Forgot your password?
typodupeerror
Networking Software Linux News

Linux Foundation Says All Major Distros Are IPv6 Compliant 241

Posted by Soulskill
from the getting-things-done dept.
ruphus13 points out news from the Linux Foundation, which announced that all major Linux distributions meet certification requirements for the US Department of Defense's IPv6 mandates. The announcement credits work done by the IPv6 Workgroup, whose members include IBM, HP, Nokia-Siemens, Novell and Red Hat. Quoting: "Linux has had relatively robust IPv6 support since 2005, but further work was needed for the open source platform to achieve full compliance with DoD standards. The Linux Foundation's IPv6 workgroup analyzed the DoD certification requirements and identified key areas where Linux's IPv6 stack needed adjustments in order to guarantee compliance. They collaboratively filled in the gaps and have succeeded in bringing the shared technology into alignment with the DoD's standards."
This discussion has been archived. No new comments can be posted.

Linux Foundation Says All Major Distros Are IPv6 Compliant

Comments Filter:
  • by dattaway (3088) * on Sunday November 30, 2008 @10:37AM (#25933045) Homepage Journal

    Many embedded linux devices are IPV6 compliant. Even my AXIS webcam can talk ipv6.

    Unfortunately, my ISP, RoadRunner is stuck in dark ages.

  • by PolygamousRanchKid (1290638) on Sunday November 30, 2008 @10:59AM (#25933185)

    . . . when you see IPv6.

    Until your ISP starts offering it, don't worry about it.

    Everything that is worth buying has been IPv6 compliant for years.

    The only thing that is missing for IPv6, is well, how about an IPv6 net, to the end user.

  • by Morth (322218) on Sunday November 30, 2008 @11:26AM (#25933313)

    The advantage is you get rid of your NAT. You can for example use it to access your computer remotly with ssh or file sharing, or get IP telephone provided separately from your ISP.

    You can turn on 6to4 in your OS, it will give your whole home network global IPv6 addresses with your IPv4 connected computer as router. Some OSes might require further configuration.

    Around here (Sweden) many ISPs actually have a local 6to4 router so the speed is the same, but in some locations you will get a longer route if you do this though.

  • by TheRaven64 (641858) on Sunday November 30, 2008 @12:15PM (#25933633) Journal

    Possibly because the Linux Foundation has a history of running press releases saying 'Linux can now do something that *BSD could do ages ago!' only without mentioning the fact that Linux is late to the party, and in some cases not mentioning the fact that the code that they are so proud of was ported to Linux from one of the BSDs.

    Anything they release should be mentally tagged troll.

  • Maybe (Score:4, Insightful)

    by Midnight Thunder (17205) on Sunday November 30, 2008 @12:20PM (#25933681) Homepage Journal

    In reality IPv6 is about infrastructure, so if it is all done right then your average Joe shouldn't see much of an impact. In most cases the average user leaves their setting in automatic mode, so as long as the OS and corresponding application are already IPv6 aware then they won't notice until they need to use a numerical address. If they have a home router, then they may find that they need to buy a new one as the manufacturer is only releasing IPv6 aware firmware for routers manufactured after a certain date.

    There are still plenty of issues before everything is working right on both the client and server front. Issues still in place:
      - network hardware not IPv6 compliant (the only compliant home router for the moment is the Apple Airport)
      - network administrators oblivious to IPv6
      - ISPs not preparing for IPv6
      - libraries for popular computer programming languages not IPv6 ready. Take Perl libwww for example.
      - people saying that no one else is doing anything, so they won't do anything either - the classic sheep mentality

    I would like to see stuff like Zeroconf (aka Bonjour, Avahi) become common place on all OSs (this include Windows), or at least if these routers could add the names of computers in their DHCP table (including themselves) in their DNS directory, so typing in numerical IP addresses should not be necessary.

  • by Gorgonzolanoid (1394311) on Sunday November 30, 2008 @01:38PM (#25934207)

    Why was that modded troll? Someone with enough mod points who disagreed but couldn't come up with a good argument?

    The success of IPV4, and the reason it survived so long, has always been its simplicity. The right way would have been to extend the address space while still obeying to the KISS principle (Keep It Simple, Stupid).

    IPV6 is such an example of bloat that you'd almost believe Microsoft wrote the specs.
    The OSI model splits things up in levels for a reason. Trying to stuff too many levels into a single protocol is a stupid idea. IPV6's biggest fault is that it tries to go grab land up to the presentation layer, jumping two levels above the two that IPV4 was already doing.

    That's no attempt to troll, it's simply my view on why IPV6 still hasn't taken over.
    And just wait until it does, then you'll see the result: more complexity only leads to more problems.

  • by sjames (1099) on Sunday November 30, 2008 @02:26PM (#25934695) Homepage

    NAT for firewalling is really an abuse of the protocol. Instead, dump it and use IPv6, then have the router filter the packets. That way, instead of having to rewrite the packets, the router just has to make a drop or forward decision.

    If you make DROP the default decision and then add specific ALLOW rules, you'll get the same semantics as NAT with a lower load on the router

    AN added benefit (FOR NOW anyway) is that most ssh dictionary attacks are against IPv4 addresses. If your internal machines can only be reached through v6, you won't have to worry about those.

    Even if the crackers update to use v6, they won't be nearly as successful since they would first have to guess which dozen or so v6 addresses out of the possible billions on your 6to4 prefix actually have something listening. Sending out a few billion probe packets wouldn't really be a good option for them, especially when someone might have a honeypot assigned hundreds of IPs (making it by far the most likely machine to be attacked).

  • by Blakey Rat (99501) on Sunday November 30, 2008 @02:48PM (#25934901)

    IPv6 isn't backwards-compatible with IPv4, and a lot of networks have been really slow to convert over. In most case, they have to spend money to do this conversion, because they have older hardware without full IPv6 compatibility.

    Adoption is slow because IPv6 isn't backwards-compatible, and because it doesn't have enough benefits to outweigh that problem. No conspiracy or anything. (I think it's damn stupid that IPv6 has approx. 40 kajillion IP addresses, and yet they didn't bother to map the existing 4 billion there anywhere.)

  • by klapaucjusz (1167407) on Sunday November 30, 2008 @03:58PM (#25935677) Homepage

    Would you stop giving the damn ISP's more reasons to slack off on implementing IPv6!!!

    When their customers do their own tunnelling, ISPs loose the ability to perform their own traffic engineering, and loose money.

    Once they see that they are loosing money because people are implementing their own tunnelling, ISPs will rush to implement native IPv6, in a form that they can control.

  • by neirboj (567806) on Sunday November 30, 2008 @11:32PM (#25939519) Homepage
    Section 2.5.5.2 of RFC-4291: IP Version 6 Addressing Architecture [ietf.org] describes what in IPv4 terms one might call a super-network prefix that does exactly that: map the existing Internet onto an infinitesimal corner of the huge IPv6 address space.

Save the whales. Collect the whole set.

Working...