That's the problem... [LWN.net]

That's the problem...

Posted Jan 29, 2011 12:38 UTC (Sat) by khim (subscriber, #9252)
In reply to: IPv6 *is* like AMD by lutchann
Parent article: LCA: IP address exhaustion and the end of the open net

What were these supposed advantages? The same advantages that drew people to the Internet originally. Unfettered end-to-end connectivity. The opportunity to participate as an equal without having to pay through the nose. The liberating concept that you could plug in anywhere without having to worry about what kind of access you get and what the tariffs look like.

Wow! That's cool promise. I really like it. I have it. Kinda. I'm almost always connected to VPN and anyone who's connected to our VPN can reach me easily. It's stunnel-based VPN so it works almost everywhere - and this is really cool.

But how can I actually cash in on that promise in case of IPv6? The answer is simple: I can not. 6to4 does not work with NATs at all while teredo only works with "mild" NATs with working UDP hole-punching. Compare it with other technologies which promised "to participate as an equal" (like Skype or Tor): they use all available technologies to create working tunnels.

Somehow all these IPv6 technologies are designed to give "unfettered end-to-end connectivity" to the people who already have unfettered (or barely fettered) IPv4 connectivity! WTF? Why will I do anything to get what I already have?

DJB's idea is stupid for the same reason: it gives access to the people who already have "white" IPv4 address and who's ISP was farsighted enough to enable IPv6 support on routers. These people are people who least interested in IPv6 because it does not give them anything worthwhile!

The telcos had it right to begin with. Most people just want a dumb terminal. Provider-side NAT is as good as IPv6, as long as the Youtubes still work.

Sorry, but no. There are lots of people who need more then dumb terminal. Me, for example: I regularly work with programs which are installed on server in our office and need unfettered acceess to my workstation. SSLvpn gives access to me. I can attach my laptop to the network in hotel or cafe, start my vpn script - and voila: I can talk to servers in our office, these servers can talk to my laptop, everyone is happy. IPv6 gives excuses to me instead. I can attach my laptop to the network in hotel or cafe, start miredo and see list of the reasons for why it does not work. Rarely (if ever) I've seen working ipv6.google.com... and this is 20 years after IPv6 effort started.

P.S. Oh, and of course I can use my SSLvpn connection to reach IPv6 internet via our office... but why will I want that? This will be transition to IPv6 because it was "the right thing". Connectivity problem was already solved for me with SSLvpn, so I can safely forget about IPv6...

(Log in to post comments)

Of course my Grandmother needs end-to-end connecitvity!

Posted Jan 31, 2011 0:24 UTC (Mon) by khim (subscriber, #9252) [Link]

but I don't want the end-to-end connectivity for my Grandmother.

Why the heck no? How can I help my Grandmother if her computer will not be reachable from outside? But again: SSL gives me what I want, IPv6 does not.

Not all people desire end-to-end connectivity, but there are a lot of people who do. Yet IPv6 technologies are designed to provide said end-to-end connectivity to the people who already have it (if they have "white" IPv4 address then they already have end-to-end connectivity and if their firewall supports "UDP hole punching" then there are tons of IPv4 technologies which can be used to establish end-to-end connectivity). DJB's plan is crazy for the same reason: it improves IPv6 accessibility for the people who don't need it!