Sunday, March 23, 2008
DHCP, IPv4, home networks, and IPv6... with DNS
IPv6 has a feature that was innovative and useful back when it was designed in the mid-90s, called stateless autoconfiguration. An IPv6 enabled machine can automatically create an IPv6 address for itself, get on a network, and figure out how to access the internet.This solves a tough problem that occurs on just about every network I've ever run into - two devices will automatically configure themselves with the same static IPv4 address, disabling both devices (or at the very least, making access to them a flaky experience). Worse, usually that automatically configured device comes up on an ip address that is dedicated to crucial infrastructure - the main router for a home, for example, is usually on 192.168.0.1. Bring up another device intended to be a main router for that home, (say you are adding a wireless access point) and it too comes up on 192.168.0.1. Unless you have a private ethernet port handy (which requires some knowledge of networking), usually you have to temporarily disable the main router - disconnecting your kids from their second life sessions - and bring up the new one, change its default IPv4 address - find a static allocation for it - write it down - remember to use the right netmask - (all of which requires some knowledge of networking), save it, reboot both routers, and then proceed to configuring the new one.
On larger networks, someone randomly bringing up a machine on a static ip address can be catastrophic.
Now, DHCP has become the standard way to assign new "dynamic" IP addresses in a NATted IPv4 network. It's come quite a long way - from, at first, only being able to assign IP addresses, to now being able to specify dns servers, time servers, netbios servers, serve up boot files, statically assign some IP addresses, dynamically do others, etc, etc.
Early versions of the DHCP server code helped turn most of us into landless cyberserfs - there was no way to assign and route static ip addresses sanely back in the 90s - so most end users went dynamic early, as the end users could not be trusted to assign their own gear the right addresses, and statically assigning the wrong addresses could be catastrophic to the whole network. ISPs ended up authenticating via protocols like ppp, and assigning dynamic addresses, because it was easier, and safer - not because it was right - or better - using static addressing would have simplified billing and firewalling (and worm/virus control) considerably, then and now.
Dynamic addressing also made it much harder to create services at home. It moved the domain name system into the province of the ISP rather than into the home or small business. This has led to such steps backwards as not having DNS running at all on most small networks - meaning that printers can't get assigned sane names like "printer.hm.taht.net", ditto for your daughter's machine - instead, people manually remember and type in IP addresses whenever they want to talk to machines inside of their own network. (solutions to this have appeared in Netbui, Bonjour and dnsmasq, but I'm already way off where I intended to go with this piece.
Most people don't even know how to discover the IP addresses of machines in their own network - they are no longer connecting to each other, but to the internet...
I think that people dig "the Net" so much more than "their home" is because that the net is so much easier to use than their own gear!
It's not just DHCP's fault - routing was also painful in a sometimes connected via modem internet environment, and CIDR was just getting started. There were no good solutions back then to these problems.
The cyberserfdom created by this flaw is reflected by the terminology used by DHCP itself. You get a IP "Lease", which you have to "Renew" periodically. Although the documentation uses "server" and "client" terminology, I translate that into "Master" and "Sharecropper" when I'm feeling depressed.
Static IP addressing, assigned via DHCP, appeared in later versions, keying off the MAC address of an ethernet card, much like IPv6 stateless autoconf works. Back in the 90s, you used to have to manually enter your own name servers, now DHCP handles it for you. Getting on a "normal" ipv4 network today is as simple as enabling dhcp and turning on your machine, and setting up a "normal" ipv4. I rarely see a well configured small dhcp network, with static addressing for printers, etc, usually people end up manually assigning the static ips rather than getting DHCP to do it. More often than I care to remember, they assign static ips in the dynamic lease range, leading to all sorts of oddities (that newer dhcp servers generally detect).
It's not that people are stupid. This is hard stuff to get right all the time.
At the lowest level of the protocol, you have to get that IP address right... and you need to be able to access a nameserver in order to do anything on the internet. It is helpful to also run your own dns at home... (DNS translates www.example.com into 127.0.0.2 on my machine)
Running DNS at home? I almost never ever see that... DNS servers take up a lot of memory and very few routers supported it until recently. Everybody seems to think that www.example.org is the only correct form of a computer name - most of the people with vanity names just use them for websites instead of managing their home network. People just plug in their airport and laptop and expect to be on the internet, no where else.
Setting up good DNS is hard, for a lot of reasons - security, complexity, and the warts in a major program and protocol. It is still highly desirable to run your own DNS at home - it also speeds up web access - but solutions are emerging that make it less probable you will need to do so in the future.
I wish a lot more programmer energy had gone into making home/small business DNS services easier. I've been running my own DNS servers for 20 years and I STILL don't get it completely right, and never on the first time.
ANYWAY.
IPv6 solves the "get IP address" problem well. Actually, it oversolves it. It solves it so well that it introduces new problems. While a human being can remember "my printer is on 192.168.0.50", I find it impossible to remember or even type in the fact that my olpc is on [2001:470:806f:2d7:217:c4ff:fe10:b811] which is what its full IPv6 autoconfigured address looks like. It's GREAT that it's on the net... all by itself... routing - announcing its existence -
Theoretically.
Regrettably one crucial piece of stateless autoconf, went into DHCP, but didn't make it into IPv6 - the ability to get a nameserver automatically. Thus, the friendly internet of http://ipv6.google.com becomes http://[2001:4860:0:2001::68] (if you can remember that, you are a better person than me) unless you do something about it.
There's a few solutions, DHCPv6 and RDNSS announcements in radvd (covered in RFC 4339 rfc 5006) - which I'll get to in my next blog. (I'll fix up this one a bit later too)
Labels: dhcp, dns, ipv6, networking
¶ 4:32 PM
Comments:
<< Home
You missed the third solution, which is to run a recursive resolver locally, and point your stub resolver to ::1. Note that several of the DNS root servers have IPv6 addresses now.
I'm pretty sure that's the solution the IPv6 designers had in mind. It does tend to eat memory, though...
(Configuring DNS doesn't have to be hard when you're not authoritative for any zones. Fedora Core installs and runs a recursive resolver by default, out of the box, and I think Ubuntu can do it with a single apt-get.)
I'm pretty sure that's the solution the IPv6 designers had in mind. It does tend to eat memory, though...
(Configuring DNS doesn't have to be hard when you're not authoritative for any zones. Fedora Core installs and runs a recursive resolver by default, out of the box, and I think Ubuntu can do it with a single apt-get.)
Well, I was getting to that.
I run a full blown DNS server on my laptop now, and use that by default, Just running it as a caching server required two minor tweaks to dhclient.
(I'll write that up shortly) I think a future is not far off when people do run their own dns server on their machine(s)....
The problem with ::1 in the home router case is that most people have a DSL router controlling their dhcp and would have to run a separate device to do dhcp. The two, when linked together using DNSmasq on a openwrt based router, work much better than separately, but much other home gear has no capability for dns at all, leading to solutions like DNS multicast.
I was watching a very overloaded wireless network the other day with mdns-scan, watching people announce their computers with names like:
"Joe's bitchin Box.local"
"Gaby_Anne.local"
and other invalid DNS names. Sigh.
I run a full blown DNS server on my laptop now, and use that by default, Just running it as a caching server required two minor tweaks to dhclient.
(I'll write that up shortly) I think a future is not far off when people do run their own dns server on their machine(s)....
The problem with ::1 in the home router case is that most people have a DSL router controlling their dhcp and would have to run a separate device to do dhcp. The two, when linked together using DNSmasq on a openwrt based router, work much better than separately, but much other home gear has no capability for dns at all, leading to solutions like DNS multicast.
I was watching a very overloaded wireless network the other day with mdns-scan, watching people announce their computers with names like:
"Joe's bitchin Box.local"
"Gaby_Anne.local"
and other invalid DNS names. Sigh.
Most people have a DSL router controlling their DHCP because most people live in the NAT world that IPv4 created by not having enough addresses.
If you drink the IPv6 kool-aid, you don't need the central router for DHCP anymore. Every dingus on your network gets a real address. And then every dingus on the network that needs DNS can fire up its own caching resolver, query a root server and get on with life.
This is of course nonsensical in the general case. I don't think people are really going to want to run a DNS server on their smart dishwasher or whatever. But there's nothing obviously preventing you from running one on your laptop today, and if that's the only reason you were needing DHCPv6, well, skip it and simplify.
If you drink the IPv6 kool-aid, you don't need the central router for DHCP anymore. Every dingus on your network gets a real address. And then every dingus on the network that needs DNS can fire up its own caching resolver, query a root server and get on with life.
This is of course nonsensical in the general case. I don't think people are really going to want to run a DNS server on their smart dishwasher or whatever. But there's nothing obviously preventing you from running one on your laptop today, and if that's the only reason you were needing DHCPv6, well, skip it and simplify.
My favorite sour, bitter, rant on v6, is at it's essence, look how well v4 is deployed, and understood, expect v6 to be one order of magnitude worse. Oh yeah, I can't wait.
On the case of v4 being to blame for poorly implemented NAT, due to not enough space, I'd point to how v4 isn't even close to being fully deployed, entire /8s still virgin, and /6s and /4s hanging in dead space, unused. Corporations who dont' even do any significant engineering anymore sitting on /8s that mostly don't route. For that matter, corporations that don't even exist anymore, and haven't for years still assigned /8s.
Sorry, I don't buy any of it.
No, NAT is the problem. Not v4.
NAT is useful, but I blame the happy happy joyjoy plug and play mentality of the 'me too' crowd, that leeches and contributes little to nothing.
I've been blaming them since the days of my 2 line dial up 1200 baud BBS. It hasn't changed.
On the case of v4 being to blame for poorly implemented NAT, due to not enough space, I'd point to how v4 isn't even close to being fully deployed, entire /8s still virgin, and /6s and /4s hanging in dead space, unused. Corporations who dont' even do any significant engineering anymore sitting on /8s that mostly don't route. For that matter, corporations that don't even exist anymore, and haven't for years still assigned /8s.
Sorry, I don't buy any of it.
No, NAT is the problem. Not v4.
NAT is useful, but I blame the happy happy joyjoy plug and play mentality of the 'me too' crowd, that leeches and contributes little to nothing.
I've been blaming them since the days of my 2 line dial up 1200 baud BBS. It hasn't changed.
Evan:
Re: DNS on the smart dishwasher.
Actually there is a compelling reason to have DNS in the home, and it comes down to that "smart dishwasher". I would like
to access dishwasher.hm.taht.net to turn on the darn dishwasher while I'm at work, so I don't have to cope with the noise while I'm there, and have fresh dishes when I get home.
How the name "dishwasher.hm.taht.net" gets created, attached to an IP, and made accessible is what needs to be fixed, not "running DNS on the dishwasher".
dnsmasq does the right thing - it takes the name that a given device suggests via the DHCP ACK, and if available, uses it for the dns name.
Conventional DNS in bind requires a boatload of authentication in order to update its records. While an appropriate solution for the worldnet, it's hard (I've never got it working) and not widely implemented.
My principal gripe with multicast dns is that no client seems to be obeying conventional dns naming rules - names with spaces and punctuation seem to be the norm, which breaks everything that could use it. A little rigor in enforcing naming schemes would address this, but that's not happening.
Worse, mdns establishes a new - in-nat - domain, called .local. I can't map .local back to a conventional dns cname. I could see, in the home, some sort of smart bind injector that looked for .local announcements and injected them back into conventional DNS with an A or AAAA record.
My nokia handhelds support mdns announcements (laz.local and lor.local), but don't support a mdns resolver! I'm still happy with this partial solution - as no matter where I go, me, and my "cloud" of devices can talk to each other.
CPM: NAT is the problem, but v4 created it. If we could wave hands automagically and get rid of NAT in favor of globally routed IPs we WOULD be completely out of IPs today, possibly several times over.
I am distressed at the weight and incompetence of the world bearing down on the Net. Have been for years. I'm trying to do something about it. What are you doing about it?
Lastly, I don't regard IPv4 as a crisis that must be solved today. It's not (yet) Y2K. I do regard IPv4 as a real problem in other parts of the world. I'm interested in IPv6 for about a dozen reasons, not least that it's a safe haven to experiment with new services and protocols. We still have some engineering time left to get it more right for the real world.
I do see NAT getting pushed further and further out into the cloud, which can (and does) disconnect people from important places like work and home. At some point the frog is going to roast in the boiling water.
I had a public IPv6 discussion in australia recently. Click there for the full discussion. Let me reprint parts:
Two recent examples of NAT is BAD:
1) A friend of mine had a video monitoring system on his storefront in San Juan Del Sur. He was behind quadruple NAT - his own, and the wireless provider there (of the 8 or so ISPs there, only one provides real ip addresses). His house, 1km away, had a different provider, different NAT - SIP between the two locations never worked, he's never got a working vpn, and a few other difficulties like that - but the real kicker: One day - he got robbed - the perps stole everything - including some of the video monitoring system - and because he couldn't monitor his site from his house 1km away, he has no idea who it was.
2) I was trying to get universal internet access out to 26 barrios in a 40 mile wide area - so, for example, a teacher in one location could video out to multiple locations - but again, due to the all the service providers involved, doing NAT, proved utterly impossible.
A reply was: "IPv4 is available to anyone and everyone who can justify its use. Put together a deployment plan, flash it in front of your RIR, and they'll give you as much IPv4 as you want."
To which I said: You haven't been to South America. In addition to those steps, you need to deal with the government owned ISP, smuggle in the gear, persuade (bribe) the appropriate officials, protect your cabling from being stolen, and it helps a lot to be married to a general's daughter, assuming his party is in power.
And in response to: "
That'll all stop in 2010. But in 2008 there's no justification for ISPs to impose multiple NAT due to 'address scarcity.'
The general's daughter I mention wasn't particularly pretty and had something of a coke habit..
Paperwork and politics clog the IPv4 Net - yet getting a /48 IPv6 address and addressing space bigger than the whole existing net to use is two clicks and one form away.
"It's a big universe next door, let's go!"
Re: DNS on the smart dishwasher.
Actually there is a compelling reason to have DNS in the home, and it comes down to that "smart dishwasher". I would like
to access dishwasher.hm.taht.net to turn on the darn dishwasher while I'm at work, so I don't have to cope with the noise while I'm there, and have fresh dishes when I get home.
How the name "dishwasher.hm.taht.net" gets created, attached to an IP, and made accessible is what needs to be fixed, not "running DNS on the dishwasher".
dnsmasq does the right thing - it takes the name that a given device suggests via the DHCP ACK, and if available, uses it for the dns name.
Conventional DNS in bind requires a boatload of authentication in order to update its records. While an appropriate solution for the worldnet, it's hard (I've never got it working) and not widely implemented.
My principal gripe with multicast dns is that no client seems to be obeying conventional dns naming rules - names with spaces and punctuation seem to be the norm, which breaks everything that could use it. A little rigor in enforcing naming schemes would address this, but that's not happening.
Worse, mdns establishes a new - in-nat - domain, called .local. I can't map .local back to a conventional dns cname. I could see, in the home, some sort of smart bind injector that looked for .local announcements and injected them back into conventional DNS with an A or AAAA record.
My nokia handhelds support mdns announcements (laz.local and lor.local), but don't support a mdns resolver! I'm still happy with this partial solution - as no matter where I go, me, and my "cloud" of devices can talk to each other.
CPM: NAT is the problem, but v4 created it. If we could wave hands automagically and get rid of NAT in favor of globally routed IPs we WOULD be completely out of IPs today, possibly several times over.
I am distressed at the weight and incompetence of the world bearing down on the Net. Have been for years. I'm trying to do something about it. What are you doing about it?
Lastly, I don't regard IPv4 as a crisis that must be solved today. It's not (yet) Y2K. I do regard IPv4 as a real problem in other parts of the world. I'm interested in IPv6 for about a dozen reasons, not least that it's a safe haven to experiment with new services and protocols. We still have some engineering time left to get it more right for the real world.
I do see NAT getting pushed further and further out into the cloud, which can (and does) disconnect people from important places like work and home. At some point the frog is going to roast in the boiling water.
I had a public IPv6 discussion in australia recently. Click there for the full discussion. Let me reprint parts:
Two recent examples of NAT is BAD:
1) A friend of mine had a video monitoring system on his storefront in San Juan Del Sur. He was behind quadruple NAT - his own, and the wireless provider there (of the 8 or so ISPs there, only one provides real ip addresses). His house, 1km away, had a different provider, different NAT - SIP between the two locations never worked, he's never got a working vpn, and a few other difficulties like that - but the real kicker: One day - he got robbed - the perps stole everything - including some of the video monitoring system - and because he couldn't monitor his site from his house 1km away, he has no idea who it was.
2) I was trying to get universal internet access out to 26 barrios in a 40 mile wide area - so, for example, a teacher in one location could video out to multiple locations - but again, due to the all the service providers involved, doing NAT, proved utterly impossible.
A reply was: "IPv4 is available to anyone and everyone who can justify its use. Put together a deployment plan, flash it in front of your RIR, and they'll give you as much IPv4 as you want."
To which I said: You haven't been to South America. In addition to those steps, you need to deal with the government owned ISP, smuggle in the gear, persuade (bribe) the appropriate officials, protect your cabling from being stolen, and it helps a lot to be married to a general's daughter, assuming his party is in power.
And in response to: "
That'll all stop in 2010. But in 2008 there's no justification for ISPs to impose multiple NAT due to 'address scarcity.'
The general's daughter I mention wasn't particularly pretty and had something of a coke habit..
Paperwork and politics clog the IPv4 Net - yet getting a /48 IPv6 address and addressing space bigger than the whole existing net to use is two clicks and one form away.
"It's a big universe next door, let's go!"
Okay, I'll bite again:
"NAT is the problem, but v4 created it. If we could wave hands automagically and get rid of NAT in favor of globally routed IPs we WOULD be completely out of IPs today, possibly several times over."
Would we? Or did the idiot-friendly happy happy mac-think implementation of NAT by all the vendors of wall-wart powered crap routers for homes, and the cube-think 'you don't need a clue to set up a network at work, just buy our magic gizmo and all the machines just magically configure themselves for a bright and wonderful tomorrow!' types create this horror? Not to mention the ISPs who were doing the 'mark to market' method of explaining to potential stock buyers that it didn't matter that they lost money on every account, they made it up in volume kinda insane money-think that led folks to roll out as large a network as they could without regard to whether or not they could actually support it or not.
For what is the internet useful? Porn of course, and to shove as much porn down the tubes as possible, NAT was needed.
Them intarwebs grew too quickly, and too shoddily. How this is v4s fault remains a mystery to me.
Let's take a step back in time, to Clinton-II, when Al Gore and incumbant president Clinton ran their second campaign partially on the platform that they were going to nurture the budding Information SuperHighway, rather than tossing it to the wolves of the cable and telcom companies to do with as they pleased. They -claimed- they were going to keep darpa's daughter under the auspice of the national science foundation and all that good stuff.
In a move reported only by Jack Rickard, Editor Rotundrus of Boardwatch magazine, After the election, MCI, AT$T, and Sprint got in a huddle, pooled a few dollars, and wrote a check for ~$600k to the democratic national campaign, and when VP Gore went into the house for the vote on what to do about the information superhighway, he did a remarkable about face, total change of heart and let slip the dogs of porn. We all remember exactly what happened next. Funny how no one remembers why. Folks like to blame Steve Case/AOL, but that's not wholly fair, at all. He was just doing what the rest of us were doing. Cashing in on a trend.
The downside of which is that it took the internet out of the hands of the scientist and educator types and put the intarwebs into the hands of the marketing departments.
-The End-
Again, how is this v4s fault?
Moving along, lemme plop my fat, grey bearded butt down in this chair, and spin you NATters a yarn.
my first 'internet' email was bang path uucp, when I finally got a real '@' email address, I thought I had arrived. My first usenet feed was a serial oki printer hooked up to a port on a perkin elmer mini at a friends place of work spooling sci.physics.fusion during the Pons and Fleischmann debacle. I thought this internet thing, which I called 'the unix network' because I was deeply clueless was really quite the stuff, much much more useful than my compuserve account, where I was active in the autocad community.
My first 'unix' account was a dialup to a 386 machine somewhere, that belonged to the local school system, it had 4 2400 baud modems, and it ran a flavor of unix, and I dialed into a shell account, and I could use WAIS to search for and requeset .txt files. Then come back a few days later, and xmodem my text files down, sometime with related graphics, and print out and LEARN STUFF.
Later, I discovered lynx. by then I had '@' email, which was tres cool, printed it on my social cards, which was pretty much meaningless. But this world wide web stuff was pretty interesting, much faster than wais, archie, gopher et al.
Then 1 IP address served dozens if not hundreds of people with amazing amounts of information.
Of course, a little later, I found I could get a real PPP dialup account for only about $50 a month, and become a 'node', at least for a dozen or so hours a week.
Now, that was interesting. And I wasn't anything like what may pass for a 'computer expert'. Although I was known a bit for habiting comic books shops, and occasionally wore a Cerebus tee-shirt, I worked in the trades, I was joe-sixpack.
A little later, (and only a matter of months before we met for the first time Mike,) I 'surfed' the 'world wide web' with a nsca mosiac browser. Wow! now I understood why 28.8 modems were needed. But it was pretty silly, truthfully, ppp wasn't nearly as efficient as other dial-up BBS transports, and in reality, it was a big waste of bandwidth, compared to a serial connection to a serial port on a micro/mini/mainframe with a 'real' connection, (that required a single IP address).
I could serve up an pretty reasonable community with everything they need with 1 IP address, and a pile of terminals. Heck, as sad as I am to say it, I could replace a library with a modestly powerful computer running a flavor of unix, 1 IP address and a bunch of terminals. It's EFFICIENT.
Let me restate my assumption.
"If IPv6 is the answer, perhaps you are asking the wrong question."
No, of course we can't turn back the clock on this, but consider please:
All of us, could have had this this or similar discussion with 1/100,000th the codebase/bandwidth/hardware/personhours
20 years ago.
But what about porn?
Okay, there you've got me. I could argue the merits of erotic literature versus the neural short circuit of full motion one handed mousing, and all the implications that entails, but why bother?
"NAT is the problem, but v4 created it. If we could wave hands automagically and get rid of NAT in favor of globally routed IPs we WOULD be completely out of IPs today, possibly several times over."
Would we? Or did the idiot-friendly happy happy mac-think implementation of NAT by all the vendors of wall-wart powered crap routers for homes, and the cube-think 'you don't need a clue to set up a network at work, just buy our magic gizmo and all the machines just magically configure themselves for a bright and wonderful tomorrow!' types create this horror? Not to mention the ISPs who were doing the 'mark to market' method of explaining to potential stock buyers that it didn't matter that they lost money on every account, they made it up in volume kinda insane money-think that led folks to roll out as large a network as they could without regard to whether or not they could actually support it or not.
For what is the internet useful? Porn of course, and to shove as much porn down the tubes as possible, NAT was needed.
Them intarwebs grew too quickly, and too shoddily. How this is v4s fault remains a mystery to me.
Let's take a step back in time, to Clinton-II, when Al Gore and incumbant president Clinton ran their second campaign partially on the platform that they were going to nurture the budding Information SuperHighway, rather than tossing it to the wolves of the cable and telcom companies to do with as they pleased. They -claimed- they were going to keep darpa's daughter under the auspice of the national science foundation and all that good stuff.
In a move reported only by Jack Rickard, Editor Rotundrus of Boardwatch magazine, After the election, MCI, AT$T, and Sprint got in a huddle, pooled a few dollars, and wrote a check for ~$600k to the democratic national campaign, and when VP Gore went into the house for the vote on what to do about the information superhighway, he did a remarkable about face, total change of heart and let slip the dogs of porn. We all remember exactly what happened next. Funny how no one remembers why. Folks like to blame Steve Case/AOL, but that's not wholly fair, at all. He was just doing what the rest of us were doing. Cashing in on a trend.
The downside of which is that it took the internet out of the hands of the scientist and educator types and put the intarwebs into the hands of the marketing departments.
-The End-
Again, how is this v4s fault?
Moving along, lemme plop my fat, grey bearded butt down in this chair, and spin you NATters a yarn.
my first 'internet' email was bang path uucp, when I finally got a real '@' email address, I thought I had arrived. My first usenet feed was a serial oki printer hooked up to a port on a perkin elmer mini at a friends place of work spooling sci.physics.fusion during the Pons and Fleischmann debacle. I thought this internet thing, which I called 'the unix network' because I was deeply clueless was really quite the stuff, much much more useful than my compuserve account, where I was active in the autocad community.
My first 'unix' account was a dialup to a 386 machine somewhere, that belonged to the local school system, it had 4 2400 baud modems, and it ran a flavor of unix, and I dialed into a shell account, and I could use WAIS to search for and requeset .txt files. Then come back a few days later, and xmodem my text files down, sometime with related graphics, and print out and LEARN STUFF.
Later, I discovered lynx. by then I had '@' email, which was tres cool, printed it on my social cards, which was pretty much meaningless. But this world wide web stuff was pretty interesting, much faster than wais, archie, gopher et al.
Then 1 IP address served dozens if not hundreds of people with amazing amounts of information.
Of course, a little later, I found I could get a real PPP dialup account for only about $50 a month, and become a 'node', at least for a dozen or so hours a week.
Now, that was interesting. And I wasn't anything like what may pass for a 'computer expert'. Although I was known a bit for habiting comic books shops, and occasionally wore a Cerebus tee-shirt, I worked in the trades, I was joe-sixpack.
A little later, (and only a matter of months before we met for the first time Mike,) I 'surfed' the 'world wide web' with a nsca mosiac browser. Wow! now I understood why 28.8 modems were needed. But it was pretty silly, truthfully, ppp wasn't nearly as efficient as other dial-up BBS transports, and in reality, it was a big waste of bandwidth, compared to a serial connection to a serial port on a micro/mini/mainframe with a 'real' connection, (that required a single IP address).
I could serve up an pretty reasonable community with everything they need with 1 IP address, and a pile of terminals. Heck, as sad as I am to say it, I could replace a library with a modestly powerful computer running a flavor of unix, 1 IP address and a bunch of terminals. It's EFFICIENT.
Let me restate my assumption.
"If IPv6 is the answer, perhaps you are asking the wrong question."
No, of course we can't turn back the clock on this, but consider please:
All of us, could have had this this or similar discussion with 1/100,000th the codebase/bandwidth/hardware/personhours
20 years ago.
But what about porn?
Okay, there you've got me. I could argue the merits of erotic literature versus the neural short circuit of full motion one handed mousing, and all the implications that entails, but why bother?
Mike: Being able to access "dishwasher.hm.taht.net" from anywhere in the world, is a different problem from your dishwasher being able to look up "hotsex.com", and the latter is the one I was talking about.
I think it's actually quite likely that the dishwasher will want to query DNS--perhaps it automatically downloads firmware upgrades from ge.com. But I'm unconvinced that anyone's going to want to take the hits in memory, complexity and traffic of having their dishwasher running a full recursive resolver. I think there's always going to be a place for DHCP or the equivalent to be giving out name server addresses, same as now, so stub resolvers can work.
However, your laptop doesn't to be limited to a stub resolver. You want DNS and you don't want to have to set up a DHCP server, just run BIND locally on each machine.
I think it's actually quite likely that the dishwasher will want to query DNS--perhaps it automatically downloads firmware upgrades from ge.com. But I'm unconvinced that anyone's going to want to take the hits in memory, complexity and traffic of having their dishwasher running a full recursive resolver. I think there's always going to be a place for DHCP or the equivalent to be giving out name server addresses, same as now, so stub resolvers can work.
However, your laptop doesn't to be limited to a stub resolver. You want DNS and you don't want to have to set up a DHCP server, just run BIND locally on each machine.
Chip: You'd have been preaching to the choir if you'd preached that way to me 10 years ago. Back in the early 80s I had an Apple and an IBM clone and they were nice enough, but true computing bliss was an adm3a terminal connected to a UNIX system with two dozen other users (and heaven on earth was the same thing but with a wyse 60 instead of a dam3a). I lived my life that way quite happily until 1994 (and to this very day I do my emailing via xterm and ssh to an open-access UNIX box with a couple of dozen other users).
But the world's moved on, we lost this war, and I ended up changing sides anyway. Nowadays there's wireless, devices connect and disconnect from networks willy-nilly, and I now think it's *great* for all kinds of devices to have their own IP addresses. The iphone? It rocks.
But, you give a globally-routable IP address to every iphone, IPv4 will be exhausted in a heartbeat. Say half of China and half of India buy iphones? That's a quarter of IPv4, poof, gone. And that's not even mentioning the fact that v4 was never designed for security. We need v6, and we're going to get it. I predict significant market penetration in the US no later than 2010, and ubiquity a few years after that.
But the world's moved on, we lost this war, and I ended up changing sides anyway. Nowadays there's wireless, devices connect and disconnect from networks willy-nilly, and I now think it's *great* for all kinds of devices to have their own IP addresses. The iphone? It rocks.
But, you give a globally-routable IP address to every iphone, IPv4 will be exhausted in a heartbeat. Say half of China and half of India buy iphones? That's a quarter of IPv4, poof, gone. And that's not even mentioning the fact that v4 was never designed for security. We need v6, and we're going to get it. I predict significant market penetration in the US no later than 2010, and ubiquity a few years after that.
I suppose I could just leave this where it sits, but that's just not like me.
Perhaps it has a lot to do with how I came to 'computing' as we understand it today.
My first brush with this stuff came from my experimentation with phone phreaking all those years ago. Yes, I call John Drapier a friend. Haven't talked to him in like 10 years, but I expect i will again someday. I cross paths with him every decade or so, and have since the 70s.
At the time, (the 70s) I viewed the Rise of The Machines(tm) as a predictable method of corporate control. Get everyone numbered, get everyone allocated what is needed to get them hooked up to the computers, then you can effectively control them. If they don't play nice iwth you, you just cut them off from their money, from their services, etc, and they comply. Done deal.
Of course, that was a world under Nixon, everything is so much better now.
I was one of Reagan's cold world soldiers. I got out of the service shortly before the wall came down, and the cold war was won, (or so we thought at the time). At that point, I thought -based in part on my military experience- that it was of supreme importance that 'we' all started to communicate. Computer networks worked well for that. I got into BBSes and so forth. With the idea, that this technology could perhaps be used not for monolithic top down control, but for eglatarian peer to peer communication and understanding, and all that entails.
As I stated earlier, we had everything we needed years ago to realize those ends. Even with the restrictions of IPv4.
Now, in order to realize the future as envisoned by Charles Stross in Accelerando, we need IPv6 and we need it yesterday. It's an interesting future, that begs at Richard Florida's concept of generation of wealth through creative endeavors over the old concept of 'hard work'. In a log of ways, I like it.
And in a lot of ways, i don't like it. The current model for this brave new world of Tomorrow is Google. Now, that Vinton Cerf pees on everything, is something very cool, and we need IPv6 to realise that. And Google, -which I think of as a bunch of ethinically ambiguous folks with body art, lots of pockets who are really smart, and have never known failure, and who think that they can avoid the very human tendancy to do evil by saying they won't do evil and hiring talent like Vint Cerf- is deep in bed with the likes of pretty much every totalitarian regime of note can name. It's an old saw, big, powerful, doesn't have to mean evil, it just always ends up that way.
We need IPv6 for the iPhone? So what? What does the iPhone bring to the table? It's a leech device. Yeah, sure, it's a cool gizmo, but that's all it is. Why -as a free community wISP provider- am I responsible for building out an infrastructure to support Steve Jobs? Folks don't use the iPhone to get on this blog and argue with me, they use the iPhone to, well, I don't know what they do with it. It doesn't make sense to me. It's like pr0n, it's 'pull' technology (heh). Sure, it doesn't /have/ to be that way, but that's how it is.
I dug about and tried to come up with a stat about how many iPhones had been manufactured, vs the number of XOs that had been manufactured, but no joy on that. But I think we all know what the story is. I just wanted a ratio.
The iPhone, and -by extension- Charles Stross's Accelerando future is a classic case of 'a little knowledge is a dangerous thing'. You can learn things from this type of technology, but it's a cursory knowledge. It's a sales/marketing person's knowledge.
The Ford 8N is a ubiquitous piece of equipment, practically the world over. You can find one if you dig around for about the price of a new MacBookPro. That coupled with a few acres of land outside the MCI-Worldcom campus in Ashburn Va, you could grow a lot of food, feed a lot of people. With a few text files, and some online forums, you could even discuss how to do a better job of it. Now, folks here in the west no longer think that is important. I think they are quite wrong. Richard Florida and other futurists would argue that this work is best done by the world's poorest folks, and all the food shipped via air freight to Wegmans where we all sit around the food court in hoodies with our iPhones and generate wealth by our creativity I suppose.
Okay, that sounded pretty harsh, and I don't actually feel that harsh. I am not a luddite, (neither was Ned Lud, but that's for another time). Quite the contrary, in fact, I believe in Richard Florida's vision, and think Charles Stross is really onto something. But I do see a *lot* of effort going into supporting technologies and infrastructures that don't actually *do* anything. There seems to be this overarching concept that if you just buy enough crap, then you will be happy. There isn't any empirical evidence to back this up. The iPhone doesn't solve any problems, the XO just might. How many XOs can you buy for the price of an iPhone (over a year). ?
IPv6 *might* solve some problems, but the lack of IP space isn't amongst them, I honestly don't think. Sure, it might become so. But if it does, it will be more along the lines of the 'Entertainment Industry' controlling your TV than it will anything else. It won't be about personal control and responsibility, it will be about corporate/government control without accountability.
Further, my base criticism of IPv6 is how poorly IPv4 is handled, from the allocations right down to the various DNS schemes to zone file maintenance. Still today, there are ISPs who don't know what a PTR record is. and IPv6 is going to fix this how?
Post a Comment
Perhaps it has a lot to do with how I came to 'computing' as we understand it today.
My first brush with this stuff came from my experimentation with phone phreaking all those years ago. Yes, I call John Drapier a friend. Haven't talked to him in like 10 years, but I expect i will again someday. I cross paths with him every decade or so, and have since the 70s.
At the time, (the 70s) I viewed the Rise of The Machines(tm) as a predictable method of corporate control. Get everyone numbered, get everyone allocated what is needed to get them hooked up to the computers, then you can effectively control them. If they don't play nice iwth you, you just cut them off from their money, from their services, etc, and they comply. Done deal.
Of course, that was a world under Nixon, everything is so much better now.
I was one of Reagan's cold world soldiers. I got out of the service shortly before the wall came down, and the cold war was won, (or so we thought at the time). At that point, I thought -based in part on my military experience- that it was of supreme importance that 'we' all started to communicate. Computer networks worked well for that. I got into BBSes and so forth. With the idea, that this technology could perhaps be used not for monolithic top down control, but for eglatarian peer to peer communication and understanding, and all that entails.
As I stated earlier, we had everything we needed years ago to realize those ends. Even with the restrictions of IPv4.
Now, in order to realize the future as envisoned by Charles Stross in Accelerando, we need IPv6 and we need it yesterday. It's an interesting future, that begs at Richard Florida's concept of generation of wealth through creative endeavors over the old concept of 'hard work'. In a log of ways, I like it.
And in a lot of ways, i don't like it. The current model for this brave new world of Tomorrow is Google. Now, that Vinton Cerf pees on everything, is something very cool, and we need IPv6 to realise that. And Google, -which I think of as a bunch of ethinically ambiguous folks with body art, lots of pockets who are really smart, and have never known failure, and who think that they can avoid the very human tendancy to do evil by saying they won't do evil and hiring talent like Vint Cerf- is deep in bed with the likes of pretty much every totalitarian regime of note can name. It's an old saw, big, powerful, doesn't have to mean evil, it just always ends up that way.
We need IPv6 for the iPhone? So what? What does the iPhone bring to the table? It's a leech device. Yeah, sure, it's a cool gizmo, but that's all it is. Why -as a free community wISP provider- am I responsible for building out an infrastructure to support Steve Jobs? Folks don't use the iPhone to get on this blog and argue with me, they use the iPhone to, well, I don't know what they do with it. It doesn't make sense to me. It's like pr0n, it's 'pull' technology (heh). Sure, it doesn't /have/ to be that way, but that's how it is.
I dug about and tried to come up with a stat about how many iPhones had been manufactured, vs the number of XOs that had been manufactured, but no joy on that. But I think we all know what the story is. I just wanted a ratio.
The iPhone, and -by extension- Charles Stross's Accelerando future is a classic case of 'a little knowledge is a dangerous thing'. You can learn things from this type of technology, but it's a cursory knowledge. It's a sales/marketing person's knowledge.
The Ford 8N is a ubiquitous piece of equipment, practically the world over. You can find one if you dig around for about the price of a new MacBookPro. That coupled with a few acres of land outside the MCI-Worldcom campus in Ashburn Va, you could grow a lot of food, feed a lot of people. With a few text files, and some online forums, you could even discuss how to do a better job of it. Now, folks here in the west no longer think that is important. I think they are quite wrong. Richard Florida and other futurists would argue that this work is best done by the world's poorest folks, and all the food shipped via air freight to Wegmans where we all sit around the food court in hoodies with our iPhones and generate wealth by our creativity I suppose.
Okay, that sounded pretty harsh, and I don't actually feel that harsh. I am not a luddite, (neither was Ned Lud, but that's for another time). Quite the contrary, in fact, I believe in Richard Florida's vision, and think Charles Stross is really onto something. But I do see a *lot* of effort going into supporting technologies and infrastructures that don't actually *do* anything. There seems to be this overarching concept that if you just buy enough crap, then you will be happy. There isn't any empirical evidence to back this up. The iPhone doesn't solve any problems, the XO just might. How many XOs can you buy for the price of an iPhone (over a year). ?
IPv6 *might* solve some problems, but the lack of IP space isn't amongst them, I honestly don't think. Sure, it might become so. But if it does, it will be more along the lines of the 'Entertainment Industry' controlling your TV than it will anything else. It won't be about personal control and responsibility, it will be about corporate/government control without accountability.
Further, my base criticism of IPv6 is how poorly IPv4 is handled, from the allocations right down to the various DNS schemes to zone file maintenance. Still today, there are ISPs who don't know what a PTR record is. and IPv6 is going to fix this how?
<< Home
