|
I have a Google Blog Search Alert looking for posts over IPv6 in my RSS reader. What strikes me is the number of posts explaining how to disable IPv6 in Windows Vista, MacOSX, Ubuntu and other flavours of Linux.
It looks like disabling IPv6 makes web browsing faster for a lot of people, independently of which operating system is being used. One guy even wrote in one of his posts “In order to fix this problem”. IPv6 was supposed to be a solution, not a problem.
I can think of several rational explanations for the poor user experience. If the DNS query for a web site first returns a AAAA record and you do not have IPv6 running smoothly, the browser will first time out before trying the IPv4 address. If the IPv6 tunnel broker, gateway, etc is overloaded, you are up for a painful experience, too.
However, it is worrying that people need to disable IPv6 on their computers. If and when there will be IPv6-only web sites, they will not be able to access them.
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byVerisign
Sponsored byDNIB.com
Sponsored byIPv4.Global
Sponsored byRadix
Sponsored byCSC
The problem is indeed with DNS, but not with the connectivity ;)
From the small write-up I did on wikipedia to stop that FUD also from spreading there:
http://en.wikipedia.org/wiki/IPv6#Disabling_IPv6_because_of_incompatibilities
8
<-------------------------------------------------------------------
Disabling IPv6 because of incompatibilities
Various forums on the Internet carry reports of people disabling IPv6 because of perceived slowdowns when connecting to hosts on the Internet. This happens because of DNS resolver issues.
This "slow-down" results from DNS resolution failures due to broken NAT 'routers' and other DNS resolvers which don't know how to handle the AAAA DNS query. These DNS resolvers just drop the DNS query request for the AAAA record, instead of returning the appropriate negative DNS response. Because the request is dropped, the host sending the request has to time out, thus causing a perceived slow down when connecting to new hosts.
Note that DNS queries happen over any transport available (IPv4, if only protocol); the transport is independent from the type of query.
------------------------------------------------------------------->8
>
If the IPv6 tunnel broker, gateway, etc is overloaded, you are up for a painful
> experience, too.
I (with SixXS hat on) have never heard a compliant about one of our PoPs being “slow” or “overloaded”. Then again, people tend to go with suboptimal solutions like 6to4, Teredo or other broker systems, I can’t vouch for those ;)
Jeroen, you are right this is mostly a DNS resolver issue in home CPEs. Unfortunately, there is not much the user can do. The vast majority of users will not hack the firmware of their home router. Also, more and more home CPEs are provided by ISPs as black boxes, especially for triple play services.
Ther are also issues with the implementation of IPv6 in operating systems or distributions, according to comments to my original blog post.
The user can use a different DNS server as a caching resolver. OpenDNS for instance works like a charm. Thus people having DNS issues (because of IPv6 lookups) should definitely change their DNS servers. Reporting the problem to the owner of the DNS server is of course a great idea, this is not always possible though as it is inside the CPE or it is run by a huge company which can’t care so much about it.
Quick fix, as they are not using IPv6 anyway: disable it.
I looked to sign-up with my ISP IPv6 trials, and discovered my router doesn’t support IPv6.
Okay I could flash it with OpenWRT, or tunnel to an IPv6 providers, or ask Linksys to pull their finger out, but the majority of users aren’t going to do any of those things, at least not till there is significant pain in not doing it. No significant website, or email providers, will thus go IPv6 only unless they are targeting niche markets.
The economics are wrong for IPv6, get over it.
In time, just like you upgraded from your good old 28.8k modem to a 56k one and then to DSL, you will be upgrading to something that supports IPv6. Most likely not today, but in time you will. As for the economics, you are looking at it from the wrong angle, there are a lot of economic reasons in favor of IPv6, maybe not for you, but definitely for a lot of other folks.
It isn’t necessarily the DNS. From personal experience, there are ISPs that accept the announcement of the 6to4 prefix and propagate that route internally, regardless of what path this imposes on IPv6 traffic. For example, when I turned on IPv6 on my home router, all traffic destined for sites that have IPv6 connectivity (like, oh say, ICANN’s web site in Marina del Rey) ended up going through Germany. I live in Silicon Valley in the US. The latency and packet loss caused by this world tour resulted in me turning off IPv6.
And no, my ISP does not offer native or tunneled IPv6 (and I have no other real options when it comes to Internet service than my current ISP).
The unfortunate reality appears to be that for many (if not most) users, IPv6 is not ready for production use.
IMHO 6to4 is a pain, as the setups of these are not verified and nobody actually using IPv6 checks if they are working properly. As there are so many things that can go wrong with 6to4 (both the IPv4 and IPv6 forward and reverse path can have issues and due to routing at remote sites you might not know what happens to the packets at all...) it is also a huge pain to debug if you even notice something being wrong. Anycast is useful, but not if you want to debug something where you don't get the identifier which hosts are really involved (for instance for anycasted DNS you can generally as for an 'id' of the host, which helps a lot, and you are only talking to that box, nothing else). Thus yes, 6to4 is crap, and it is also something I tend to turn off directly. As for connectivity David, just go to http://www.sixxs.net/ and sign up and you will be fine. Get an AYIYA tunnel and it will work from any location you will visit (even most 'firewalls' are configured to open and pass it through ;) Of course you can also opt for any other Tunnel Broker service which actually cares about good connectivity. See http://www.sixxs.net/tools/aiccu/brokers/ for a long list or http://en.wikipedia.org/wiki/List_of_IPv6_tunnel_brokers which even does a mini-comparison of features.
Jeroen, I appreciate the suggestions for getting IPv6 connectivity at home, however the steps you describe reinforce my statement that "IPv6 is not ready for production use". I (perhaps mistakenly) consider myself to be reasonably technically proficient, but in order to use the technologies you suggest, I need to download and install two packages (one requiring me to modify a Makefile and compile from source). While I could spend the time to figure out the implications of the hacks I need to make to the Makefile (I use MacOS X and would prefer to install in someplace other than /usr/sbin, /etc, /usr/share, etc.), I doubt (say) my mother would be in a position to do the same. In the past, I tried using Hurricane Electric's tunnel broker service, but I needed a static IP address which my ISP does not offer for residential customers. TSP might be an option, but given my travel schedule, I'd prefer a worldwide provider (HE and SixXS, according to the Wikipedia page you referenced), so it would appear I'm sort of stuck. Even if I weren't, I'd be tunneling IPv6 over IPv4 which sort of sucks. While I use a home router that supports IPv6 to some extent (Apple Airport Extreme), I have not heard when or if my ISP (Comcast) will be offering native IPv6 service to its customers. All of this suggests that it shouldn't be at all surprising that IPv6 is considered a problem. You turn it on and you get either nothing (have to install new hardware/software) or worse than nothing (delays, packet loss, fascinating routing, etc). Obviously this needs to be fixed before IPv6 can be considered ready for production...
Yes, I am very aware that the packaging of AICCU has quite some open holes which need to be resolved for quite a number of users to make it much easier in use. Windows is still the largest user base and those are catered for. I have in local CVS a version which resolves quite a number of issues for all platforms and makes it easier to use and test and debug etc, but it is far from ready for the general public. I hope to have some spare time though soon so that I can work on it and get it out of the door as it will make life for people easier. Unfortunately time is the problem there. In life that is the most essential missing piece: time. I have set a deadline for the Internetdagarna to release a new edition finally though, but I am not sure I can make it. Somebody can provide you with a Mac OS X binary if you need it, though I don't have a mac, thus I can't. > While I use a home router that supports IPv6 to some > extent (Apple Airport Extreme), There was a short consideration of getting at least heartbeat support into AEBS, but it needs a config file, which thus means that they GUI tool needs to be updated, and that is problematic. > I have not heard when or if my ISP (Comcast) will be offering native > IPv6 service to its customers. From what I know is that Comcast has upgraded/plans for upgrading their management network, that is their first priority. Additionally they are working hard in the IETF and doing all kinds of proposals for getting IPv6 to the end-user. This will take a few years though. One good thing is that DOCSIS 3.0 does support IPv6, thus that helps a lot, but doesn't resolve all problems for a large deployment like they have. Alain Durand is the person to talk to if you want a status update on that, he gives presentations on the subject regularly. > You turn it on and you get either nothing (have to install new > hardware/software) Teredo resolves that gap on Windows. > or worse than nothing (delays, packet loss, fascinating routing, etc). The only delay I know of is caused by DNS borkedness as mentioned above in another comment. As for packetloss, not on the networks that I work with, same for scenic routing; these last two factors really depend on the fact if your provider (just like IPv4) actually cares about the connection they are providing to you or not.
AICCU Binary Mac OS X i386 binary can be downloaded from http://www.sixxs.net/archive/sixxs/aiccu/mac/aiccu-mac.exe, you will still need to put a config file in /etc/aiccu.conf (see http://www.sixxs.net/tools/aiccu/ for an example) and install TUN/TAP driver if you want AYIYA though. This does avoid having to need to compile things. One day, as mentioned it will come as a nice .dmg with installer (drag/drop thing) and a GUI though... time time time....