backtop


Print 21 comment(s) - last by EricMartello.. on Mar 15 at 4:24 PM

China's state ISP rolls out next generation standard

The ever-present desire for censorship may be the carrot, but for whatever reason China has a head start on adopting IPv6.  Even as the U.S. moves sluggishly towards the next generation internet address protocol, 3TNet -- China's state-provided broadband internet and public video service -- has made the switch.

The upside of IPv6 is one that's likely highly desirable in China -- more space.  IPv4, the previous standard, only allows 4.3 billion unique web addresses.  With over a billion people, China may surpass that total in domestic pages alone.

IPv6 is also expected to beef up security.  Using a technology called Source Address Validation Architecture (SAVA), IPv6 networks establish a relationship based on multiple trusted interactions across a network.  This can help beat so-called "IP spoofing" attacks, and advances the current version of IPv6 over less secure earlier versions.

A U.S. Navy sponsored report made public this week, authored by the New England Complex Systems Institute, listed identity trust and the lack of addressing space as the two biggest shortcomings of the widespread and successful IPv4.

China internet
Running out of room, China has turned to IPv6 for more space and security.
[Image Source: Digital Trends]

That's not to say IPv6 doesn't have its potential problems as well.  While the new protocol increases addressing space by 80 trillion or so, some fear it provides too fine grain identification, eliminating anonymity on sensitive locations like private networks.  There's also fear that the technology's ability to uniquely identify traffic sources could be overstated by the layman (as people could still hack into your device and do mischief on your precise IP).

Ultimately China may be eager to de-anonymize its citizens as well.  The nation has long fought to control its citizens' internet activities; now it has a far finer form of tracking.  However, it may not be immediately available to bump its domestic surveillance capabilities, as the extra information requires extra data mining and new analysis algorithms to store and process into useful results.

Ethernet Cables
[Image Source: Boot Click]

For now, Chinese citizens are mostly enjoying the benefits of IPv6 alone -- more space and more security.  Donald Riley, an information systems specialist at the University of Maryland, who also chairs the Chinese American Network Symposium, says that China is far ahead of the U.S. in IPv6 deployment.  In an interview with New Scientist, he comments on 3TNet, "China has a national internet backbone in place that operates under IPv6 as the native network protocol. We have nothing like that in the US."

China is also leading the U.S. in some other high tech ventures, such as deploying high speed rail.

Sources: RSTA [abstract], New Scientist



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

NAT
By Ammohunt on 3/11/2013 7:20:21 PM , Rating: 2
With NAT the need to switch to IPV6 is diminished. If IPV6 wasn't so complex the uptake would be higher by organizations and tech enthusiasts. Personally I see little benefit at this point for organizations or individuals to switch.




RE: NAT
By Reclaimer77 on 3/11/2013 7:54:14 PM , Rating: 2
Yeah and we thought getting our CCNA was hard lol? Just wait if IPV6 goes mainstream!


RE: NAT
By Skywalker123 on 3/11/13, Rating: -1
RE: NAT
By dgingerich on 3/11/2013 9:21:43 PM , Rating: 5
Actually, ipv6 is easier in many ways and equal in many ways compared to ipv4. The addresses are just longer. I've been working on it for a while, praying we'd get our butts moving to it. There's just too many lazy network admins out there.


RE: NAT
By poi2 on 3/11/2013 11:49:57 PM , Rating: 2
quote:
"With NAT the need to switch to IPV6 is diminished"

Ouch, that is a "complex-language" indeed.

~ Let me translate that for the employers :
_ "You need to hire IPV6 - not lazy - Admin"


RE: NAT
By hpglow on 3/12/2013 12:43:58 AM , Rating: 3
NAT is exaclty why there is no excuse to not having IPV6 enabled on the internet. At this point from our modem on could be IPV4 and the broad internet could be based on IPV6. I've been out of college for 4 years and this was a hot topic then. It just needs to get done. NAT was a stop-gap solution from the start. The fact that we are discussing this in the first place is inane like it is some kind of new revolutionary solution to the address shortage. The problem arose mid 90's! Not last week. So we have had to use this workaround for almost 20 years so far. Connected devices aren't reducing in number over the years, therefore we need more address space.

Following this logic we should call up all the device makers and tell them 2GB of ram is enough forever because we don't want to bother with 64-bit memory addressing. Or why even stop there we could just run our computers with 64KB / 1MB / 16MB (depending on pinout) of ram because that was 16-bit and simpler and easier, why try and move forward?.. Let's just keep it simple.


RE: NAT
By vol7ron on 3/12/2013 1:15:02 AM , Rating: 2
Agreed. NAT is a patch for backward compatibility and shouldn't be an argument for the reverse, especially since it has it's own limitations.


RE: NAT
By Ammohunt on 3/12/2013 3:09:17 PM , Rating: 2
But NAT is not viewed that way in large and small organizations its viewed as SOP. There is no cost benefit for companies to switching to IPv6 and in most cases the opposite is true for companies running less than modern switching equipment that doesn't support both IPv4 and IPv6 simultaneously couple that with training and simple things like application compatibility and you have a gigantic expense with zero ROI(other that being the cool kid early adopter). I don't see anyone or and standards body successfully selling IPv6.


RE: NAT
By Milliamp on 3/12/2013 12:51:56 AM , Rating: 2
Actually because the migration strategy is mostly dual stack we need to move quickly.

Dual stack requires use of both IPv6 and IPv4 through a transition period. What that means is we can't wait till after we are out of IPv4 addresses before we start using IPv6.

People are just kind of sitting around not doing much of anything because everyone assumes we can just start handing out IPv6 addresses after we run out of IPv4 addresses with no issues and that isn't true.


RE: NAT
By vol7ron on 3/12/2013 1:16:55 AM , Rating: 2
Well most consumer products will more than likely be okay, and large businesses are probably up to speed. It's the small businesses that have been hovering on dated technology to keep costs low that more-than-likely need to upgrade.

Most major ISPs don't have a problem and they make sure rented equipment stays up to date.


RE: NAT
By Uncle on 3/13/2013 12:42:16 AM , Rating: 2
"If IPV6 wasn't so complex" There you go again telling the whole world why the US hasn't adopted IPV6 and the Chinese have, its so embarrassing.


RE: NAT
By EricMartello on 3/15/2013 4:24:48 PM , Rating: 1
IPv6 just looks more complicated because it's longer. The actual scheme is pretty easy to understand. Instead of "." they use ":" and instead of 4 groups of 3 decimal (0-255) we have 8 groups of 4 hex (0000-FFFF)...the concept is essentially the same thing.

The nice thing is that IPv6 addresses can be abbreviated using a "::" to indicate that the groups in that spot would be all zero values. Instead of using 127.0.0.1 you can just write ::1 for the local loopback.

An IPv6 address that is written out as:

0A28:0000:0000:0000:0000:0000:0000:0001

Can be written short like this:

A28::1


Increased by 80 Trillion?
By The Insolent One on 3/11/2013 7:27:13 PM , Rating: 2
quote:
While the new protocol increases addressing space by 80 trillion or so, some fear it provides too fine grain identification, eliminating anonymity on sensitive locations like private networks.


I don't know where the 80 trillion IP increase number came from but the smallest IPv6 allocation I've seen is 18.4 quadrillion IPs.

If 18.4 quadrillion is the smallest allocation, wouldn't the increase be *way* more than 80 trillion?




RE: Increased by 80 Trillion?
By dgingerich on 3/11/2013 9:19:56 PM , Rating: 2
http://en.wikipedia.org/wiki/IPv6

quote:
allowing for 2^128, or approximately 3.4×10^38 addresses,


yeah, that's a few more than 80 trillion.


RE: Increased by 80 Trillion?
By inighthawki on 3/11/2013 10:20:36 PM , Rating: 1
I'm not sure why they bothered going for 128 bit addresses. 64-bit addresses are more than enough to give every person and company on the planet a million times more addresses than they could feasibly use.


RE: Increased by 80 Trillion?
By drycrust3 on 3/12/2013 6:09:07 AM , Rating: 1
Because IP addresses are like Moore's Law, where the increase in CPU speed creates a demand for more speed, so the same applies for IP addresses: having more gives people new ideas on how to use the surplus addresses, which in turn creates new demand for the addresses.


RE: Increased by 80 Trillion?
By Solandri on 3/12/2013 2:26:39 PM , Rating: 2
Not in this case. The number of IPv6 addresses is enough to give about 50,000 trillion trillion unique IPs to each person on earth. Even with Moore's law, there's no way we'd ever use all of them.

The reason they made so many addresses is for sparse allocation. Just because an entity has been assigned a block of addresses doesn't mean all those addresses will be used. In fact the worst case is if all those addresses are used. You don't start off at an address of 1, assign the next person 2, the next person 3, etc. You assign blocks of addresses to countries, which assign blocks of addresses to ISPs, which assign blocks of addresses to customers like companies, which assign blocks of addresses to departments, which assign blocks of addresses to LANs, which assigns an individual IP to each computer.

At each step of the above, you want to assign more addresses than the country / ISP / customer / etc could ever conceivably use. That way not only are all the addresses that entity receives contiguous, but you never have to revisit it and allocate them more (non-contiguous) addresses because they used up everything you initially allocated to them.

So there ends up being a lot of addresses which could potentially be used but never are. You want your IP space to be big enough to cover all this potential use without running out of numbers.


RE: Increased by 80 Trillion?
By dgingerich on 3/12/2013 8:11:01 AM , Rating: 2
I, personally, have 6 computers (three desktops, a laptop, and two tablets) and one printer that use IPs. In addition, I have a total of 14 virtual machines that I use for training. So, without NAT, I would be using 21 IP addresses. That's up from just 8 a year ago. Who knows how big virtualization is going to inflate these numbers. I'd say there's significant cause to consider 128-bit addressing.


RE: Increased by 80 Trillion?
By mcnabney on 3/12/2013 10:14:12 AM , Rating: 4
but you ARE using NAT. Which means that you could have thousands of devices, but still use the same number of IP addresses - one. So in your lifetime your IP address consumption has stagnated at one.

Technically we could forgo IPv6 if all ISPs would virtualize, but the transition is inevitable and ultimately simpler.


RE: Increased by 80 Trillion?
By talikarni on 3/12/2013 3:59:24 PM , Rating: 2
Thats the issue though. There may be billions of routers all using 192.168.x.x, which is fine for smaller internal networks.... but once you start figuring in all the devices, connections, routers, etc, then all the websites, the main issue becomes routing. Lets use my house for example: modem, 2 routers, 2 smart phones, 3 tablets, 2 printers, 9 PCs, 4 Virtual machines, 2 Wiis, PS3, wifi streaming music player device... that is 28 in a single household. Add in new devices coming out like smart TVs and new smart fridges and so many more connected devices, and it would easily come to over 100 per household, and 1000 per small business.
DRS (dynamic routing servers for IPv6) will need to know where that IPv6 address is since it cannot rely on NAT or DNS anymore. When the home has 3 dozen IPv6 connections, how is the DRS to know your location without some sort of "here I am" algorithm, which is where the privacy concerns come in? Sure, new IPv6 compatible routers could be set to keep a register of each IPv6 address for internal routing, but what happens when it gets a request from the outside world for an internal IPv6 device/address or the router gets hacked? This is why China speeding ahead with this without proper security in place is just a bad idea, and internal versus external IPs are still needed. The current flawed IPv6 is too much like modern Mac addresses, each device is unique, there is no separation of the internal network and external network addresses, so routing becomes massively more complex on a large scale.

This is why IPv6 sounds good on a large scale, but for small scale home or small business usage, there is no need to upgrade when the current system works fine.


RE: Increased by 80 Trillion?
By menting on 3/12/2013 9:18:56 AM , Rating: 2
with the pain of getting people switched over from ipv4 to ipv6, you probably only want to do this once ever, so 128 bits is a good idea.


"People Don't Respect Confidentiality in This Industry" -- Sony Computer Entertainment of America President and CEO Jack Tretton














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki