Adding socks support to everything is just as daunting as supporting a migration to ipv6 via transition mechanisms such as 6to4/6in4 and leaves us with something that is even MORE restrictive and less scalable than NAT. It also provides no upgrade path to solve these issues (it is much easier to switch from 6(to|in)4 to native ipv6 than socks to anything). This is not a workable solution.
So you'd effectively have pockets of IPv4 space bordered by SOCKS proxies. If this would be done hierarchically, you need proxy chaining to connect to a server on a different network.
It's a kludge. I can't see how it would be preferable in any way to a single global "namespace".
I agree... the problem is, how are we to get a single global namespace?
I have serious concerns with IPv6's practicality, even with 6in4 et al. Is trying to implement it just flogging a dead horse?
If somebody comes up with a way to actually get IPv6-only nodes widespread - not just nodes with joint IPv4 and IPv6 machines - then I'll have hope for mainstream IPv6. But while every client and server has to have IPv4 as well to be of any use, then what benefit does having IPv6 connectivity give it?
How is it a dead horse? Many ISPs are working on implementing IPv6. Some ISPs here in the Netherland have been offering it for quite a long time. Large sites (Google, Facebook, etc) are also slowly adapting it.
Yes, the transition is going very very slowly. But I don't think there is a problem. One could argue it's the same with IPv4 addresses as with oil. Eventually, it will get more expensive as it gets more scarce, and people will gradually switch to alternatives.
At a certain moment all the important sites will have adapted IPv6 that it's economical for some users to drop expensive IPv4. Sites will then hurry to go to IPv6 as they lose customers. But I guess there's no need to hurry yet... at least for us IPv4-rich western countries.
I've seen the "IPv4 will get more and more expensive, and more and more sites will provide IPv6 connectivity, and (for some unspecified reason) clients will put out the effort to get IPv6 connectivity for no near-term benefit, and then when nearly everyone has IPv6 connectivity, IPv4 support will become like IE4 support and sites will start dropping it, and the IPv4-only people will then demand an upgrade" argument, and I think it has flaws.
* Why do clients - home ADSL users, small offices, wifi hotspots - want to bother with IPv6? It offers them no benefit for at least several years. Everything that's good is IPv4 only, or maybe IPv4 and IPv6. All they need is one external IPv4 - or they can share an upstream IPv4 via carrier-grade NAT, so they needn't bear any "rising cost" of IPv4.
* Why should important sites really bother about IPv6? They already have large IPv4 allocations, and there's endless tricks to make better use of them (they can vhost any HTTP-based service, for a start). Moving to IPv6 will make it easier for startups to get IPs to compete with them. I'm not sure why some of them have offered limited IPv6 access (Facebook's is just a proxy that forwards on the connections via IPv4, it seems), but they don't seem to maintain them well (bit.ly was inaccessible via IPv6 all day; nobody seemed to notice) - I suspect they're mainly "20% time" projects.
* Just how near is the point where it's a good idea to drop IPv4, for clients or servers? There's a lot of legacy networks to shift... more so on the client end than on the server end, which is dominated by a "top 100 sites" or so that could all conceivably add IPv6 support with little effort.
Hey, I'm explicitly saying in my post that there is no hurry. It could still take ages. Maybe 20 years. But eventually we need more addresses than IPv4 can provide. Hacks such as NAT will make the IPv4 range a bit more stretchable, but they don't scale and won't hold up forever.
I know what the current state of affairs is. I don't understand why all the "IPv6 is not widely adopted yet so let's rationalize it as if we'll be on IPv4 forever" posts on HN lately. It is a slow, gradual process. If you don't want to worry about it yet then just don't.
Back when 64 bit CPUs were entering the consumer realm, you also had people saying "Man, addresses will take two times as much space and who needs to address that amount of memory? And there are plenty of memory mapping tricks to keep us on 32-bit for a long time"...
IPv6 is vary useful for peer to peer communication such as torrents and skype. My roommate and I sit behind NAT and rather than choosing a single PC that get's fast torrent downloads IPv6 can gradually increase the number of peers other PC's can see. Even better the speed scales up as adoption increases. Also, when you want remote into a more than one home PC you can do so directly with IPv6, you don't need to pick a single host and then remote into other machines on your network.
Yeah, I'd like easier peer-to-peer communications, too.
Which is why I suggested setting up SOCKS as a competitor to NAT, as it lets the client ask the gateway device for an external IP/PORT to do peer-to-peer communications over... without needing to set up IPv6 :-)
Adding features to operating systems is easy - IPv6 support has been in all the major OSes for years. Getting it out there wasn't that hard but getting people to use it has proven to be a different matter entirely, largely because it is not backwards compatible with IPv4 and because of the resulting chicken-and-egg situation.
With something like this, you could upgrade your OS, then upgrade you router, and see immediate benefit. Or you could skip upgrading your router and use an in-the-cloud provider instead. It's much, much easier.
I think we're going to see people explore application-layer proxying (things like Tor, my http://pagekite.net/, this SOCKS idea) more and more as the IPv4 shortage starts to have an impact. Sure it's less efficient and it may feel messy, but it works surprisingly well.
the point of a setup like 6in4 is that you don't need to upgrade your intermediate infrastructure either, you can get ipv6 right now (anyone with an ipv4 address can actually). And it does not have the serious downsides of a socks based approach.
Adding SOCKS to NAT boxes and to client devices is easier than IPv6, I warrant; SOCKS is a dead simple protocol, and the client can be slid into the sockets library without the app having to care.
And that's it. There's no need for ISPs to route you IPv6, or to set up tunnels. No need for dual stacks and AAAA records. No need for service providers to provide IPv6 access to their servers.
SOCKS is less restrictive than NAT - the client can know about it and find their external IP/port, it allows incoming connections, it lets the gateway device authenticate users and give them differing quality of service, etc.
Yeah, but what benefit is there as opposed to just sticking with NATv4 or SOCKS?
The real issue here is running out of IPv4s.
We don't really need more IPs for clients - NAT fixes that problem (I just argue that SOCKS could be a better solution, that can work alongside NAT).
We need more IPs for servers. The IPv6 solution is to move clients and servers to IPv6. 6in4 gets around needing to migrate the ISP as well, which is good, but it's still a heap of work that has to be done by people who don't get any material benefit out of it for years, at best. So it won't happen.
The benefit is real end to end connectivity without the need for co-operation of everyone along the chain (this is an extremely serious issue, often even one layer of NAT makes trying to get port forwarding a nightmare, imagine 2 or 3) . Its also much more scalable than both. In the long run supporting some kind of gargantuan NAT/SOCKS translation layer for millions of customers is going to be much more expensive than ipv6 support, because IP is fundamentally stateless and designed to scale massively, NAT and SOCKS are not. This becomes a serious concern at larger scales.
SOCKS gets you end to end (though it's arguably not "real"!) by letting you have listening sockets (which NAT doesn't).
There is indeed a scaling issue with NAT/SOCKS as both need connection state on the gateway device - but, I suspect, the dropping cost of hardware versus the rising cost of IPv4s will favour more hardware. The real question is how it'll stack up against the cost of dropping IPv4 for IPv6 (not the cost of adding IPv6 support alongside IPv4, which isn't that hard).
"I don't wanna use IPv6! I'll have to change things! Waaaah!"
Just shut up. Do it. Do the transition. Yes, it will be hard. Yes, it might break shit. No, IPv6 is not perfect. But do this transition once and we have enough address space to make it to the galactic civilization level. 2^128 addresses is big. It's a one-time thing.
I've run IPv6, to try it out... I just didn't bother setting it up again next time I replaced things, as it gained me nothing, so I didn't want to repeat the effort.
So it's in my best interests to wait until I have to.
Which means I'll continue to use IPv4.
Which means the sites I want to connect to aren't motivated to turn off IPv4.
Of course, what I'm proposing here - fixing the problems with NAT as a way of making IPv4 address exhaustion not be a problem for clients - doesn't help with IPv4 exhaustion for servers.
What would I propose for that?
* Using them more efficiently by having protocols support endpoint identification within a server (HTTP supports virtual hosting, SSL has spreading support for host identification in the SSL handshake process, SMTP has been fine with it for years, etc).
* Using incoming connection proxies / load balancers to have a small number of external IPs, connections to which are handled by a large number of backend servers
* Perhaps in the longer run, better usage of SRV records so that well-known ports fall into disuse, and server ports can be assigned by the administrator and then placed into the SRV record for that service, in effect making IPv4 addresses be 48 bits long.
The real reason for low adoption of IPv6 is that it would decrease demand in hosting and clould services at least for personal use as everyone will be able to access their home computers from everywhere. Service providers does not want IPv6.
Interesting point, that... Addresses being scarce and valuable would play into the hands of large ISPs who already have a lot of addresses! Discuss! :-)
