Feeds

Finally, it’s the year of Linux on the desktop IPv6!

Are you following protocol?

Internet Security Threat Report 2014

Sysadmin blog One month from now, World IPv6 Launch Day with be upon us. Numerous online services will be enabling IPv6 and leaving it on. AAAA records will be published, and those of us with IPv6 enabled systems will start to use IPv6 preferentially to IPv4. But what does this all mean?

For the short term at least, the truth is "not much". Despite the trebling hype amongst the networking nerd community, World IPv6 Launch Day is set to be yet another day when the internet at large yawns, hits the snooze button and rolls over to go back to sleep. While IPv6 is unquestionably the inescapable future, the world at large isn’t in a particular hurry to get there.

Most of the internet's IP backbone providers will be rocking IPv6 on launch day. But the truth is, they've already been doing so for some time. The world's hardened network handful of end-user ISPs are joining in on the launch; the US is well represented, with a smattering of minor ISPs from the rest of the world throwing the switch.

Consumer and SME network equipment vendors however are functionally unrepresented. Even with the pair who have so far announced their support – Dlink and Cisco – you have to be quite choosy about which devices you buy. IPv6 support isn’t exactly top-notch across their product lines. In addition, most extant, deployed devices aren’t going to be receiving IPv6 firmware updates.

In my experience, this lack of vendor support magnifies other issues with IPv6. The net result is resistance from consumers and businesses of all sizes. My experience however is subjective; the sample size is representative only of those individuals and organisations I have interacted with. And, as you know, anecdotal evidence is not statistically sound.

Fortunately Dirk Paessler – CEO of Paessler AG – was more than happy to help me gain a wider perspective. Paessler AG sells PRTG (Paessler Router Traffic Grapher), a network monitoring tool with a cult following. The selling point is ease of use, and this has seen it deployed worldwide in everything from SMEs to large enterprises.

PRTG does about what you would expect. There’s the standard packet sniffing; additionally it has over 130 different sensors to monitor all common network services (HTTP, FTP and so forth.) It also has the ability to discover and communicate with all your various network devices using SNMP and WMI, NetFlow, jFlow, and sFlow.

Users of PRTG can choose to send usage statistics back to Paessler; anonymised information that helps the company decide where to focus their engineering efforts. What they have discovered is that actual IPv6 usage in the wild is very small.

While Paessler has asked that I not share the number of worldwide installations, I can say that the deployment numbers are quite significant. They have more active PRTG installs in the wild than I have personally met living human beings. Despite this, observed IPv6 deployment is currently below 0.1 per cent.

According to Paessler, "IPv6 has not reached the layer below the tier 1 providers. Really serious networks, where they do backboning and all that...there may be a usage scenario. But organisations between 1 and 10,000 seats ... they are not there yet."

Even among military networks and really large enterprises, usage is highly restricted. When considering both the raw statistics at his disposal as well as the paucity of IPv6 feature requests, Paessler believes "adoption of IPv6 will take years and years. Most users will stay IPv4 in their networks and they won't move to IPv6 without pressure."

His discussions with clients of all sizes mirror my own experience; companies are waiting on vendor support. It is not enough to have the high-end, expensive networking gear work with IPv6. Real adoption will require broad industry support, including consumer level gear.

More importantly, transitioning to IPv6 is a pain. Companies aren’t ready to spend money on something that – in the short term at least – makes network configuration, security and maintenance significantly more complicated. This is especially true when there simply isn’t a real world incentive to do so yet.

For the vast majority of us, World IPv6 Launch Day is set to be another damp squib. Maybe next year... ®

Internet Security Threat Report 2014

More from The Register

next story
Docker's app containers are coming to Windows Server, says Microsoft
MS chases app deployment speeds already enjoyed by Linux devs
IBM storage revenues sink: 'We are disappointed,' says CEO
Time to put the storage biz up for sale?
'Hmm, why CAN'T I run a water pipe through that rack of media servers?'
Leaving Las Vegas for Armenia kludging and Dubai dune bashing
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
Windows 10: Forget Cloudobile, put Security and Privacy First
But - dammit - It would be insane to say 'don't collect, because NSA'
Symantec backs out of Backup Exec: Plans to can appliance in Jan
Will still provide support to existing customers
VMware's tool to harden virtual networks: a spreadsheet
NSX security guide lands in intriguing format
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.