Takes almost no time, and it's virtually end-to-end IPv6 transport if you're in Fremont since your traffic to the HE tunnel server likely never has to leave the datacenter.

1.) E-penis. Not as much as native IPv6, obviously, but still some.

2.) It's fun*.

3.) Learning how to work with IPv6. It gives you a chance to make all of your applications IPv6-capable, so when native IPv6 does come, you've already done the work and you only suffer an IP change.

* Getting /etc/network/interfaces right is the least-fun thing ever. But now I know how, so I won't have to go through that again!


If you're in Fremont, you could check with a traceroute.

HE has tunnel servers in the same cities as most of Linode's data centers, even if they're not in the same building. Adds several hops and points of failure, but minimal latency.

_________________
Matt Nordhoff (aka Peng on IRC)

1) SSL.
2) Having enough IPs to provide proper reverse DNS.
3) Highly flexible firewalls, routing tables.. your options expand quite a bit when you have IPv6, simply due to the addresses available to you.
4) No more service overloading with custom ports because you are IP-bound.

Most of this doesn't apply if all you are doing is web hosting (but point 1 definitely applies if that is the case). However, I run ldap, kerberos, ssh and http off of a single 360. I have 24 different services all told that I'm running, and if you include every different HTTP vhost in that, that number jumps to 60 (which then jumps to 70 if you include HTTP --> HTTPS redirects).

We've made our services work around IPv4 out of necessity, not because it was a great idea. IPv6 removes a lot of pressure from these situations.

I can run one SSL site off of one IPv4 address with most current software. Newer versions of apache (ie, ones that are not included in most server distros now) permit multiple SSL sites on one IP, and this is actually supported by every browser now.

But as mentioned, the server software doesn't really permit it currently. (Also, as I said... we're reworking protocols out of necessity due to lack of address space...)

So I can run one SSL site (for example, SSL'd webmail), and then point my 5-6 domains at it and call it "good enough." Or I can throw up another IP (out of my millions), provide it with an SSL cert specific to that hostname, and quit overloading services out of necessity due to address space limitations.

Don't get me wrong, $1/IP/month is a great price, but paying for 20-30-40 IPs isn't as good of an option as just running IPv6.

Kerberos in specific is picky about hostnames. I have one IP at home, and one IP on my server. This means that I can have one computer (my router) authenticate against kerberos. Or, I can roll IPv6, and have every computer correctly validate against kerberos -- thanks to having a 1:1 mapping of computers to (pubic accessible) IPs.

I assume you're referring to Server Name Indication, which sadly isn't supported in any version of Internet Explorer on Windows XP, not even IE8 on XP. You need Vista for it to work.

We're going to be stuck with wasting IP addresses on SSL sites for as long as users are going to stick with Windows XP.

I meant every browser and OS *worth using.

http://en.wikipedia.org/wiki/Server_Nam ... n#Browsers

(But I'd rather not turn this otherwise fine thread into a MS.. 'discussion' thread.)

I experimented with IPv6 for a while but in the end I found out that the most prevalent use were v4 users connected via v6 tunnel routing traffic to my v6 tunnel that deliver packet to my v4 linode. No benefit and doubled latency.

I also tried out SNI and it almost worked. I actually made it work for some fancy internal stuff but I would be fired instantly if I even thought about annoying our WXP clients with it.

Surely there are cases where both SNI and tunneled IPv6 are worth but generally we are not there yet. We need native IPv6 support if we are to spread IPv6 and we need 99 % support of SNI including modern yet obscure browsers (terminal etc.).

XP loses support on April 8, 2014

I wanna know what time IPv6 can be native supportted by Linode?

It was pushed back to at least 2020:

http://www.computerworld.com/s/article/ ... until_2020

Presumably support ends some time *after* downgrade rights end, so support expires some time after 2020.

If you read the whole article, it says that XP falls off the support list for good in April 2014.

# traceroute 72.52.104.74
traceroute to 72.52.104.74 (72.52.104.74), 30 hops max, 60 byte packets
 1  gateway-he-li3.linode.com (64.62.190.1)  0.268 ms  0.188 ms  0.232 ms
 2  gige-g4-17.core1.fmt1.he.net (72.52.92.245)  2.484 ms  2.881 ms  3.120 ms
 3  gige-g4-8.core1.fmt2.he.net (66.220.20.138)  0.479 ms  0.640 ms  0.758 ms
 4  tserv3.fmt2.ipv6.he.net (72.52.104.74)  0.380 ms  0.370 ms  0.395 ms

It may not be in the same building, but 2-3ms is completely negligible.

I have an IPv6 tunnel from SIXXS and it works perfectly. Native IPv6 is the future but it seems a long time coming, not just at Linode but everywhere.

Another reason there's no rush to get IPv6.

http://www.networkworld.com/community/b ... 2010-07-12

Just what I want to do, setup a new technology only to get WORSE performance.

I'll wait. The FUD about running out of unallocated IPv4 addresses seem to imply that the already allocated IPv4 addresses will disappear - which is clearly not the case.

Do I really care if some small ISP in Zimbababooey can't get more IP's - not to be mean - but no, don't care and has zero impact on my business.

It isn't FUD. It's going to happen, and the question of when has been the only question.


This is a worldwide problem. Although APNIC allocations have increased quite a bit (and I believe they are in the lead right now), ARIN and RIPE jurisdictions are serious consumers of IPv4 space. Think about it - every iPhone has a world-routable IPv4 address, almost every home Internet customer in the United States and Canada, every Linode, every piece of infrastructure that sits between you and YouTube, everything. Those are probably all ARIN addresses with the exception of iPhones (but still a majority). This problem transcends traditional political boundaries.

ARIN countries like us chew through IP space more than "Zimbabaooey". If you don't believe me, check how many /8s are allocated to ARIN vs say, AfriNIC.

There is a plan in place when the last /8s are handed out (one to each of the five RIRs), and after those are allocated, no more IP addresses. Period. Everybody who is sitting on space will be fine, you're right about that; that ISP in Zimbabwe will not be fine. However, any company that goes to ARIN is going to feel the pinch too. I suspect once the final /8 is in ARIN's possession, allocations are going to get difficult.

I do not think that drastic pinch will be in a year as the countdown clock to X-Day is saying. I think it will be after X-Day, in maybe another one or two, once the final /8s are completely allocated and a line starts building.

That pinch can be pushed back quite a bit if the role of certain /8s changes, and some are handed back by companies that don't really need them. However, given the names in that list of legacy /8s, I bet most of them will sit on the space for the reasons you've already figured out.

_________________
Disclaimer: I am no longer employed by Linode; opinions are my own alone.

Why?

They would just as easily work behind NAT or NAT and uPnP if it has to be easy two way hookups.

IPv4 address space is disappearing because it's carelessly wasted via poor net design.

My guess is that will be corrected before the big carriers/ISPs get their act (and their backbones) together on IPv6.