IPv6 News

Nixu DDI Software Appliance Platform Awarded Gold Medal for Its IPv6 Support on 21st December 2011Nixu Software has been awarded the IPv6 Ready Gold Certificate by the IPv6 Ready Forum for its DDI Software Appliance platform on 21st December 2011. The tests, which were carried out by an independent third party approved by the IPv6 Ready Forum, validated the interoperability between Nixu DDI Software Appliance platform and other networking products with IPv6 Ready Gold Certificate. Other manufacturers with IPv6 Ready Gold Certificate include Cisco Systems, Juniper Networks, RedHat, VMware, Hewlett-Packard and IBM.

The exhaustion of IPv4 address space in 2011 made IPv6 connectivity an unavoidable reality. While most organizations are yet to face an urgent need for introducing IPv6 support in their networks, they should nonetheless, plan ahead to ensure a smooth transition to a dual-stack environment. The increased complexity of the IPv6 address syntax and the vast size of the available address space mean that DDI services (DNS, DHCP, IPAM) play an even more pivotal role in managing these dual-stack networks.

Having introduced full dual-stack support already in 2004, Nixu Software has been a pioneer in the wide-scale adoption of IPv6 network connectivity. Juha Holkkola, the Managing Director of Nixu Software, said in this regard: “When we started out working with dual-stack environments, there was no strict standard, let alone any certification available. Now that IPv6 is going mainstream, we decided that it was a good time to have Nixu DDI platform’s world-class IPv6 support formally acknowledged. Our products sailed through the testing phase in a matter of weeks, which is pretty impressive considering that for some of our competitors it has taken over a year, while for others it seems completely impossible.”

To celebrate this achievement, Nixu Software has released a new version of howismydns.com, a free online test tool used to validate the configurations of public DNS servers. This latest version provides complete support for dual-stack networks, allowing fully transparent testing process for IPv4, IPv6 and dual-stack DNS deployments. In addition to IPv6 support, the new toolset also comes with a number of DNSSEC validation tests. To try out the latest IPv6 DNS and DNSSEC testing tools, please visit howismydns.com.

[Read more →]

No more “test flights” … 2012 is the year that IPv6 gets permanently deployed! That is the message of “World IPv6 Launch,” announced today by the Internet Society, Google, Facebook, Cisco, Microsoft, Comcast, AT&T, Time Warner Cable and a whole host of other companies.

While last year’s successful World IPv6 Day was all about testing how your site or service worked with IPv6, this year’s World IPv6 Launch is about enabling IPv6 permanently as of June 6, 2012 (or earlier). As Google’s Erik Klein wrote:

“At long last, IPv6 will be the new normal.”

Today’s announcement included a new website:

www.worldipv6launch.org

with information about the initiative, forms to complete to register your participation in World IPv6 Launch, and also badges and images you can use on your websites, in your presentations, etc. As you will see on the site, this year’s initiative is focused primarily on internet service providers (ISPs), home networking equipment manufacturers and website operators / content providers. You can register on the site to participate and can also stay up-to-date on the program by following @worldipv6launch on Twitter.

Partners participating in the event also published supporting blog posts today, including:

• Internet Society Deploy360 Programme: World IPv6 Launch on June 6, 2012, To Bring Permanent IPv6 Deployment
• The Official Google Blog: IPv6: Countdown to launch
• Cisco Blog: Launching a New Internet Protocol (includes a video)

While Facebook joined in with a tweet about their participation to their 2-million+ followers.

Many more companies are already completing the forms and registering their interest in joining the effort.

The momentum is just starting and will only build as June 6th approaches – what will you do to be part of the effort?

Full Disclosure: I am employed by the Internet Society although not directly with the World IPv6 Launch team. My role is with the Deploy360 Programme where we are providing resources to help people more rapidly deploy IPv6 (and thereby participate in World IPv6 Launch).

Written by Dan York, Author and Speaker on Internet technologies for over 20 years

[Read more →]

BlueCat Networks provides advice to the UK Government on IP Address Management (IPAM) and IPv6-Ready DNSSEC

BlueCat Networks, the IPAM Intelligence™ company, today announced that it has collaborated with the UK Cabinet Office on a best practice approach for deploying a resilient, IPv6-ready DNS service for the Public Sector Network (PSN). The PSN is a CIO Council initiative designed to create the effect of a single network across government.

“The security of business and network services accessible to users over the PSN is of paramount importance,” said John Stubley, Public Sector Network — Program Director. “Over the past year, we have worked productively with BlueCat Networks to identify the technical issues to ensure our DNS core services are authoritative, resilient, scalable and easy to manage. BlueCat Networks has been extremely responsive in answering our requests and has provided expertise to the PSN Programme for this area of work.”

“The PSN is a key component of the UK’s ICT strategy, and will allow public sector users in the UK to more easily share information and access open standard-based services,” said Matthew Pearson, UK and Ireland Sales Director, BlueCat Networks. “We are pleased to have the opportunity to work with the Cabinet Office and the PSN in a technical advisory role. BlueCat Networks contributed to the architecture and configuration for a centralised, authoritative DNSSEC and IP Address Management (IPAM) solution for .gov.uk domains. The approach had to be easy to manage, resilient, geographically-dispersed and scalable to support the network backbone for the whole of the United Kingdom. It also had to be future-ready with support for IPv6. Our recommendations were based on our experience in helping US government agencies successfully deploy DNSSEC and IPAM across their large, distributed networks.”

BlueCat Networks’ appliance-based software solutions provide a purpose-built platform for IP Address Management (IPAM) and DNS/DHCP core network services. Deployed at some of the most demanding and secure organizations in the world, BlueCat Networks’ physical and virtual appliances help public and private sector organizations improve security, lower costs and increase IT efficiency. BlueCat Networks’ solutions also allow organizations to securely manage change and growth with unsurpassed scalability and future-ready support for IPv6 and DNSSEC.

For a free trial of BlueCat Networks’ DNS, DHCP and IPAM solutions, visit http://pages.bluecatnetworks.com/FreeTrial.

[Read more →]

BlueCat Networks, the IPAM Intelligence™ company, today announced that its IP Address Management (IPAM) technology will be used as a component of HP Network Consulting for IPv6 services to help enterprises and governments worldwide simplify the transition to IPv6.

“The connected world is also an IP-dependent world,” said Michael Hyatt, co-founder and CEO of BlueCat Networks. “By working with HP, we are helping commercial and government organizations successfully make the transition to IPv6, which is a key technology for enabling successful IT initiatives including virtualization and the cloud today and in the future.”

By combining IPAM with HP Network Consulting for IPv6 services, enterprises and governments will be able to enhance network flexibility and scalability to support critical IT initiatives, such as virtualization and cloud computing. These services enable a seamless transition to an IPv6 connected world by assessing IPv6 readiness, as well as architecture and design, integration and deployment.

“Organizations need to look ahead to the IPv6 transition to maintain the connectivity needed for real-time responses to business needs,” said Imran Khan, vice president, Networking Consulting, Technology Services, HP. “The combination of offerings from HP and BlueCat Networks will help organizations ensure seamless connectivity and business continuity during the IPv6 shift.”

Deployed at some of the most demanding and secure organizations in the world, BlueCat Networks’ IP Address Management solutions provide an essential technology for helping organizations transition to IPv6, launch new IP-dependent services including virtualization and clouds, and manage network growth and change.

For more on this announcement please visit www.bluecatnetworks.com/hp.

For free trial software, please visit http://pages.bluecatnetworks.com/FreeTrial.

[Read more →]

New Report Highlights the Role of DDI in Driving Efficiencies and Cost Savings; Positions BlueCat Networks as a Top Choice for DDI

BlueCat Networks, the IPAM Intelligence™ company, will host a live webinar on January 19 featuring Forrester Research, Inc. to discuss the “Five Reasons DDI is Critical to the Network.”

“Much of IP, Dynamic Host Communication Protocol (DHCP), Domain Name Services (DNS) management requires too much hand holding; administrators spend time allocating addresses, capturing unused ones, uploading new records, or checking for errors,” wrote Andre Kindness, Senior Analyst, Forrester Research, Inc. in a December 7, 2011 blog post. “On average, it takes two days to allocate a set of addresses for the deployment of new servers when it’s 5 minutes of work.”

A December 2011 report from Forrester provides guidance on why organizations should move off spreadsheets or a homegrown DDI solution and surveys the top commercial DDI solution vendors. A complimentary copy of the Forrester Research report is available at: www.bluecatnetworks.com/forrester.

In the BlueCat Networks webinar, guest speaker Andre Kindness will share key findings from the Forrester Research report “An Infrastructure Can Only Be As Efficient As DNS, DHCP, and IP Address Management” (December 2, 2011) including what to look for in a DDI solution and the capabilities that make BlueCat Networks a top choice for DDI.

“We are pleased that BlueCat Networks is positioned as a top DDI solution in the recent Forrester Research report,” said Michael Hyatt, CEO and Co-Founder of BlueCat Networks. “Our IP Address Management solutions not only deliver the automation and intelligence needed to build a more flexible and efficient network, they also provide a critical foundation for helping organizations keep pace with emerging business and IT priorities such as the cloud, virtualization, IPv6 and DNSSEC.”

To register for the solution webinar “Five Reasons DDI is Critical to the Network,” please visit: www.bluecatnetworks.com/forrester.

[Read more →]

What kind of IPv6 support will we see in consumer devices at the massive Consumer Electronics Show (CES) happening in Las Vegas this week? The show is already underway and much of the tech media is already writing in breathless prose about the latest tablets, notebooks and zillions of other consumer devices making their debut at CES.

While the bright-shiny-object-chasing side of me definitely notices those articles, my own interest is on a deeper and far more technical level:

how many consumer devices currently support IPv6?

As large ISPs look at making IPv6 available to residences, will the devices and software customers use in the home actually work with an IPv6 network?

I’m getting on a plane tomorrow morning to head out to CES and on Thursday and Friday I’ll be walking the show floor on a quest for IPv6-enabled vendors. A couple of vendors have already reached out to me, both from the voice-over-IP / telecommunications industry, which is good to see.

IF YOU ARE AT CES AND YOUR PRODUCT/SERVICE SUPPORTS IPv6, I’d definitely like to be in contact with you.

I’m looking forward to doing some video interviews and writing some articles here at CircleID about whatever level of IPv6 support (or not) I find at the event.

P.S. I’ll note, too, that on Saturday, the Internet Society team of which I am a part will be participating in a workshop with consumer electronics vendors about IPv6. This workshop is part of the International Conference on Consumer Electronics (ICCE).

Written by Dan York, Author and Speaker on Internet technologies for over 20 years

[Read more →]

In June 2009 we mused in these columns about Long Term Evolution standing for Short Term Evolution as wireless networks started to drown in a data deluge.

It is January 2012 and we keep our heads above the mobile data deluge, even if barely, thanks to a gathering avalanche of LTE networks.

Even the wildest prognoses proved conservative as the GSMA was betting on a more ‘managed’ progression through intermediate steps of gradual increases reasoning that the use of existing investments should be maximized while price declines and threats to existing roaming and SMS revenues also had to be ‘managed’. Continuity implies to postulate that transitions should be gradual, not chaotic or highly disruptive. The last two years, however, turned out to be rather disruptive after a plateau of relative tranquility powered by a steady traffic and revenue growth in the wireless data world. But over the last year we have rather unexpectedly seen industry pillars including Microsoft, Nokia and RIM heaving and creaking under the mobile broadband gusts. Once unassailable Symbian now fades away and Android dominates the charts. Cloud computing combined with ever more Intelligent and versatile end devices is likely to further upset a relatively stable decade when some dominant computer and handheld operating systems were revenue and profit gushers with every new version they issued.

It still holds that faced with deluges of data and floods of handsets and applications, a drought of IP addresses might be perceived as a rather minor issue in the scheme of big things that would be resolved in due time anyway. As address depletion became a reality, the excitement was limited to the circles of digerati and cognoscente but went largely unnoticed by the vast majority. Not so when broadband networks fail to deliver enough bandwidth to provide a satisfactory user experience.

Back in June of 2009 there were no LTE networks operational. Ten of them were forecasted to go live by the end of 2010. The very first to become commercial was Teliasonera in Norway and Sweden on December 14th 2009. In the US, MetroPCS was first of the mark on September 21st 2010 followed by Verizon Wireless on december 5th the same year. In Canada, we saw Rogers Wireless start LTE service in july 2011 with Bell following in September 2011, the same month as AT&T Mobility.

Latest GSM Association figures (registration required) show us that as of January 5th 2012 we have 49 operational LTE networks in 29 countries and 229 deployment commitments in a total of 79 countries. And obviously LTE networks have to be able to talk to each other. This in turn is generating furious activity to deploy IPX exchanges to provide data and voice roaming in an all IP environment, a topic by itself, and keeping a number of us quite busy over the last six months.

And what about IPv6 in all of this? It is or soon will be under the hood. Verizon announced from the start that their devices would support IPv6 as recommended in the LTE specifications and they kept their word. Some mobile network operators have been rather discreet but are quietly working on their IPv6 deployment. They consider upcoming IPv6 support as implicit; IP addresses are IP addresses, their format is irrelevant to the general public.

Mobile operators often cited lack of LTE ready enabled end devices as a delaying factor. That argument is now passé. End of October, the GSA listed 197 LTE enabled devices from 48 manufacturers, up threefold since February 2011 and the list includes 27 smart phones. And If you happen to be enjoying the Consumer Electronics Show in Vegas this week, LTE devices are hot!

Now that both voice and data are becoming more widely available as voice over LTE concerns move backstage, competitive pressure should start working its magic. The choice and the application versatility of LTE enabled devices associated with quality of service and adequate pricing is what turns on a mobile broadband hungry public.

We already start to feel the acceleration of the LTE powered mobile broadband bullet train. The art will be to translate this in IPv6 traffic growth forecasts. I have a vague feeling that the most accurate forecasts will unlikely be based on some prudent extrapolations.

Let IPv6 enjoy the LTE ride.

Written by Yves Poppe, Director, Business Development IP Strategy at Tata Communications

[Read more →]

Nixu NameSurfer® Suite – Latest 7.1.1 version introduces a centralized reporting tool for DDI, a number of IPAM enhancements. (Click to Enlarge)Nixu Software has today made a new intermediate release of Nixu NameSurfer® Suite, the flagship DNS, DHCP and IP Address Management solution. The latest 7.1.1 version introduces a centralized reporting tool for DDI, a number of IPAM enhancements including integration between IPv6 blocks and Nixu DHCP Server instances running in DHCPv6 mode, and a newly designed external authentication mechanism supporting LDAP, RADIUS and TACACS.

“The latest version of Nixu NameSurfer expands the dashboard we introduced in Nixu NameSurfer 7 Series into a global DDI toolset” said Juha Holkkola, the Managing Director of Nixu Software. “The design principle behind the global DDI toolset is to provide network administrators and managers with a set of interactive tools that can be used to monitor and manage the entire DDI environment from a single screen.”

A high percentage of enterprise and carrier customers still base their IPAM reporting on static Excel spreadsheets. The new reporting tool included in Nixu NameSurfer Suite 7.1 series provides a set of reports that can be exported in pdf format facilitating the viewing, sharing and storing of DDI-related information offline. To support legacy reporting methods, also csv exports continue to be supported.

The native integration between IPv6 blocks managed in Nixu NameSurfer IPAM and Nixu DHCP Servers running in DHCPv6 mode marks another pioneering step by Nixu Software in supporting and encouraging IPv6 connectivity. Thanks to this functionality, the IP Address Management processes for both IPv4 and IPv6 networks can be aligned and carried out transparently from a centralized IPAM solution.

“Having first introduced support for dual-stack DNS environments as early as 2004, we have been watching the dual-stack networking scene closely for more than five years. As we are now seeing an increasing number of IPv6 — enabled network environments going live, we felt this is a perfect time to add the last part to the IPv6 DDI puzzle” added Juha Holkkola.

Find out more about Nixu NameSurfer Suite and download a free evaluation.

[Read more →]

Listed below are the top ten most popular news, blogs, and industry updates featured on CircleID in 2011 based on the overall readership of the posts for the year. Congratulations to all the participants whose posts reached top readership and best wishes to the entire community for 2012. Happy New Year!

Top 10 Featured Blogs in 2011:

1. A Fairness ‘Scorecard’ for Trademark Protection Under the New gTLDs
   
   By Konstantinos Komaitis, Feb 23, 2011 (33,350 views)
2. IP Addressing in the New Age of Scarcity
   
   By Peter Thimmesch, May 27, 2011 (21,563 views)
3. Smartphones: Too Smart for Mobile Operators?
   
   By Henry Lancaster, Aug 03, 2011 (21,144 views)
4. On Mandated Content Blocking in the Domain Name System
   
   By Paul Vixie, Mar 18, 2011 (16,315 views)
5. Court Approves Nortel’s Sale of IPv4 Addresses to Microsoft
   
   By Benson Schliesser, Apr 27, 2011 (13,173 views)
6. The Design of the Domain Name System, Part VIII – Names Outside the DNS
   
   By John Levine, Sep 17, 2011 (12,399 views)
7. Top Public DNS Resolvers Compared
   
   By Michael Meisel, Apr 07, 2011 (12,217 views)
8. Why the Lawsuit Against .XXX Maybe the Best Sales Tool Ever For New gTLD Applicants
   
   By Michael Berkens, Nov 17, 2011 (9,466 views)
9. Independence and Security Online Have Not Yet Been Won
   
   By Mike Dailey Jul 03, 2011 (9,373 views)
10. Comcast’s Impressive System for Notifying Infected Users
    
    By J.D. Falk, Mar 01, 2011 (9,216 views)

Top 10 News in 2011:

1. <a href="http://www.circleid.com/posts/20110619_new_top_level_domains_are_approved_By_icann/”>New Top-Level Domains Approved By ICANN
   
   Jun 19, 2011 (44,312 views)
2. ICANN Approves .XXX
   
   Mar 18, 2011 (20,936 views)
3. Experts Urge Congress to Reject DNS Filtering from PROTECT IP Act, Serious Technical Concerns Raised
   
   May 26, 2011 (12,284 views)
4. Microsoft Offers $7.5 Million to Buy 666,624 IPv4 Addresses
   
   Mar 25, 2011 (9,600 views)
5. Egyptian Government Shuts Down Most Internet and Cell Services
   
   Jan 28, 2011 (3,988 views)
6. US Government Domain Seizure Results in Unintended Shutdown of Thousands of Websites
   
   Feb 16, 2011 (3,962 views)
7. J.D. Falk: 1974 – 2011
   
   Nov 17, 2011 (3,918 views)
8. Cybercriminals Shifting Focus From Windows PCs to Other Systems and Mobile
   
   Jan 20, 2011 (3,823 views)
9. Researchers Report New Method for Detecting Domain-Fluxing
   
   Mar 28, 2011 (3,633 views)
10. Microsoft, Federal Agencies Take Down Rustock Botnet
    
    Mar 18, 2011 (3,607 views)

Top 10 Industry News in 2011 (sponsored posts):

1. Google Says “Think Mobile” …and then goMobi
   
   By dotMobi, Feb 15, 2011 (6,120 views)
2. The Botnet-Counterfeit Drugs Connection
   
   By MarkMonitor, Apr 01, 2011 (4,928 views)
3. New gTLD Timeline Announced and .XXX Approved
   
   By MarkMonitor (4,253 views)
4. Second Half 2010 “Dashboard” Domain Name Report – Released
   
   By PIR, Feb 14, 2011 (3,666 views)
5. MarkMonitor Report: How Scammers Generate Significant Traffic Promoting Suspected Counterfeit Goods
   
   By MarkMonitor, Feb 01, 2011 (3,536 views)
6. AusRegistry Int. and Crowell & Moring Join Forces to Support New Top-Level Domain Applicants
   
   By ARI Registry Services, Mar 14, 2011 (3,507 views)
7. Celebrity Marketing Guru Jeffrey Hayzlett to Promote New TLDs for AusRegistry International
   
   By ARI Registry Services, Jun 17, 2011 (3,472 views)
8. Minds + Machines’ Parent Company, TLDH, Appoints Peter Dengate Thrush as Executive Chairman
   
   By Minds + Machines, Jul 17, 2011 (3,457 views)
9. DNSSEC is Just the Beginning
   
   By .CO Internet, Mar 02, 2011 (3,421 views)
10. Landrush for New Domain Extension – .GR.COM
    
    By CentralNic, Jan 11, 2011 (3,421 views)

Written by CircleID Reporter

[Read more →]

An interesting new paper from the Naval Postgraduate School (paper here, conference slides here) describes what appears to be an interesting new twist on spam filtering, looking at the characteristics of the TCP session through which the mail is delivered.

They observe that bots typically live on cable or DSL connections with slow congested upstreams. TCP sessions from bots turn out to be fairly easy to recognize by RTT, window, and retransmits, something that people have known at least since a paper at the 2008 CEAS conference on the topic.

This paper tries to see whether it would be practical to use that info to manage spam in real time. They have a network analyzer called SpamFlow that figures out per-connection characteristics. Then as a proof of concept they wrote a Spamassassin plugin to train on the data from SpamFlow and try and do filtering. They do some sort of hand-wavey load testing to see whether SpamFlow can keep up with a realistic mail load, and if it trains fast enough that it would provide useful data in real time. They claim that their results show that it does both.

It’s not obvious how best you would use this in combination with all of the other anti-spam tools people we have, most notably blacklists like the CBL that very accurately identify IPs of botted hosts by looking at the characteristics of mail received at large spamtraps. One thing that occurs to me is this sort of thing might be useful if mail moves to IPv6, since building v6 blacklists will be hard due to the size of the address space, while this lets you estimate the bottiness of each connection directly. Also, rather than accepting or rejecting mail, you might slow down mail reception from hosts that seem to be bots, both to give preference to non-bot senders, and because bots tend to be impatient so if you slow down a dubious connection and it gives up, it was probably a bot. The Turntide appliance did something similar five years ago, although it used different heuristics for deciding what to slow down.

This technique looks only at the characteristics of the TCP session, and not at the contents of the session, which means it also doesn’t look at the contents of the messages. It might be useful in contexts where for legal or political reasons the spam filter isn’t allowed to look at the messages, but users want spam filtering anyway. The authors point out that it is in principle applicable to any TCP transaction, so it might be useful against web queries from bots, too.

It’s hardly a FUSSP, but it’s an interesting paper.

Written by John Levine, Author, Consultant & Speaker

[Read more →]