Category: IPv6

As expected, ARIN wasn’t that far behind APNIC and RIPE in IPv4 allocations and is now down to the last /8. Maybe it’s time for the last denialists to wake up and start considering IPv6 (or not – consultants love panicking customers)… and the new IPv6 resources page on ipSpace.net might help you get IPv6-fluent (hint: don’t miss the must-read documents section).

Most ISPs rolling out large-scale residential IPv6 agree it’s a no-brainer, but the rest of the world still hesitates.

To help the dubious majority cross the (perceived) shaky bridge across the gaping chasm between IPv4 and IPv6, a team of great engineers with decades of IPv6 operational experience (including networking gurus from Time Warner, Comcast and Yahoo, and the never-tiring IPv6 evangelist Jan Žorž) wrote an IPv6 Troubleshooting for Helpdesks document.

Last June Tore Anderson talked about his IPv6-only data center deployment (the idea made very popular recently after Facebook’s presentation @ V6 World Congress) in one of my free webinars. In case you missed the videos explaining the technical details, watch them or view Tore’s slide deck.

Whenever I mention the idea of IPv6-only data centers, I get the usual question: “Sounds great, but is anyone actually using it?” So far, my answer was: “Yeah, I know a great guy in Norway that runs this in production” As of last week, the answer is way more persuasive: “Facebook is almost there.”

When Enno Rey mentioned RFC 6106 support (why does it matter?) on Cisco IOS during the opening presentation of Troopers 2014 IPv6 security summit I got interested but remained a bit skeptical. When Eric Vyncke (sitting in the audience) started nodding, I knew it must be there. Finding the feature in IOS documentation turned out to be mission impossible.

I was listening to excellent opening presentation Enno Rey had at Troopers 2014 IPv6 security summit (he claimed he was ranting, but it sounded more like some of my polite blog posts) and when I’ve seen this slide I could literally hear a blog post clicking together in my head.

In short: IPv6 has many shortcomings, but this might not be one of them.

Ed Horley opened another juicy can of worms in a comment to my First-Hop Load Balancing in IPv6 post: can we use IPv6 RA for fast failover (and high availability)?

TL&DR summary: it depends.

A while ago Sander Steffann and Iljitsch van Beijnum wrote a fantastic document that compared most (somewhat) widely used IPv6-over-IPv4 tunneling mechanisms. The document got published as RFC 7059 in November and is a definite must-read for anyone having to deal with this particular can of worms.

Unfortunately the document doesn’t cover the recent IPv4 sunset developments – numerous mechanisms that transport IPv4 leftovers over IPv6-only access networks (MAP-E, DS-Lite, lw4over6, 464XLAT …). One can only hope Sander and Iljitsch plan to produce a complementary document soon ;)

Interested in IPv4-to-IPv6 transition mechanisms?

Check out IPv6 Transition Mechanisms webinar and other IPv6 resources on ipSpace.net.

“I want default router address in DHCPv6 options” is a popular religious war on various IPv6 mailing lists. One of the underlying reasons is the need to implement poor man’s first hop load balancing (I won’t even consider the “I don’t want to think, so want IPv6 to behave like IPv4” mentality in this blog post), and as always, the arguments have more to do with suboptimal implementations than true technical needs.

From the IPv6 Trivia department: can a host with an ULA address reach a service with a global IPv6 address? Can a host with only a link-local address reach a service with a global IPv6 address? The answer to both questions might be Yes (but you better know what scopes and zones are if you want to figure it out).

Having “do we need ULA” blogologs with Ed Horley is great … and the best part of them is that we’re both right (aka: It Depends). OK, let’s try to quantify that last part.

More news from the IPv6 is not like IPv4 department: there's no DF bit in IPv6, so you have to use slightly different troubleshooting tricks to figure out the path MTU size (and they depend on the operating system). More in a detailed blog post by my good friend Matjaž Straus.

My recommendation to use ULA addresses for internal communications within organizations that don’t have their own provider-independent address space resulted in the following comment:

[…] Having ULA for internal company communication and global IPv6 addresses for communication with the Internet will cause lots of issues with application guys since now application has to bind to specific IPv6 address for internal communications and another IPv6 address to go to the Internet.

Numerous aspects of IPv6 may still be broken, but fortunately this is not one of them.

Ed Horley wrote another great post arguing you don’t need Unique Local Addresses in an IPv6 network … and I couldn’t figure out what the problem was until I got the underlying context: it seems many engineers try to transplant their IPv4 mentality into IPv6 world and see ULAs as a nice replacement for RFC1918 with NAT66 or NPT66 on the private network edge. No wonder Ed argues against that.

Someone left the following comment on one of my blog posts a few days ago:

IPv6 to a network engineer is like Communism to a Marxist. It would come in such a distant future that it would be in a form we can barely picture accurately. […] So my money is on NAT444, at least in the US.

Meanwhile on planet Earth (in 2014):