Comment 166 for bug 417757

Ricardo,

Actually, if you are having the problem with your ISP, I suspect a
large number of technical and non-technical people on the same ISP are
having timeout problems with other operating systems and applications.
The difference is that you are a knowledgeable user that has
identified and knows how to solve the problem. E-mail me directly with
the ISP name and I would be willing to contact them about the problem.

Actually my studies show that 75% of device on the internet today have
or could have IPv6 enabled. I was only sharing the 'conservative
numbers'. The biggest jump in IPv6 users in the last 12 months was due
to BitTorrent clients on windows system enabling IPv6 tunneling
(Teredo).

Over the next 4 years, all of the major ISP's are expected to move
quickly to dual stack and IPv4 over IPv6 transport. Comcast should be
the first, followed the the crowd of cable provides then telcom
providers. So 0.1% might be small today, but should get to +1% by the
end of 2010.

Again on the security side, there are many attacks which have been and
are accruing on unsuspecting networks which have IPv6 enable but do
not have proper IPv6 security controls (IPv6 capable firewalls,
routers, IDS,...). The first attack was back in 2002 on a debian
distro that did not have IPv6 firewall enabled, but did have the IPv4
enabled. So continue to believe there are no IPv6 security attacks,
the same way as many people said back in 2002, there are no wifi
attacks and WEP is secure!

BTW, I am not having the problem, I loaded Miredo on my Ubuntu system
and it seem to be fine. With that in mind, have we considered just
having Miredo installed by default on the Distro?

Joe

On Wed, Nov 18, 2009 at 5:39 PM, Ricardo Fernández <email address hidden> wrote:
> #162
>
> Yeah I'll tell my ISP to upgrade their Hardware because my Ubuntu
> doesn't work. That will surely work. *sigh*
>
> Also they are over 600+ million internet users around the world (maybe
> more?), 4 millions using IPv6 is around 0.7% of the internet users.. so
> yeah, pretty much no one. And how many of thoses 4 millions use Ubuntu ?
> let me guess it should be below 0.1%, so, making IPv6 enabled by default
> will only be used by 0.1% (below that number to be honest). Default
> should be for the other 99.9%.
>
> Yes they are a lot of systems shipped with IPv6, the point is thoses
> systems _works_ and Ubuntu 9.10 doesn't (not the whole distro of course,
> just this "cant use internet thing").
>
> You can't ask everybody to update their whole network hardware to IPv6
> to make Ubuntu works, thats quite hard to do, it is easier just to
> switch distro (Like Fedora, Debian, anything) or just Windows 7, and
> thats what most people will do when they try to use their favorite
> distro (Ubuntu) and notice the slow internet.
>
> On the security side, just because a firewall/router doesn't process
> IPv6 it doesn't mean you can use some sort of attack, you can't attack
> something that doesn't understand you, at most you can just try to DoS
> it, so I'm quite sure no one is afraid of a IPv6 attack over a IPv4
> network.
>
> --
> [karmic regression] all network apps / browsers suffer from multi-second delays by default due to IPv6 DNS lookups
> https://bugs.launchpad.net/bugs/417757
> You received this bug notification because you are a member of IPv6 Task
> Force, which is a direct subscriber.
>
> Status in “glibc” package in Ubuntu: Confirmed
> Status in “network-manager” package in Ubuntu: Invalid
> Status in “glibc” source package in Lucid: Confirmed
> Status in “network-manager” source package in Lucid: Invalid
> Status in “glibc” source package in Karmic: Confirmed
> Status in “network-manager” source package in Karmic: Invalid
> Status in “glibc” package in Fedora: Confirmed
>
> Bug description:
> In Karmic, DNS lookups take a very long time with some routers, because glibc's DNS resolver tries to do IPv6 (AAAA) lookups even if there are no (non-loopback) IPv6 interfaces configured. Routers which do not repond to this cause the lookup to take 20 seconds (until the IPv6 query times out).
>