobile carriers) switch to preferring IPv6.

      It isn't ten years, actually IPv6 Day was a bit of a sell, it's more like 20 years which is 5 years longer than I expected. But as more and more operators identify the costs of running massive scale "carrier grade" NAT, the trend towards IPv4 becoming an overlay service will continue. Already I suspect that that 37% figure (from Google, I assume) is deceptive - how much of that 63% of IPv4 originates as IPv4-over-IPv6??

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022