From owner-freebsd-stable@FreeBSD.ORG Wed Mar 5 16:01:43 2008 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A51FC1065679 for ; Wed, 5 Mar 2008 16:01:43 +0000 (UTC) (envelope-from jdc@parodius.com) Received: from mx01.sc1.parodius.com (mx01.sc1.parodius.com [72.20.106.3]) by mx1.freebsd.org (Postfix) with ESMTP id 812B18FC12 for ; Wed, 5 Mar 2008 16:01:43 +0000 (UTC) (envelope-from jdc@parodius.com) Received: by mx01.sc1.parodius.com (Postfix, from userid 1000) id 662DC1CC033; Wed, 5 Mar 2008 08:01:43 -0800 (PST) Date: Wed, 5 Mar 2008 08:01:43 -0800 From: Jeremy Chadwick To: Vadim Goncharov Message-ID: <20080305160143.GA28941@eos.sc1.parodius.com> References: <20080305083930.Q37745@shell.xecu.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.16 (2007-06-09) Cc: freebsd-stable@freebsd.org Subject: Re: INET6 -- and why I don't use it X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Mar 2008 16:01:43 -0000 On Wed, Mar 05, 2008 at 03:00:29PM +0000, Vadim Goncharov wrote: > Makes it harder to debug, etc. Don't want to see anything IPv6 related in > command output, to let programs to bind on IPv6 addresses, etc. Changing the Subject (but keeping the thread ID reference), since the original topic of discussion has now been skewed. I have the same attitude Vadim does. Actually, most of my IPv6 fear isn't so much fear as much as it is annoyance and confusion. Here's my list of things, as trivial as they may sound (and I guarantee they will): * I'm not familiar with the intricacies of the protocol. This is partially my own fault (lack of interest mainly, combined with lack of need), while I am very familiar with IPv4. * The last I read about IPv6 in mainstream news, there were major concerns cited over some of the security aspects of the protocol. I also remember reading somewhere that IPv6 was supposed to address issues like packet spoofing and DoS -- what became of this? * I have never liked how IPv6 denotes its addresses by using colon- delimited hexadecimal strings. I can expand on this if asked, but it's more than just "they're MAC-like" (which is also true, even though they're grouped by 16-bit values and not octets). Reading off an IPv4 address over the phone is bad enough, and typos are even worse. IPv6? Good grief. * Consumer ISPs here in the States do not "pass packets" -- you aren't given a raw pipe; you're given a physical transport with IPv4 service. The reality here is that the vast majority will not embrace IPv6 until there's an actual market/need for it. No consumer ISP I know of delegates a customer an IPv6 IP address or netblock. Backbone providers support IPv6 now, yup -- and even some peering providers and datacenter/co-location facilities do. But they're all in the minority. * The "we're running out of address space" argument doesn't hold much ground with me. Yes, it's getting tight, but it's not THAT tight. ARIN very regularly returns large amounts of IPv4 space to the world for use (I used to be subscribed to NANOG, so I'm aware of this). Want to do something useful? Start campaigns to get General Electric and MIT to give up huge portions of 3/8 and 18/8, respectively. This is ARIN's job, and I sure wouldn't want it. * NAT with IPv4 appears to be "solving" most of the address space issues in this day and age. I use quotes because it adds extra complexities at the same time (port forwarding, for example, is an annoying requirement, mainly because so many protocols were written during the days when NAT didn't exist, or are simply badly-written protocols (I'm looking at you, Microsoft)). Only once in my life have I seen a single network so large that it required use of 192.168/16, 172.16/12, and 10/8 all at once. Another fact is that NAT is **incredibly** integrated in consumer society now. The attitude given is "NAT suffices, use it". Until we can teach people "no, it doesn't suffice, and here's why" and get people to believe and accept that, it isn't going to change. * None of my employers (sans my current, Microsoft) have ever bothered implementing IPv6 on their networks. What this means for me: I have no personal *nor professional* reason to advocate or learn about IPv6. Microsoft, on the other hand, is taking initiative. But it's been anything but smooth; the amount of breakage it's caused so far is... shall I say, very disappointing. That doesn't mean "IPv6 sucks", but it does mean "integrating IPv6 into a production network appears to be painful". Hence, more animosity towards it by those who don't understand it. And last but not least: * I don't like incorporating "stuff" into my kernel, my utilities, or my systems in general which I do not use. I don't want to see an IPv6 address on my machines or my network. Why? It's about minimalism. I would gladly "embrace" IPv6 if I had reasons to, but I've none, therefore I do not. Sufficient? -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |