dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
4440

telijah
Premium Member
join:2013-04-22
Brandon, FL

telijah to mixdup

Premium Member

to mixdup

Re: [Internet] BHN IPv6 Migration Status?

Serious reply: See my previous post

Non serious reply: SERIES OF TUBES!

geo44
join:2013-03-20
Saint Petersburg, FL

geo44

Member

said by telijah:

Serious reply: See my previous post

Non serious reply: SERIES OF TUBES!

Wow, politicians making regulations on something they are clueless about. /SMH

EtaoinShrdlu0
join:2015-01-14

1 recommendation

EtaoinShrdlu0 to Astyanax

Member

to Astyanax
As both a Bright House (Florida) and Comcast (Washington state) customer, maybe I can provide some light on how IPv6 works in real life for me. These are my experiences, and other people may have different ones.

Comcast uses DHCP with PD (prefix delegation) with compatible routers. They provide a /64 by default for home users connected by a router. If your router supports it, you can request a /60. I think that they provide a /128 if you have a computer connected directly to the modem (although I'm not sure about that).

What actions were required for IPv6? None, or maybe a reboot. I don't remember if I had to reboot my modem or router, but I think IPv6 just showed up one morning. It may have been after a late night modem reboot from Comcast, but I don't remember for sure.

My equipment is a Motorola SB6141 and Apple Airport (Express and Extreme both work). These are latest generation with current firmware.

What differences do I notice with the same computer (MacBook Air) on Bright House IPv4 versus Comcast IPv6? None, except that IPv6-only sites like »ipv6.google.com or »ipv6.whatismyipv6.com do not work with Bright House, which is to be expected. I have not found any "ordinary" websites that are troublesome due to the lack of IPv6.

I think the Comcast implementation of IPv6 is terrific. It really does "just work". Hopefully Bright House will have a similar implementation. As far as requests to "hurry up", you probably are not missing much.

HTH
$0.02
FWIW

.
BHNtechXpert
The One & Only
Premium Member
join:2006-02-16
Saint Petersburg, FL

1 recommendation

BHNtechXpert to Astyanax

Premium Member

to Astyanax
It will be equally as transparent for those who don't want to do anything fancy...after that as you well know it gets interesting. Will depend on customer equipment, experience level and all that other good stuff once you branch out of the realm of normal user. That's where life for me gets interesting

EtaoinShrdlu0
join:2015-01-14

1 recommendation

EtaoinShrdlu0 to Astyanax

Member

to Astyanax

One thing that I would *strongly* recommend to Bright House is to state clearly when they turn on IPv6 for a given area. Probably the most common question and complaint with Comcast's implementation was that people did not know if they *should* have IPv6 or not. As a result, much time was spent by people trifling about with their routers and modems, trying to figure out if they didn't have IPv6 because it wasn't available yet, or because they had something set incorrectly.

.

mixdup
join:2003-06-28
Alpharetta, GA

mixdup

Member

I think the biggest educational issue will be people who right now are firewalled via their NAT routers suddenly having public IPs on every device inside their network. This of course depends on how BHN distributes IPs (hopefully by default they'll just issue one single IP so that you get NATed, and if you want more you just enable it through a control panel) and what routers people are using
BHNtechXpert
The One & Only
Premium Member
join:2006-02-16
Saint Petersburg, FL

1 recommendation

BHNtechXpert to EtaoinShrdlu0

Premium Member

to EtaoinShrdlu0
said by EtaoinShrdlu0:

One thing that I would *strongly* recommend to Bright House is to state clearly when they turn on IPv6 for a given area. Probably the most common question and complaint with Comcast's implementation was that people did not know if they *should* have IPv6 or not. As a result, much time was spent by people trifling about with their routers and modems, trying to figure out if they didn't have IPv6 because it wasn't available yet, or because they had something set incorrectly.

.

You don't have to worry about that....folks will be properly notified.

aefstoggaflm
Open Source Fan
Premium Member
join:2002-03-04
Bethlehem, PA
Linksys E4200
ARRIS SB6141

aefstoggaflm to telijah

Premium Member

to telijah
said by telijah:

Knowing the IP has helped on more than one occasion though.

Please go on and explain why/give examples of how knowing (not looking it/them up) the IP Address helped.

Thank you

telijah
Premium Member
join:2013-04-22
Brandon, FL

1 recommendation

telijah

Premium Member

Off the top of my head:

- new domain registered to run a service from my home, open namecheap and simply point the new domain to my IP. Knowing it off hand just made it easier.
- one of my services not working via a domain? First step for me: login to my router remotely, was easiest to just go to »my.ip:port and check out what the network is doing

Just a couple. Not sure what you're looking for...

aefstoggaflm
Open Source Fan
Premium Member
join:2002-03-04
Bethlehem, PA
Linksys E4200
ARRIS SB6141

aefstoggaflm

Premium Member

said by telijah:

Off the top of my head:
Just a couple. Not sure what you're looking for...

Ah, I see...

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA
TP-Link TD-8616
Asus RT-AC66U B1
Netgear FR114P

2 recommendations

NormanS to mixdup

MVM

to mixdup
said by mixdup:

I think the biggest educational issue will be people who right now are firewalled via their NAT routers suddenly having public IPs on every device inside their network.

I expect that most IPv6 capable routers either have a native IPv6 firewall, or can be loaded with third party firmware which has an IPv6 firewall. Results of an IPv6 port scan against my ASUS RT-AC66U, running stock firmware:

My port scan result.

This of course depends on how BHN distributes IPs (hopefully by default they'll just issue one single IP so that you get NATed, and if you want more you just enable it through a control panel) and what routers people are using

Some thoughts on IPv6 NAT:

»ipv6friday.org/blog/2011 ··· pv6-nat/

His contention is that security is not the reason for NAT.

»serverfault.com/question ··· od-thing

Again; the concept of security is to have firewalls, not NAT.

»www.cisco.com/c/en/us/td ··· sln.html

IPv6 NAT is a transition tool, not a security tool.

telijah
Premium Member
join:2013-04-22
Brandon, FL

1 recommendation

telijah to aefstoggaflm

Premium Member

to aefstoggaflm
Kinda like why you'd remember someone's phone number, even though it can be stored in your contacts... Do you "need" to remember, not likely, just nice to have on hand in case you're arrested and need to call them for bail!
bighorn1
Premium Member
join:2004-06-19
BD, CA

3 recommendations

bighorn1 to mixdup

Premium Member

to mixdup
said by mixdup:

I think the biggest educational issue will be people who right now are firewalled via their NAT routers suddenly having public IPs on every device inside their network. This of course depends on how BHN distributes IPs (hopefully by default they'll just issue one single IP so that you get NATed, and if you want more you just enable it through a control panel) and what routers people are using

Getting just one IP kinda beats the purpose of having IPv6, don't you think?

And those that need IPv6 NAT (like me, being multi-homed), will be left hanging high and dry because all the solutions are either still experimental (NPTv6, etc), or not widely deployed (LISP, etc) and most of the (affordable) networking equipment has no implementation of that sort, yet...

Basically, easy peasy for majority of consumers, great for internet giants, but it sucks for anybody else in-between like small business and personal networks.
Aprel
join:2013-09-14

1 recommendation

Aprel to Astyanax

Member

to Astyanax
Click for full size
said by NormanS:

I expect that most IPv6 capable routers either have a native IPv6 firewall, or can be loaded with third party firmware which has an IPv6 firewall. Results of an IPv6 port scan against my ASUS RT-AC66U, running stock firmware:

Cool site. For others who want to try: »www.ipv6scanner.com/

I'm a little confused on how it makes a distinction between "closed" and "filtered", tho. DROP vs. REJECT ?

mixdup
join:2003-06-28
Alpharetta, GA

2 recommendations

mixdup

Member

closed = actively refused connection
filtered = silently dropped
Aprel
join:2013-09-14

1 recommendation

Aprel to Astyanax

Member

to Astyanax
Also on the note of security with IPv6, it could really be a can of worms for non-tech people.

For example, older versions of ASUS router firmware, including what might be installed when purchased, have no firewall for IPv6.

»github.com/RMerl/asuswrt ··· security

NormanS
I gave her time to steal my mind away
MVM
join:2001-02-14
San Jose, CA
TP-Link TD-8616
Asus RT-AC66U B1
Netgear FR114P

2 recommendations

NormanS to Aprel

MVM

to Aprel
said by Aprel:

I'm a little confused on how it makes a distinction between "closed" and "filtered", tho. DROP vs. REJECT ?

I believe "Closed" indicates a TCP RST response to SYN ACK, while "Filtered" indicates no response to SYN ACK.
InternetJeff
I'm your huckleberry.
join:2001-09-25
.

1 recommendation

InternetJeff to Aprel

Member

to Aprel
Filtered = Stealth

SageAlmondo
@bhn.net

5 recommendations

SageAlmondo to Astyanax

Anon

to Astyanax
Let me be very clear here. IPv6 is relevant to me RIGHT NOW.

IANA is out of assignable IPv4 blocks and has been for quite sometime now.

I have been supporting IPv6 on networks and servers that I manage since early 2011.

I pay for top tier 90 (now 150) * 10 RoadRunner service and I pay for a static IPv4 /29.

I own a very beastly (12 core / 72GB / > 30TB) co-located host on a gigabit port that has a natively routed IPv6 /64 and a IPv4 /27 located in the Federal Reserve building in Jacksonville.

As many people can attest, today's going rate for IPv4 addresses is above $2 per IP per month.

My co-located /64 gives me over 18 quintillion IP addresses (18,446,744,073,709,551,616) at an additional charge of exactly $0 per month.

Right now I do use an HE.NET tunnel to enable my BrightHouse link to deliver IPv6 to my home tunneled over IPv4. However, my aggregate throughput rarely exceeds 20Mbits and is often much less. This is because it backhauls through HE.NET's Miami IPv6 tunneling edge. I don't blame HE.NET for the chokepoint because not only does HE.NET give me free IPv6 knowledge, free IPv6 example configs, and an IPv6 tunnel for free but they also provide all of the bandwidth to make it work and and two fully routed IPv6 /48s for free.

The fact is that BrightHouse collects a lot of money from me while hiding behind the classic "we are waiting for everyone else" mantra.

It is time for you to grow up and face the the reality of IPv6.
OmagicQ
Posting in a thread near you
join:2003-10-23
Bakersfield, CA

1 recommendation

OmagicQ

Member

I suspect that until it becomes a selling point to the average internet user, IPv6 adoption will not happen. They could turn it on tomorrow if enough people were willing to pay for it. No company would walk away from money on the table.
Aprel
join:2013-09-14

2 recommendations

Aprel

Member

said by OmagicQ:

I suspect that until it becomes a selling point to the average internet user, IPv6 adoption will not happen. They could turn it on tomorrow if enough people were willing to pay for it. No company would walk away from money on the table.

IPv6 Fee: $2.00

(Sorry! I couldn't help myself )

telijah
Premium Member
join:2013-04-22
Brandon, FL

1 recommendation

telijah to SageAlmondo

Premium Member

to SageAlmondo
said by SageAlmondo :

My co-located /64 gives me over 18 quintillion IP addresses (18,446,744,073,709,551,616) at an additional charge of exactly $0 per month.

Man, do you know how many fish tank cams I could run with that!!! I could put a camera on each grain of substrate!
Almondo
Premium Member
join:2015-01-19
Titusville, FL

1 recommendation

Almondo

Premium Member

Yeah, when I set up a lab I can just provision a dozen machines and not even concern myself with IP reuse or conflicts. I just carve out another /96 and run with it. Since all modern code supports it (I deploy a variety of Identity Management products mostly from Oracle and CA) I can easily create a lab environment with everything presented in H/A and load balanced models.
bighorn1
Premium Member
join:2004-06-19
BD, CA

1 recommendation

bighorn1

Premium Member

said by Almondo:

I just carve out another /96 and run with it.

»tools.ietf.org/html/rfc5375
Almondo
Premium Member
join:2015-01-19
Titusville, FL

1 recommendation

Almondo

Premium Member

Yes, I am well aware of RFC 5375. Within the context of a single physical host containing numerous VMs I am really not impacted by 5375. Since I use static addressing and I live on my own VLAN neighbor discovery is not really relevant. If I ever add additional physical machines my provider will certainly allocate an appropriate block, probably a /56 or a /48. For now it all works as it should and I can have as many lab setups as I need without ever tripping over addressing. When I say I carve out a /96 I am really only virtually carving it because I really operate everything within the /64, IE only 1 gateway. Usually my lab/demo environment consists of anywhere from 6 to a couple of dozen VMs. The nice thing is that I can keep them indefinitely and bring up any one of them at any time if I need something from it.
Borg
join:2015-01-16
Wetumpka, AL

2 recommendations

Borg to Astyanax

Member

to Astyanax
Like SageAlmondo, IPv6 is relevant to me RIGHT NOW too.

First, IPv6 is faster. Some may argue that it isn't or only under certain circumstances but IPv6 routers do not perform fragmentation. IPv6 headers don't have a checksum so IPv6 routers do not need to recompute a checksum. For some IPv4 routers this slows traffic.

Microsoft has said that ISPs that want to provide the BEST experience for user experience for Xbox One users will provide IPv6 with IPsec.

I want IPv6 with IPsec so I can connect my work and home systems without having to use NAT.

Everything I've seen about pseudo-IPv6 protocols like tunnels/proxies is that they're slower than IPv4. BHNs upload speeds are so slow already that I'm not going to do anything to make them slower.

In my opinion BHN will begin IPv6 deployment in four years because that's how long it takes for them to get things from Time Warner. I base that on two examples:

1. In my market we just got the Samsung SMT-H4372 DVRs. When I Googled that model number one of the first things listed was from January 2011 and Time Warner had just begun deployment.

2. Time Warner was a participant in the World IPv6 Launch in June 2011 and now has completed deployment to 90% of their residential customers.

I hope that if the Comcast/Time Warner merger is approved that we'll get IPv6 and DNSSEC too.