North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: IPv6 Wow

  • From: Nathan Ward
  • Date: Sun Oct 12 23:02:10 2008
On 13/10/2008, at 3:46 PM, Daniel Senie wrote:
At 06:05 PM 10/12/2008, Nathan Ward wrote:
On 13/10/2008, at 9:53 AM, Stephen Sprunk wrote:

Mikael Abrahamsson wrote: 
This brings up an interesting question, should we stop announcing
our 6to4 relays outside of Europe? Is there consensus in the
business how this should be done? I have heard opinions both ways.


I can understand why some folks would say stop, but unfortunately
Europe has the closest public 6to4 relays to the US, and our own
providers don't seem to want to put any up.  That means 6to4 will
break for a great many folks who _are_ trying to use IPv6 (like
developers trying to get ahead of the curve and make sure their apps
don't break when the transition finally happens) but whose providers
haven't clued in yet.


I'm sure I sound like a broken record to some, but whenever I see
these comments I feel the need to step up and correct them, until I
don't see them anymore.

By far the biggest end users of IPv6 are non-experimenters. Real end
users, many of whom do not know what an IP address is.

6to4 is enabled by default in Vista - any Vista machine with a non- RFC1918 address will use 6to4. It is also available in some linksys
routers, and is enabled by default in Apple Airport Extreme.

Not to rain on anyone's parade, but it'd be interesting (and difficult, unfortunately) to know how many Vista machines are actually on non-RFC1918 addresses. Corporate users are in many cases staying with XP for a while, but they're more likely to have public space than most. A great many home users have a cheap NAT box that provides RFC1918 addresses.

I do wonder whether where the Vista machines on public IPs really are. I also have to wonder if performance is really better when those users are routed over 6to4 in Europe from, say California, or whether they'd actually get better performance if they stuck in a NAT box, resulting in their using IPv4 instead?


Don't worry, you're not raining on my parade if that's what you're concerned about. I don't like Vista/XPSP2 having 6to4, Teredo is the protocol designed to connect end hosts to the IPv6 network. That works through NAT, and is enabled by default on Vista.
6to4 should existing in CPE devices, etc. not in end hosts. Cue religious war.

Also, Windows boxes that are part of a domain will only try ISATAP and native IPv6 - they will not attempt to tunnel IPv6 over IPv4 using public relays (ISATAP is an internal thing).

I did a bit of stats, and roughly 95% of packets leaving an ISP's aggregation layer were from hosts behind NAT (look at TTL, make assumptions based on initial TTL). So, 6to4 is only on 5% of customers, assuming that % of packets and % of customers are roughly equal.


Here's a mini-rant I had about Teredo traffic offlist when someone said they had very little 6to4 traffic. I thought it was on-list.

begin.
I suspect you'll find that Teredo contributes to a very large amount of it, but you won't be seeing it as you don't have a local Teredo relay (in my understanding of your network, anyway :-)
Even then you won't see Teredo<->Teredo, or Teredo<->NonTeredo when NonTeredo is on another network.

An interesting way to get a rough idea of how much Teredo<->NotTeredo is going on is to look at the packets going to teredo.ipv6.microsoft.com port 3544/UDP.
Every Vista/XPSP2 Teredo client will send a UDP packet there every 30 seconds (IIRC), and then another packet for every new NonTeredo host it wants to talk to. Source UDP port is generally static and unique for each client host, so you can get an idea for unique number of hosts.

The periodic packets are going to be 68b (of IPv4+UDP+IPv6 = 68b), whereas the new-connection packets are going to be at least 76b (IPv4+UDP+IPv6+ICMPv6+Echo Request = 76b, then there's also the ICMPv6 Echo Request payload). Obviously you want to add 14b if you've got ethernet headers and what not.

If you have netflow anywhere, you should be able to ask it an appropriate question with the above info.

That'll tell you number of end-to-end connections there are which may give you some insight there.
If you've got a netflow exporter, I'd be more than happy to run stats over the data to figure out what amount of Teredo there is.
end.

--
Nathan Ward