[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: 6to4 security questions



Joshua Graessley wrote:

> On Wednesday, November 20, 2002, at 01:08 PM, Tim Chown wrote:
> 
> > On Wed, Nov 20, 2002 at 08:48:45PM +0100, Jeroen Massar wrote:
> >>
> >> Currently in europe, at least, there are only a few 6to4 relays:
> >>  - Switch
> >>  - Cybernet
> >>  - Funet
> >

<SNIP>

> I see only one compelling reason to use IPv6 instead of IPv4, and 
> that's end to end connectivity (no NATs). The problem is, developers 
> are not going to deploy an IPv6 application if there are no clients 
> that have IPv6 addresses. Until there are applications that support 
> IPv6 and don't work over IPv4, there will be no demand for IPv6.

Microsoft will be releasing many tools, which currently use IPv4, with
IPv6 support.
At least that's what their program manager said :)

Application vs Network is ofcourse a very big chicken and egg problem
and one has to push it from both sides. Many freesoftware programmers
fortunatly realise this and are doing the right thing(tm).

One 'killer' program will certainly be a videoconferencing tool.
Say Netmeeting but then IPv6 capable. Another one will ofcourse be
a Peer to Peer application where people can transfer their files.

I am currently seeing a move to IPv6 support on news servers which is
a good thing as it is a huge amount of data every day. Xs4all even have
their big (2Tb or something) news server open for the public.
(news://newszilla6.xs4all.nl).

> If the transition to IPv6 relies on ISPs making a 
> multi-billion dollar gamble that deploying IPv6 without any customer
demand will pay off, 
> IPv6 will never be widely deployed. Tunnel brokers don't 
> scale, unless they charge. If they charge, only corporations and the
few 
> individuals that care enough will have IPv6 connectivity.

IMHO Tunnel brokers _will_ and can scale well of correctly built
ofcourse.
Both freenet6 (www.freenet6.net) and XS26 (www.xs26.net) have many
(10K+)
users who apparently are quite content with it.

<spam>
I personally can vouch for the system called SixXS built by Pim van Pelt
and myself which is an evolvement of the IPng (www.ipng.nl)
tunnelbroker.
See
http://www.ripe.net/ripe/meetings/archive/ripe-42/presentations/ripe42-i
pv6-ipng
for the presentation given at RIPE42 in short: The SixXS (www.sixxs.net)
system is a whitelabeled tunnelbroker, giving ISP's the opportunity to
setup a private (for ISP own use) or public POP managed by a console,
webinterface or using a custom interface which can very easily be
attached to the current system.

Currently this system is in use by 5 ISP's who have their own POP:
.nl: AMS-IX, Concepts, IPng
.de: Cybernet AG
.ie: HEAnet

The AMS-IX POP is currently providing tunnels to ISP's connected to
the AMS-IX to help them bootstrap into the IPv6 world, most of them
have requested an sTLA from RIPE since we launced it at the
AIAD (AMS-IX IPv6 Awareness Day) held last month.

An ISP thus can setup tunneling to clients very easily providing IPv6
where native IPv6 isn't possible yet. Check the website for more
information.
And ofcourse don't hesitate to contact info@sixxs.net ;)
</spam> 

Greets,
 Jeroen