| |||||||||||||
IPv6 on these little boxes in people's homesIPv6 on these little boxes in people's homesPosted Dec 7, 2011 22:04 UTC (Wed) by paravoid (subscriber, #32869)In reply to: IPv6 on these little boxes in people's homes by tialaramex Parent article: Some Cerowrt updates
You really should have a look at RIPE's IPv6 CPE survey¹ and ARIN's Broadband CPE² page before making such claims.
¹: http://labs.ripe.net/content/ipv6-cpe-survey
(Log in to post comments)
IPv6 on these little boxes in people's homes Posted Dec 8, 2011 2:29 UTC (Thu) by tialaramex (subscriber, #21167) [Link]
Both these pull two tricks which are helpful if you want a warm glowing feeling about IPv6 availability or are convincing the boss that it's a viable choice for your business, but are irrelevant in terms of mass deployment to the homes of ordinary people.
The first is "Well, Cisco do it". Yes, and so do several other high-end switch/ router vendors. But they sell into the enterprise, where the guy installing the CPE knows what DHCP is and whether they want to enable NAT, not into homes where you need a diagram just to explain how to switch it on. Most importantly, they charge a LOT of money for these products.
The second is "This device requires you to plug it into an existing router". Ignoring for a moment the reality that this means you're not really doing native IPv6 but some kind of tunnelling (and so you will probably pay in terms of reliability and performance) it means an extra box per customer. That breaks the economics for the ISP. It's viable for a few fanatics, but it isn't a way to get millions of ordinary households
[ Digital broadcast TV is a useful comparison here. It was _possible_ to build boxes that turn a digital TV multiplex into an old-school PAL-encoded analogue signal to feed into a pre-SCART era television, and in fact such boxes were deployed where needed. But for the vast majority of people the digital TV upgrade happened when they purchased a new, better television which had the local DTV standard baked in ]
The only ISP in my country that actually has ordinary household IPv6 customers right now, so far as I can tell, has despaired about finding a way to deliver CPE without these tricks. Some of their customers can afford to buy an actual Cisco DSL device, and others are happy to burn custom firmware or run some unsupported beta, but to roll it out to the rest of their customers, as they'd like to do, they need a real solution, one that works, is properly supported, and is available (not "in beta") at non-luxury prices and they haven't found one. Right now (as-in, since November) they're experimenting with Technicolor, but this is only the latest in a series of experiments, and most of the previous ones were abandoned, because a manufacturer says "How hard can it be?" and promises to support a test rollout then they discover the answer is "Actually it's not as easy as we thought" and that's it. Hardware vendors are really bad at software.
Of course it will all fix itself somehow, just don't believe the people who say it's going to be painless.
IPv6 on these little boxes in people's homes Posted Dec 8, 2011 5:52 UTC (Thu) by mtaht (✭ supporter ✭, #11087) [Link]
I am certainly NOT someone to stand up and say getting IPv6 to the home is painless. In fact one of the goals of the whole cerowrt R&D project was to clearly identify how painful it would be, and what sorts of investments in what subsystems and applications would be required to make ipv6 work better in that environment.
I like to think we've identified a few more areas in IPv6 that need serious work.
Upselling to NAT Posted Dec 8, 2011 18:59 UTC (Thu) by dmarti (subscriber, #11625) [Link]
Moving a home user's service from a real IPv4 address to a NAT IPv4 address is a problem if the user is an EFF member, extreme gamer, Bittorrent user, or some kind of nerd.
As a big ISP, you could re-brand the change as an upgrade to "Family Friendly" or "High-Security Firewalled" service. Start out offering it as a paid upgrade, then make it "free for a limited time", then the default for new users. If it breaks some network service, just say that the other end doesn't like Families or Security.
This is so much easier than IPv6 that I don't see why the ISPs won't do this instead. (In Karachi, Pakistan, an ISP will sell you 100Mbps Ethernet to your neighbors, decent backhaul, and NAT for $8/mo. This works fine for Skype, Facebook, and YouTube.)
Upselling to NAT Posted Dec 8, 2011 22:13 UTC (Thu) by drag (subscriber, #31333) [Link]
Many ISPs in the USA are providing NAT only IP addresses. I know people that have private-only IP addresses. The problems are more then just inconvenience for bittorrent users. It makes a lot of things suck.
They don't upsell, they just don't talk about it. They just do it. Then performance and reliability drops somewhat and irritates the people that depend on certain VPN software or VoIP for their work or whatever.
The problem ISPs now face is not enough public IPs for their customers, but not enough private IPs for their networks. When your a company like Comcast and you are forced to use multiple duplicate 10.0.0.0/8 networks you know you are running into some serious addressing limitations.
What we have going on right now is that ISPs are doing things like tunneling IPv4 over IPv4 in order to provide the network infrastructure necessary to deliver public addresses to customers. If you are going to give private addresses you are going to have to do some really crazy stuff like combination of tunning NAT connections some multiple NAT'd networks to get the TCP connections to customers. Tunneling IPv4 over IPv4 over Ipv4 type stuff.
On top of this NAT is not some sort of panacea that is going to buy you a lot of time.
The number of ports you have is limited to 16 bits minus whatever needs to be reserved. Each connection on a NAT router takes a port. So I'm guesstimating that leaves you about 30,000 useful TCP connections per public IP address. I am sure that things start to break down before that. Just doing a simple google about "linux" and clicking on a wikipedia link I get about 20 TCP connections started. So for every public facing IP address you can serve 1000-1500 active customers. And this is not really something you can ramp up for peak usage or anything.. it's a hard limit. Once customers start banging against connection number limits then things are going to suck for them.
What is going to happen, what I am guessing is happening is this:
ISPs are going to switch their networks entirely over to IPv6. They will be tunneling IPv4 over IPv6 to their customers. I expect that the larger ISPs are already well on their way. Once the roll out of the migration from IPv6 to IPv4 is complete then they will start fazing out support for DOCSIS 2.x modems and whatever the equivalent for DSL is. The newer 3.0 modems have IPv6 built in as a requirement for the protocol. Then they will require customers to purchase new routers. These things are probably going be pure IPv6 with a single IPv4 address mapped to it that tunnels over the IPv6 network.
'Computer Appliances' will start requiring IPv6 for various things. They won't really be advertising it as such they will just say things like ISP compatibility and DOCSIS requirements and such. It'll be a headache, but it will need to be done. They will require the higher performance that needs the newer level 1 protocols anyways. Blueray players, 'Smart' Televisions, IP-based cable boxes, PS3/XBox/etc, that sort of thing.
One thing that is important to keep in mind is that you don't really need IPv6 support on your 'home NAT router' to have IPv6 support in your appliances and in your OS. Any modern system can have full IPv6 internet access very easily on any "IPv4-only" NAT network. Full stack access. No firewalls, no port limitations, nothing. 100% unfiltered access right through any common NAT firewall. I think things like PS3 support this already. Microsoft already uses it for Windows 7.. it's requirement now for file sharing to work properly nowadays. Linux it's a bit more of a headache, but it's slowly catching up to Microsoft.
So it's not really necessary for customers to upgrade their home routers, but it will make things better.
While all this is happening it will slowly start to dawn on businesses in the USA that they will not be able to do business in certain parts of the world unless they have some sort of IPv6 connectivity support. Especially with China.
As IPv6 gradually moves to mainstream it will free up more and more IPv4 addresses to extend the useful life of that protocol.
Upselling to NAT Posted Dec 8, 2011 22:26 UTC (Thu) by dlang (✭ supporter ✭, #313) [Link]
> The number of ports you have is limited to 16 bits minus whatever needs to be reserved. Each connection on a NAT router takes a port. So I'm guesstimating that leaves you about 30,000 useful TCP connections per public IP address. I am sure that things start to break down before that. Just doing a simple google about "linux" and clicking on a wikipedia link I get about 20 TCP connections started. So for every public facing IP address you can serve 1000-1500 active customers. And this is not really something you can ramp up for peak usage or anything.. it's a hard limit. Once customers start banging against connection number limits then things are going to suck for them.
actually, a connection is the set
source IP, source port, destination IP, destination port
so you can re-use the same source IP and source port if you have a different destination IP and/or destination port.
the OS doesn't re-use the source port by default, but it could. so there is really no long-term reason for the NAT boxes to run out of the ability to handle connections.
Upselling to NAT Posted Dec 9, 2011 16:39 UTC (Fri) by ncm (subscriber, #165) [Link]
Amusingly, that's been patented.
|
|||||||||||||