[swinog] Experience with 6rd Hardware
Hy List Does anybody have experience with 6rd capable soho hardware? Which manufacturer does already support 6rd? E.g. Fritzbox... Freundliche Grüsse Adrian Kägi System Engineering Teamleiter ZAPP AG Bahnhofstr. 28, 3076 Worb Telefon +41 31 710 34 23 Fax +41 31 710 34 25 adrian.ka...@medianet.ch http://www.zapp.ch Surfen ohne Grenzen ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Experience with 6rd Hardware
Hi If you count Cisco 800 Series routers to SOHO hardware … It works with the latest IOS (15.1(4)M) I'm currently running it at home[1] via Swisscom VDSL (without issues so far except some firewall stuff, but nothing serious). If you're interested I'll share the relevant configuration. Cheers! [1] CISCO881W-GN-E-K9 On 6 Jun 2011, at 09:57, Adrian Kägi wrote: Hy List Does anybody have experience with 6rd capable soho hardware? Which manufacturer does already support 6rd? E.g. Fritzbox... Freundliche Grüsse Adrian Kägi System Engineering Teamleiter ZAPP AG Bahnhofstr. 28, 3076 Worb Telefon +41 31 710 34 23 Fax +41 31 710 34 25 adrian.ka...@medianet.ch http://www.zapp.ch Surfen ohne Grenzen ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog Mathias Seiler MiroNet GmbH, Strassburgerallee 86, CH-4055 Basel T +41 61 201 30 90, F +41 61 201 30 99 mathias.sei...@mironet.ch www.mironet.ch ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Experience with 6rd Hardware
Hi OK, the Cisco 800 router is a device for power users... :-) But im really interested about configuration! Im looking for H/W like Netgear,Linksys and so on... Netgear cust. support answered with: Not implemented here... :-) -Ursprüngliche Nachricht- Von: swinog-boun...@lists.swinog.ch [mailto:swinog-boun...@lists.swinog.ch] Im Auftrag von Mathias Seiler Gesendet: Montag, 6. Juni 2011 10:22 An: Adrian Kägi Cc: swinog@lists.swinog.ch Betreff: Re: [swinog] Experience with 6rd Hardware Hi If you count Cisco 800 Series routers to SOHO hardware It works with the latest IOS (15.1(4)M) I'm currently running it at home[1] via Swisscom VDSL (without issues so far except some firewall stuff, but nothing serious). If you're interested I'll share the relevant configuration. Cheers! [1] CISCO881W-GN-E-K9 On 6 Jun 2011, at 09:57, Adrian Kägi wrote: Hy List Does anybody have experience with 6rd capable soho hardware? Which manufacturer does already support 6rd? E.g. Fritzbox... Freundliche Grüsse Adrian Kägi System Engineering Teamleiter ZAPP AG Bahnhofstr. 28, 3076 Worb Telefon +41 31 710 34 23 Fax +41 31 710 34 25 adrian.ka...@medianet.ch http://www.zapp.ch Surfen ohne Grenzen ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog Mathias Seiler MiroNet GmbH, Strassburgerallee 86, CH-4055 Basel T +41 61 201 30 90, F +41 61 201 30 99 mathias.sei...@mironet.ch www.mironet.ch ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Experience with 6rd Hardware
hi adrian maybe this helps: http://labs.ripe.net/Members/mirjam/ipv6-cpe-surveys greetings -steven -Original Message- From: swinog-boun...@lists.swinog.ch [mailto:swinog-boun...@lists.swinog.ch] On Behalf Of Adrian Kägi Sent: Monday, June 06, 2011 9:58 AM To: swinog@lists.swinog.ch Subject: [swinog] Experience with 6rd Hardware Hy List Does anybody have experience with 6rd capable soho hardware? Which manufacturer does already support 6rd? E.g. Fritzbox... Freundliche Grüsse Adrian Kägi System Engineering Teamleiter ZAPP AG Bahnhofstr. 28, 3076 Worb Telefon +41 31 710 34 23 Fax +41 31 710 34 25 adrian.ka...@medianet.ch http://www.zapp.ch Surfen ohne Grenzen ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Experience with 6rd Hardware
On 2011-Jun-06 14:38, Oliver Schad wrote: Am Monday 06 June 2011 schrieb mir Jeroen Massar: On 2011-Jun-06 14:17, Oliver Schad wrote: Am Monday 06 June 2011 schrieb mir Adrian Kägi: Thx for your replies! Wow! I see, there are tons of vendors! But when they support IPv6 or 6to4 IP6 Tunnel and so on... does they support the 6rd concept? 6to4 and 6rd are not the same and are not compatible. Actually they are very similar, both use protocol-41. The only differences between the two are how the prefix is calculated which is used for the tunnel endpoints and what the IPv4 address is of the remote tunnel endpoint. In short: they are not compatible. On a Linux/*BSD box from 10 years ago you can configure both, for 6rd (which did not exist back then) you would just have to figure out the proper prefix, based on your IPv4 address, the IPv6 prefix and the relay address given by the provider, similarly for 6to4 you would based on 2002::/16 + IPv4 + relay. Oh and of course a normal static Protocol-41 tunnel which uses the IPv6 prefix given and a single remote tunnel endpoint. They both speak protocol-41, they both do full IPv6 in there too, thus they are fully compatible also. The only thing where it might not be compatible is the user interface for making it easy to configure them. The fun and joy of 6rd is of course that your IPv6 prefix changes every time you get a new IPv4 address. With IPv4 and NAT this did not matter so much to the internal network, but now when your IP address changes you need to renumber your home network, the joys of that will be awesome for people selling consultancy services and the likes. (Just take a guess when NAT66 becomes standard because of that) Greets, Jeroen ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Experience with 6rd Hardware
2011/6/6 Jeroen Massar jer...@unfix.org: The fun and joy of 6rd is of course that your IPv6 prefix changes every time you get a new IPv4 address. With IPv4 and NAT this did not matter so much to the internal network, but now when your IP address changes you need to renumber your home network, the joys of that will be awesome for people selling consultancy services and the likes. (Just take a guess when NAT66 becomes standard because of that) Jeroen, I tought you were a lover of Unique Local Addresses, what happened to you ? :) Guillaume ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Experience with 6rd Hardware
On 2011-Jun-06 15:44, Guillaume Leclanche wrote: 2011/6/6 Jeroen Massar jer...@unfix.org: The fun and joy of 6rd is of course that your IPv6 prefix changes every time you get a new IPv4 address. With IPv4 and NAT this did not matter so much to the internal network, but now when your IP address changes you need to renumber your home network, the joys of that will be awesome for people selling consultancy services and the likes. (Just take a guess when NAT66 becomes standard because of that) Jeroen, I tought you were a lover of Unique Local Addresses, what happened to you ? :) And why would I be that? Greets, Jeroen ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Experience with 6rd Hardware
Am Monday 06 June 2011 schrieb mir Jeroen Massar: The only thing where it might not be compatible is the user interface for making it easy to configure them. While I agree to your point of view that 6rd and 6to4 are very close to each other and it shoudln't take much time to implement all necessary changes in user land and kernel it is still not compatible because you have to set the prefix. So if you look for a CPE or whatever which supports 6to4 you can't conclude that it supports 6rd. That is what I mean. Remember, the OP was looking for boxes which supports 6rd and in this context he asked for 6to4. And the answer is no, it isn't true, that support for 6to4 means support for 6rd. Regards Oli signature.asc Description: This is a digitally signed message part. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Experience with 6rd Hardware
2011/6/6 Jeroen Massar jer...@unfix.org: ULA would still require NAT66 if you want those hosts to be able to communicate to the outside, unless of course you want to firewall your internal machines based on the global prefix and update those firewall rules and all other dependencies all the time when your prefix changes... (the prefix change is why I mention NAT66 as renumbering is not funny, anywhere). So, first of all we talk about sites that would have today a dynamic IPv4 address. That would be residential, mobile, and SOHO. In the worst case, these sites can deal with LAN communication using ULA addresses, and then any public communication should be handled via public IPv6, which are at the moment all in 2000::/3, so clearly easy to identify and to put in a firewall. Readdressing the public addresses in the LAN is done easily with RAs, or DHCPv6-PD if the LAN is subdivided (an still in that case we've most likely left the normal SOHO, and we're in a bigger company that will have static v4 and most likely IPv6oE or in the home of a geek). And finally, 6rd is a transition technology, and will be certainly removed in a few years to go to IPv6oE, once incompatible hardware will be phased out. Well, that's a wish, don't take it for granted :) Guillaume ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] Split-horizon addressing (Was: Experience with 6rd Hardware)
On 2011-Jun-06 16:18, Guillaume Leclanche wrote: 2011/6/6 Jeroen Massar jer...@unfix.org: ULA would still require NAT66 if you want those hosts to be able to communicate to the outside, unless of course you want to firewall your internal machines based on the global prefix and update those firewall rules and all other dependencies all the time when your prefix changes... (the prefix change is why I mention NAT66 as renumbering is not funny, anywhere). So, first of all we talk about sites that would have today a dynamic IPv4 address. That would be residential, mobile, and SOHO. In the worst case, these sites can deal with LAN communication using ULA addresses, and then any public communication should be handled via public IPv6, which are at the moment all in 2000::/3, so clearly easy to identify and to put in a firewall. Readdressing the public addresses in the LAN is done easily with RAs, or DHCPv6-PD if the LAN is subdivided (an still in that case we've most likely left the normal SOHO, and we're in a bigger company that will have static v4 and most likely IPv6oE or in the home of a geek). So did you try the above out? Because if you did you would find the following minor problems: - what updates the firewall rules that the internal host has it's global changed IPv6 address? Swapping out the first 64bits could work in theory, but might just break existing connections. - how do you 'address' the internal services, everything goes by address or do you allow people to use hostnames? Who updates those hostnames, and does that hostname mean the internal one or the external address or both? - when you have printer configured, and you take your laptop to the lake, and you want to print, does it use the internal address or the external one? And then the other bunch of issues which effectively come down to a split-horizon view of a network. Folks are worried about IPv4+IPv6 fallback-connect issues as their browsers try both IPv6 and IPv4, be very worried when a host is both ULA and global though, which one to pick and when... One of the biggest things with IPv6 which IPv4 does not allow for everyone on the world (as it works too with IPv4 if you got a large enough chunk of addresses) is that your address is globally unique, and thus you can keep on sending packets to that single address without issues. That concept breaks with ULA. ULA is nice, it solves some problems, but it does not solve the problem when a host is also connected to a public network and does get a globally unique address through there. ULA does solve the problem when the network is not connected to anything else and you don't want to bother with getting a prefix for a private network. And finally, 6rd is a transition technology, and will be certainly removed in a few years to go to IPv6oE, once incompatible hardware will be phased out. Well, that's a wish, don't take it for granted :) Right, because like we have not been doing IPv6 tunneling for about 18 years already... and so much went native. Greets, Jeroen ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Experience with 6rd Hardware
Am Monday 06 June 2011 schrieb mir Jeroen Massar: On 2011-Jun-06 15:55, Oliver Schad wrote: Am Monday 06 June 2011 schrieb mir Jeroen Massar: The only thing where it might not be compatible is the user interface for making it easy to configure them. While I agree to your point of view that 6rd and 6to4 are very close to each other and it shoudln't take much time to implement all necessary changes in user land and kernel it is still not compatible because you have to set the prefix. So if you look for a CPE or whatever which supports 6to4 you can't conclude that it supports 6rd. That is what I mean. Remember, the OP was looking for boxes which supports 6rd and in this context he asked for 6to4. And the answer is no, it isn't true, that support for 6to4 means support for 6rd. I did not state that, I did state that if you can configure a static protocol-41 tunnel, you can also configure a 6to4 and a 6rd one, just that you will have to do the prefix calculation yourself and not the easy way in the UI. Yes that's true. But you can implement 6to4 without the possibility to support 6rd. The implementation can be compatible but it's not a must. So maybe we have to different point of views what the term compatible means. Regards Oli signature.asc Description: This is a digitally signed message part. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog