At http://apenwarr.ca/log/?m=201103#28 writes about why he hopes IPv6 never takes off. It refers to a somewhat old article from Dan Bernstein.
It’s important to start by realizing that his major contributions to open source and open standards are qmail (sends every email as a seperate SMTP session, even if two users are on the same host), djbdns (which fails to cache NXDOMAIN results properly, a subject that took up 30 minutes at a IETF session today), and that he’s essentially abandonned both projects. Qmail was abandonned (from what I understand), in such a way that due to the license, nobody could fork it, or even really officially distribute patches.
Dan’s point that the protocols are not compatible is true. IPv4 can’t connect to IPv6. But, IPv6 can connect to IPv4, and I’ve done this regularly. It’s called NAT64, and you can read about it at: http://datatracker.ietf.org/wg/behave/ the document is draft-ietf-behave-v6v4-xlate-23, which by the time google indexes this, will likely be released as it’s in AUTH48 review on 2011-03-28.
Is this long in coming? Yes. We (the Internet standards commuity) didn’t think that the ISP community would be that slow to get it.
The writer above says things about IPv6 and IPsec, staying that IPv6 must be unpopular because it was invented at the same time as IPsec. IPsec certainly isn’t popular, the open source (*BSD and Linux Kernel) implementations are hard to use, and the Windows version is worse… yet, it’s used intensively by enterprises world wide… and oh, btw, HTTP was standardized at the same time as IPv6 and IPsec.
The writer goes on to explain why having 256Megs of ram just isn’t an issue. The writer is right. Now, if you want to do lookups in a longest prefix way, that’s another thing. Let’s you do use standard ram, not a CAM (Content-Addressable-Memory).
The author might think that you can do 833 ram accesses per microsecond on his 833Mhz front-side bus. Not true: you can transfer 833 words per microsecond, once your ram has retrieved it. Retrieving it (doing the addressing) takes somewhere around 100ns of time. How long varies by technology, but it’s not on the order of 1ns. So, you can lookup 10 destinations addresses per microsecond. If you do this as a Patricia tree with 8-bits per rank, then you need 3 accesses to lookup a /24. If you collapse it and use 24-bits per rank, then you can do it with 1 lookup.
At 3 accesses per lookup, then you need 300ns per lookup, or you can forward 3 million packets packets per second. So, 10Mb/s has 15,000 minimal sized packet/s, 100Mb/s has 150,000/s, 1Gb/s has 1.5M/s, and 10G/s has 15M/s.
What this means is that using today’s DRAM technology, you can build an Internet router to the speeds of 7 years ago.
The author then writes about Moore’s law. There aren’t 10 doublings left. I have a 6 year old P4 laptop at 1.6Ghz. There have been therefore 4 doublings since. I should be able to buy a 12Ghz laptop now. Where is it? (No, quad-core 3.2Ghz doesn’t count)
Now, we come to the usual IPv6 is useless… we’ll just use NAT. Great. NAT is great when you control the firewall. Let’s see how you like it when there are three layers, one you control, one is at your ISP, and the third level is controlled by your local government. No more servers without a license.
Almost all the Peer to Peer proposals either use a gateway (which needs gobs of bandwidth, and a public IP), or use UDP. Doesn’t work for TCP.
I’d also like ask if the real 192.168.1.101 could please stand up, you seem to be sending me a stream of packets to a port that is closed, and I’d appreciate it if you could stop.
Finally, the writer talks about memorizing IPv6 addresses. I don’t. I don’t memorize IPv4 either. I use DNS. Why would you need to memorize your IPv4 addresses? Oh, you can’t use DNS, because all your machines are behind at NAT… right. Oh, and did you notice the HTTP virtual hosts don’t work if you use the IP address of the host instead of the name?
When you go to your friends’ house he can’t ping you by name because you haven’t turned on DNS, and because you are behind at NAT, you can’t do DNSUPD to update your DNS.
Windows abandonned their NETBIOS stuff — it didn’t work. They switched to multicast DNS, which you can run today (and since 2000) on Mac and Linux.
So, the writer has basically said: all the servers can use DNS and HTTP virtual hosting to run on a single IP. But, DNS doesn’t work, so don’t use it.
Server side NAT, btw, is called a firewall. I used to sell them in 1995.