February 24, 2011

6 months with IPv6

Filed under: Internet — Tags: — martin @ 8:16 am

It’s been half a year since I took my first baby steps with IPv6. Time for an update.

I still run my SixXS tunnel at home, which has been working all the time without any noticeable flaw whatsoever.

The ISP at my principal hosting site is badly underperforming. Despite their glorious IPv6 announcements in Summer of 2010, they still can’t deliver native IPv6. They can’t even offer a local tunnel while they don’t have IPv6 on their delivery infrastructure. Planned arrival is pushed ahead quarter by quarter. Very sad story.

I still use tunnelled IPv6 from Hurricane Electric‘s POP in Frankfurt. Which magically locks me out from German IPv6 IRCnet servers, as he.net are an American company. It’s a mystery to me why IRCnet operators are making such a fuss about IPv6. Welcome to the world of tomorrow, guys!

My office and the hosting site have always been connected by a VPN. Through this IPv4 VPN, I have lately set up a 6in4 tunnel that directly connects both sites, to maintain IPv6 connectivity in case one of the tunnels goes down.

With my ISP being such a letdown, I have started to run production traffic through he.net: DNS, SMTP, HTTP. The number of e-mail arriving via IPv6 is very low, though. I currently count a maximum of 10 business e-mails to my clients arriving via IPv6 every day (most of them from France, surprisingly), plus of course countless mails from “scene” (so to speak) mailing lists that deliver via IPv6.

Considering that my only connectivity is a tunnel, it’s a bit too early to globally deploy IPv6 for HTTP. Only a few selected websites already are on IPv6. Most notably, I have a WordPress installation where the SSL certificate for administration is only deployed on IPv6. The notorious shortage of IP addresses for SSL simply no longer exists in that world. 🙂 My principal company webpage is on IPv6 as well.

E-Mail from the hosting site to the office is being routed through IPv6+TLS. Nothing much to say about that. It just works as expected.

Routing is the great new thing anyway. “Offical” addressing on all systems, without nasty stuff like NAT in the game, is incredible. Open up a port in the Firewall and things just magically begin to work without the need to think around corners. Decide to connect a remote network via VPN? No problem, all addressing stays the same, because there is no difference between “external” and “internal” addressing. This is what IP must have been like before it turned into an unmanagable pile of dung. Which must have been long before I joined the Internet for the first time.

I wonder what will happen when the end-user ISPs, in my case: Deutsche Telekom, start delivering IPv6. What ways will they think of to ruin the great experience that I now have with SixXS and my static /48 network?

1 Comment »

  1. I still can’t make a big survey how many sites have v6-enabled-mail-setups, but at my work we will starting do deploy IPv6 this year and with that I will have the ability to get better statistics.

    But for my private needs all that you describe is just the same here. Except that I also enable v6 for HTTP for my sites, even if they run through a tunnel.

    Comment by Uwe — February 26, 2011 @ 10:03 am

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at WordPress.com.

%d bloggers like this: