Task done.

A while ago I started on what has turned out to be the long process of making everything I do available via IPv6. This evening I'm as far as I can go!

My initial problem was in getting a working IPv6 connection to my servers. I purchased a Cisco 1721 via eBay, and upgraded it with extra RAM and an interface card for ADSL. That, though, turned out to be the easy part of the process. Cisco routers like the 1721 use Cisco IOS as their operating system and though there are a number of sites online which have information about scripting the connections they aren't actually, well, 'complete'. In the end I was using guidance from New Zealand, Canada, and many other places to get some semblance of the right code to make it work.

Except it didn't.

Nothing would squeeze through my pipe, neither IPv4 nor IPv6. Eventually, one evening I decided on a 'do or die' approach (or rather 'stay awake until done no matter how long it takes') and managed to find some useful assistance from a tech support bod at one of my ISPs who tested from his end as I was testing from mine. In the end we had that sort of breakthrough like they had when digging the channel tunnel as suddenly the floodgates opened and traffic was passing this way and that.

But the next step was getting the various DNS services I make use of to have operating AAAA records so that my newly-IPv6'able websites could be reached. In two cases this required me asking the registrars to actually support IPv6 records (and I'm still waiting on one of them). Then, once I allocated all the addresses I needed I had to go through and update the host records for all the different sites and sub-sites. Which was a few more than I had thought it was. Over a hundred, in fact. But about 30 minutes ago that task too was complete and, as far as I can tell, they are all working just fine now, whether being accessed the 'old-fashioned' IPv4 way, or via the 'new-fangled' IPv6.

And most people will have absolutely no idea that anything has changed! Ah, the joys of being a tech geek.

Onward the Future

We're fast approaching World IPv6 Day in June and, after a few hiccoughs, my servers now have an allocation of the IPv6 address space. The next step — which I have been working on for the last few days — is making my router (a Cisco 1721) 'do the business'. This requires designing what is laughingly called a 'recipe' for how the box works to connect my network with the wider internet in such a way that it maintains the current IPv4 service whilst adding on the new functionality.

Hopefully I will have this working before the end of the month!

Coming in June

This year has already seen the exhaustion of the IPv4 address supply and the move to the future — IPv6 — really needs to get moving now. As part of that there will be a "Global IPv6 day" on June 8th.

You can test your IPv6 connectivity here . You'll probably find you only have v4 connectivity presently, but still sensible to start checking and working towards the 'next generation'.

The tweak that broke

Yes, I had a little accident ;-P

With the increase in technology came an increase in what I'd like to do with that technology, specifically be able to offer secure (https://) connections for security purposes on some of the sites I host. And although there have been moves to make virtual hosting of port 443 secure sites possible, they rely on changes to browsers which — as we all know — are a bit like a brick swimming against the prevailing current. Instead, therefore, just as with the ten year old specification of IPv6, we are required to use one IP (v4) address for each secure connection we wish to enable. So I obtained an increase in my IP allocation from a /29 (five effective addresses) to a /28 (with thirteen). Plans were made for a nice, smooth transition using proper scheduling of DNS and MX record changes when … I accidentally pulled the power on the modem-router and the change happened instantly. Without any of the advance setup.

Needless to say I was grateful for being the only person around at that moment as the world was filled with my choice 'language' about the unfortunate event, and I set to in trying to recover the systems. And, for the most part, I got the connections working again within the hour save for waiting for DNS servers around the world to play catch-up.

But e-mail wasn't arriving. My (Zimbra-based) mail server cold send messages out fine, but nothing seemed to be coming inbound. Eventually this was traced to a configuration error with my carrier this afternoon and they reset their end of things. Great? Well, no actually. At this end I lost all connectivity entirely. The outside world could see my router, yet I couldn't get beyond it. Three hours later the software-hardware-firmware-network interactions were finally resolved, I'm happy to say, so now everything should by A1 Bristol fashion.

That three hours without any connection was a bit scary though …

Going v6

As it happens, my car is a V6. but I'm wanting here to mention the 'upgrading' of Internet Protocol to permit wider access.

Back when Vint Cerf and Robert E. Kahn developed the 'new' "Internet Protocol" to enable machines to connect to each other (replacing the old point-to-point method) they came up with the idea of assigning an "Internet Address" to each one. It was a 32-bit number and is nowadays usually written as something like "123.45.67.89". It works pretty well and domain names — such as alisonw.com — get converted into one of these numbers, as does the machine you are reading this on.

Thing is, that design (actually ' IPv4' but the one which because widespread) created a limit on the numbers of machines which could be connected to the internet at one time. 4,294,967,296 of them — which is a whole lot of computers, clearly! And in 1980 it was thought (quite reasonably) that the idea there would be more than four and a quarter billion computers on the internet would have been considered completely crazy. But now, almost thirty years on, we are connecting mobile phones, netbooks, IP telephones, webcams, even toasters directly to the internet — and in many cases keeping them online 24 hours a day, not giving others an opportunity to use the same number — so that 4,294,967,296† just won't be enough anymore. Indeed, ARIN ( American Registry for Internet Numbers) reckon they'll run out next year!

So a few years back — ten, to be precise — a new numbering system was created. IPv6, as it became known, allows for massively more 'things' to be connected at the same time. In total it would be possible for just over 340,000,000,000,000,000,000,000,000,000,000,000,000 computers, phones, televisions, mobiles, whatever to be online at the same moment. That is 37 zeroes, by the way, or roughly 4,500,000,000,000,000 for every known star in the universe. So plenty of room for expansion without, one hopes, having to go through another redesign for an awfully long time.

But one of the issues about IPv6 from a server room or end-user viewpoint is that it is rather like the switch from analogue to digital television, or from VHS tape recording to DVD burning. Some of the kit can be made to work on both, but often software or hardware changes or additions are required to utilise the new IPv6 properly. And once you've moved on you can't then plug back into the old again. Most computers now will work on both, but most mobile phones. And the networking kit — the routers, modems, switches — quite probably won't unless they are very recent (or very expensive). So not only does the intermediate equipment all have to be upgraded (ie. replaced) but also how to get the new and the not-so-new-but-still-connected stuff to talk to each other needs to be sorted out. Disruption of the internet then is pretty much guaranteed. When? about three to five years, probably.

I recently upgraded the network kit in my server room and thought I had spec'd IPv6 capable kit throughout. It was only afterwards I discovered misleading marketing in that the ADSL router considered "IPv6 capable" as meaning "IPv6 on the internal can be converted to an IPv4 tunnel outside" which is, of course, pretty useless if you wanted native IPv6 on both sides.

One also has to consider the major rewrites of code (and database schemas) in moving from v4 to v6 nomenclature. And how many systems are embedded or non-upgradeable? How mission-critical are they? Is it more cost-effective to keep them - at the risk of degraded network performance overall - rather than replace them to take advantage of the IPv6 opportunities.

IPv6 was created ten years ago, and most of the internet backbone already supports it. Your ISP though is probably still working out how to provide it to you — and when. Yes, it will come, indeed it has to come, but "when" is a financial decision as much as a a technical one.

† Actually, not all of those are available for use as some are reserved for special uses, and every router in the chain between you and the site you want to use also requires an address.