Thursday, August 16, 2012

Cool: Gmail accepts SMTP over IPv6

Cool: Gmail accepts mail via SMTP over IPv6



sander@toverdoos:~$ telnet gmail-smtp-in.l.google.com. smtp
Trying 2a00:1450:8005::1a...
Escape character is '^]'.
220 mx.google.com ESMTP 1si2968615eee.121
ehlo asdf
250-mx.google.com at your service, [2001:41d0:2:bb58:dead:beef:8637:e45b]
250-SIZE 35882577
250-8BITMIME
250-STARTTLS
250 ENHANCEDSTATUSCODES
mail from: <blabla@gmail.com>
250 2.1.0 OK 1si2968615eee.121
250 2.1.5 OK 1si2968615eee.121
data
354  Go ahead 1si2968615eee.121

Cool, it works!
.
250 2.0.0 OK 1345123513 1si2968615eee.121
quit
221 2.0.0 closing connection 1si2968615eee.121
Connection closed by foreign host.
sander@toverdoos:~$


Raspi's Raspbian: no IPv6 by default ...

Strange: Raspberry Pi's Raspbian ("2012-07-15-wheezy-raspbian") has no IPv6 activated by default. Just plain IPv4. Strange ... why leave out IPv6 in 2012? On Ubuntu IPv6 is even built-in into the kernel.

Anyway:
  • A manual "modprobe ipv6" solved it ... until the next reboot.
  • Adding "ipv6" (without the quotes) to /etc/modules solved it really

Some specs:

pi@raspberrypi ~ $ uname -a
Linux raspberrypi 3.1.9+ #168 PREEMPT Sat Jul 14 18:56:31 BST 2012 armv6l GNU/Linux
pi@raspberrypi ~ $ 

pi@raspberrypi ~ $ lsmod | grep -i ipv6
ipv6                  290227  20 
pi@raspberrypi ~ $

pi@raspberrypi ~ $ ping6 -nc4 www.google.com
PING www.google.com(2a00:1450:4007:803::1012) 56 data bytes
64 bytes from 2a00:1450:4007:803::1012: icmp_seq=1 ttl=50 time=39.9 ms
64 bytes from 2a00:1450:4007:803::1012: icmp_seq=2 ttl=50 time=38.0 ms
64 bytes from 2a00:1450:4007:803::1012: icmp_seq=3 ttl=50 time=38.9 ms
64 bytes from 2a00:1450:4007:803::1012: icmp_seq=4 ttl=50 time=38.1 ms

--- www.google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 38.094/38.783/39.923/0.780 ms
pi@raspberrypi ~ $

HTH

Tuesday, June 12, 2012

iOS 6: "IPv6 Support for Wi-Fi and LTE"

Apple showed the included sheet on yesterday's WWDC with information on iOS 6. It says "IPv6 Support for Wi-Fi and LTE" in the right lower corner (right below the blue logo). 

Let's analyze that:
  • IPv6 support for Wifi is nothing new: an iPod Touch 4 with iOS 5 connected to Wifi will already handle IPv6 correctly (if IPv6 is offered by the LAN).
  • IPv6 support for LTE is great ... as long as your iOS device supports LTE. I guess currently that is only the new iPad / iPad 3. A far as I know the iPhone 4 does not support LTE. I guess iOS 6 does not support any IPv6 tunnels, so your mobile operator also needs to offer IPv6. That's what T-Mobile in the US does (based on NAT64).
  • Apparantly IPv6 support for 3G / UMTS / HSPA / HSDPA / EDGE / GPRS is not available. Pity.


Sunday, June 10, 2012

IPv6 accounts for 40% of all traffic by IPv6 customers

On the IPv6 Launch Day on 6-6-2012 in Amsterdam (http://www.ipv6launch.nl/), Xs4all reported on their IPv6 status:


  • Until May 2012, any Xs4all customer with the correct modem could opt-in to IPv6.
  • At some moment, Xs4all turned on IPv6 on all its FttH's cutomers.
  • At the end of May 2012 Xs4all switched to the policy that any new or upgraded customer would automatically get IPv6.

The result is that there are now 13.000 IPv6 leases (read: customers with IPv6 active). Together they generate 1.6 Gbps IPv6 peak traffic. That means a mean of 123 kbps IPv6 traffic per IPv6 user at the peak moment (normally at 21:00 for consumer connections).

This 123 kbps IPv6 mean peak traffic may sound low. However, it's quite much and it probably means that about 1/3 or 1/2 of the total traffic is IPv6, as the typical traffic peak is about 100 - 300 kbps per user.

First an explanation of that number "100 - 300 kbps per user": if you have 1000 customers each with a 10 Mbps connection, at the peak moment those 1000 customers will not generate 1000 * 10 Mbps = 10 Gbps traffic. Typically, at the peak moment those 1000 customers will generate a total of about 100 Mbps - 300 Mbps traffic, which means the mean peak traffic per customer is 100 kbps - 300 kbps. That number is used by architects to design networks.

So let's say 300 kbps mean peak traffic (IPv4 and IPv6). That means the 123 kbps IPv6 traffic accounts for 40% of the traffic. And that's much as it needs IPv6 servers / hosts on the 'other' side.

How can that huge amount of IPv6 traffic be explained? I can only guess: youtube.com, newsserer/newsgroup traffic, facebook.com, a bit google.com, and ...?
Peer2peer traffic like bittorrent is unlikely do cause a lot of IPv6 traffic at this moment as very little "peers" have IPv6 working right now.

Hopefully Xs4all will do an analysis of the type of IPv6 traffic, and report on it.


Friday, June 8, 2012

Blocked Piratebay and IPv6

If your ISP, like mine, has blocked access to http://www.thepiratebay.org/ , but you have IPv6, there is an easy solution: http://thepiratebay.se.ipv6.sixxs.org/

Update (based on the comments):

If you update your 'hosts' file, you can just access http://thepiratebay.se/ over IPv6. The Dutch ISPs block IPv4 addresses, not IPv6 addresses.

On Windows, open the file \Windows\System32\drivers\etc\hosts (admin rights needed), and add:

2002:c247:6b96::1       thepiratebay.se

Then restart your browser (or whole OS), and happily surf to http://thepiratebay.se/

This probably also works if you have only teredo / miredo IPv6 (which is active in all Windows Vista and Windows 7 systems).

Update 2:

Probably handy to have this in your hosts file:


2002:c247:6b96::1 thepiratebay.se
2002:c247:6b96::1 www.thepiratebay.se
2002:c247:6b96::1 thepiratebay.org
2002:c247:6b96::1 www.thepiratebay.org


HTH

Update 2012-07-15:

It looks like TPB has no IPv6 anymore:


sander@R540:~$ host thepiratebay.se
thepiratebay.se has address 213.75.28.117
sander@R540:~$ host thepiratebay.org
thepiratebay.org has address 213.75.28.117
sander@R540:~$ 




sander@R540:~$ telnet 2002:c247:6b96::1 http
Trying 2002:c247:6b96::1...
telnet: Unable to connect to remote host: Connection timed out
sander@R540:~$ 


:-(




Wednesday, June 6, 2012

Cool: this blog itself IPv6 enabled

Today is IPv6 Launch Day. Among others, Google has turned on IPv6 on its websites: google.com, youtube.com, and ... blogspot.com. So this blog http://ipv6-or-no-ipv6.blogspot.com/ is now IPv6 enabled.

blogspot.l.google.com has IPv6 address 2a00:1450:4007:802::100c

Thank you, Google!

Tuesday, June 5, 2012

Nice site to check IPv6-ness of a domain

Here's a nice site to check the IPv6 results for a certain domain: http://ip6.nl/

At this moment (one day before IPv6 Launch) google.com has zero score:



Linux 3.2 shows IPv6 addresses used in route table

I'm running Ubuntu 12.04 with Linux 3.2.0. I just saw that "ip -6 route show" shows an enormous list of IPv6 addresses. After some research, it looks all IPv6 address that are used (by a webbrowser or any other program), get added to that list. The entries have a short life: after a few minutes, they're gone (if not re-visited). Maybe it's just a list of active IPv6 connections?

I had a look on my Ubuntu Server 11.10 (with Linux 3.0), and there the ipv6 route list just shows the usual default gateway and the local LAN addresses, and not all the IPv6 sites visited. So it's a change between Linux 3.0 and 3.2?

I don't know why that is done. Does it make IPv6 network communication faster? If so, why is it not done for IPv4 ("ip route show" does not show sites visited)? Or is it used to keep parameters for each destination (like the cwnd at the end: cwnd = "clamp for congestion window")?

Anyway: Apart from the official goal, how can you (mis)use this feature? Some thoughts:
  • you can see which of the sites you've visited have IPv6
  • you can create some statistics: will the list grow in the coming time (months, years) with more websites introducing IPv6?
  • you can see which sites are visited by other users and processes on the system. Remember: you don't need root rights for "ip -6 route show". I don't know if that is a great feature as seen from a privacy point of view
  • ...


Funny commands:

ip -6 route show | grep via | grep -vi default  | awk '{ print "host " $1 }'  | /bin/sh | grep -vi "not found"
ip -6 route show | grep via | grep -vi default  | awk '{ print "whois " $1 }' | /bin/sh | grep -i -e netname -e inet6num -e descr 


IPv6 route table on my system:

ubuntu@ubuntu:~$ ip -6 route show | grep via | grep -vi default
2001:470:0:64::2 via fe80::5267:f0ff:fed7:61fb dev wlan0  proto static  metric 1024  rtt 168ms rttvar 75ms cwnd 10
2001:610:188:301:145:0:2:10 via fe80::5267:f0ff:fed7:61fb dev wlan0  proto static  metric 1024  rtt 80ms rttvar 85ms cwnd 4
2001:610:510:0:192:42:113:60 via fe80::5267:f0ff:fed7:61fb dev wlan0  proto static  metric 1024  rtt 28ms rttvar 20ms cwnd 10
2001:680:12:130::3e29:130a via fe80::5267:f0ff:fed7:61fb dev wlan0  proto static  metric 1024 
2001:680:12:130::3e29:1330 via fe80::5267:f0ff:fed7:61fb dev wlan0  proto static  metric 1024  rtt 30ms rttvar 16ms cwnd 10
2001:6a8:3c80::39 via fe80::5267:f0ff:fed7:61fb dev wlan0  proto static  metric 1024  rtt 34ms rttvar 10ms cwnd 10
2001:720:418:cafd::20 via fe80::5267:f0ff:fed7:61fb dev wlan0  proto static  metric 1024 
2001:888:0:18::80 via fe80::5267:f0ff:fed7:61fb dev wlan0  proto static  metric 1024 
2001:888:2000:63:194:109:35:48 via fe80::5267:f0ff:fed7:61fb dev wlan0  proto static  metric 1024 
2001:41d0:2:bb58:dead:beef:8637:e45b via fe80::5267:f0ff:fed7:61fb dev wlan0  proto static  metric 1024  rtt 248ms rttvar 227ms cwnd 10
2406:da00:ff00::1715:b9ae via fe80::5267:f0ff:fed7:61fb dev wlan0  proto static  metric 1024 
2406:da00:ff00::3211:f660 via fe80::5267:f0ff:fed7:61fb dev wlan0  proto static  metric 1024 
2406:da00:ff00::b849:f31c via fe80::5267:f0ff:fed7:61fb dev wlan0  proto static  metric 1024 
2620:0:1c18:0:face:b00c:0:7 via fe80::5267:f0ff:fed7:61fb dev wlan0  proto static  metric 1024 
2a00:1450:4007:802::1012 via fe80::5267:f0ff:fed7:61fb dev wlan0  proto static  metric 1024  rtt 46ms rttvar 32ms cwnd 10
2a00:1450:8005::68 via fe80::5267:f0ff:fed7:61fb dev wlan0  proto static  metric 1024 
2a02:26f0:7:1:8000::eed via fe80::5267:f0ff:fed7:61fb dev wlan0  proto static  metric 1024 
2a02:26f0:7:1:8800::eed via fe80::5267:f0ff:fed7:61fb dev wlan0  proto static  metric 1024 
2a02:26f0:7:1:8d00::236 via fe80::5267:f0ff:fed7:61fb dev wlan0  proto static  metric 1024 
2a02:26f0:7:1:8f00::236 via fe80::5267:f0ff:fed7:61fb dev wlan0  proto static  metric 1024 
2a02:26f0:7:1:9100::eed via fe80::5267:f0ff:fed7:61fb dev wlan0  proto static  metric 1024 
2a02:26f0:7:1:9700::236 via fe80::5267:f0ff:fed7:61fb dev wlan0  proto static  metric 1024

Comments are welcome!

Update:

Info from Iljitsch van Beijnum https://twitter.com/#!/iljitsch and http://www.muada.com/ : the above is "route cloning". Info from an IBM site:


Route cloning
Route cloning allows a host route to be created for every host that a system communicates with.

When network traffic is about to be sent, a search is done of the routing table to find a route to that host. If a specific host route is found, it will be used. If a specific host route is not found, a network route or the default route may be found. If the route that is found has the cloning flag, 'c', set, a host route for the destination will be created using the gateway from the route that is being cloned. Subsequent routing table searches for that destination will find the cloned host route. Cloned routes have the 'W' flag set. These routes will time out and be deleted from the routing table if they are unused for route_expire minutes. You can modify route_expire by using the no command.

The route cloning feature is used mainly by the path MTU discovery protocol within AIX® to allow it to keep track of path MTU information for every destination it communicates with. If the network options tcp_pmtu_discover or udp_pmtu_discover (settable with the no command) are 1, the cloning flag is turned on for all network routes on the system. In AIX 4.3.3 and later, path MTU discovery is on by default.


Sunday, May 13, 2012

rdisc6: handy tool to see advertised IPv6 prefixes

If you want to see if there are any routers advertising IPv6 prefixes on your LAN, and if so, what IPv6 prefix they are advertising, you can use the tool 'rdisc6'.

Usage is easy: 

   rdisc6 -1 -r1 -q wlan0

Output is for example

   $ rdisc6 -1 -r1 -q wlan0
   2a00:cd8:cc11:bbee::/64
   $ 

So, a good first check of your router.






Wednesday, April 25, 2012

NNTPgrab: Another IPv6-enabled newsgroup downloader

I just discovered another IPv6 enabled newsgroup downloader: NNTPgrab. It has a built-in search function. Quite handy.

NNTPgrab runs on Mac OS X, Linux and Windows. Homepage is http://www.nntpgrab.nl/

Installation on Ubuntu was easy, thanks to the PPA provided by Erik van Pienbroek:

sudo add-apt-repository ppa:openftd/ppa
sudo apt-get update
sudo apt-get upgrade
sudo apt-get install nntpgrab

Then start up NNTPgrab by typing "nntpgrab_gui". In the popup-window, select "Start standalone" in the right bottom corner. That will start the server and the GUI.

Alternatively you can start a separate server and GUI:

nntpgrab_server
nntpgrab_gui 

In the GUI you can add your newsserver. I used the following free newsservers:


The downloads go quite well, although they seem to stay in ~/NNTPGrab/Temp and are not moved to ~/NNTPGrab/Downloads

PS: the NNTPgrab config file is

    ~/.config/NNTPGrab/nntpgrab.conf

EDIT: there is a better GUI. Install it with:

        sudo apt-get install nntpgrab-gui-qt


Then start with the GUI with "nntpgrab_gui_qt" (so: underscores, not dashes), This Qt-GUI looks better, and can actually connect to remote nntpgrab-servers.

Happy downloading!


Tuesday, April 24, 2012

T-Mobile US provides IPv6 using unlocked UMTS Nexus & Galaxy Nexus Phones

Very interesting: T-Mobile US provides IPv6 using unlocked UMTS Nexus & Galaxy Nexus Phones


You have to set up a IPv6 (-only?) APN. 

Most interesting part: "T-Mobile's IPv6 service is an IPv6-only service that uses NAT64 and DNS64 in the network to connect IPv6 mobile users with IPv4 content. ". So your phone *only* uses IPv6 (no IPv4/IPv6 dual stack), and T-Mobile converts that to IPv4 when needed.

This method is probably in line with the current APN, which does NAT44. Going to NAT64 is then probably a small step, and easier than providing dual stack. 


Sunday, April 22, 2012

Great IPv6 article "Measuring Dual Stack Quality" by the web browser

Wow! An ex-colleague of mine (Max) sent me a great article/presentation "Analysing Dual Stack Behaviour and IPv6 Quality" written by Geoff Huston & George Michaelson of APNIC. The presentation is here: https://ripe64.ripe.net/presentations/78-2012-04-16-ripe64.pdf

The article is about dual-stack (both IPv4 and IPv6) situations, and how to handle them in the best way. As expected, the article concludes that a lot of IPv6 connections are not functioning at all. The problem can be on your local system or network, but also at the other end, or somewhere in between. If you would first use IPv6, wait for a time-out, and then use IPv4, your browsing experience would be horribly slow. That should be avoided.

The solution is this:
  • the web browser should both query for A (IPv4) and AAAA (IPv6) addresses. This should happen in parallel
  • then the web browser should measure both and in parallel the speed of the IPv4 and the IPv6 connection using a SYN packet
  • based on that measurement, the web browser should use the fastest connection
So this completely according to the old Dutch engineering's saying "meten is weten, gissen is missen" ;-)

What is unclear to me, is if/how the current browsers have already implemented the above. I used wireshark with Chromium 18.0.1025.151 (Developer Build 130497 Linux) on Ubuntu 11.10, and I did see the A and AAAA lookups, but then only a SYN over IPv6, not over IPv4 (for website http://www.appelboor.com/ which has both a IPv4 and IPv6 address + connectivity).

Some interesting conclusions from the article:

A lot of IPv6 connections are not working: about 40%!



The IPv6 failure depends on the IPv6 technology used: unicast/native is quite good, Teredo/Miredo is quite bad:



The articles also compares the speed of different IPv6 technologies to IPv4: Unicast and 6to4 are faster than IPv4 (!), Teredo/Miredo is slower:




All in all a great article! Kudo's to Geoff Huston & George Michaelson.

Friday, February 3, 2012

Virtual Box: "Network Bridge Adapter"

If your VirtualBox host system has IPv6 via RADV or DHCPv6, and you want the guest to have that IPv6 too, you should select Network -> Network Bridge Adapter. That way your VirtualBox guest is 'directly' connected to your LAN, without NAT.