meta/LPAR

Thinking inside the Big Blue box.

Getting IPv6 enabled

I’m not usually someone who likes to live on the bleeding edge of technology, but I decided that this year I wanted to get enabled for IPv6.

When you type in a web URL, the address gets looked up in DNS, and turned into a raw IP address. It’s a bit like looking up a telephone number. The number is what the network actually understands.

The early 1970s Internet had 256 host addresses, and an additional 16 network addresses. Those ran out pretty quickly, so in 1981 the Internet was redesigned to have the familiar 4 byte addresses in common use today; for example, 208.77.188.166.

Unfortunately, the people who redesigned the Internet in 1981 still didn’t really expect everyone to use it. They certainly didn’t expect that people would be connecting coffee machines, telephones and toasters to it. Our house has 10 devices that connect to the Internet, and we’re not particularly gadget-obsessed.

That’s why your home Internet access is probably via a wireless router. The router uses NAT to make everything in your home appear as a single device with a single address, at least as far as the rest of the Internet is concerned. The downside is, you end up with all kinds of problems with incoming connections, because the router has to know where to send each packet of incoming data. The shortage of IP addresses is also why most ISPs make you pay extra if you want a static IP.

So if you’ve ever had trouble chatting via IM, if you’ve ever had trouble with video chat or voice over IP, if you’ve ever had difficulties sharing files, if you’ve ever been unable to set up a web site or FTP server on your home computer–it’s all indirectly because of the IPv4 address shortage.

There’s a solution: IPv6. It expands the address space from 4×8 = 32 bits to 128 bits. That’s over 4 quadrillion IP addresses for each star system in the observable universe. If we assume they’re all like the solar system, and that every planet has an earth-like population, that’s 67,000 IP addresses per person. Not that the address space is being carved out that way, but it illustrates that there’s plenty of room for growth.

As well as solving the address shortage problem and getting rid of NAT issues, there are a lot of other technical reasons why IPv6 is better than IPv4, and it was standardized 10 years ago. So why aren’t we using it?

One problem is that because America built the Internet, America also got in early and hogged all the IPv4 addresses. So while the addresses might be running out, most US corporations aren’t really feeling the pain yet. This is why most of the ISPs offering IPv6 are in Asia.

A bigger issue is that the IPv6 and IPv4 Internets were initially disconnected. That is, if you had an IPv6 connection, you couldn’t reach IPv4 hosts, and vice versa. That problem has only recently been solved in a painless manner.

The first part of the solution is 6to4. It provides a standard way to take an IPv4 address, like the address issued by your ISP to your cable modem, and convert it to IPv6. Your router can take IPv6 traffic from your network, wrap it up inside IPv4 packets–setting the IPv6 it calculated as the reply-to address–and send the data to a 6to4 gateway. The gateway is a system which has both an IPv4 and an IPv6 connection. It unpacks your data and sends it over the real IPv6 Internet. The IPv6 Internet can then reply by stuffing IPv6 data inside IPv4 packets and sending them to your router. Your router unpacks the data and sends it across your home network as real IPv6.

The net effect of all this is that with the right router, it can look as if every machine on your home network is connected directly to the IPv6 Internet, even if your ISP only offers an IPv4 connection.

RFC 3068 is the second piece of the solution. It defines a magic IP address, 192.88.99.1, which is automatically routed to your closest 6to4 gateway.

So, if you can ping 192.88.99.1, you can have IPv6 right now–as long as you have a router that understands IPv6 and 6to4.

Once again, Apple are leading the industry. While big names like Linksys haven’t bothered to implement 6to4 in home routers yet, Apple’s Airport Extreme (and Time Capsule) make it simple.

How simple? Step one is to open the Airport Utility program. Step 2 is to click your Airport device, and choose the manual setup button to get the “expert” interface. Step three is to click on the Advanced tab, then IPv6, and set the dialog as follows:

IPv6 configuration on Apple Airport Extreme

Save the changes and you’re done. You might need to take your computer off the network then reconnect in order to force it to notice, but then you should find that your computer suddenly has an IPv6 address that starts with “2002:”, the standard prefix for 6to4. If that’s the case, you should then be able to browse IPv6-only web sites like ipv6.google.com. You can also go to www.ipv6.org to verify your IPv6 address; and if you go there from different machines on your home network, you should see that each of your machines now has a distinct address.

Posted by meta on 2009-01-20 | Posted in Macintosh, Standards | Tagged , , , | Comment

IPv6 with Bonjour/Zeroconf in Ubuntu

I’ve decided that 2009 is the year I go IPv6, so I’ve been getting all my machines ready. The Macs were no problem, of course: they work with IPv6 without doing anything. Linux is more problematic.

Ubuntu 8.10 and up support IPv6, but come with it turned off in places. The first place is /etc/avahi/avahi-daemon.conf where the line

use-ipv6=no

needs to be changed to

use-ipv6=yes

The second place is /etc/nsswitch.conf where the hosts line should read

hosts:          files mdns4_minimal [NOTFOUND=return] dns mdns4 mdns

After doing this, you should find that you can ping6 -I eth0 macname.local and have it work.

However, your regular IPv4 ping may have stopped working; mine did. It seems that Avahi doesn’t always advertise both protocol versions by default. So you need to go into all your Avahi service definition files in /etc/avahi/services and make sure that the <service> element explicitly identifies which protocols should be advertised as supported. For example:

<?xml version="1.0" standalone='no'?>
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
<name>hostname-goes-here</name>
<service protocol="any">
<type>_ssh._tcp</type>
<port>22</port>
<host-name>whatever.local</host-name>
</service>
</service-group>

One exception is netatalk, which doesn’t appear to support IPv6 at all yet. For that service, you’ll want to use <service protocol="ipv4">

A few other application notes:

LigHTTPd requires server.use-ipv6 = “enable” in lighthttpd.conf.

OpenSSH has no way to specify interface, so your Avahi IPv6 addresses won’t work.

Posted by meta on 2009-01-06 | Posted in Linux, Macintosh, System administration | Tagged , , , , , | Comment

Bloat illustrated

I just noticed this:

Bloat in Adobe Help Viewer

A number of things are wrong here. The first is that Adobe Updater apparently didn’t realize that Adobe Help Viewer 1.1 could replace Adobe Help Viewer 1.0. Why do I assume that it can? Because if you open the package for an Adobe application and root around, you’ll find that the help files are just HTML pages.

The second problem: The two versions of Adobe Help Viewer don’t seem to recognize each other’s files. If I run 1.0, I get the help for Adobe Reader; 1.1 gives me the help for Photoshop Elements. If I remove 1.0, Adobe Reader’s help function stops working entirely.

The third issue is that version 1.0 was correctly installed as Intel native, but 1.1 is a Universal binary. If the installer could get it right, why couldn’t Adobe’s fancy updater?

Fourthly, even allowing for 1.1 having two copies of all the code (let’s call it 2x400KB), what’s the cause of the other 2MB of bloat? Running the two versions, the only functional difference seems to be that the search box was moved in 1.1, and now allows you to search across all your help files at once. Not 2MB of improvement, in my view. And given that the OS provides an HTML renderer and a full text search engine with HTML support, what’s the other 2.6MB of code in that help viewer doing?

If I run Adobe Reader, it tells me that version 9 is available, and instructs me to click to download it. However, clicking doesn’t do anything. The Adobe updater doesn’t seem to know that Reader 9 is available either.

All in all, it looks like Adobe have some serious quality control and software engineering issues. What’s the point in bloating your applications with custom help and custom installers, rather than using the standard OS facilities, if your custom reinvented wheels are square ones?

Posted by meta on 2008-12-16 | Posted in Macintosh | Comment