Guest Blog

Why Learning IPv6 Puts You a Step Ahead in Your Career

Signal to employers that you’re at the top of your game by learning IPv6 now

Guest blog post by Jonathan S. Weissman

ARIN reached the true technical IPv4 Exhaustion on September 24, 2015. Yet back in 2012, I believe that I created and taught the first ever college course held in the United States that was devoted exclusively to IPv6, a summer course at Finger Lakes Community College. The course had a normal 45 hours aggregate meeting time, but it was devoted to just IPv6 and nothing else. Twenty years before that, in 1992, the IETF asked for white papers after multiple proposals to expand IPv4’s 32 bit address space surfaced. RFCs for IPv6 started appearing in 1996, twenty years ago from this summer, in which my IPv6 course is running in its fifth consecutive iteration at FLCC.

Both my FLCC IPv6 course and my personally written exam for the course are certified by the IPv6 Forum, a world-wide consortium, and an official certifying body for IPv6. Students who get a 70% or better on my exam at the end of the semester, will automatically earn their IPv6 Certified Network Engineer – Silver certification from the IPv6 Forum. Adding this certification to their resume will no doubt make a huge impression on potential employers.

A group of my students at Finger Lakes Community College about to get IPv6 certified!

A group of my students at Finger Lakes Community College about to get IPv6 certified!

IPv6 has, for the last few years, been appearing on industry level certification exams by CompTIA, Cisco, and others. It’s no longer something being shoved under the rug. Especially now that ARIN is “fresh out” of IPv4 addresses, the knowledge of IPv6 becomes more and more of a requirement with each passing day. You can’t simply wait until your company starts using IPv6 before learning about it. With a solid background in IPv6 before it’s needed, you will be able to easily adapt to and adopt this fascinating new protocol with intelligence and efficiency.

Interestingly enough, I recently looked back at the reports from my first industry certification exams, and to my shock, I saw that my Novell CNE and CNA exams from 2000/2001 actually had IPv6 questions. However, at that point, IPv6 was still in its infancy. No one was using it in earnest as we are just starting to do now.

There happens to be a great twist to this story. IPv4 isn’t going away entirely for a very long time. Experts are predicting decades more of IPv4. On January 1, 1983, ARPANET turned off NCP (Network Control Protocol), and flipped on Vint Cerf’s TCP/IP, featuring IPv4 addressing. There has not been, nor will there ever be, a corresponding “flag day” for IPv6. Back then, if you were “connected,” you were a government agency, academic institution, or research institution. Nowadays, all businesses are connected, and some can’t even afford seconds of downtime. Some companies pay extra to their service providers for the “five nines,” 99.999% guaranteed uptime during a year. Therefore, IPv6 education includes incorporating and interoperating IPv6 with IPv4 with dual-stacking, tunneling, or translation.

For my students with IPv6 education (and certification), it shows at the very least that they are progressive, motivated, and a step ahead of the times. It shows that they are scalable, adaptable, and up on the latest and greatest (although as we mentioned, this “latest and greatest” is nearly twenty-five years old). It shows potential employers that when the need arises to start using IPv6 in an incremental fashion, those who have been already working with IPv6 can be trusted as the pioneers, the architects, the leaders for IPv6 deployment. Learning IPv6 now, when you’re not faced with pressure, deadlines, prioritization demands, and more makes the learning process smoother and cleaner. Being able to learn IPv6 now affords you the opportunity to cover both breadth and depth in ways that simply wouldn’t be possible in a more “on demand” environment.

IPv6 is not just about the exhaustion of IPv4 addresses. The Internet is slowly going to turn from IPv4 to IPv6. It’s happening now. Think about business continuity. At some point, if you don’t make the switch, from a business perspective, it could be devastating. IPv6 is also about doing things that simply weren’t possible with IPv4. For example, “Internet of Things” devices simply do not have enough logic to run a dual stacked IPv4/IPv6 combination. Those sensors being placed all over the planet? They’re running native IPv6! Besides sensory networks, think about the control systems. Think about reporting systems. Think about appliances. Think about home entertainment devices.

One more thing, of course…security! Some networks might have IPv6 enabled and might not even realize it. Malicious IPv6 traffic can enter the network, tunneled through IPv4. Firewalls won’t catch it. Neither will IDS/IPS systems. They don’t even know what they’re looking for, as far as IPv6 goes!

Furthermore, you can’t start thinking about IPv6 security mechanisms and implementations without a truly solid background in the IPv6 protocol and all of its subcomponents like Internet Control Message Protocol for IPv6 (ICMPv6), Neighbor Discovery Protocol (NDP), Dynamic Host Configuration Protocol for IPv6 (DHCPv6), link-local addresses, Internet Protocol Security (IPsec), and much more. As my IPv6 course illustrates, there are so many layers and wrinkles to IPv6. You can’t just read a book over a weekend and be ready to deploy IPv6 or, even worse, IPv6 security on a Monday morning. I tell my students, “seeing is believing,” as we spend lots of time on IPv6 labs, while sniffing in Wireshark.

There’s little to no pressure right now to start learning IPv6. As the days, weeks, and months go by, that will become less and less true. The “Internet of Things” and mobile devices are, of course, the big factors responsible for IPv6’s great need right now. Now is the time to start learning IPv6! There will never be a better time!


Jonathan WeissmanJonathan S. Weissman is an Associate Professor and IT Program Coordinator at FLCC. He holds 34 industry level certifications, five of which are IPv6 certifications from the IPv6 Forum.

Connect with him on LinkedIn or email him at


My Experience as an ARIN Fellow

ARIN 37 Fellow Alyssa Moore shares about her experience as a newcomer to the ARIN community and the policy development process.

Guest Blog by Alyssa Moore

In April I had the good fortune to:

  • Attend an all-expenses-paid meeting in Jamaica
  • Nerd out with Internet community experts and veterans
  • Engage in the best professional development of my career
  • Form relationships with brilliant mentors

Sounds too good to be true, right? Allow me to introduce you to the ARIN Fellowship Program.

ARIN 37 Fellows

ARIN 37 Fellows – April, 2016. Photo: ARIN

During my time as an ARIN Fellow, I learned that Internet number resource policies in the ARIN region are developed entirely by the community. Every word of the Number Resource Policy Manual (NRPM) undergoes rigorous examination in a transparent, community-driven, bottom-up policy development process. This is significant because in an increasingly networked world, we should all have a stake in Internet governance. Number resource policy is of particular importance in light of the recent depletion of the IPv4 address “free pool” in the ARIN region, the development of an IPv4 transfer market, and the slow pace of a global transition to IPv6.

I also learned that ARIN provides multiple avenues to contribute to the formation of policies and processes that underpin global Internet infrastructure. Anyone with an email address can chime in on global Internet policy-making simply by joining and participating in a mailing list.  Anyone can also attend an ARIN meeting, either in person or virtually. And anyone residing in the ARIN region with an interest in Internet governance is encouraged to apply for the Fellowship Program.

Policy Discussion at ARIN 37

Facilitation of policy discussion at ARIN 37. Photo: ARIN

While there is much lively discussion on mailing lists or during meetings, I found that some of the most spirited policy conversations took place over breakfast and at after-hours socials. For example, rules around IPv4 address transfers are currently of particular interest to the ARIN community. Some advocate passionately for the application of strict needs tests in cases where limited IPv4 resources are sold in a private transaction. Others support complete liberalization of the IPv4 transfer market, and the rest fall somewhere in between. If you’re involved in politics in any way, this type of problem may sound familiar.

Regardless of where one’s opinions fall on the policy spectrum, each and every person I encountered took the time to engage in a meaningful discussion with me and explain the issues within their historical context. I was floored by how quickly introductions were made and how welcoming the ARIN community is to newcomers. It’s for these reasons that I strongly encourage anyone with a stake in number resources or the larger Internet governance landscape to get out to an ARIN meeting in person. Fellowship applications are currently being accepted for the 20-21 October 2016 meeting in Dallas, Texas through 31 July 2016.


Alyssa MooreAlyssa Moore is the Policy and Strategy Analyst at Cybera, Alberta’s non-profit research and education network. She is involved in the Canadian Internet community as an advocate for socially responsible tech policy and a champion of publicly owned network infrastructure. Alyssa’s passion for the Internet is borne of a love-hate relationship with rural dial-up and satellite connections in her formative years. She holds a Bachelor of Arts in Political Science from Carleton University.
Cybera website:
Personal website:
Twitter: @lyssamoo


Can You Make IPv6 Work Commercially?

Uncovering the costs and (hidden) benefits of IPv6 deployment that lead to a positive business case

Guest Blog Post by Marco Hogewoning, External Relations Officer – Technical Advisor at the RIPE NCC

Large scale IPv6 deployments suggest that IPv6 is at least a technical success – the technology works. Now it’s time to visit the other important question: does it work commercially? Does IPv6 really come with a positive business case? We are about to find out, if you help us…

RIPE Labs ROI PollOur technical community has spent about two decades making IPv6 work on a technical level. We have developed the protocol, modified and expanded a few others; we set up the registry system and distributed the addresses. In addition, over the last 10 years we have invented pretty much any possible way to encapsulate or translate IPv6, making it easier to integrate with the IPv4-based world we still live in. And we have succeeded: when in Belgium, there is about a one-in-two chance your Internet connection supports IPv6; on a global scale, Google (on a good day) sees one-in-eight customers connecting via IPv6.

Are we done then? After all, we can show that IPv6 works, even on a massive scale with millions of users. We have written all the documentation there is to write, we have educated and trained all of our colleagues and even created awareness outside of our own community about the need to transition the Internet to use IPv6. Meanwhile the IETF has already taken steps to investigate and discuss the consequences of the inevitable “shutdown” of IPv4. All we need to do is sit back, relax and wait for the IPv6 transition to complete, which is just a matter of time.

Or is it?

As part of this year’s inter-sessional work for the Internet Governance Forum (whose 2016 event will be held in Mexico this December), a group of volunteers has picked up the daring task of trying to describe the commercial and economic reality that underpins a successful deployment of IPv6. As part of the project to document IPv6 best practices, we are hoping to gather some input on the costs and (hidden) benefits of IPv6 deployment that lead to a positive business case and that will convince the product managers and boardrooms who are now stuck with the challenge of expanding their business using a finite and very much exhausted resource, to deploy IPv6 within their products and services.

Can you help us? Share how you make IPv6 work in a competitive market, share the arguments behind your business case – maybe it was just a matter of your competitor deploying it? Even if you haven’t deployed IPv6, please share your arguments or business case, as this would also help us to gain insight in what is happening here.

More information about the IGF Best Practices Forum will soon be posted on the IGF website from where you can also subscribe to a dedicated mailing list. To read my full post, check out RIPE Labs and answer our IPv6 Return on Investment Poll there as well.


Marco_Hogewoning112x165Marco Hogewoning is External Relations Officer – Technical Advisor with the RIPE NCC. As part of the External Relations team, he helps lead the RIPE NCC’s engagement with membership, the RIPE community, government, law enforcement and other Internet stakeholders.






You probably have IPv6. Turn it on!

Kyle Drake, founder of Neocities, a free web hosting service, shares his experience with implementing IPv6. This post originally appeared on APNIC’s blog.

Guest blog post by Kyle Drake

Thanks to a massive amount of time and effort, there are now a large number of ISPs, data centres, cloud services, and software that now support IPv6 in the United States and around the world. Actual adoption of IPv6 in production is slowly increasing globally, but is still lower than it could be.

With this post, I not only want to convince you to start looking into beginning to use IPv6 on your own computer, but show that in many cases, enabling IPv6 can be as simple as clicking a button on your WiFi router.

Turn on IPv6

You might already know the reasons why IPv6 is so important: we’ve now run out of available IPv4 addresses, and it’s now very expensive to acquire new IPv4 addresses (in the ARIN region, you likely have to buy them from others), hampering the ability for network operators to provide infrastructure services at reasonable costs.

There are also significant security benefits to IPv6. One of the ways exploits are propagated is they scan the entirety of the IPv4 address range looking for vulnerabilities. As the IPv6 address range is so large (128 bits), it becomes impossible to scan the entire range. There was a great recent blog post on The Internet of Stupid Things that highlights the serious security problems we’ll have with IoT if we don’t deal with the address scanning problem, to say nothing about the problem of not even remotely having enough IPv4 addresses to support that many devices.

Considering the many benefits of IPv6, you may be wondering when you’ll be able to start using it. The answer is, probably now. And it might be easier than you realise.

Getting my feet wet with IPv6

I wanted to see if I could get IPv6 support for Neocities, which started my investigation into the current state of IPv6. At that point, I didn’t really know a lot about actually using IPv6. Before I enabled it on my servers, I wanted to get it working on my laptop and home network. I didn’t just want to ping the server from another server, I wanted to test the complete end-user experience myself.

The first thing I did was contact my ISP to see if they supported IPv6, and it turns out they did. Surprisingly to me, this is already true for many (if not the majority) of ISPs in the USA. Comcast, Time Warner Cable, Verizon, Cox, AT&T, Charter, and CenturyLink all have active support for IPv6, and that’s just the largest ISPs in the United States, representing approximately 78 million subscribers.

The way these ISPs provide IPv6 today is with a “Dual Stack” configuration, essentially providing both an IPv4 and IPv6 address at the same time. This allows you to start getting your feet wet with IPv6 while still supporting sites and software that haven’t switched over yet.

After confirming support from my ISP, my next goal was to figure out how to actually turn it on.

Configuring your WiFi router

If your ISP supports IPv6 and you have a modern WiFi router, this may be the only thing you need to actually configure to get IPv6 working on your home network.

My personal computer only had an IPv4 address being assigned to it from my WiFi router (which I confirmed by visiting an IPv6 test site?, so something clearly needed to get configured on it to enable IPv6.

I started by logging into my WiFi router (a D-Link DIR-868L) and quickly realised that it not only supported IPv6 but that I was one click away from enabling it. The router informed me that it would go into an automatic setup mode which would take a few minutes, then it would reboot with IPv6 support. I clicked the button and went for a cup of tea. Before I came back, the WiFi router had rebooted, and my local network now magically had a dual stack IPv4 and IPv6 address assignment and had bound seamlessly to the modem’s IPv6 address assigned by my ISP.

D-Link’s firmware was the easiest I saw for IPv6 configuration, but I also upgraded a network running a CenturyLink router that was fairly easy (though a few steps were somewhat obtuse), and another router running OpenWRT, which has excellent IPv6 support.

Most routers provide pretty good IPv6 support at this point but unfortunately, there are exceptions. Notably, I was surprised to learn that DD-WRT IPv6 configuration was ridiculously complex, and I didn’t feel bold enough to try to enable it. I’m hoping that DD-WRT can work to improve this in the future.

Trying it out

Now that my home network was set up, I focused my attention on enabling IPv6 for my laptop. At this point I braced myself for a headache, assuming the process would be a harrowing effort of digging through complicated config file muck, fixing broken, incomplete or badly configured software.

Here again, I was pleasantly surprised at how easy this process was. I simply rebooted my computer and had IPv4 and IPv6 support running on my machine. Great! But now how do I actually use it with my web browser?

It turns out that was seamless, too. In fact, it’s so seamless that it took me a while to figure out if it was even working. This is possible because most web browsers (I tested Firefox and Chrome) automatically determine whether they should use IPv6 or IPv4. When you type in a domain name, they automatically look for an AAAA record (the DNS A record for IPv6). If it exists, it tries using IPv6, falling back to the A record and IPv4 if necessary. I noticed no performance reduction in this process, though there could be a minor, unnoticeable difference.

The new “problem” was that I couldn’t visually tell when a site was loading with IPv4 or IPv6. To give me better insight into this, I installed the IPvFox add-on, which put a small icon in my address bar that would tell me if the site was loading with 4, 6, or with a combination of the two (Chrome also has a similar plugin called IPvFoo). I strongly recommend installing these plugins to assist you with testing IPv6 support. In addition, it also provides an interesting insight into which websites currently support IPv6 (a surprisingly large number), and which currently don’t.

Many websites have IPv6 support and don’t even realise it. For example, cloud proxy services such as Cloudflare provide IPv6 support transparently to the site they are proxying, whether the upstream web server supports it or not. Their aggressiveness in adopting cutting-edge technology for their infrastructure is notably helping to improve IPv6 adoption, and in fact, could even be responsible for the majority of web servers that currently support it.

Enabling IPv6 for the servers

Now it was time to see if we could enable IPv6 for the Neocities servers. I first went to the server that powered our web application (the front site), and saw that an IPv6 address had already been provided by our data centre operator, and automatically configured on our server.

If your data centre or cloud provider doesn’t automatically provide an IPv6 address, they usually provide an option to get one through a web interface or by contacting support. Once the server has been assigned an IPv6 address, you need to configure your server to use it. Each operating system has a unique way of configuring networking, so follow the relevant documentation to see how to enable IPv6 for your specific OS.

Once the server has been assigned an IPv6 address, I needed to configure the web server software to use it. Like many (if not most) online providers, we use Nginx for both serving sites we host on Neocities, and for proxying our backend web application. So I needed to configure nginx to start listening on the IPv6 address, in addition to the IPv4 one.

We use a custom compile of nginx that’s tuned for our needs, so I had to enable IPv6 by adding –with-ipv6 to the ./configure before compiling, but if you use the prebuilt nginx that comes from software packages, you likely won’t need this step. Once it was compiled and installed, I only needed to add a line to nginx.conf to tell it to also listen on IPv6:

server {
listen 80;
listen [::]:80;
# … the rest of your server config

I then reloaded nginx, and voila, IPv6 support! When I was ready, the last step was to add an AAAA record for that server to my nameservers. Within minutes, users with IPv6 support started automatically using that address, perhaps without even realizing it.

Minor tooling differences

In the process of testing IPv6, I did notice some mild software differences that initially made it difficult for me to test things, and I wanted to mention them briefly. The first notable difference was that I had to wrap the IPv6 address in square brackets for my web browser.

For example, if I wanted to access http://234::3334::44, I had to type it in as http://[234::3334::44]. I also had to use ping6 instead of ping, and use -6 with curl in order to force IPv6. And SSH would fail with square brackets, so I had to leave them out.

Having to deal with these quirks was honestly a little annoying. The one thing I particularly don’t like about IPv6 is weirdness of the colon delimitation. It’s a bit annoying to have to work with it, and I agree with some other writers that think we could do better in this category. It would be nice to see some improvements here in the future, but it’s not a deal breaker for me for the IPv6 adoption we need.

The crazy things IPv6 can do

Lastly, I wanted to mention some pretty interesting experimental projects people are already using IPv6 for. Specifically, I wanted to mention Cjdns, an experimental project that uses private keys to derive IPv6 addresses, enabling trustless distributed routing networks. This works because IPv6 addresses are so large (128 bits), that it’s safe to simply derive them randomly from keypair cryptography. In the future, this could help to address problems like route poisoning and related problems with the present Internet’s trust-oriented routing infrastructure. It’s experimental at this stage, but still a very interesting example of what IPv6 could hold for the future.

IPv6 doesn’t just allow us to add more devices to the Internet; it also enables the possibility of re-architecting the Internet to improve performance, upgrade security, and increase privacy. I’m excited to see what comes next.


All of my ISPs, data centre operators, and cloud service providers supported IPv6. But in many cases, I had to click an extra button to enable it, or explicitly request it. I understand the motive for doing this, as they perhaps wanted to avoid creating any issues with bugs or opening up any unknown security holes. I come from a similar school of thought (don’t turn anything on unless you really need it), but I’m now going to make a rare exception for IPv6.

Router manufacturers, data centres, cloud services: I love how easy you’ve made it to enable IPv6, and I appreciate the hard work you did to enable it, but now’s the time to go one step further. No more “one extra click” or “on request” support: it’s time to enable dual stack IPv6 support by default. When WiFi routers and servers start automatically configuring IPv6 alongside IPv4, we’re going to start seeing a lot more adoption of IPv6. And the farther along we get, the closer we get to being able to finally deprecate IPv4.

This particular technology is working best when its functionality is invisible to the end user. Thanks to the amazing work everyone has put into making IPv6 seamless, most users won’t even notice they’re using it, as everything they do today will continue to work with no noticeable difference. There’s only one thing left for you to do: Turn it on!

Kyle DrakeKyle Drake is a tech entrepreneur and the founder of Neocities.






Christmas Gift Idea: Some IPv6 Experience

A holiday gift from the community to the community.

Guest Blog Post by Marco Hogewoning, External Relations Officer – Technical Advisor at the RIPE NCC

The holiday season is rapidly approaching and this year is coming to a close, another one done and another one that saw some great and wonderful and also unfortunately some sad moments.

One of those key moments was the depletion of the IPv4 pool in the ARIN region, which for some probably means the sad realisation that their business models will hit a growth barrier. Others celebrated it, with a smug I told you so face, as the moment where IPv6 is no longer optional but a requirement for a solid Internet-based business.

It was something we have seen coming and the Regional Internet Registries and countless businesses have been preparing for this moment for years. Where other regions such as APNIC, RIPE and LACNIC already depleted their pools and activated various austerity based IPv4 policies, we had the opportunity to learn from each other and share experiences on what to do when the final moment of imminent IPv4 depletion would be there.

The same goes for the deployment of IPv6, where countless businesses and governments, big and small, have started to activate it in their products and services. We have come a long way, and I am happy to see countries all across the globe are making such great progress in IPv6 deployment, with the US market not that far behind the world’s IPv6 leader: Belgium.

At the same time we must not forget that a lot of people still face the challenge of starting an IPv6 project, scratching their heads on where to start and looking for the secret recipe that made others successfully deploy IPv6 for millions of customers.

IGF 2015 IPv6 BPF Session

As part of this year’s inter-sessional work for the Internet Governance Forum (IGF), a group of RIR staff and community members set out to collect and document those experiences. We’ve asked countless people from all stakeholders to tell us their stories and share what they thought were the secret to their success.

After a great workshop during the 2015 IGF in Brazil and a public comment period, the resulting best practice document Creating an Enabling Environment for IPv6 Adoption document has now been published as output of the IGF.

From the start we decided that it should not be another technical description of IPv6, many of those exist already and your favourite bookstore is likely to have a few really good books with a level of in-depth knowledge that we would have never been able to write up in the few months we had.

Instead we focussed on coordination and motivation, describing successful stories of IPv6 task forces, business and governments coordinating their IPv6 deployment and triggering in a domino effect where the success of one party offers motivation for others to join and do the same.

Above all, what is important, is to know you are not alone out there. You might be one of the lucky ones who have IPv6 already done, you might be somebody under pressure to start the project. We can all learn from each other, so why not give somebody the most valuable gift of all? Knowledge.

We got some of it together, but please keep adding yours. Share your experience and knowledge on IPv6 with others using the RIR blogs, NOG meetings and join your local IPv6 task force, also especially when you have already deployed.

Consider it a gift from the community to the community. The IGF outcome document can be downloaded here from the IGF website.


Marco_Hogewoning112x165Marco Hogewoning is External Relations Officer – Technical Advisor with the RIPE NCC. As part of the External Relations team, he helps lead the RIPE NCC’s engagement with membership, the RIPE community, government, law enforcement and other Internet stakeholders.






To Squat or not to Squat?

Cathy Aronson’s crash course in ISPs adding to RFC 1918 space with unrouted IPv4 address blocks.

Guest blog post by by Cathy Aronson


Recently I got an email from a colleague at a sizable ISP. He said his boss wanted to know whether it was safer to use or for additional RFC1918 address space.

I have to say I was shocked. I thought maybe I didn’t understand him. I rewrote back, “Are you saying that you are going to use and as additional RFC 1918 space?” His answer, “Yes”. I was shocked. I did not know this was happening. Certainly this had to be an isolated incident? It is an incredibly bad idea for so many reasons that I’ll talk about as I go on here.

Since I was on my way to IETF 94 in Yokohama the next week I decided to look into this matter and see who is doing this. A number of people talked candidly to me about this situation.

Before I left on my trip I did some googling to see what I could find out there on the net about this. I have attached some links below. It amused me that a large number of folks out there are seeing these addresses in their traceroutes and thinking it’s government surveillance. Of course that’s not at all the case. The not so amusing part of my googling was that there is a lot of this squatting happening out there on the net.

It turns out there are a LOT of organizations considering squatting on other organizations address space. Some of them include large ISPs, cable providers, and large enterprises.. The blocks used are not just and but there are discussions (see links below) of companies using and

I talked to another colleague at a large enterprise that is currently using He heard that the UK Government (the block belongs to the UK Ministry of Defense) may soon sell their rights to this block and it will be globally routed. There are folks trying to persuade the UK government to not sell, but it worth a tidy sum of money.

So why is this a bad idea? It is a bad idea because someone else holds rights to these blocks. If the rightful entity decides to route them or transfer them to someone else who then routes them, then everyone has a problem. The network that is squatting will not be able to get to the legitimate users of the block. The legitimate user of the block will not be able to get to a sizable number of eyeballs on those squatting ISPs’ networks.

How likely is this problem to occur? I would think that due to IPv4 address exhaustion it will become likely that some of these blocks will end up in the global routing table. For a while IPv4 address blocks will be worth quite a bit of money and it will be tempting for owners of such blocks to transfer them to whoever is willing to pay the most.

When a block like this becomes routed globally any ISP who is squatting on the space has to quickly renumber a large number of devices. This is not a trivial amount of work. That time would be better spent connecting all these internal devices via IPv6.   At least one ISP I talked to said they were using some squat space as an interim step until all the devices could do IPv6. I am not sure why others are not spending their time and energy deploying IPv6, but they are setting themselves up for a major crisis in the future.

Links of discussions of this squatting:

These are about

These are about

These are about

Some other providers who are doing this:


Cathy AronsonCathy Aronson has been an active ARIN participant since 1998. Cathy was also on the original ASO Address Council.  Cathy acts as an advocate for address policy by volunteering to do many presentations to get involvement of other communities such as NANOG.  She feels that cross pollination of ARIN with other RIRs as well as ARIN with other networking groups is essential to making good address policy. Cathy was most recently a network engineer at Cascadeo Corporation where she helped manage addressing and routing for a number of clients.

Previously, Cathy was a member of the technical staff at Packet Design, where she was responsible for operational aspects of their Internet scaling projects. Earlier Cathy was at the @Home Network where she was responsible for routing and IP addressing. She began her career at Merit, Inc. where she worked on the NSFNET Backbone. Cathy designed and implemented the OSI/CLNP for the Energy Sciences Network. Although OSI/CLNP was never widely deployed, the experience has given greater insight into addressing and scaling issues. Cathy joined the Advisory Council in June 1998 first serving an interim six-month term before being re-elected later that year to a three-year term. She was re-elected to the AC in 2001, 2004, 2007, 2010, and 2013. Her term expires 31 December 2016.



Connecting Canadians with the New Internet

At ARIN 36 in Montreal last week TELUS co-sponsored network connectivity, bringing IPv6 to all NANOG and ARIN meeting attendees.

Guest blog post by Matthew Wilder

We Canadians are generally known for hockey, poutine and our overwhelming politeness. I’m very sorry about that. Believe it or not though there is such a thing as Canadian pride. Perhaps not surprisingly it is a polite form of pride, one which comes with a dash of bashfulness.


True to form, we at TELUS are proud of our support of industry meetings that have been held in Canada over the last several years. We have sponsored these meetings by providing network connectivity for ARIN meetings in Toronto (2010), Vancouver (2012) and now in Montreal (2015) and similarly IETF and NANOG meetings. In 2012 we were incredibly happy with our progress in constructing our IPv6 capabilities, introducing native dual-stack service for these meetings.

Fast forward a few years to 2015 and we have made a great deal of further progress. We now offer IPv6 to enterprise customers on their Internet services, and are in the midst of the mass roll-out of our IPv6 service for consumer Internet services. These efforts are finally beginning to bring Canada into the picture of global IPv6 adoption.

In June, Canada was at 0.5% user adoption of IPv6. As of October that number is 2.18% and growing quickly. This growth can be accounted for with our deployment to hundreds of thousands of homes whose Internet service now includes IPv6 connectivity. We’re extremely happy to help Canada join the rest of the pack!


Matthew WilderMatthew Wilder is a Sr Engineer in the Technology Strategy team of Vancouver based TELUS where has worked for 10 years.  TELUS is Canada’s fasting growing national telecommunications provider with 13.9 million customer connections, including 8.4 million wireless subscribers and 1.5 million high-speed Internet subscribers. Matthew’s responsibilities include IP address management, IPv6 strategy and network performance for all Internet services.  He has been an active member of the ARIN community as well as both NANOG and IETF, each of which TELUS has continually supported through network sponsorship for meetings held in Canada.



Embracing the Shift in the Internet’s Architecture

True leadership means putting your money where your mouth is.  Jeff Urbanchuk explains how Stanton Communications encourages all PR professionals to adopt IPv6, but not before making their own website ready for the new Internet Protocol. 

Guest blog post by Jeff Urbanchuk

Earlier this month, PRNews featured an editorial penned by our CEO, Peter Stanton, on the need for PR professionals to take a critical look at their network infrastructure in relation to IPv6. The editorial was written with IPv4 depletion in mind, but also served to give our peers in the PR industry a window into our recent experience transitioning the firm’s website to a native IPv6 platform.

As communicators, PR professionals take pride in being early adopters of new technologies. Our clients expect that their messages will get to the right audiences in the most resonant way. In today’s fast-paced marketplace of ideas, that usually means communicating over the Internet through blogs, social media and digital advertising. While the results of these efforts are generally measured in the final outcome of likes, conversions and page clicks, the methods by which those messages are transmitted are of equal importance. Real leadership in today’s crowded media market requires a deeper dive into understanding not only the way people communicate online, but how that communication happens on a substantive and technical level.

The move towards IPv6 is critically important for the public relations community to understand and embrace. While ISPs and device manufacturers have been baking IPv6-compatibility into their products for years, PR firms and many digital specialists have failed to pay attention. Failure to recognize the shift in the Internet’s architecture opens a dangerous blind spot that could threaten to expose clients – and the firms themselves – to an otherwise preventable competitive disadvantage.

As strategic counselors, PR professionals have a responsibility to point this fact out and offer recommendations to eliminate this blind spot. One of the best ways to do that is for agencies to undertake their own internal website review to get their sites IPv6 compatible. That’s just what Stanton Communications did.

Admittedly, it wasn’t an easy process. We are a small firm with a small IT department so it took time to learn the ins and outs of how we could make our website available over IPv6. Through our experience we worked with ARIN to develop an infographic that lists the step-by-step approach you can take to make your website ready for IPv6.

IPv6 Step by Step

In the end we learned a truly important lesson. One cannot truly appreciate, or alone promote, a technology without first personally testing and adopting that technology in real world conditions. It’s one thing to declare leadership in technology through mastery of applications and programs. It is quite another to take the step to alter your firm’s infrastructure to stay current with the rapidly evolving world of technology.

Now we are prepared, tested and ready to assist ARIN in communicating the importance of IPv6. As members of the technical community who are instrumental in keeping the Internet running, we hope you will join us in the effort.


Jeff Urbanchuk Jeff Urbanchuk is an Account Manager at Stanton Communications where he oversees strategic communications campaigns for public policy and technology clients. Jeff is a member of the Stanton Communications team supporting ARIN in its ongoing effort to popularize IPv6 through its Get6 campaign.





Are Service Providers Ready for IPv6?

President and CEO of Incognito, Stephane Bourque, is looking find out what strategies communication service providers are using to transition to IPv6 and needs your help to answer a few questions about your IPv6-readiness.  

Guest blog post by Stephane Bourque, President and CEO of Incognito Software Systems

Worldwide, the transition to IPv6 has begun — but just how ready are communication service providers for this change?

ARIN is expected to join regional Internet registries in Latin America, Europe, and Asia Pacific in exhausting public IPv4 addresses soon. Globally, this means that the number of remaining public IPv4 pools available to service providers to hand out to customers is running out, and most providers will need to consider strategies for IPv6 to enable future growth.

What are these strategies? That’s what we want to find out. For the second year, Incognito is running a global survey of communication service providers to find out IPv6 plans and strategies. The 5-10 minute survey is open to telecommunications, cable, mobile, satellite, and converged service providers of all sizes.  All participants will receive a copy of the final report compiled from survey results.

Last year’s report found that most service providers are slowly moving towards IPv6. At that stage, although more than three quarters of respondents had started preparing for IPv6, only 14% had deployed IPv6 on their networks and 4% had begun offering IPv6 addresses to end users.

Infographic 2014 Incognito Survey

The transition to IPv6 is essential for all businesses. At Incognito, we have embraced IPv6 on our internal networks and our website to prepare for an IPv6 future. When we made our website IPv6 ready in 2011, only a fraction of websites could be reached over IPv6, but we knew content was going to be a significant driver in the transition. So we enabled IPv6-support at the World IPv6 Launch Day in 2011. Our solutions already supported IPv6, so we knew we had to practice what we preach. It hasn’t been a quick process, but we look forward to being part of an IPv6 world.

Whether you are IPv6 ready or not, all communication service providers are invited to share your experiences and plans in the IPv6 Readiness in the Communication Service Provider Industry survey.


sbourqueStephane Bourque is the technological inspiration behind Incognito’s provisioning solutions. As CEO, Stephane has championed the development of high performance, multi-platform solutions that help service providers increase margins and reduce network upkeep.

Originally from Montreal, Canada, and educated at Concordia University, Stephane applied his computer engineering background at Banyan Systems to design enterprise network management systems for Fortune 1000 companies like Bell Canada.




IPv6 at the Dutch ccTLD registry SIDN

Where there’s a will, there’s a way. Senior Research Engineer at SIDN, Marco Davids, explains how Dutch ccTLD registry SIDN committed to IPv6 deployment.

Guest blog post by Marco Davids

.nl, the IPv6-enabled registry

SIDN is the registry for the Dutch country-code top-level domain. In terms of domain names per capita, we are one of the largest TLDs in the world. And even in absolute numbers, we are still among the five largest country-code TLDs. I guess that makes us kind of special. We may be a small country, but, as in so many countries, the Internet is immensely popular and has been for quite some time. In that regard, we are far from exceptional.

SIDN photoAt SIDN, we firmly believe in IPv6 as a long-term solution for the exponential growth of the Internet and the problems that arise from that. In fact, with IPv4 space running out, and prices on the secondary market rising, the need for a new addressing scheme on the internet is perhaps more acute than ever.

We are pleased to see that many organisations recognise the need for change and are acting accordingly. On the other hand, surprisingly, a considerable number of organisations haven’t even bothered to look into IPv6 at all. That is a concern. Large ISPs in the Netherlands (with a few exceptions) are moving, but they tend to take things slowly. This is one of the reasons why we are keen to promote awareness and adoption of IPv6. It goes without saying that we practise what we preach: IPv6 has been enabled on our own services for quite some time. More on that later.

The Dutch ‘comply-or-explain’ policy

The Dutch government is very much aware of the urgency of IPv6. In the Netherlands, the government maintains a so-called ‘comply-or-explain’ list, containing various Internet standards, including IPv6. Standards on the list should be used by government organisations and, for example, be part of the requirements in a procurement process. As I said, IPv6 has been on the list for quite some time, and an increasing number of government services are now reachable via IPv6. A broadly similar European list also exists, and naturally IPv6 is on that list as well.

Although we are not required to, because we are not a government agency, SIDN has decided to adhere to the comply-or-explain list. The authoritative name servers for the .nl domain have been fully IPv6-compliant for quite a number of years, but we felt we needed to go a few steps further and enable all of our services on IPv6. Naturally, we ran into a few issues. The vendor of our email appliances, for example, promised IPv6 support ‘soon’. But it turned out they needed ‘a little more time’. Quite frustrating, but also a lesson learned: be firm and serious with your vendor and make clear agreements beforehand about mutual expectations. There are still vendors out there, trying to make their customers believe that ‘no one really needs IPv6’ or claiming that IPv6 support ‘is in the next version of the firmware, scheduled for release any time soon’. My advice: show them the door.

Sometimes being pragmatic is the solution. We came to the conclusion that modifying the entire back-end infrastructure of our registry system for IPv6 was not feasible in the short term. As an interim solution, we are using load balancers to disclose our registry system via IPv6 on the Internet side, while it is still running on (RFC1918) IPv4 space internally. We also made our Whois service accessible via IPv6 in a similar fashion. So, where there’s a will, there’s often a way.

The Dutch Internet Standards Platform is a private-public initiative by several organisations with the goal of promoting new standards, including IPv6. On a simple website,, anyone can easily check the quality of their connection, or a domain name for that matter, in relation to these new standards. The test is strict; some people say it’s too strict. But if you manage to achieve a 100% score, you can at least be sure that your setup is very future proof. So try it out.

Summarising, I would say that IPv6 is here and now. It’s a mature standard that is being deployed at a rapid pace. The amount of IPv6 traffic is increasing by 100% a year.  And in the interest of an ever expanding internet, everyone should join in.


Marco DavidsMarco Davids is a Senior Technical Policy Advisor and Senior Research Engineer at SIDN, the ccTLD for the Netherlands (.nl). He has been with SIDN since 2007 and a member of the SIDN Labs R&D-team. In this capacity he is involved in various projects, primarily with a focus on the DNS. Marco is also an active participant in the RIPE and IETF communities and has contributed to several RFCs and draft documents.




A Closer Look at The Internet of Things

Nick Rojas explores the Internet of Things and how some will appreciate the fundamental changes to the Internet that will allow it to come to fruition, while others will simply take it for granted.

Guest blog post by Nick Rojas

The so-called “Internet of Things” (IoT), is not just about the seemingly endless benefits of connecting everything to the internet, or as some say, making things “smart”. It’s also about infrastructure, intellectual property, education, and increasingly growing business interests. It’s how devices are tied to the cloud for commerce, research, and an endless array of applications.

While considering the benefits of having smart refrigerators and other fun gadgets, many forget the significant potential applications that the Internet of Things could change, such as water conservation due to “smart” sensors, reducing city traffic congestion, and a radical change in health care practices.


The Main Challenge: Infrastructure

Smartphones alone command a staggering share of smart devices in use today, with more than 143 million of them in use. When phones, refrigerators, bathroom scales, football stadiums, and even entire cities collectively need to connect to the Internet, we may find that we simply don’t have the infrastructure to support this yet. When IP protocols were first designed, futurists couldn’t have envisioned all the devices that would one day connect to the Internet. The concept of connecting virtually everything to the Internet goes well beyond the original framework.

Every device connected to the Internet must be given a unique identifier to function properly, so IP address exhaustion is certainly a thing that could hinder the ability to provide for the “Internet of Everything”. This is where we can enjoy a bit of good news.

IPv4 provided approximately 4.3 billion addresses, and has lasted for about 25 years. IPv6 has been available since 1999 and vastly expands the number of addresses to about 340 trillion, trillion, trillion addresses. Simply put, we’re good to go, for a very long time.

As progress is made, some of us will appreciate the fundamental change to the Internet while others will simply take it for granted.

“There will be so many IP addresses … so many devices, sensors, things that you are wearing, things that you are interacting with that you won’t even sense it. It will be part of your presence all the time.”  – Eric Schmidt, Google’s chairman and former CEO

With Increased Connectivity comes Improved Analysis

In addition to infrastructure and the increasing number of devices, the Internet of Things will prompt the continued development of analytics. Advanced statistics and predictive algorithms will play an ever larger role in decision making.   As an example, smart devices can be used by medical researchers to track the relationship between medicines consumed and heart rate.

As the volume of people using such devices increases, and the amount of data reaches statistical significance, analyzing the data can help researchers glean valuable information about the impact of certain foods on heart rate.

According to M.V. Greene, “”The “Internet of Things,” where objects in the physical world are connected to electronic virtual networks, is poised to turn retail on its head. Not since the introduction of online shopping – and before that credit and debit cards for purchasing – has something in retail had the potential to be so transformative.”

As the applications of these smart devices are dreamed of and manufactured, the opportunities for scientists and researchers are endless. Dreaming up ways of connecting human activities with data can lead to major advances in how we lead our lives. With the recent launch of Apple’s Smart Watch, which signifies the first massive step into mass adoption of wearable technology, the potential of the Internet of Things has just begun.


Nick RojasNick Rojas is a business consultant and writer who lives in Los Angeles. He has consulted small and medium-sized enterprises for over twenty years. He has contributed articles to, Entrepreneur, and TechCrunch. You can follow him on Twitter @NickARojas, or you can reach him at







Turning Bits into Bites

I can has IPv6? Mathew Newton knows how to make IPv6 fun – by involving cats of course. Here’s how he connected a DIY device to the Internet of Things to solve a problem and make his feline friends extra happy on World IPv6 Day.

Guest blog post by Mathew Newton

If we are to believe the figures being banded around, the Internet looks set to be dominated by the number of devices connecting under the ‘Internet of Things’ banner at some point over the coming years. If there’s any domination of the Internet before then it is arguably by cats – cat photos, cat videos, pretty much cat anything. I actually think there’s room for both though in the form of Internet-enabled cat feeders

Back in 2009 I was looking for a solution to ensure our two cats didn’t go hungry if my wife and I had to work late or go out for the evening straight from work. I couldn’t help but feel that I already had half the solution by virtue of my home-grown security solution based around the use of IP cameras. We could see the cats via the Internet wherever we were, so why not feed them this way on an occasional basis also? Cutting a long story short (the full details of which can be found on my website with the obligatory cat video on YouTube) I built the first version (the ‘Mark 1’) of my cat feeder:

Cat Feeder

Aesthetics didn’t feature on the requirements list (well, not mine anyway – it turns out they did on my wife’s!) but function and reliability definitely did. It seemed to tick both of these boxes completely with little room for improvement.

That’s not to say my work was done however – I had to do something about the Cisco Catalyst switch (I know, pun intended; it was clearly meant to be!) which I’d used to interface the feeder to the network through some hacked-together RJ45 loopback adapters and piggybacking on the port status LED driver ICs. Not only was the switch noisy but also bulky and had to be tethered to a nearby network port. After rummaging through piles of kits that ‘may come in handy one day’ I found a Cisco-Linksys WRT54GL broadband router and used it to make the improved ‘Mark 2’ version:

Cat Feeder 2

Cat Feeder Schematic

Not only was the feeder now a self-contained device, but it was also wireless (well, apart from the main power) and, by reflashing the firmware, could also support IPv6! The immediate benefit of this was, of course, being able to assign an appropriate ‘vanity’ address involving ::f00d and ::feed and no doubt others! Once that novelty wore off, the other benefits became obvious – there was no messing about with port forwarding and dynamic DNS update scripts. It just worked. Out of the box. This could of course be a double-edged sword where network security relies solely on the stateful property of a NAT and so my first IoT lesson to learn was making sure that my firewall was configured to protect the feeder accordingly.

The second lesson was also security-themed, and I’ve only got myself to blame for this one. On World IPv6 Day in June 2011, I decided to open up the feeder for 24 hours for anyone to access. For those connecting over IPv4 they could only view the feeder-mounted webcams, but for those with IPv6 they could also take control of the feeder and feed the cats. You can probably imagine how it went – food pretty much everywhere and two very full cats! The real problem, however, was that some users had spotted that I was passing control parameters through the URL to a PHP script (e.g. /catfeedercontrol.php?action=feed&time=5) and so were trying to abuse this by manipulating the feed durations, fishing for other commands and goodness knows what else. I quickly added some sanity checking to the scripts to mitigate this (I didn’t do this previously because access was usually password controlled). A key point to note here is that this attack vector was not directly related to the use of IPv6 as such – the vulnerability was at the application layer after all – however the ease with which IPv6 allows devices to be reachable from the Internet highlights the importance of ensuring that security is properly considered at all layers of the stack.

Even with sanity checking I would have benefited from being able to rate limit access but didn’t have time to work out how to do this. Instead, I opted to filter the source address of repeat offenders using the firewall and this became my third security lesson. The IPv6 double-edge sword was back – the offender was either hopping between addresses (whether that be manually or using short-term privacy addresses) or an entire organisation was seemingly in on the act because the addresses were all over the place within a very large prefix! I assumed the former but given the futility of playing cat and mouse with the offender (pun not intended!) I gave up blocking individual addresses and filtered the entire prefix instead. In a ‘real world’ application this could of course have significant unintended consequences, and so it did make me realise that our approach to filter-by-address strategies in IPv4 might need further thought when it comes to IPv6.

All in all, the cat feeder has been a great success and has never let us down in the six years we’ve been using it (I should point out that we only use it on occasion and not as a substitute for in-person contact with our pets!). Indeed, the cats seem to love it although it has to be said they’d love anything that feeds them! I suspect though that they might be particularly keen on the IPv6 aspect as normally they are fed twice a day but on World IPv6 Day they were fed a total of 168 meals. So from their perspective, this answers the question as to how much better IPv6 is than IPv4… 84 times of course!


Mathew NewtonMathew has nearly 20 years of network-related experience with a particular focus on all aspects relating to the design and deployment of IP (v4 and v6) and DNS.

His interest in computing, electronics and ‘how things work’ arguably stems from a childhood of taking things apart. He is now at the level where hardly any screws are left over when putting them back together again.





Webpass Deploys IPv6 For ARIN 35 Event

The IPv4-IPv6 dual stack network at ARIN 35 last week went off without a hitch. Webpass VP of Technology, Blake Drager, explains what it took to get it up and running. 

Guest blog post by Blake Drager

ARIN partnered with Webpass, an industry leading Internet Service Provider (ISP), to provide the network for the ARIN 35 event held in San Francisco from April 12-15, 2015.

We met with ARIN to determine what type of connectivity was needed:

  • BGP
  • Webpass allocated IPv4 / IPv6
  • ARIN netblocks statically routed to Webpass WAN

Since ARIN has a specifically reserved IPv4 /20 and IPv6 /48 for ARIN and NANOG meeting events, statically routing ARIN’s netblocks within the Webpass network was the best solution.


Webpass’ network is 100% dual-stacked and running on a Brocade CER and MLXe platform so setting up the IP circuit was as simple as:

  1. Adding an IPv4 /30 and an IPv6 /64 for connectivity between networks
  2. Statically routing ARIN’s netblocks with the next-hop being the Webpass WAN IPs
  3. Redistributing the static routes into our OSPF and OSPFv3 tables

After setting up the IP circuit, ARIN’s netblocks were routing within the Webpass network, but we wanted to redistribute these blocks to our eBGP peers so we had to do the following:

  1. Create prefix lists for the ARIN blocks
  2. Add those prefix lists as an applicable route-map statement attached to eBGP neighbors
  3. Verify that the routes were being advertised to Webpass’ eBGP peers
  4. Contact eBGP NOCs, send them the ARIN LOA for  Webpass to advertise ARIN’s netblocks and request that they update their prefix lists accordingly. This took a few emails and a little coercion with some networks, but after a while, ARIN was able to verify their routes were visible in public BGP looking glasses and route servers.

Once all of the above steps had been successfully executed, and the microwave link was installed at the JW Marriott, ARIN was able to verify public connectivity for both IPv4 and IPv6. All things considered, the process was very simple. IPv6 setup required no additional configuration when compared to the IPv4 setup. This is contrary to popular narrative that IPv6 is overly complicated and makes IP provisioning more difficult. Nothing can be further from the truth. Once your network is 100% dual-stacked and your staff is appropriately trained, IPv6 provisioning gets easier.

In fact, if ARIN’s meeting requirements were for IPv6 only, the configuration would have been as simple as Webpass providing ARIN with a /56 or a /48 via DHCPv6 Prefix Delegation. DHCPv6 would automatically assign them a /48 with a next hop of their local “fe80” IPv6 address. The Brocade router would see this delegation occur (via DHCPv6 relay) and automatically insert that route into the routing table as a “delegated static” entry. This is the common Webpass customer IPv6 connectivity configuration.



Blake Drager Blake joined Webpass in 2006 and serves as the Vice President of Technology, leading the Webpass software development and network teams.  Blake started his career at Webpass building systems used to deploy Webpass’ Internet and providing technical support to residential customers. Webpass needed a scalable network that could interface with customers and employees and Blake rose to the challenge of building it. Today, Blake continues to drive software development that enables Webpass to run efficient operations.





Tinkering with IPv6 on a Home Router

Working in the IT world, Chris Harvey was naturally curious about IPv6, so he decided to set up IPv6 on his home network when it was time to upgrade his router, and now he blogs about his experience.

Guest blog post by Chris Harvey

Some may say I’m crazy, and a few of them would be right, but I’ve long tracked the growth of IPv6 given that I worked at Comcast for a number of years and my manager was instrumental in the Comcast push into IPv6. As a result it’s been fairly well drummed into me that this is something we all have to tackle at some point, or else the results of inaction will tackle everyone to the ground.

I guess you could say that I’m lucky enough to have been in the IT world for all of my career, so I’m one of many IT savvy people that are not too phased by configuring networks and getting my seemingly ever growing body of electrical devices connected to a network. Having said that, what less IT literate folks realize (I’m thinking of my mother here) is that even for those of us “in” the industry, change is usually a learning process too. We just have a level of experience to lean on that helps us catch on a little quicker than someone who’s not exposed at all.

I can clearly remember a few (ok, maybe many) years ago being completely mystified by many aspects of IT that my more senior and experienced colleagues took for granted. My point of saying this is, don’t think “it must be easy for him, because he knows what he’s doing”. Well actually most of the time I don’t, I’m just trying things and seeing the results. I may be able to interpret the results faster than someone with no experience, but I don’t have a magic wand that instantly makes me understand the new technology any more than my mother leaning on years of cooking experience to realize that leaving that toast in for just a bit too long is going to burn it.

Being “in” the industry always makes me lean towards new projects like initiating IPv6 with both a little excitement and trepidation. For my wife it’s more a dread of “oh great, now I’m going to lose my husband to the computer for two days while he figures this out, and in that time nothing else will get done”. That being said, it was time to upgrade my router from Comcast. I’d received a few emails saying it needed upgrading, so I decided to make the change knowing that the next generation of DOCSIS 3 modems would finally give me access to IPv6 for all my computers, tablets, phones and other ancillary and ever-connected devices in the house.

Frankly, enabling IPv6 couldn’t have been easier. Of course I made it much more complex by trying to understand the changes and morph them to my own desires.  At the end of the day simply plugging in the new modem was enough of a change to enable IPv6 to the devices on my network that could already speak that language, which is about every single one of them.

Because it would be pretty boring if I just stopped there, let me give a little more detail around what I did do, what worked and what didn’t and where I’ve ended up.

Firstly, it’s worth knowing we have an almost entirely Apple-based house. There are some devices in my house that are not Apple products, such as Internet radios and wireless HVAC thermostats, but mostly it’s Apple products. OSX has been IPv6-enabled for a long time so I expected this to be relatively easy and in fact it was.

Comcast supplied the modem, and it was provisioned into the account by customer care when I picked it up. Once home, I plugged it into the power and the coax cable. It took a few minutes to get up and running, but all status lights came on correctly.

The xfinity modem by default has a home WIFI which you can either immediately use with the SSID passcode that’s provided, or using the admin interface, you can rename it. Whether you connect an ethernet cable directly to the modem or use the WIFI, it’s IPv6-enabled.

The administration screen is easy to access, although not all that obvious, but Google (or the search engine of your choice) solved that. Essentially from any of your devices that connect to the modem, either hard wired, or wirelessly through the SSID mentioned above, the admin screen can be found on and the administrative credentials are easily found online. As you’d expect, you cannot administer this from the outside network unless you specifically enable it, so just because the admin user’s ID and password are easily discovered, doesn’t mean anyone can access your router.

Since I already have an Apple Airport that is my wireless router, I wanted to keep it. The modem by default comes configured as a router, so having another one inside the network means you end up with a “double NAT” scenario. I’ve yet to find anything specifically poor about this arrangement, but it’s certainly not ideal, and it does not allow for you to have an IPv6 address on your devices. So for that reason, I put the new modem into a “bridge mode”, which essentially makes it transparent to the network and passes traffic through to my Airport which means my devices automagically obtain IPv6 addresses.

To test whether you either have or are using an IPv6 address, the easiest method is to use your web browser. There are many sites to choose from, but I found these two particularly useful: and, with the latter doing a very nice job of telling you what your browser is doing. If you want to do something a little more hardcore, you can issue the following command on an OSX terminal.

ifconfig en1


ether c8:e0:cb:1c:48:69

inet6 fe80::cbb0:ebff:f3fc:4869%en1 prefixlen 64 scopeid 0x5

inet netmask 0xffffff00 broadcast

inet6 2601:8:a80:edef9:cab0:ebff:fe3c:4869 prefixlen 64 autoconf

inet6 2601:8:a80:edef9:dd47:5cd1:eaa1:1a4a prefixlen 64 deprecated autoconf temporary

inet6 2601:8:a80:edef9:5ded:d7c2:27b8:de85 prefixlen 64 autoconf temporary

nd6 options=1<PERFORMNUD>

media: autoselect

status: active

But at the end of the day, you shouldn’t need to do this. The point of IPv6 is that it simply works, so you shouldn’t need to mess around trying to make it work. The new modem and the Airport negotiate how to handle the address allocation, and it all works smoothly.

I took a bunch of extra steps that I could document for you regarding setting up my guest network, allocating a different network segment for it and essentially delving pretty deep into getting things setup how I wanted.  But in the end, the only thing I really needed to do to ensure my Airport environment worked was to alter the modem to bridge mode. If I didn’t have my own router and wanted to use the built in SSID that comes on the modem, which by the way you can rename if you want to, then out of the box my IPv6-capable devices would all have started using IPv6. Where they don’t, they fall back to IPv4, which we all still mostly rely on. I note with interest that my Airport Utility still has a strong focus on IPv4. Although it supports IPv6 transparently, any IP setup option still mostly involves IPv4 addresses. I wonder if that will change over time?


Chris HarveyChris has over 20 years of experience in the computer industry, including software sales engineering, implementation, consulting and solutions architecture. Chris’ career diversity stems from many years as a successful independent consultant, sales engineer, internal and external solutions architect; all within a variety of well respected companies in senior positions providing leadership, mentoring, product or solution delivery.





IPv6-Brewed Coffee Over Bluetooth Smart

Glenn Ruben Bakke explains how Nordic Semiconductor is connecting to the Internet of Things using IPv6 over Bluetooth Smart in everything from keyboards to coffee makers.

Guest blog post by Glenn Ruben Bakke

IOT IPv6 Over Bluetooth Smart

Believe it or not, the day has come when your coffee machine could know what exactly what kind of coffee you like to drink depending on the cup you’re using, the time of day, and a multitude of other factors. Earlier this year, the Nordic Semiconductor team demonstrated a smart coffee machine at CES that brewed coffee over IPv6. But coffee machines aren’t the only place where innovation is possible. As a leader in Bluetooth Smart solutions you will find our chips in products all around your home from wireless keyboards and mouse, TV remote controls all the way through to wirelessly controlled toys. Basically, we are already in a wide range of diverse devices. So, for us, extending those devices connectivity through the internet was the next logical step.

We are a strong advocate and believer that the right long term approach for connecting everything to the Internet is by using open standards. In this way obstructive barriers to cross-platform, device and OS communications will be dissolved.

IPv6 Over Bluetooth Smart

Recently a lot of effort has been made by the Internet Engineering Task Force (IETF) to make the Internet suitable for smaller devices, something that is referred to as 6LoWPAN. Bluetooth Smart Specific adaptations and recommendations for 6LoWPAN are being defined as BLE 6LoWPAN and can be found here.

BLE 6LoWPAN enables compression of IPv6 traffic and optimizations in procedures (for example, neighbor discovery) on Bluetooth Smart. BLE 6LoWPAN defines Stateless Address Autoconfiguration (SLAAC) of IPv6 addresses using the Bluetooth Smart Device Addresses. The 6LoWPAN-enabled Bluetooth Smart device will derive a EUI-64 address based on its own EUI-48 MAC address and this is combined with the assigned prefix to form an IPv6 address.

Stack Diagram

BLE 6LoWPAN defines two roles for Bluetooth Smart devices: the 6LoWPAN node role and 6LoWPAN edge router role. In the 6LoWPAN node role Bluetooth Smart devices can connect to the internet over Bluetooth Smart using a border router. The border router role acts as a device that is connected to the internet and provides access for the nodes to the internet.

6lowpan Roles

IPv6-enabled Coffee Machine

We wanted to demonstrate the exciting possibilities that this technology enables and we wanted to show that by doing something practical. What better way than brewing coffee over IPv6? – not only demonstrating a connected appliance that can be controlled and monitored from the Internet, but also getting a nice cup of coffee at the end of it.

The coffee machine, being IP enabled, has its own IPv6 address which means it is directly addressable from the Internet. Also, native support IP protocols allow the coffee machine and the cloud application to use the same protocol without any need of proxy or translations. The application protocol used in this demo is MQTT, a TCP based protocol.

In this demo you can request a brew through the web interface. You can also see if the coffee machine is brewing or idle, the number of cups brewed etc. – all examples of monitoring a remote appliance.

We used the following hardware components to brew coffee over IPv6:

  1. Coffee machine – connected to the nRF51 Development Kit playing the role of BLE 6LowPAN node role and an MQTT client.
  2. Raspberry PI   – playing the role of BLE 6LoWPAN router providing connectivity to the internet to the coffee machine by routing packets between its Bluetooth and Ethernet network interfaces.
  3. PC symbolizing a cloud server. The PC provides the software infrastructure of the demo.

Coffe Machine Setup

The software pieces we used are:

  1. MQTT broker. MQTT protocol requires a central broker that manages messages between various clients that connect to it. Here, HiveMQ is used as the broker.
  2. Django web server providing an interface to control the coffee machine.
  3. Database is used to store information related to the coffee machine.
  4. A controller module that listens for messages from coffee machines. Any updates or request to the database are handled by this module.

Coffee Web Interface

Routing on Raspberry Pi

Once a 6LoWPAN node connects to the Raspberry PI, a Bluetooth network interface appears on the Raspberry Pi. Routing packets to this Bluetooth Network interface is like routing packets on any network interface. Linux provides a router advertisement daemon, radvd, which is used in this setup.

The radvd is setup to delegate an IPv6 prefix to all the endpoints connecting to the switch so that global IPv6 address can be created on the nodes using State-Less Address Auto-Configuration (SLAAC). The Ethernet interface (eth0) takes care of devices connecting to the simulated global network, and the Bluetooth interface (bt0) takes care of the IPv6/6LoWPAN over Bluetooth Smart devices connection. For Bluetooth, radvd will give each node on the link (bt0) a 2001:def:: prefix, and for Ethernet each node will get a 2003:abc:: prefix using 2003:abc::1 as gateway.


6 radvd config

A route is also put up between the global network (eth0) and the Bluetooth/6LoWPAN network (bt0) that connects the 2001:def:: subnet to 2003:abc:: subnet. This makes the Bluetooth nodes available in the simulated global network.

Routing on Raspberry PI

With this setup each coffee machine can create a TCP connection to the MQTT broker using its global IPv6 address, publish messages and listen to responses or commands.

We were proud to demo our IPv6 coffee machine at CES earlier this year and see it as the first – and major – step of many devices into IoT over IPv6.


Glenn Ruben BakkeGlenn Ruben Bakke is a Software Engineer who has been developing software for Nordic Semiconductor’s nRF51 Series ICs as well as working on the development of the IoT SDK.