Re: Credit to Digital Ocean for ipv6 offering
On Jun 18, 2014, at 4:37 PM, Daniel Ankers md1...@md1clv.com wrote: On 18 June 2014 19:05, Owen DeLong o...@delong.com wrote: OTOH, it's far better than those ridiculous providers that are screwing over their customers with /56s or even worse, /60s. Sad, really. Owen Is giving a /56 to residential customers REALLY screwing them over? It may be a failure of imagination on my part, but I'm struggling to come up with use cases for the home which would take up even 10% of the networks available in a /56. And if the vast, vast majority of home users will never come close to needing the whole of a /56 then I don't see why every home should be given a /48. Dan Yes… It’s not about the number of subnets, it’s about having enough bits wide to automate a hierarchy. 8 bits only allows 1x8 or 2x4, while 16 bits allows significantly more flexibility in topology. Owen
RE: Credit to Digital Ocean for ipv6 offering
On 18 June 2014 19:05, Daniel Ankers md1...@md1clv.comreplied: -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Daniel Ankers Sent: Wednesday, June 18, 2014 6:37 PM To: Owen DeLong; nanog@nanog.org list Subject: Re: Credit to Digital Ocean for ipv6 offering On 18 June 2014 19:05, Owen DeLong o...@delong.com wrote: OTOH, it's far better than those ridiculous providers that are screwing over their customers with /56s or even worse, /60s. Sad, really. Owen Is giving a /56 to residential customers REALLY screwing them over? It may be a failure of imagination on my part, but I'm struggling to come up with use cases for the home which would take up even 10% of the networks available in a /56. And if the vast, vast majority of home users will never come close to needing the whole of a /56 then I don't see why every home should be given a /48. Dan I have to agree with Dan on this one, Look at the numbers (especially for small to mid-sized business and residential): /56 = 256 /64's subnets /60 = 16 /64's subnets http://www.sixscape.com/joomla/sixscape/index.php/ipv6-training-certification/ipv6-forum-official-certification/ipv6-forum-network-engineer-silver/network-engineer-silver-ipv6-subnetting/ipv6-subnetting-general-subnetting At 18,446,744,073,709,551,616 per /64, that is a lot of address. Right now I cannot get IPv6 at home so I will take getting screwed with a /56 or /60 and be estatic about it. Curtis
Re: Credit to Digital Ocean for ipv6 offering
On Thu, 19 Jun 2014 07:18:36 -0500, STARNES, CURTIS said: At 18,446,744,073,709,551,616 per /64, that is a lot of address. Right now I cannot get IPv6 at home so I will take getting screwed with a /56 or /60 and be estatic about it. My WNDR3800 running cerowrt is quite able to use up the /60 Comcast hands me (it burns 6 /64s by default the instant you turn it on, and can burn more if you start doing VLAN'ing or other config stuff). If I had a second one that wanted to auto-delegate via PD, I'd need a /56 and be screwed with just the /60. Fortunately for my home networking needs, none of my 3.9 cats are particularly internet-savvy pgpISy8k3XauI.pgp Description: PGP signature
Re: Credit to Digital Ocean for ipv6 offering
On 19 June 2014 13:18, STARNES, CURTIS curtis.star...@granburyisd.org wrote: I have to agree with Dan on this one, Look at the numbers (especially for small to mid-sized business and residential): /56 = 256 /64's subnets /60 = 16 /64's subnets http://www.sixscape.com/joomla/sixscape/index.php/ipv6-training-certification/ipv6-forum-official-certification/ipv6-forum-network-engineer-silver/network-engineer-silver-ipv6-subnetting/ipv6-subnetting-general-subnetting At 18,446,744,073,709,551,616 per /64, that is a lot of address. Right now I cannot get IPv6 at home so I will take getting screwed with a /56 or /60 and be estatic about it. Curtis One of the key things with IPv6 (IMHO) is to stop thinking about addresses, and instead just think about networks. Judging by Owen's earlier mail I may not have that quite right and the key might even be to think about hierarchies - in either case counting the number of individual addresses is something we just don't need to do any more. Dan
Re: Credit to Digital Ocean for ipv6 offering
On Jun 19, 2014, at 12:18 PM, STARNES, CURTIS curtis.star...@granburyisd.org wrote: At 18,446,744,073,709,551,616 per /64, that is a lot of address. Right now I cannot get IPv6 at home so I will take getting screwed with a /56 or /60 and be estatic about it. Curtis Would be nice if everyone kept it simple and just stuck to /48s though. It's complicated enough without everyone deploying different prefix sizes. Even the /64 net/host split isn't standard enough. Think of something like DHCP - if there's an understanding that it's 'standard' then you can build software/hardware around this assumption and provide an easy to use system, without forcing the user to make sub-netting decisions. Making software that works with this necessarily has to involve a complex UI and if certain unusual combinations don't work then people cry that it doesn't support IPv6. The way that it's standard to receive one IPv4 address by DHCP and you can just plug in a laptop, imagine if in a few years it was standard to receive a /48 IPv6 prefix on the local router and end user devices can request as many /64s as they want. You could assign a /64 to each app on your cell phone or computer.. and this could happen automatically when possible. Maybe an app wants many /64s, that's fine too. We've gotten used to multiplexing everything onto a single overloaded address because it's a scarce resource. In IPv6 addresses are not scarce and in time this can be leveraged to simplify applications. Yes, you can overload a single address, we do it all the time in IPv4 with proxies and NATs. There are even hacks for having multiple SSL websites on one IPv4 address. These things came about because the addresses are scarce but it's not correct to use the same justifications in IPv6 where the unique addresses are practically unlimited. If we have to assume that /64s might be scarce and they have to be manually managed, then applications end up having to ask that question and configuration becomes complex. If we know we can get at least a few hundred of them dynamically anywhere we go, then we only have to bother the user when we run out, and things 'just work'. -Laszlo
Re: Credit to Digital Ocean for ipv6 offering
On 19 June 2014 18:19, valdis.kletni...@vt.edu wrote: My WNDR3800 running cerowrt is quite able to use up the /60 Comcast hands me (it burns 6 /64s by default the instant you turn it on, and can burn more if you start doing VLAN'ing or other config stuff). How does it use those 6 /64s? That seems to be getting towards the interesting times where the way devices work with v6 is very different to how they would have worked with v6
Re: Credit to Digital Ocean for ipv6 offering
On 06/19/2014 02:07 PM, Daniel Ankers wrote: On 19 June 2014 18:19, valdis.kletni...@vt.edu wrote: My WNDR3800 running cerowrt is quite able to use up the /60 Comcast hands me (it burns 6 /64s by default the instant you turn it on, and can burn more if you start doing VLAN'ing or other config stuff). How does it use those 6 /64s? That seems to be getting towards the interesting times where the way devices work with v6 is very different to how they would have worked with v6 - Public IP - DMZ IP - Management IP - Russian backdoor IP - Chinese backdoor IP - NSA backdoor IP :)
Re: Credit to Digital Ocean for ipv6 offering
On Jun 19, 2014, at 2:02 PM, Daniel Ankers md1...@md1clv.com wrote: One of the key things with IPv6 (IMHO) is to stop thinking about addresses, and instead just think about networks. Judging by Owen's earlier mail I may not have that quite right and the key might even be to think about hierarchies - in either case counting the number of individual addresses is something we just don't need to do any more. Dan s/think about networks/think about subnetworks (colloquial: LAN Segments)/ With IPv6, the number of hosts in a subnet is (should be) no longer a driver for addressing. signature.asc Description: Message signed with OpenPGP using GPGMail
Re: Credit to Digital Ocean for ipv6 offering
On 19 June 2014 14:07, Daniel Ankers md1...@md1clv.com wrote: How does it use those 6 /64s? That seems to be getting towards the interesting times where the way devices work with v6 is very different to how they would have worked with v6 Bridging between (slow) 802.11 and (fast) ethernet is hard to do right, so CeroWRT configures all interfaces as separate LANs and routes between them instead. It does this on the IPv4 side too; it's not specific to IPv6. This breaks a lot of things (like Apple Bonjour), so I'm not convinced it's a *useful* technique for home networks. -- Harald
Re: Credit to Digital Ocean for ipv6 offering
On Thu, 19 Jun 2014 19:07:48 +0100, Daniel Ankers said: How does it use those 6 /64s? That seems to be getting towards the interesting times where the way devices work with v6 is very different to how they would have worked with v6 If I remember right, it's: Private net on the 2.4ghz radio Guest net on the 2.4ghz radio Private net on the 5ghz radio Guest net on the 5ghz radio Private net on the wired Ethernet Guest net on the wired Ethernet (It's a Linux kernel, 'ip link show' reports 22 interfaces. Yowza. ;) pgpTvwOt3_tuK.pgp Description: PGP signature
Re: Credit to Digital Ocean for ipv6 offering
On Jun 19, 2014, at 11:48 , Harald Koch c...@pobox.com wrote: On 19 June 2014 14:07, Daniel Ankers md1...@md1clv.com wrote: How does it use those 6 /64s? That seems to be getting towards the interesting times where the way devices work with v6 is very different to how they would have worked with v6 Bridging between (slow) 802.11 and (fast) ethernet is hard to do right, so CeroWRT configures all interfaces as separate LANs and routes between them instead. It does this on the IPv4 side too; it's not specific to IPv6. This breaks a lot of things (like Apple Bonjour), so I'm not convinced it's a *useful* technique for home networks. Bonjour can be fixed for the IPv6 environment simply by changing it's packets to be sent to ff05::... instead of ff02::... I presume that the CeroWRT (and any other properly functioning router) can be configured so that ff05:: packets are delivered to all interfaces within the site however the administrator defines within the site. Owen
Re: Credit to Digital Ocean for ipv6 offering
On Tuesday, June 17, 2014 10:36:49 PM Grzegorz Janoszka wrote: There are application which break if provided with /80 or /120, Which ones? Mark. signature.asc Description: This is a digitally signed message part.
Re: Credit to Digital Ocean for ipv6 offering
On 17 June 2014 23:39, John Levine jo...@iecc.com wrote: In article CABL6YZT7sSFxdBL1_UDVc2_t3X1drW0_AToHE51o2Pd= obd...@mail.gmail.com you write: +1+1+1 re living room My cable company assigns my home network a /50. I can figure out what to do with two of the /64s (wired and wireless networks), but I'm currently stumped on the other 16,382 of them. R's, John I've got a /56 which I'm then delegating /60s from - so, for example, I've got a laptop which I run things like Virtualbox and Docker on. This laptop has a /60 and it can hand out /64s for virtual networks. I figure that with the larger allocations to homes or offices the question isn't how do I allocate all of these but how do I delegate chunks of this in a hierarchical manner. Dan
Re: Credit to Digital Ocean for ipv6 offering
On Tue, 17 Jun 2014 11:26:16 -0400 rw...@ropeguru.com rw...@ropeguru.com wrote: I don't think it is harsh when they lead their customers on with no progress. https://www.digitalocean.com/community/questions/is-ipv6-available digitalocean.uservoice.com/forums/136585-digital-ocean/suggestions/2639897-ipv6-addresses Take note of the original post dates and the responses. Original questions were in 2012 with responses of Q4 2012 to Q1 2013. Robert To add on to this, it appears that DO now considers the request for IPv6 as now being COMPLETE because they have rolled it out in a single DC in Singapore, when the request was made by a lot of people BEFORE the Singapore DC was ever avaiable. Great lack of respect to your customer base http://digitalocean.uservoice.com/forums/136585-digitalocean/suggestions/2639897-ipv6-addresses
Re: Credit to Digital Ocean for ipv6 offering
My cable company assigns my home network a /50. I can figure out what to do with two of the /64s (wired and wireless networks), but I'm currently stumped on the other 16,382 of them. ... I figure that with the larger allocations to homes or offices the question isn't how do I allocate all of these but how do I delegate chunks of this in a hierarchical manner. Or even, how do I allocate them at all. My D-Link wifi router can pick up a /64 and route it to its own LAN (wired and wifi bridged) and that's about it for IPv6 other than port filters to enable some inbound connections. It runs Linux so I suppose I could put dd-wrt onto it, but that's more fun than I have time for this week.
Re: Credit to Digital Ocean for ipv6 offering
Of course, one could also read the giant paragraph written by the CEO and see exactly what's going on, including the info about the other data centers and the new ones coming up. I love how people whine that operators don't deploy IPv6 quickly enough, and they cry even harder when it's actually being deployed because it's not perfect and everywhere on the first day. Really, give it a break. On 2014-06-18 13:44, rw...@ropeguru.com wrote: On Tue, 17 Jun 2014 11:26:16 -0400 rw...@ropeguru.com rw...@ropeguru.com wrote: I don't think it is harsh when they lead their customers on with no progress. https://www.digitalocean.com/community/questions/is-ipv6-available digitalocean.uservoice.com/forums/136585-digital-ocean/suggestions/2639897-ipv6-addresses Take note of the original post dates and the responses. Original questions were in 2012 with responses of Q4 2012 to Q1 2013. Robert To add on to this, it appears that DO now considers the request for IPv6 as now being COMPLETE because they have rolled it out in a single DC in Singapore, when the request was made by a lot of people BEFORE the Singapore DC was ever avaiable. Great lack of respect to your customer base http://digitalocean.uservoice.com/forums/136585-digitalocean/suggestions/2639897-ipv6-addresses
Re: Credit to Digital Ocean for ipv6 offering
On Jun 18, 2014, at 09:07 , John Levine jo...@iecc.com wrote: My cable company assigns my home network a /50. I can figure out what to do with two of the /64s (wired and wireless networks), but I'm currently stumped on the other 16,382 of them. ... I figure that with the larger allocations to homes or offices the question isn't how do I allocate all of these but how do I delegate chunks of this in a hierarchical manner. Or even, how do I allocate them at all. My D-Link wifi router can pick up a /64 and route it to its own LAN (wired and wifi bridged) and that's about it for IPv6 other than port filters to enable some inbound connections. It runs Linux so I suppose I could put dd-wrt onto it, but that's more fun than I have time for this week. Yes, but let's please not make network design decisions based on the limitations built into one of the cheapest routers on the market intended for the lowest of the lowest common denominators. There are many other examples of CPE that can make use of properly sized prefixes (/48 per end site) and there is no reason not to deploy these. I find the /50 particularly odd as it's not a nibble boundary and very close to /48. It's almost certain this is an operator who fails to grasp that they could have easily gotten a larger allocation from their RIR if they just asked for it and provided the appropriate justification in terms of giving /48s to their customers. OTOH, it's far better than those ridiculous providers that are screwing over their customers with /56s or even worse, /60s. Sad, really. Owen
Re: Credit to Digital Ocean for ipv6 offering
On 6/18/14 2:44 PM, John R. Levine jo...@iecc.com wrote: I find the /50 particularly odd as it's not a nibble boundary and very close to /48. It's almost certain this is an operator who fails to grasp that they could have easily gotten a larger allocation from their RIR if they just asked for it and provided the appropriate justification in terms of giving /48s to their customers. OTOH, it's far better than those ridiculous providers that are screwing over their customers with /56s or even worse, /60s. It's Time-Warner, and they are not ignorant. I think they're experimenting. They are still working out bugs in their internal routing, since my v6 routes have an annoying habit of disappearing inside their network if I don't do a ping that passes through them every couple of minutes. Also, it may not actuallly be a /50. That's what their rwhois says, but I haven't done a tcpdump so I don't know what size they're actually offering me. It's either a /64 or a /56 or a misconfiguration. Lee
Re: Credit to Digital Ocean for ipv6 offering
On 18 June 2014 19:05, Owen DeLong o...@delong.com wrote: OTOH, it's far better than those ridiculous providers that are screwing over their customers with /56s or even worse, /60s. Sad, really. Owen Is giving a /56 to residential customers REALLY screwing them over? It may be a failure of imagination on my part, but I'm struggling to come up with use cases for the home which would take up even 10% of the networks available in a /56. And if the vast, vast majority of home users will never come close to needing the whole of a /56 then I don't see why every home should be given a /48. Dan
Re: Credit to Digital Ocean for ipv6 offering
On Jun 18, 2014, at 7:37 PM, Daniel Ankers md1...@md1clv.com wrote: On 18 June 2014 19:05, Owen DeLong o...@delong.com wrote: OTOH, it's far better than those ridiculous providers that are screwing over their customers with /56s or even worse, /60s. Sad, really. Owen Is giving a /56 to residential customers REALLY screwing them over? It may be a failure of imagination on my part, but I'm struggling to come up with use cases for the home which would take up even 10% of the networks available in a /56. And if the vast, vast majority of home users will never come close to needing the whole of a /56 then I don't see why every home should be given a /48. Dan Responding to Dan, The costs incurred in managing variable subnetting based on user type have been clearly demonstrated in almost two decades of IPv4 networking. If I can assign a /48 to each and every customer (not considered a large enterprise) then my deployment costs plummet because I do NOT need to spend engineering time on address assignment. I only need to get out my Network Engineer’s binary knife to slice the address pie once. The same front office that takes the order can at the same time assign the IPv6 Prefix - sort of like Ma Bell does with phone numbers. Since one of my goals as a network provider is to be competitive in price, minimizing extraneous labor costs helps me to still make a modest profit. James R. Cutler james.cut...@consultant.com PGP keys at http://pgp.mit.edu signature.asc Description: Message signed with OpenPGP using GPGMail
Re: Credit to Digital Ocean for ipv6 offering
On Wed, Jun 18, 2014 at 11:37 PM, Daniel Ankers md1...@md1clv.com wrote: On 18 June 2014 19:05, Owen DeLong o...@delong.com wrote: OTOH, it's far better than those ridiculous providers that are screwing over their customers with /56s or even worse, /60s. Sad, really. Owen Is giving a /56 to residential customers REALLY screwing them over? Maybe, maybe not (it is, as much else, about perceptions) but /60 certainly seems to be screwing them over, and a /56 is the minimum would should see (with the ability to request at least up to a /48) IMHO. HIPnet ( http://tools.ietf.org/html/draft-grundemann-homenet-hipnet ) suggests that a /56 is the minimum one should expect in order to support multiple sub-delegations within the residence. Some $CABLECOs$ appear to be delegating only a /60 to residential customers (even though some of those same $CABLECOs$ have participated in the project; I guess that just proves the left hand and the right hand do not talk). Gary
Re: Credit to Digital Ocean for ipv6 offering
Not impressed at all. DO customers have been asking for IPv6 for around two years now with responses of, It's coming. Now they are getting press because they are rollingit our ONLY in their Singapore market which is its newest data center. Those of us here in the US are still getting the same ole, It's coming responses. There are other VPS's out there that are already givinf IPv6 addresses. I have two with www.peakservers.com where I get one IPv4 and 8 IPv6 addresses. On Tue, 17 Jun 2014 07:06:49 -0700 Ca By cb.li...@gmail.com wrote: I have not tried it out, this makes it look like DO beat Azure to market on ipv6 http://venturebeat.com/2014/06/17/digitalocean-ipv6/ Speaking of Azure and ip adresses http://www.pcworld.com/article/2363580/need-to-move-to-ipv6-highlighted-as-microsoft-runs-out-of-us-address-space.html
Re: Credit to Digital Ocean for ipv6 offering
I think that's a bit harsh. I congratulate them for getting the first step done in the process of making it available for all customers. Jared Mauch On Jun 17, 2014, at 10:35 AM, rw...@ropeguru.com rw...@ropeguru.com wrote: Not impressed at all. DO customers have been asking for IPv6 for around two years now with responses of, It's coming. Now they are getting press because they are rollingit our ONLY in their Singapore market which is its newest data center. Those of us here in the US are still getting the same ole, It's coming responses. There are other VPS's out there that are already givinf IPv6 addresses. I have two with www.peakservers.com where I get one IPv4 and 8 IPv6 addresses. On Tue, 17 Jun 2014 07:06:49 -0700 Ca By cb.li...@gmail.com wrote: I have not tried it out, this makes it look like DO beat Azure to market on ipv6 http://venturebeat.com/2014/06/17/digitalocean-ipv6/ Speaking of Azure and ip adresses http://www.pcworld.com/article/2363580/need-to-move-to-ipv6-highlighted-as-microsoft-runs-out-of-us-address-space.html
RE: Credit to Digital Ocean for ipv6 offering
Yep, same with Linode, they've had IPv6 live in their locations for a couple years now. I spun up an ipv6-enabled VM about 18 months ago and have had no issues since. David -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of rw...@ropeguru.com Sent: Tuesday, June 17, 2014 10:35 AM To: Ca By; nanog@nanog.org Subject: Re: Credit to Digital Ocean for ipv6 offering Not impressed at all. DO customers have been asking for IPv6 for around two years now with responses of, It's coming. Now they are getting press because they are rollingit our ONLY in their Singapore market which is its newest data center. Those of us here in the US are still getting the same ole, It's coming responses. There are other VPS's out there that are already givinf IPv6 addresses. I have two with www.peakservers.com where I get one IPv4 and 8 IPv6 addresses. On Tue, 17 Jun 2014 07:06:49 -0700 Ca By cb.li...@gmail.com wrote: I have not tried it out, this makes it look like DO beat Azure to market on ipv6 http://venturebeat.com/2014/06/17/digitalocean-ipv6/ Speaking of Azure and ip adresses http://www.pcworld.com/article/2363580/need-to-move-to-ipv6-highlighte d-as-microsoft-runs-out-of-us-address-space.html
Re: Credit to Digital Ocean for ipv6 offering
I don't think it is harsh when they lead their customers on with no progress. https://www.digitalocean.com/community/questions/is-ipv6-available digitalocean.uservoice.com/forums/136585-digital-ocean/suggestions/2639897-ipv6-addresses Take note of the original post dates and the responses. Original questions were in 2012 with responses of Q4 2012 to Q1 2013. Robert On Tue, 17 Jun 2014 11:17:41 -0400 Jared Mauch ja...@puck.nether.net wrote: I think that's a bit harsh. I congratulate them for getting the first step done in the process of making it available for all customers. Jared Mauch On Jun 17, 2014, at 10:35 AM, rw...@ropeguru.com rw...@ropeguru.com wrote: Not impressed at all. DO customers have been asking for IPv6 for around two years now with responses of, It's coming. Now they are getting press because they are rollingit our ONLY in their Singapore market which is its newest data center. Those of us here in the US are still getting the same ole, It's coming responses. There are other VPS's out there that are already givinf IPv6 addresses. I have two with www.peakservers.com where I get one IPv4 and 8 IPv6 addresses. On Tue, 17 Jun 2014 07:06:49 -0700 Ca By cb.li...@gmail.com wrote: I have not tried it out, this makes it look like DO beat Azure to market on ipv6 http://venturebeat.com/2014/06/17/digitalocean-ipv6/ Speaking of Azure and ip adresses http://www.pcworld.com/article/2363580/need-to-move-to-ipv6-highlighted-as-microsoft-runs-out-of-us-address-space.html
Re: Credit to Digital Ocean for ipv6 offering
On Tue, Jun 17, 2014 at 10:35:17AM -0400, rw...@ropeguru.com wrote: Not impressed at all. DO customers have been asking for IPv6 for around two years now with responses of, It's coming. Now they are getting press because they are rollingit our ONLY in their Singapore market which is its newest data center. Those of us here in the US are still getting the same ole, It's coming responses. There are other VPS's out there that are already givinf IPv6 addresses. I have two with www.peakservers.com where I get one IPv4 and 8 IPv6 addresses. On Tue, 17 Jun 2014 07:06:49 -0700 Ca By cb.li...@gmail.com wrote: I have not tried it out, this makes it look like DO beat Azure to market on ipv6 http://venturebeat.com/2014/06/17/digitalocean-ipv6/ Speaking of Azure and ip adresses http://www.pcworld.com/article/2363580/need-to-move-to-ipv6-highlighted-as-microsoft-runs-out-of-us-address-space.html Agreed as well. It isn't hard to dual stack, maybe they bought some junk gear that has issues in the older datacenters? :) Howevveeerrr they are also the cheapest thing going (other than Vultr.com) so you also get what you pay for :) -- Bryan G. Seitz
Re: Credit to Digital Ocean for ipv6 offering
On Jun 17, 2014, at 11:26 AM, rw...@ropeguru.com wrote: I don't think it is harsh when they lead their customers on with no progress. https://www.digitalocean.com/community/questions/is-ipv6-available digitalocean.uservoice.com/forums/136585-digital-ocean/suggestions/2639897-ipv6-addresses Take note of the original post dates and the responses. Original questions were in 2012 with responses of Q4 2012 to Q1 2013. Sure, I've seen the same thing with OpenSRS and others with things like IPv6 glue and DS records for DNSSEC, but when they make it public/supportable, I still congratulate the engineers who made it happen. Could they have done it harder/better/faster/stronger [1]? Sure. We've been doing IPv6 for over a decade as a commercial service. I still am happy when networks get IPv6 enabled. There's a long road, and Digital Ocean is just one party that needs to make things happen. Wayport/attwifi, TWCable, and even Comcast who is a leader here in the USA could do more but it's all gated on internal criteria that I'm not aware of. - Jared - Jared [1] - http://www.najle.com/idaft/idaft/
Re: Credit to Digital Ocean for ipv6 offering
On Jun 17, 2014, at 12:30 PM, Bryan Seitz se...@bsd-unix.net wrote: Agreed as well. It isn't hard to dual stack, maybe they bought some junk gear that has issues in the older datacenters? :) We all have junk kicking around that we wish we didn't have. Howevveeerrr they are also the cheapest thing going (other than Vultr.com) so you also get what you pay for :) Even Facebook who has talked publicly about their IPv6 deployments and issues they have encountered has faced major hurdles in operation of networking and host behaviors. (start on page 11) http://www.internetsociety.org/deploy360/wp-content/uploads/2014/04/WorldIPv6Congress-IPv6_LH-v2.pdf - Jared
Re: Credit to Digital Ocean for ipv6 offering
On Jun 17, 2014, at 7:35 AM, rw...@ropeguru.com wrote: There are other VPS's out there that are already givinf IPv6 addresses. Yep, I use rootbsd.net and arpnetworks.com and have been happy with both. I have two with www.peakservers.com where I get one IPv4 and 8 IPv6 addresses. Wait. What? Do you mean 8 /64s? Regards, -drc signature.asc Description: Message signed with OpenPGP using GPGMail
Re: Credit to Digital Ocean for ipv6 offering
There are other VPS's out there that are already givinf IPv6 addresses. Yep, I use rootbsd.net and arpnetworks.com and have been happy with both. I have two with www.peakservers.com where I get one IPv4 and 8 IPv6 addresses. Wait. What? Do you mean 8 /64s? No, 8 individual IPv6 addresses. There have also been reports from some DO users of HE tunnels being blocked. Not sure what the status of that is.
Re: Credit to Digital Ocean for ipv6 offering
On Tue, 17 Jun 2014 13:14:04 -0400, rw...@ropeguru.com said: No, 8 individual IPv6 addresses. Wow. Harsh. I burn more than that just in my living room. pgpz1lrzoN6TN.pgp Description: PGP signature
Re: Credit to Digital Ocean for ipv6 offering
On Tue, 17 Jun 2014 13:25:37 -0400 valdis.kletni...@vt.edu wrote: On Tue, 17 Jun 2014 13:14:04 -0400, rw...@ropeguru.com said: No, 8 individual IPv6 addresses. Wow. Harsh. I burn more than that just in my living room. I don't think that is too harsh as all 8 are assigned to a single server. So if I have three VPS's, I have 24 total addresses.
Re: Credit to Digital Ocean for ipv6 offering
There have also been reports from some DO users of HE tunnels being blocked. Not sure what the status of that is. It was all rumors. All the tunnel providers have been never blocked us or anyone who wanted to previously add a tunnel to our virtual servers. HE has been generously peering with us for both ipv6 transport and their 6to4 nats for awhile. There was a misunderstanding with SiXXS when we first started to announce v6 addresses, once cleared up it wasn't a customer offering things went back to normal.And it wasn't blocked, they just didn't allow people to get tunnels for our ipv4 addresses and 1 or 2 got caught it having their tunnels removed when they went to switch the ip they were connected to. If you know of other examples, it's not being reported to us and please let us know so we can look into it. Those of us here in the US are still getting the same ole, It's coming responses. There will be something in the US and EU with v6 in a reasonable amount of time (although I'm sure not fast enough for some people). we're not listing a date because we got stuck behind some scale and non-technical things that delayed it in the past. A more in depth answer is we're migrating our backend code to a newer revision and it was faster to not try to support v6 on both revisions and concentrate on the migration and v6 (and other coming features) on the newer version. It's just faster to get it rolled out everywhere going this direction. Bryan Socha Network Engineer DigitalOcean
Re: Credit to Digital Ocean for ipv6 offering
On 6/17/14, 1:29 PM, rw...@ropeguru.com wrote: On Tue, 17 Jun 2014 13:25:37 -0400 valdis.kletni...@vt.edu wrote: On Tue, 17 Jun 2014 13:14:04 -0400, rw...@ropeguru.com said: No, 8 individual IPv6 addresses. Wow. Harsh. I burn more than that just in my living room. I don't think that is too harsh as all 8 are assigned to a single server. So if I have three VPS's, I have 24 total addresses. This is a joke, right? AlanC signature.asc Description: OpenPGP digital signature
Re: Credit to Digital Ocean for ipv6 offering
On Tue, Jun 17, 2014 at 11:25 AM, Alan Clegg a...@clegg.com wrote: On 6/17/14, 1:29 PM, rw...@ropeguru.com wrote: On Tue, 17 Jun 2014 13:25:37 -0400 valdis.kletni...@vt.edu wrote: On Tue, 17 Jun 2014 13:14:04 -0400, rw...@ropeguru.com said: No, 8 individual IPv6 addresses. Wow. Harsh. I burn more than that just in my living room. I don't think that is too harsh as all 8 are assigned to a single server. So if I have three VPS's, I have 24 total addresses. This is a joke, right? AlanC Addresses are a scarce resource; one shouldn't waste them needlessly. I'm sure if more addresses are needed, customers can purchase additional IPs on a monthly basis. Matt
Re: Credit to Digital Ocean for ipv6 offering
On 6/17/2014 3:19 PM, Matthew Petach wrote: On Tue, Jun 17, 2014 at 11:25 AM, Alan Clegg a...@clegg.com wrote: On 6/17/14, 1:29 PM, rw...@ropeguru.com wrote: On Tue, 17 Jun 2014 13:25:37 -0400 valdis.kletni...@vt.edu wrote: On Tue, 17 Jun 2014 13:14:04 -0400, rw...@ropeguru.com said: No, 8 individual IPv6 addresses. Wow. Harsh. I burn more than that just in my living room. I don't think that is too harsh as all 8 are assigned to a single server. So if I have three VPS's, I have 24 total addresses. This is a joke, right? AlanC Addresses are a scarce resource; one shouldn't waste them needlessly. I'm sure if more addresses are needed, customers can purchase additional IPs on a monthly basis. Matt It's offered at a low low price of $.01 per IPv6 address[1]. [1] /64 minimum of course.
Re: Credit to Digital Ocean for ipv6 offering
Robert, On Jun 17, 2014, at 10:29 AM, rw...@ropeguru.com wrote: On Tue, 17 Jun 2014 13:25:37 -0400 valdis.kletni...@vt.edu wrote: On Tue, 17 Jun 2014 13:14:04 -0400, rw...@ropeguru.com said: No, 8 individual IPv6 addresses. Wow. Harsh. I burn more than that just in my living room. I don't think that is too harsh as all 8 are assigned to a single server. So if I have three VPS's, I have 24 total addresses. In the case of my 3 VPS's, I've received /64s from both RootBSD.net and Arp Networks or 55,340,232,221,128,654,848 addresses. I'm not sure I see a rationale for assigning 8 addresses. That is, I could understand assigning a single address or a /64 but 8 addresses? I'd think that'd be more complicated/error prone than either the /128 or /64 options. A bit odd. Regards, -drc signature.asc Description: Message signed with OpenPGP using GPGMail
Re: Credit to Digital Ocean for ipv6 offering
On 2014-06-17 21:46, David Conrad wrote: No, 8 individual IPv6 addresses. Wow. Harsh. I burn more than that just in my living room. I don't think that is too harsh as all 8 are assigned to a single server. So if I have three VPS's, I have 24 total addresses. In the case of my 3 VPS's, I've received /64s from both RootBSD.net and Arp Networks or 55,340,232,221,128,654,848 addresses. I'm not sure I see a rationale for assigning 8 addresses. That is, I could understand assigning a single address or a /64 but 8 addresses? I'd think that'd be more complicated/error prone than either the /128 or /64 options. A bit odd. There are still applications that break with subnet smaller than /64, so all VPS providers probably have to use /64 addressing. /64 for one customer seems to be too much, on the other side 8 IP's can be not enough in some cases. I think 65536 out of shared /64 for one server can be enough. You can easily automate provisioning and reverse DNS assuming you assign /112 for each server. If you block SLAAC and provide connectivity to only the static IP's, your abuse folks should appreciate it (yes, I know you can spoof v6). -- Grzegorz Janoszka
Re: Credit to Digital Ocean for ipv6 offering
On Jun 17, 2014, at 12:55 PM, Grzegorz Janoszka grzeg...@janoszka.pl wrote: There are still applications that break with subnet smaller than /64, so all VPS providers probably have to use /64 addressing. Wouldn't that argue for /64s? /64 for one customer seems to be too much, In what way? What are you trying to protect against? It can't be address exhaustion (there are 2,305,843,009,213,693,952 possible /64s in the currently used format specifier. If there are 1,000,000,000 customer assignments every day of the year, the current format specifier will last over 6 million years). Regards, -drc signature.asc Description: Message signed with OpenPGP using GPGMail
Re: Credit to Digital Ocean for ipv6 offering
+1+1+1 re living room On Jun 17, 2014 12:32 PM, rw...@ropeguru.com rw...@ropeguru.com wrote: On Tue, 17 Jun 2014 13:25:37 -0400 valdis.kletni...@vt.edu wrote: On Tue, 17 Jun 2014 13:14:04 -0400, rw...@ropeguru.com said: No, 8 individual IPv6 addresses. Wow. Harsh. I burn more than that just in my living room. I don't think that is too harsh as all 8 are assigned to a single server. So if I have three VPS's, I have 24 total addresses.
Re: Credit to Digital Ocean for ipv6 offering
On 2014-06-17 22:13, David Conrad wrote: On Jun 17, 2014, at 12:55 PM, Grzegorz Janoszka grzeg...@janoszka.pl wrote: There are still applications that break with subnet smaller than /64, so all VPS providers probably have to use /64 addressing. Wouldn't that argue for /64s? /64 netmask, but not /64 for a customer. There are application which break if provided with /80 or /120, but I am not aware of an application requesting /64 for itself. /64 for one customer seems to be too much, In what way? What are you trying to protect against? It can't be address exhaustion (there are 2,305,843,009,213,693,952 possible /64s in the currently used format specifier. If there are 1,000,000,000 customer assignments every day of the year, the current format specifier will last over 6 million years). Too much hassle, like too big config of your router. If you have 1000 customers in a subnet, you would have to have 1000 separate gateway IP's on your router interface plus 1000 local /64 routes. -- Grzegorz Janoszka
Re: Credit to Digital Ocean for ipv6 offering
On Jun 17, 2014, at 12:55 , Grzegorz Janoszka grzeg...@janoszka.pl wrote: On 2014-06-17 21:46, David Conrad wrote: No, 8 individual IPv6 addresses. Wow. Harsh. I burn more than that just in my living room. I don't think that is too harsh as all 8 are assigned to a single server. So if I have three VPS's, I have 24 total addresses. In the case of my 3 VPS's, I've received /64s from both RootBSD.net and Arp Networks or 55,340,232,221,128,654,848 addresses. I'm not sure I see a rationale for assigning 8 addresses. That is, I could understand assigning a single address or a /64 but 8 addresses? I'd think that'd be more complicated/error prone than either the /128 or /64 options. A bit odd. There are still applications that break with subnet smaller than /64, so all VPS providers probably have to use /64 addressing. /64 for one customer seems to be too much, on the other side 8 IP's can be not enough in some cases. I think 65536 out of shared /64 for one server can be enough. You can easily automate provisioning and reverse DNS assuming you assign /112 for each server. If you block SLAAC and provide connectivity to only the static IP's, your abuse folks should appreciate it (yes, I know you can spoof v6). There's no problem with assigning at least a /64 per customer even for VPSs. There are plenty of /64s to go around. Please stop trying to push the IPv4 scarcity mentality into IPv6. Subnet where it makes sense to subnet and assign a /64 to each subnet, whether it has 2 hosts or 2,000 hosts does not matter. In reality, the difference in waste between a /64 with 2,000 hosts on it and a subnet with 2 hosts on it is less than 0.1%. Owen
Re: Credit to Digital Ocean for ipv6 offering
On Jun 17, 2014, at 13:36 , Grzegorz Janoszka grzeg...@janoszka.pl wrote: On 2014-06-17 22:13, David Conrad wrote: On Jun 17, 2014, at 12:55 PM, Grzegorz Janoszka grzeg...@janoszka.pl wrote: There are still applications that break with subnet smaller than /64, so all VPS providers probably have to use /64 addressing. Wouldn't that argue for /64s? /64 netmask, but not /64 for a customer. There are application which break if provided with /80 or /120, but I am not aware of an application requesting /64 for itself. /64 for one customer seems to be too much, In what way? What are you trying to protect against? It can't be address exhaustion (there are 2,305,843,009,213,693,952 possible /64s in the currently used format specifier. If there are 1,000,000,000 customer assignments every day of the year, the current format specifier will last over 6 million years). Too much hassle, like too big config of your router. If you have 1000 customers in a subnet, you would have to have 1000 separate gateway IP's on your router interface plus 1000 local /64 routes. -- Grzegorz Janoszka This is actually pretty easy. If I were structuring a VPS environment, then I'd put a /56 or possibly a /52, depending on the number of virtuals expected on each physical server. Then, for each customer who got a VPS on that server, I'd create a bridge interface with a /64 assigned to that customer. Each VPS on that physical server that belonged to the same customer would get put on the same /64. The router would route the /56 or /52 to the physical server. The hypervisor would have connected routes for the subordinate /64s and provide RAs to give default to the various VPSs. Very low maintenance, pretty straight forward and simple. Why would you ever put multiple customers in the same subnet in IPv6? That's just asking for trouble if you ask me. Owen
Re: Credit to Digital Ocean for ipv6 offering
Once upon a time, Owen DeLong o...@delong.com said: The router would route the /56 or /52 to the physical server. The hypervisor would have connected routes for the subordinate /64s and provide RAs to give default to the various VPSs. Doing anything that ties networks to physical servers is a poor design for a VPS environment. That would mean that any VM migration requires customers to renumber (so no live migration allowed at all). -- Chris Adams c...@cmadams.net
Re: Credit to Digital Ocean for ipv6 offering
On Tue, 17 Jun 2014 16:26:47 -0500, Chris Adams said: Doing anything that ties networks to physical servers is a poor design for a VPS environment. That would mean that any VM migration requires customers to renumber (so no live migration allowed at all). Why? Two hypervisors tossing a subnet route to a VM back and forth is *exactly* the same problem as two routers using VRRP to toss a subnet route back and forth. And somehow, we all manage to do that *all the time* without machines on the subnet having to renumber. pgphZTi4uT_c2.pgp Description: PGP signature
Re: Credit to Digital Ocean for ipv6 offering
In article CABL6YZT7sSFxdBL1_UDVc2_t3X1drW0_AToHE51o2Pd=obd...@mail.gmail.com you write: +1+1+1 re living room My cable company assigns my home network a /50. I can figure out what to do with two of the /64s (wired and wireless networks), but I'm currently stumped on the other 16,382 of them. R's, John On Jun 17, 2014 12:32 PM, rw...@ropeguru.com rw...@ropeguru.com wrote: On Tue, 17 Jun 2014 13:25:37 -0400 valdis.kletni...@vt.edu wrote: On Tue, 17 Jun 2014 13:14:04 -0400, rw...@ropeguru.com said: No, 8 individual IPv6 addresses. Wow. Harsh. I burn more than that just in my living room. I don't think that is too harsh as all 8 are assigned to a single server. So if I have three VPS's, I have 24 total addresses.
Re: Credit to Digital Ocean for ipv6 offering
announce them so folks can use the space as darknets… /bill PO Box 12317 Marina del Rey, CA 90295 310.322.8102 On 17June2014Tuesday, at 15:39, John Levine jo...@iecc.com wrote: In article CABL6YZT7sSFxdBL1_UDVc2_t3X1drW0_AToHE51o2Pd=obd...@mail.gmail.com you write: +1+1+1 re living room My cable company assigns my home network a /50. I can figure out what to do with two of the /64s (wired and wireless networks), but I'm currently stumped on the other 16,382 of them. R's, John On Jun 17, 2014 12:32 PM, rw...@ropeguru.com rw...@ropeguru.com wrote: On Tue, 17 Jun 2014 13:25:37 -0400 valdis.kletni...@vt.edu wrote: On Tue, 17 Jun 2014 13:14:04 -0400, rw...@ropeguru.com said: No, 8 individual IPv6 addresses. Wow. Harsh. I burn more than that just in my living room. I don't think that is too harsh as all 8 are assigned to a single server. So if I have three VPS's, I have 24 total addresses.
