As most of you probably know, Google and several other websites are switching to IPv6 today and are never returning to IPv4.

Linux and Kubuntu are IPv6 capable using 6to4 tunneling. Teredo automatic tunneling can be had by installing Miredo, a Teredo clone running as a daemon.

Anyway, I decided to test the relative speed of IPv4 vs IPv6 using ping and ping6. Yesterday ping6 would only return results if I pinged the localhost using "ping6 ::1". "ping6 google.com" returned nothing.

Here are the results today.



:~$ ping6 google.com
PING google.com(iad23s08-in-x09.1e100.net) 56 data bytes
64 bytes from iad23s08-in-x09.1e100.net: icmp_seq=1 ttl=59 time=395 ms
64 bytes from iad23s08-in-x09.1e100.net: icmp_seq=2 ttl=59 time=72.6 ms
64 bytes from iad23s08-in-x09.1e100.net: icmp_seq=3 ttl=59 time=73.7 ms
64 bytes from iad23s08-in-x09.1e100.net: icmp_seq=4 ttl=59 time=76.4 ms
64 bytes from iad23s08-in-x09.1e100.net: icmp_seq=5 ttl=59 time=71.0 ms
64 bytes from iad23s08-in-x09.1e100.net: icmp_seq=6 ttl=59 time=74.9 ms
64 bytes from iad23s08-in-x09.1e100.net: icmp_seq=7 ttl=59 time=75.1 ms
64 bytes from iad23s08-in-x09.1e100.net: icmp_seq=8 ttl=59 time=73.5 ms
64 bytes from iad23s08-in-x09.1e100.net: icmp_seq=9 ttl=59 time=73.4 ms
^C64 bytes from iad23s08-in-x09.1e100.net: icmp_seq=10 ttl=59 time=70.3 ms


--- google.com ping statistics ---
10 packets transmitted, 10 received, 0% packet loss, time 9002ms
rtt min/avg/max/mdev = 70.335/105.650/395.130/96.509 ms




:~$ ping google.com
PING google.com (74.125.228.5) 56(84) bytes of data.
64 bytes from iad23s05-in-f5.1e100.net (74.125.228.5): icmp_req=1 ttl=47 time=52.9 ms
64 bytes from iad23s05-in-f5.1e100.net (74.125.228.5): icmp_req=2 ttl=47 time=54.9 ms
64 bytes from iad23s05-in-f5.1e100.net (74.125.228.5): icmp_req=3 ttl=47 time=54.9 ms
64 bytes from iad23s05-in-f5.1e100.net (74.125.228.5): icmp_req=4 ttl=47 time=51.6 ms
64 bytes from iad23s05-in-f5.1e100.net (74.125.228.5): icmp_req=5 ttl=47 time=53.1 ms
64 bytes from iad23s05-in-f5.1e100.net (74.125.228.5): icmp_req=6 ttl=47 time=52.0 ms
64 bytes from iad23s05-in-f5.1e100.net (74.125.228.5): icmp_req=7 ttl=47 time=52.1 ms
64 bytes from iad23s05-in-f5.1e100.net (74.125.228.5): icmp_req=8 ttl=47 time=51.7 ms
64 bytes from iad23s05-in-f5.1e100.net (74.125.228.5): icmp_req=9 ttl=47 time=53.3 ms
64 bytes from iad23s05-in-f5.1e100.net (74.125.228.5): icmp_req=10 ttl=47 time=51.2 ms
^C
--- google.com ping statistics ---
10 packets transmitted, 10 received, 0% packet loss, time 9011ms
rtt min/avg/max/mdev = 51.250/52.823/54.996/1.269 ms
:~$




An IP lookup for Google.com gives:
IP: 74.125.228.9 (http://www.ip-adress.com/ip_addresses/74.125.228.9)
IP Country: http://www.ip-adress.com/flags/ca.png Canada
This IP address resolves to iad23s05-in-f9.1e100.net
which is what is given when I use ping6.


I find it odd that ping6 is resolving to an IPv4 address instead of eight quad digits. aaaa:bbbb:cccc:dddd:eeee:ffff:gggg:hhhh or an abbreviated version of an 8 quad. Tracing doesn't give a hint of IPv6 routing.
???

Also, it is odd that for 10 pings both returned essential the same time, 9000ms, but the IPv6 packets averaged 2 times longer than IPv4 packets and the deviation was 75 times wider. Somethings wrong with the way IPv6 is collecting, computing or recording its data. When adding up the returns I compute:
ping6 1,055.9
ping 527.7
which shows that IPv4 is twice as fast as IPv6. Yet, by my watch they both took about the same amount of time, ten seconds. IF IPv4 were twice as fast as IPv6 it should have taken only about 5 seconds, or IPv6 should have taken 20 seconds.???


Tunneling takes its toll on speed it appears.

My TP-Link 1043DN wireless doesn't support IPv6. I am not sure my TimeWarner modem does either. Looks like I will be looking into buying a wireless router that does and replacing my modem with one that does.

I located Google's IPv6 website. It is ipv6.google.com
Using whois I got this IP address: 2a00:1450:4016:801::1010

Using ping6 I got this return:


:~$ ping6 2a00:1450:4016:801::1010
PING 2a00:1450:4016:801::1010(2a00:1450:4016:801::1010) 56 data bytes
64 bytes from 2a00:1450:4016:801::1010: icmp_seq=4 ttl=57 time=651 ms
64 bytes from 2a00:1450:4016:801::1010: icmp_seq=3 ttl=57 time=1674 ms
64 bytes from 2a00:1450:4016:801::1010: icmp_seq=2 ttl=57 time=2682 ms
64 bytes from 2a00:1450:4016:801::1010: icmp_seq=1 ttl=57 time=3691 ms
64 bytes from 2a00:1450:4016:801::1010: icmp_seq=5 ttl=57 time=240 ms
64 bytes from 2a00:1450:4016:801::1010: icmp_seq=6 ttl=57 time=265 ms
64 bytes from 2a00:1450:4016:801::1010: icmp_seq=7 ttl=57 time=256 ms
64 bytes from 2a00:1450:4016:801::1010: icmp_seq=8 ttl=57 time=228 ms
64 bytes from 2a00:1450:4016:801::1010: icmp_seq=9 ttl=57 time=243 ms
^C
--- 2a00:1450:4016:801::1010 ping statistics ---
9 packets transmitted, 9 received, 0% packet loss, time 8031ms
rtt min/avg/max/mdev = 228.723/1103.750/3691.810/1219.875 ms, pipe 4
:~$


Checking my own address:


:~$ ip -6 addr show dev wlan0 scope link
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
inet6 fe80::76de:2bff:fe36:e435/64 scope link
valid_lft forever preferred_lft forever
jerry@jerry-Aspire-7739:~$


Google has added IPv6 DNS addresses:


Hi, Google Public DNS users,
To celebrate World IPv6 Day
<http://googleblog.blogspot.com/2011/06/world-ipv6-day-begins-24-hours... (http://www.google.com/url?sa=D&q=http://googleblog.blogspot.com/2011/06/world-ipv6-day-begins-24-hours-from-now.html&usg=AFQjCNEvNptDBCOtCECWXbenvPIL9LU6rA)>,
Google Public DNS <http://code.google.com/speed/public-dns/ (http://www.google.com/url?sa=D&q=http://code.google.com/speed/public-dns/&usg=AFQjCNHM6P63vKIqQLyljqERrJVLIi14aQ)> is now
also available to IPv6 users. Although it has always been possible to
resolve AAAA records with Google Public DNS, today we are adding the
ability to reach Google Public DNS servers over IPv6.

We will be soon publishing detailed information related to the use and
configuration of Google Public DNS over IPv6. In the meantime, systems
with IPv6 support can use Google Public DNS over IPv6 by changing the
system DNS server settings to use one or both of the following Google

Public DNS IPv6 addresses:

2001:4860:4860::8888
2001:4860:4860::8844


Happy IPv6 day!


Firewalls:

One can install ip6tables:
sudo modprobe ip6_tables

and lsmod will list it:


:~$ lsmod | grep ip6
ip6_tables 27864 0
x_tables 29846 1 ip6_tables
:~$


The ip6tables command will list the current rules after a fresh modprobe:


:~$ sudo ip6tables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination


Chain FORWARD (policy ACCEPT)
target prot opt source destination


Chain OUTPUT (policy ACCEPT)
target prot opt source destination
jerry@jerry-Aspire-7739:~$


How about this:


:~$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
link/ether 38:60:77:78:40:c8 brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 74:de:2b:36:e4:35 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.100/24 brd 192.168.1.255 scope global wlan0
inet6 fe80::76de:2bff:fe36:e435/64 scope link
valid_lft forever preferred_lft forever
10: teredo: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 qdisc pfifo_fast state UNKNOWN qlen 500
link/none
inet6 2001:0:53aa:64c:188e:2c81:e720:5a2/32 scope global
valid_lft forever preferred_lft forever
inet6 fe80::ffff:ffff:ffff/64 scope link
valid_lft forever preferred_lft forever
:~$


That listing mentions Teredo, and I haven't run Miredo.


ALL of this stuff is totally new to me. I've only paid attention to IPv4. Guess it's back to the books...

Ubuntu has a site on IPv6: https://wiki.ubuntu.com/IPv6

I found at http://www.bieringer.de/linux/IPv6/
which leads to:
http://www.ibiblio.org/pub/Linux/docs/HOWTO/other-formats/html_single/Linux+IPv6-HOWTO.html#CONFIGURATION-DEBIAN-LINUX

From the Ubuntu Wiki on IPv6:

Special IPv6 address ranges

Address ranges are specified using a prefix. This is similar to the IPv4 concept of a network prefix and netmask, but in IPv6 we always use CIDR notation to specify the number of bits at the start of the mask that are 1. For example, the address range fe80::/10 includes all addresses that are the same as the address fe80:: in the first 10 bits, i.e. all beginning with the bit pattern 1111 1110 10. One hex digit corresponds to four bits: 1111 is f, 1110 is e. 10 is the most significant two bits of 1000 which is 8 in hex, but since this length is not a multiple of 4, the range also includes addresses with this digit set to 9 (1001), a (1010) and b (1011). Obviously a network prefix of length 128 specifies an individual address.


IPv6 address
Prefix length (bits)
Description
Notes


::
128
unspecified
Used for default route and router solicitations. cf. 0.0.0.0 in IPv4


::1
128
loopback address
cf. 127.0.0.1 in IPv4


::ffff:a.b.c.d
96
IPv4 mapped IPv6 address
The lower 32 bits are the IPv4 address. Used in socket API's to represent IPv4 hosts.


fe80::
10
link-local
Unroutable autoconfigured addresses used on a LAN, e.g. for DHCPv6


fc00::
7
unique local
Addresses used only within an autonomous system, unroutable globally. Cf. RFC 1918 addresses such as used in NAT.


ff00::
8
multicast


2000::
3
global unicast
All global unicast addresses currently begin with 2.



Some IPv6 address prefixes have been deprecated, and should no longer be used.


deprecated IPv6 address
Prefix length (bits)
Description
Notes


3ffe::
16
6bone prefix
Used 1998-2006.


::a.b.c.d
96
embedded IPv4
96 zero bits followed by 32 IPv4 bits. Also called “IPv4 compatible IPv6 address”. Replaced by mapped addresses.


fec0::
10
site-local
Replaced by Unique Local Addresses



Some address prefixes are special use:


special IPv6 address
Prefix length (bits)
Description
Notes


2001:db8::
32
documentation examples
Not to be routed.


2001:0::
32
Teredo tunnels
the remaining bits come from a Teredo server and the client NAT device.


2002::
16
6to4 tunnels
the next 32 bits are the client IPv4 address

Test your connection for IPv6 or tunneling:
http://ipv6test.google.com/

Good research, Jerry!


As most of you probably know, Google and several other websites are switching to IPv6 today and are never returning to IPv4.
"Never returning to IPv4"? Where did you see that? According to Google's own IPv6 FAQ, they specifically state "IPv4 services will continue to operate as usual." Wouldn't surprise me if some tech "journalist" got it wrong...


Yesterday ping6 would only return results if I pinged the localhost using "ping6 ::1". "ping6 google.com" returned nothing... Here are the results today.
Because their IPv6 DNS wasn't on yesterday.


I find it odd that ping6 is resolving to an IPv4 address instead of eight quad digits. aaaa:bbbb:cccc:dddd:eeee:ffff:gggg:hhhh or an abbreviated version of an 8 quad. Tracing doesn't give a hint of IPv6 routing.
A later statement you made explains why:

My TP-Link 1043DN wireless doesn't support IPv6. I am not sure my TimeWarner modem does either.


Tunneling takes its toll on speed it appears.
Indeed. And, possibly, your NIC doesn't have offload capability for tunneling, and therefore your IP stack has to perform the tunneling (and corresponding header checksum calculations) using the CPU.


Checking my own address:

:~$ ip -6 addr show dev wlan0 scope link
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
inet6 fe80::76de:2bff:fe36:e435/64 scope link
valid_lft forever preferred_lft forever
The range fe80::/10 is reserved for autoconfigured and unroutable link-local addresses. This is equivalent to the IPv4 block 169.254/16.

Your're right, it isn't that Google isn't returning to IPv4, what they said and what I should have wrote is that they aren't turning off their IPv6 facilities or websites. I was able to see their IPv6 DNS.

I was doing all my testing with miredo installed, which explains the appearance of the unlinked "Teredo" device. Having Teredo tunneling activated created a problem with my internet connection, which would hang until Teredo timed out and fell through to the IPv4 connection. During those hang periods my mouse could move around on the desktop but clicking on icons appeared to do nothing ... until Teredo timed out, then the application of every icon I had clicked on popped onto the screen. Things would be fine until another IP address was queried and the whole thing repeated it self. I uninstalled miredo this morning and my Internet and desktop are behaving themselves.

I just went to the various test sites, like http://test-ipv6.com (http://test-ipv6.com/)/ and http://ipv6test.google.com/ to test my "IPv6" readiness. The Google site says

"No problems detected.You don’t have IPv6, but you shouldn’t have problems on websites that add IPv6 support"

but the test-i[v6 site says:


"You appear to be able to browse the IPv4 Internet only. You will not be able to reach IPv6-only sites."

which is probably the more truthful statement.

My ISP, Earthlink.net, apparently isn't ready to support IPv6 but the carrier it piggy-backs off of, TimeWarner, had converted "1%" of its consumer base to IPv6. If I swapped my TWC router for an IPv6 capable device, it might be worth swapping out my TP-TL1043DN wireless router for a native IPv6 version because as TWC goes, so goes Earthlink.

When checking out IPv6 "ready" wireless modems on Amazon I noticed that all the inexpensive ones which reported being "IPv6 ready" were using tunneling to do it. I am not going to buy a router that mimics IPv6 by tunneling, I can do that in software and the process is explained clearly on that Ubuntu wiki IPv6 link I cited above. I am not going to pay $200+ for a wireless modem just to get native IPv6 either.

If I don't it probably doesn't matter anyway. IPv4 will probably still be the major protocol on the Internet when I am drooling into my bib at some nursing home.

Anyway, I removed miredo and the hangs caused by it are no longer occurring.

What benefits does one gain by installing miredo? Should one install it?

A number of transition technologies will be in place for a few years to ease the migration from IPv4 to IPv6. It isn't possible to handle all cases with only one kind of tunneling or encapsulation mechanism because it's necessary to deal with a variety of situations. In any given situation, a client might be IPv6 capable but a server might not. The converse might also occur. Clients, or servers, might be behind NAT gateways. These, and other, cases require transition technologies that are designed for the specific connection characteristics.

Wikipedia covers all of these. Some, but not all, are mentioned in the general IPv6 transition mechanisms (https://en.wikipedia.org/wiki/IPv6_transition_mechanisms) article. The column on the right side of that page contains links to individual pages describing all transition technologies, including Teredo.

if you want a cute way to see if you have IPv6 connectivity open telnet and go to towel.blinkenlights.nl if you get black and white you're IPv4 if color IPv6 he he

VINNY

No color, so IPv4 here.

No color, so IPv4 here.

ya me to .........hears where I got that http://www.sixxs.net/misc/coolstuff/

VINNY

well I installed miredo and got my test up to this...............




Your IPv4 address on the public Internet appears to be 209.102.243.176





http://test-ipv6.com/images/knob_info.png
Your IPv6 address on the public Internet appears to be 2001:0:53aa:64c:1c7e:581d:2e99:c4f
Your IPv6 service appears to be: Teredo






(unknown result code: teredo-ipv4pref)




http://test-ipv6.com/images/knob_valid_green.png
The World IPv6 Launch (http://test-ipv6.com/ipv6launch.html) day is June 6th, 2012. Good news! Your current browser, on this computer and at this location, are expected to keep working after the Launch. [more info] (http://test-ipv6.com/#)




http://test-ipv6.com/images/knob_valid_green.png
Congratulations! You appear to have both IPv4 and IPv6 Internet working. If a publisher publishes to IPv6, your browser will connect using IPv6. Note: Your browser appears to prefer IPv4 over IPv6 when given the choice. This may in the future affect the accuracy of sites who guess at your location.




http://test-ipv6.com/images/knob_info.png
Your DNS server (possibly run by your ISP) appears to have no access to the IPv6 Internet, or is not configured to use it. This may in the future restrict your ability to reach IPv6-only sites. [more info] (http://test-ipv6.com/#)




Your readiness scores


10/10
for your IPv4 stability and readiness, when publishers offer both IPv4 and IPv6


9/10
for your IPv6 stability and readiness, when publishers are forced to go IPv6 only





but that telnet thing tells me my IPv6 address is the same as my IPv4 one ......hummmm

@SteveRiley wanna nmap or something that IP for me and see how tight I am or not ;)

VINNY

What benefits does one gain by installing miredo? Should one install it?

When you install miredo from the repository it automatically installs the daemon and modprobes ipv6_tables, ipv6table_filter, x_tables and some other kernel modules whose names I can't remember. So, when you do "ip addr" in a Konsole you'll see the Teredo device and IPv6 address attached to it, but the link property will be empty. The wiki article then tells you how to use Hurricane or the other two IPv6 internet services to complete setting up your dual IPv4 and IPv6 stack.

Like I said, the problem I had while miredo was running is that the IPv6 connection attempt on an IPv4 website would have to time out before my desktop responded to my mouse or keyboard inputs. When it passed off to IPv4, which immediately make a connection, control was returned and all those events waiting in the que responded and I'd get an explosion of browser, email, or Konsole apps onto the screen. Teredo just can't shut down after failing to get an ACK on its first handshake attempt so there is no way to bypass the repeated handshake tries until timeout, unless one changes the timeout duration. But, perhaps they could put the connection attempt into a thread and return control to the desktop so the user could do other things while the busy wheel circled the tab waiting for a response. As it is, the connection attempt appears to be a polling loop that doesn't check the event que until the counter max is reached ... a really poor way to code for an event. An interrupt via a thread would be a lot nicer. That way, IPv6 could take its sweet time but we could continue browsing on other sites until the IPv6 site connected, or it timed out because the site wasn't an IPv6 site. In that event the tab could automatically close to signify that.

Anyway, IPv4 will, IMO, be around for a LONG time. I suspect that it will be the major protocol even five years from now, and possibly longer.

@GreyGeek strange .......I get NO slowdown at all using miredo (with no IPv6 internet services) and seem to be abel to get the http://ipv6.google.com/ page no prob

hear


vinny@Vinnys-HP-G62:~$ sudo netstat -tuanp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:34219 0.0.0.0:* LISTEN 1027/rpc.statd
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 879/rpcbind
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 1487/dnsmasq
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1120/cupsd
tcp 0 0 127.0.0.1:2628 0.0.0.0:* LISTEN 1295/0
tcp6 0 0 :::111 :::* LISTEN 879/rpcbind
tcp6 0 0 ::1:631 :::* LISTEN 1120/cupsd
tcp6 0 0 :::51447 :::* LISTEN 1027/rpc.statd
tcp6 0 0 2001:0:53aa:64c:1:37325 2607:f8b0:4002:802:::80 TIME_WAIT -
tcp6 0 0 2001:0:53aa:64c:1:37321 2607:f8b0:4002:802:::80 ESTABLISHED 4284/firefox
tcp6 0 0 2001:0:53aa:64c:1:37323 2607:f8b0:4002:802:::80 TIME_WAIT -
tcp6 0 0 2001:0:53aa:64c:1:37324 2607:f8b0:4002:802:::80 ESTABLISHED 4284/firefox
tcp6 0 0 2001:0:53aa:64c:1:37322 2607:f8b0:4002:802:::80 ESTABLISHED 4284/firefox
udp 0 0 0.0.0.0:42978 0.0.0.0:* 1720/miredo
udp 0 0 127.0.0.1:53 0.0.0.0:* 1487/dnsmasq
udp 0 0 0.0.0.0:68 0.0.0.0:* 1460/dhclient
udp 0 0 0.0.0.0:111 0.0.0.0:* 879/rpcbind
udp 0 0 0.0.0.0:41449 0.0.0.0:* 1027/rpc.statd
udp 0 0 0.0.0.0:622 0.0.0.0:* 879/rpcbind
udp 0 0 127.0.0.1:779 0.0.0.0:* 1027/rpc.statd
udp 0 0 0.0.0.0:5353 0.0.0.0:* 1097/avahi-daemon:
udp 0 0 0.0.0.0:60663 0.0.0.0:* 1097/avahi-daemon:
udp6 0 0 :::57227 :::* 1097/avahi-daemon:
udp6 0 0 :::111 :::* 879/rpcbind
udp6 0 0 :::622 :::* 879/rpcbind
udp6 0 0 :::5353 :::* 1097/avahi-daemon:
udp6 0 0 :::56867 :::* 1027/rpc.statd

notice the tcp6 in the protocol line
am I missing something hear?

VINNY

Vinny,
What does "ip addr" give you? Mine gives me this:


:~$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
link/ether 38:60:77:78:40:c8 brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 74:de:2b:36:e4:35 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.100/24 brd 192.168.1.255 scope global wlan0
inet6 fe80::76de:2bff:fe36:e435/64 scope link
valid_lft forever preferred_lft forever
17: teredo: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 qdisc pfifo_fast state UNKNOWN qlen 500
link/none
inet6 2001:0:53aa:64c:20e4:4586:e720:5a2/32 scope global
valid_lft forever preferred_lft forever
inet6 fe80::ffff:ffff:ffff/64 scope link
valid_lft forever preferred_lft forever

and, I can display http://ipv6.google.com/
Without miredo I cannot display the ipv6 google.com page.

As I understand it, the teredo inet6 address is that created by using the mac of my wireless, sticking "fffe" in the middle of it, and removing the odd numbered colons. Then attach the prefix "2001:0:53aa:" to it, or something like that.

Did you "modprobe ipv6"?

P.S. -- also, are you connecting via a wireless router or an ethernet cable to you box?

Vinny,

I think I found wny the slowdown. Yesterday I only used the ping6 and such (*6) tools to test the internet, and I modprobe'd ipv6_tables and later installed miredo. Doing that allowed me to test ipv6.google.com, which reported I was ready. The other test site said I wasn't and gave me a paragraph like yours except that my IPv6 score was 0/10.

Just now I only installed miredo and here is my test results:



http://test-ipv6.com/images/knob_info.png
Your IPv4 address on the public Internet appears to be 24.223.250.93





http://test-ipv6.com/images/knob_info.png
Your IPv6 address on the public Internet appears to be 2001:0:53aa:64c:20e4:4586:e720:5a2
Your IPv6 service appears to be: Teredo







(unknown result code: teredo-ipv4pref)




http://test-ipv6.com/images/knob_valid_green.png
The World IPv6 Launch (http://test-ipv6.com/ipv6launch.html) day is June 6th, 2012. Good news! Your current browser, on this computer and at this location, are expected to keep working after the Launch. [more info] (http://test-ipv6.com/#)




http://test-ipv6.com/images/knob_valid_green.png
Congratulations! You appear to have both IPv4 and IPv6 Internet working. If a publisher publishes to IPv6, your browser will connect using IPv6. Note: Your browser appears to prefer IPv4 over IPv6 when given the choice. This may in the future affect the accuracy of sites who guess at your location.




http://test-ipv6.com/images/knob_info.png
Your DNS server (possibly run by your ISP) appears to have no access to the IPv6 Internet, or is not configured to use it. This may in the future restrict your ability to reach IPv6-only sites.[more info] (http://test-ipv6.com/#)




Your readiness scores


10/10
for your IPv4 stability and readiness, when publishers offer both IPv4 and IPv6


9/10
for your IPv6 stability and readiness, when publishers are forced to go IPv6 only






But, the telnet StarWars epic, like yours, is not in color. ???

I've begun procedures to establish an SIXXS account and use their AICCU tunneling through their server.

P.S. -- I get only one tcp6 and three udp6 protocols when miredo is running.


tcp6 0 0 ::1:631 :::* LISTEN 1051/cupsd
udp6 0 0 :::5353 :::* 1031/avahi-daemon:
udp6 0 0 :::38240 :::* 1031/avahi-daemon:


P.S.-P.S.-- After running miredo WITHOUT modprobing ipv6_tables for an hour or so I am having a smooth internet experience, without any hangs. It may have been some ip6tables errors that caused the hang.

@GreyGeek
Hmmm same as yours I think


vinny@Vinnys-HP-G62:~$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN qlen 1000
link/ether 2c:27:d7:cf:df:91 brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1492 qdisc mq state UP qlen 1000
link/ether c0:f8:da:a8:39:5e brd ff:ff:ff:ff:ff:ff
inet 192.168.2.3/24 brd 192.168.2.255 scope global wlan0
inet6 fe80::c2f8:daff:fea8:395e/64 scope link
valid_lft forever preferred_lft forever
5: teredo: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 qdisc pfifo_fast state UNKNOWN qlen 500
link/none
inet6 2001:0:53aa:64c:1c7e:581d:2e99:c4f/32 scope global
valid_lft forever preferred_lft forever
inet6 fe80::ffff:ffff:ffff/64 scope link
valid_lft forever preferred_lft forever
vinny@Vinnys-HP-G62:~$


and yes I'm using wireless .
I was thinking of setting up that SIXXS account as well !!

Just installed miredo and went to http://test-ipv6.com/ and these are my results.



http://test-ipv6.com/images/knob_info.png
Your IPv4 address on the public Internet appears to be 216.137.232.146





http://test-ipv6.com/images/knob_info.png
Your IPv6 address on the public Internet appears to be 2001:0:53aa:64c:18ce:4a1b:2776:176d
Your IPv6 service appears to be: Teredo







(unknown result code: teredo-ipv4pref)




http://test-ipv6.com/images/knob_valid_green.png
The World IPv6 Launch (http://test-ipv6.com/ipv6launch.html) day is June 6th, 2012. Good news! Your current browser, on this computer and at this location, are expected to keep working after the Launch. [more info] (http://test-ipv6.com/#)




http://test-ipv6.com/images/knob_valid_green.png
Congratulations! You appear to have both IPv4 and IPv6 Internet working. If a publisher publishes to IPv6, your browser will connect using IPv6. Note: Your browser appears to prefer IPv4 over IPv6 when given the choice. This may in the future affect the accuracy of sites who guess at your location.




http://test-ipv6.com/images/knob_valid_green.png
Your DNS server (possibly run by your ISP) appears to have IPv6 Internet access.




Your readiness scores


10/10
for your IPv4 stability and readiness, when publishers offer both IPv4 and IPv6


10/10
for your IPv6 stability and readiness, when publishers are forced to go IPv6 only






Added:
Just signed up for my SixXS IPv6 account. Awaiting the 'human' verification of my registration email response. Thinking about the results above, I wonder if a SixXS IPv6 account is even necessary. Guess it won't hurt to have it. I still don't get the color Star Wars console test.

I missed the breaking points on the ipv6 IP.
Mine is:
2001:0:53aa:64c:20e4:4586:e720:5a2/32

Yours is:
2001:0:53aa:64c:1c7e:581d:2e99:c4f/32

The numbers in red are the same. I read somewhere that "2001:0" indicates a Teredo tunnel. I don't know what the "53aa:64c" represents.

I am running wireless, too. My ISP is Earthlink and they piggy back on top of TimeWarner.

You can use
host -t aaaa domainname
to check your ISP's support for IPv6.


:~$ host -t aaaa timewarnercable.com
timewarnercable.com has IPv6 address 2001:1998:2002:402::200
and as you can see TimeWarnerCable is IPv6 ready.

Is yours?

https://lists.ubuntu.com/archives/ubuntu-users/2011-March/240807.html


You should now be able to ping and surf IPv6 enabled sites like
ipv6.google.com or www.kame.net (http://www.kame.net). For a ping perform ping6 ipv6.google.com. It's a good idea to think about firewalling within yourclients, because all clients have now a public reachable IPv6 IP. In Ubuntu this is also an very easy task with the new UbuntuFirewall (ufw or uncomplicated firewall), just edit /etc/default/ufw and set IPV6=yes to get started.But, I don't know if activating the ufw will cause the browser hanging I experienced when I modprobed ipv6_tables manually.

Ah, Vinny, I could not understand how miredo was working without access to an IPv4-->IPv6 web server.

I checked /etc/miredo.conf and found


~$ cat /etc/miredo.conf # Please refer to the miredo.conf(5) man page for details.
InterfaceName teredo


# Pick a Teredo server:
#ServerAddress teredo.ipv6.microsoft.com
ServerAddress teredo-debian.remlab.net


# Some firewall/NAT setups require a specific UDP port number:
#BindPort 3545


Instead of Hurricane or SIXXS the tunnel server is teredo-debian.remlab.net, but

:
~$ host -t aaaa teredo-debian.remlab.net
teredo-debian.remlab.net is an alias for teredo.remlab.net.
:~$ host -t aaaa teredo.remlab.net
teredo.remlab.net has no AAAA record

it doesn't have an AAAA record! It's not running IPv6!

???

I read this http://www.debian-administration.org/articles/621:


miredo is a Unix daemon program which mostly implements the Teredo: Tunneling IPv6 over UDP through NAT Internet proposed standard (RFC 4380) - in short it turns your home connection into an IPv6 client.


The tcp6 protocols you were getting in your netstat listing, do they suggest that your equipment is native IPv6. ???

ok hear we go now I'v edited /etc/gai.conf to look like this


# Configuration for getaddrinfo(3).
#
# So far only configuration for the destination address sorting is needed.
# RFC 3484 governs the sorting. But the RFC also says that system
# administrators should be able to overwrite the defaults. This can be
# achieved here.
#
# All lines have an initial identifier specifying the option followed by
# up to two values. Information specified in this file replaces the
# default information. Complete absence of data of one kind causes the
# appropriate default information to be used. The supported commands include:
#
# reload <yes|no>
# If set to yes, each getaddrinfo(3) call will check whether this file
# changed and if necessary reload. This option should not really be
# used. There are possible runtime problems. The default is no.
#
# label <mask> <value>
# Add another rule to the RFC 3484 label table. See section 2.1 in
# RFC 3484. The default is:
#
label ::1/128 0
label ::/0 1
label 2002::/16 2
label ::/96 3
label ::ffff:0:0/96 4
#label fec0::/10 5
#label fc00::/7 6
#label 2001:0::/32 7
#
# This default differs from the tables given in RFC 3484 by handling
# (now obsolete) site-local IPv6 addresses and Unique Local Addresses.
# The reason for this difference is that these addresses are never
# NATed while IPv4 site-local addresses most probably are. Given
# the precedence of IPv6 over IPv4 (see below) on machines having only
# site-local IPv4 and IPv6 addresses a lookup for a global address would
# see the IPv6 be preferred. The result is a long delay because the
# site-local IPv6 addresses cannot be used while the IPv4 address is
# (at least for the foreseeable future) NATed. We also treat Teredo
# tunnels special.
#
# precedence <mask> <value>
# Add another rule to the RFC 3484 precedence table. See section 2.1
# and 10.3 in RFC 3484. The RFC requires:
#
precedence ::1/128 50
precedence ::/0 40
precedence 2002::/16 30
precedence ::/96 20
precedence ::ffff:0:0/96 10
#
# For sites which prefer IPv4 connections change the last line to
#
#precedence ::ffff:0:0/96 100

#
# scopev4 <mask> <value>
# Add another rule to the RFC 3484 scope table for IPv4 addresses.
# The definitions in RFC 3484 are equivalent to:
#
#scopev4 ::ffff:169.254.0.0/112 2
#scopev4 ::ffff:127.0.0.0/104 2
#scopev4 ::ffff:10.0.0.0/104 5
#scopev4 ::ffff:172.16.0.0/108 5
#scopev4 ::ffff:192.168.0.0/112 5
#scopev4 ::ffff:0.0.0.0/96 14
#
# For sites which use site-local IPv4 addresses behind NAT there is
# the problem that even if IPv4 addresses are preferred they do not
# have the same scope and are therefore not sorted first. To change
# this use only these rules:
#
#scopev4 ::ffff:169.254.0.0/112 2
#scopev4 ::ffff:127.0.0.0/104 2
#scopev4 ::ffff:0.0.0.0/96 14
#
# For sites which use site-local IPv4 addresses behind NAT there is
# the problem that even if IPv4 addresses are preferred they do not
# have the same scope and are therefore not sorted first. To change
# this use only these rules:
#
#scopev4 ::ffff:169.254.0.0/112 2
#scopev4 ::ffff:127.0.0.0/104 2
#scopev4 ::ffff:0.0.0.0/96 14
#
# This is what the Red Hat / Ubuntu setting currently uses.


at default all of it is comented out

now when I do a http://ipv6-test.com/ I get this


When both protocols are available, your browser uses
IPv6

Your internet connection is IPv6 capable
2001:0:53aa:64c:1c7d:560e:2e99:c4f
Lexcom Telephone Company
Address type isTeredo (http://wikipedia.org/wiki/Teredo_tunneling)
Tunneling from 209.102.243.176:43505 (server 83.170.6.76)


Your internet connection is IPv4 capable
209.102.243.176
docsis-cbm-4-176.nclxtn.lexcominc.netLexcom Telephone Company
http://ipv6-test.com/img/flags/US.png (http://ipv6-test.com/stats/country/US)






and when I go to my start page (google)
I get this

vinny@Vinnys-HP-G62:~$ sudo netstat -tuanp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 848/rpcbind
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 1420/dnsmasq
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1246/cupsd
tcp 0 0 0.0.0.0:47004 0.0.0.0:* LISTEN 1016/rpc.statd
tcp 0 0 127.0.0.1:2628 0.0.0.0:* LISTEN 1258/0
tcp 0 0 192.168.2.3:47154 74.125.45.103:80 ESTABLISHED 2175/firefox
tcp6 0 0 :::111 :::* LISTEN 848/rpcbind
tcp6 0 0 ::1:631 :::* LISTEN 1246/cupsd
tcp6 0 0 :::40575 :::* LISTEN 1016/rpc.statd
tcp6 0 0 2001:0:53aa:64c:1:44942 2607:f8b0:4002:802:::80 ESTABLISHED 2175/firefox
tcp6 0 0 2001:0:53aa:64c:1:35882 2001:4860:800a::63:80 TIME_WAIT -
tcp6 0 0 2001:0:53aa:64c:1:44940 2607:f8b0:4002:802:::80 ESTABLISHED 2175/firefox
udp 0 0 0.0.0.0:36909 0.0.0.0:* 1280/avahi-daemon:
udp 0 0 127.0.0.1:53 0.0.0.0:* 1420/dnsmasq
udp 0 0 0.0.0.0:68 0.0.0.0:* 1400/dhclient
udp 0 0 0.0.0.0:111 0.0.0.0:* 848/rpcbind
udp 0 0 0.0.0.0:45335 0.0.0.0:* 1016/rpc.statd
udp 0 0 0.0.0.0:43505 0.0.0.0:* 1680/miredo
udp 0 0 127.0.0.1:768 0.0.0.0:* 1016/rpc.statd
udp 0 0 0.0.0.0:1015 0.0.0.0:* 848/rpcbind
udp 0 0 0.0.0.0:5353 0.0.0.0:* 1280/avahi-daemon:
udp6 0 0 :::111 :::* 848/rpcbind
udp6 0 0 :::47347 :::* 1280/avahi-daemon:
udp6 0 0 :::37387 :::* 1016/rpc.statd
udp6 0 0 :::1015 :::* 848/rpcbind
udp6 0 0 :::5353 :::* 1280/avahi-daemon:
vinny@Vinnys-HP-G62:~$


even though my ISP gives this


vinny@Vinnys-HP-G62:~$ host -t aaaa lexcominc.net
lexcominc.net has no AAAA record


so I think we are getting some where 8)

however that silly telnet star wars thing is still black and white ...........O well

VINNY

I read this http://www.debian-administration.org/articles/621:


The tcp6 protocols you were getting in your netstat listing, do they suggest that your equipment is native IPv6. ???

I doute it my wireless router is 5-10 years old and a cheep one at that .......I did enable IPv6 in my network manager wireless settings however .

and made shure "disabel IPv6" was set to false in firefoxes "about:config" page

VINNY

Here's my test. Also, I enabled ufw and set IPV6=yes, to give my IPv6 tunnel a firewall to supplement the firewall my IPv4 has via my wireless router.


When both protocols are available, your browser usesIPv4

Your internet connection is IPv6 capable
2001:0:53aa:64c:20e4:4586:e720:5a2
Earthlink
Address type isTeredo (http://wikipedia.org/wiki/Teredo_tunneling)
Tunneling from 24.223.250.93:47737 (server 83.170.6.76)


Your internet connection is IPv4 capable
24.223.250.93
user-0cdvuit.cable.mindspring.comEarthlink



http://ipv6-test.com/img/flags/US.png (http://ipv6-test.com/stats/country/US)

I haven't edited the gia.conf file. I'll set mine to match yours and see what it does.

My results:


When both protocols are available, your browser uses

IPv4

Your internet connection is IPv6 capable
2001:0:53aa:64c:18ce:4a1b:2776:176d
MTA Solutions
Address type isTeredo (http://wikipedia.org/wiki/Teredo_tunneling)
Tunneling from 216.137.232.146:46564 (server 83.170.6.76)


Your internet connection is IPv4 capable
216.137.232.146
146-232-137-216.mtaonline.netMTA Solutions
http://ipv6-test.com/img/flags/US.png (http://ipv6-test.com/stats/country/US)

Neat!
Is your ISP IPv6 ready?

I've also activated ufw and turned on IPv6 firewalling.
The following two videos are about IPv6 security:
http://hak5.org/episodes/episode-810
http://hak5.org/episodes/episode-812

http://test-ipv6.com/images/knob_valid_green.png
Your DNS server (possibly run by your ISP) appears to have IPv6 Internet access.



Seems so.

Neat!
Is your ISP IPv6 ready?

I've also activated ufw and turned on IPv6 firewalling.
The following two videos are about IPv6 security:
http://hak5.org/episodes/episode-810
http://hak5.org/episodes/episode-812

how exactly do you set up that ufw ?
I'v never used it

VINNY

Disaster! :eek:

I booted up this morning, anticipating a smooth login. What happened instead is that I got the KDE log in recycle.
It seems that something in my ~/.kde folder was corrupted. Checking the logs I saw an HD bad block error. Don't know if that was the culprit or if it was something I did yesterday re-installing miredo to work with VINNY and compare notes.

So, I booted into the recovery mode with a network connection and disabled ufw, commented out "IPV6=yes", reversed the gai.conf settings, and uninstalled miredo. I renamed ~/.kde to ~/.kde_old and rebooted.

I was presented with a very nice panel and system tray. In fact, much nicer than the one I had been carrying along since I installed Precise Alpha on Jan 3rd of this year. It took about 15 minutes to restore a semblance of what I had before. In fact, it looks better. I never installed the yaWP weather app in the system tray before, and it looks nice there, but I think I'll move it back out onto the desktop to keep the system tray more tidy. Then I'll reinstall miredo and see what happens when I don't do anything else but that.

P.S. -- On a whim I decided to check my desktop settings. Effects were still active. On the advanced tab the "xrender" was replaced by "OpenGL" and the method was "Accurate" instead of "Crisp". OpenGL seems about 10% slower than xrender according to the FPS in Stellarium, but 55fps isn't shabby and I'll stay with OpenGL for a while to see how it works.

Well, this time, I only installed miredo. It gave me this IPv6 address:
2001:0:53aa:64c:2891:59a0:e720:5a2
and my previous miredo setup gave me this:
2001:0:53aa:64c:20e4:4586:e720:5a2

The differences are highlighted. The prefix and suffix are the same. I'm going to search for what they mean.

Anyway, to summarize:

All I needed to do to get a semblance of IPv6 capability is to install miredo. That's it.
Modprobing ip6tables just produced browser hangs. Miredo itself didn't install any ipv6 kernel modules.
Changing /etc/gai.conf didn't seem to affect anything that I could notice.
Turning on the ufw and enabling IPv6 in it didn't appear to do anything either, but that's may be because it always works in the background.
Miredo uses a tunnel server at 83.170.6.76.

Miredo can be turned off using "sudo miredo stop" and turned on using "sudo miredo start".

@GreyGeek all editing the /etc/gai.config dose is get your addresses sorted to prefer IPv6 ....I think!!

I did some nmaping on my IP and THINK I'm ok even without ufw but I would like someone that knows better than me to chime in hear ........like @SteveRiley (you are a security man arnt ya )

hear are the scans I ran


vinny@Vinnys-HP-G62:~$ nmap -A -P0 209.102.243.176

Starting Nmap 5.21 ( http://nmap.org ) at 2012-06-08 14:35 EDT
Nmap scan report for docsis-cbm-4-176.nclxtn.lexcominc.net (209.102.243.176)
Host is up.
All 1000 scanned ports on docsis-cbm-4-176.nclxtn.lexcominc.net (209.102.243.176) are filtered

Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 201.72 seconds


and the IPv6


vinny@Vinnys-HP-G62:~$ nmap -A -P0 -6 2001:0:53aa:64c:1c7d:560e:2e99:c4f

Starting Nmap 5.21 ( http://nmap.org ) at 2012-06-08 14:40 EDT
Nmap scan report for 2001:0:53aa:64c:1c7d:560e:2e99:c4f
Host is up (1.00s latency).
All 1000 scanned ports on 2001:0:53aa:64c:1c7d:560e:2e99:c4f are filtered

Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 30.32 seconds


VINNY

mmm... looks like your IPv6 connection is filtered, VINNY!

Well, VINNY, I got my SixXS tunnel set up awhile ago and have been playing with it.

The test gives me the same readings, 9/10. I suspect that I don't have a 10 because I don't have an IPv6 DNS sets.


Setting up the SixXS tunnel requires:
1) Create an account. They require complete name and address info and a reason why you want a tunnel. After you submit your application you wait until you get an email from them. It will either be a rejection, or it will contain your account name and password.

2) If accepted, you are given a URL to go to where you select your PoP. Any PoP you select MUST give you an access time of under 100ms. Mine pinged out at 28ms. Then you apply for a tunnel for the PoP you selected, also stating why you selected it. I said it was closest to my home town and it pinged well under 100ms.

3) IF your tunnel request is accepted then open Muon and install "aiccu". During installation the aiccu package will ask for your SixXS account name and password. After you enter those two items the package sets up your IPv6 tap. It will have a label of "sixxs".

That's it. Works just like the miredo package except you don't have to go through the application process. There is another thing with SixXS, ISK. These are "credits" which are explained here: https://www.sixxs.net/faq/account/?faq=credits


...
When the credit count is 15 ISK or lower, you will not be able to request new tunnels, subnets or NS entries. This is the so called lower credit threshold/boundary. Note that users with very low credits will automatically be disabled by our robot.
...


My initial credit setting was 10 ISK, so I cannot ask for a subnet or another tunnel, not that I'd need one. But, on the other hand, since I have a dynamic tunnel type I can't loose credits.



Dynamic TunnelsAs dynamic (AYIYA and heartbeat) tunnels won't be up all the time it will only receive a 5 ISK bonus after it has been created for one week. After that uptime credits will be given every two weeks when the tunnel is alive (https://www.sixxs.net/faq/connectivity/?faq=ping).


One can't lose any credits with a dynamic tunnel but the tunnel must be up (https://www.sixxs.net/faq/connectivity/?faq=ping) if you want to receive credits.
Cost Table
The current default cost table is:


Action
Cost


Adding a reverse DNS server
debits
1


Approving a subnet request
debits
4


Approving a tunnel request
debits
5


Deleting a subnet
debits
50


Deletion of a tunnel
debits
25


Moving a tunnel's endpoint / Change Tunnel Type
debits
15


Removing a reverse DNS server
debits
1


Requesting a subnet
debits
10


Requesting a tunnel
debits
10


Static tunnel IPv6 endpoint didn't ping for a day
debits
5


Static tunnel IPv6 endpoint didn't ping for a week (autodisable)
debits
50


The host pinged yet another week
credits
5




The "must be up" phrase means that it must respond to a ping.

SixXS IPv6 : 2001:yourtunnel::1/64
Your IPv6 : 2001:yourtunnel::2/64

You can ping6 the PoP tunnel: "ping6 2001:yourtunnel::1" and if you get a packet listing their end of your tunnel is working.

My approval email listed my tunnel type as "Tunnel Type: Dynamic (ayiya)", which means that I can't loose credits for not being up 100% of the time. BUT, you must use NTP timing to maintain your system time at difference of less than 120 seconds from atomic time or your connection attempt will be refused.

For wireless router users SixXS is somewhat of a pain, having to get approval twice (and explaining your reasons why), but once you get your second email notifying you that your tunnel has been set up, then you can install aiccu and fill in your account id and password. After that it appears to behave exactly like miredo and gives the same test scores to me. The tunnel server for miredo is also free and the miredo process is entirely transparent. No id or password is necessary. From my Chromium point of view the performances are the same.

The big question is how reliable and fast is SixXS compared to teredo-debian.remlab.net (an alias for teredo.remlab.net), which miredo uses?

Well, VINNY, I got my SixXS tunnel set up awhile ago and have been playing with it.


The big question is how reliable and fast is SixXS compared to teredo-debian.remlab.net (an alias for teredo.remlab.net), which miredo uses?

wow sounds like a pain compared to miredo.
are their any advantages to using SixXS over miredo?

incidentally I cant ping either my IPv4 or my IPv6 address

but I guess the IPv6 is working as I get this as soon as I start firefox


vinny@Vinnys-HP-G62:~$ sudo netstat -tuanp
[sudo] password for vinny:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 855/rpcbind
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 3475/dnsmasq
tcp 0 0 0.0.0.0:36789 0.0.0.0:* LISTEN 1027/rpc.statd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1241/cupsd
tcp 0 0 127.0.0.1:2628 0.0.0.0:* LISTEN 1257/0
tcp 0 0 192.168.2.3:58661 199.7.52.72:80 TIME_WAIT -
tcp 0 0 192.168.2.3:44825 173.255.193.141:80 TIME_WAIT -
tcp 0 0 192.168.2.3:46493 74.125.137.17:443 TIME_WAIT -
tcp6 0 0 :::111 :::* LISTEN 855/rpcbind
tcp6 0 0 ::1:631 :::* LISTEN 1241/cupsd
tcp6 0 0 :::53504 :::* LISTEN 1027/rpc.statd
tcp6 0 0 2001:0:53aa:64c:3:50008 2607:f8b0:4002:802::443 ESTABLISHED 9305/firefox
udp 0 0 127.0.0.1:53 0.0.0.0:* 3475/dnsmasq
udp 0 0 0.0.0.0:68 0.0.0.0:* 3471/dhclient
udp 0 0 0.0.0.0:111 0.0.0.0:* 855/rpcbind
udp 0 0 0.0.0.0:45329 0.0.0.0:* 1278/avahi-daemon:
udp 0 0 0.0.0.0:45382 0.0.0.0:* 1027/rpc.statd
udp 0 0 0.0.0.0:603 0.0.0.0:* 855/rpcbind
udp 0 0 127.0.0.1:779 0.0.0.0:* 1027/rpc.statd
udp 0 0 0.0.0.0:5353 0.0.0.0:* 1278/avahi-daemon:
udp 0 0 0.0.0.0:44424 0.0.0.0:* 3580/miredo
udp6 0 0 :::111 :::* 855/rpcbind
udp6 0 0 :::59545 :::* 1278/avahi-daemon:
udp6 0 0 :::45301 :::* 1027/rpc.statd
udp6 0 0 :::603 :::* 855/rpcbind
udp6 0 0 :::5353 :::* 1278/avahi-daemon:


the tcp6 line with firefox in it means it's an IPv6 connection .......doesn't it?

O and I am on wireless...............

VINNY

O 1 more incidentally this test http://test-ipv6.com/ gives me 7/10 on both IPv4 &IPv6
this one gives me a IPv6 prefer d by your browser http://ipv6-test.com/
and this one gives me an excellent http://ds.testmyipv6.com/
Excellent!Excellent!Excellent!

I think that's what the tcp6 means, VINNY.

Here's the technical output of that test on my box:



Test with IPv4 DNS record

ok (0.894s) using ipv4


Test with IPv6 DNS record

ok (0.851s) using ipv6 uschi02.sixxs.net yourorg


Test with Dual Stack DNS record

ok (0.836s) using ipv6 uschi02.sixxs.net yourorg


Test for Dual Stack DNS and large packet

ok (0.729s) using ipv6 uschi02.sixxs.net yourorg


Test IPv4 without DNS

ok (0.229s) using ipv4


Test IPv6 without DNS

timeout (15.014s)


Test IPv6 large packet

ok (0.777s) using ipv6 uschi02.sixxs.net yourorg


Test if your ISP's DNS server uses IPv6

bad (1.980s)



It gave me a 9/10.

The other test gave me:


When both protocols are available, your browser usesIPv6

Your internet connection is IPv6 capable
2001:4978:f:580::2
cl-1409.chi-02.us.sixxs.netYour.org
http://ipv6-test.com/img/flags/US.png (http://ipv6-test.com/stats/country/US)
Address type isGlobal Unicast / Native IPv6


Your internet connection is IPv4 capable
24.223.250.93
user-0cdvuit.cable.mindspring.comEarthlink



http://ipv6-test.com/img/flags/US.png (http://ipv6-test.com/stats/country/US)

The last test gave me:



Excellent!

You are successfully using IPv6 to connect to this server!

Your IPv6 address is 2001:4978:f:580::2.



The ::2 address is the PoP SixXS supplied to me. My IPv6 IP is the same address except that it ends in ::1.

So, the thing I need to do is grab a hold of some IPv6 DNS numbers.


BTW, this URL: http://v6.testmyipv6.com/ipv6_prefixes.html reveals some very interesting capabilities of your IPv6 connection.

The speed test on the second test URL you listed, VINNY (the bar graph didn't copy):

Your speed test results
IPv4
http://ipv6-test.com/img/flags-round/US.png Earthlink
24.223.250.93

11.8 Mbit/s
1.47 Mbytes/s



IPv6
http://ipv6-test.com/img/flags-round/US.png Your.org
2001:4978:f:580::2

3.92 Mbit/s
502 Kbytes/s


I repeated the test several times and the best speed I got was slightly less than my IPv4 speed.

I spoke too soon. I ran the speed test again and got these results:



IPv4
http://ipv6-test.com/img/flags-round/US.png Earthlink
24.223.250.93

9.53 Mbit/s
1.19 Mbytes/s



IPv6
http://ipv6-test.com/img/flags-round/US.png Your.org
2001:4978:f:580::2

11.1 Mbit/s
1.39 Mbytes/s




IPv6 won in this test, so it's speed seems to be highly variable.

@GreyGeek
yes mine is erratic as well but stays close to the IPv4 results ...........laughably slow at around 118-114 Kbytes/s (cheapest windstream $35.00 a month) :p

VINNY

This is what it looks like when like me on native ipv6:


When both protocols are available, your browser uses
IPv6

Your internet connection is IPv6 capable
2001:980:5615:1:98ec:edd3:7c1b:2e53
XS4ALL Networking
http://ipv6-test.com/img/flags/NL.png (http://ipv6-test.com/stats/country/NL)
Address type isGlobal Unicast / Native IPv6


Your internet connection is IPv4 capable
83.163.250.221
a83-163-250-221.adsl.xs4all.nlDemon-int
http://ipv6-test.com/img/flags/NL.png (http://ipv6-test.com/stats/country/NL)

http://test-ipv6.com/ is at the moment down so I can't show any other info.

I've got ipv6 because my provider (xs4all.nl) is dual stack and my Fritz!box 7340 modem can handle it as well.
Originally I set a bunch of bookmarks to ipv6 enabled sites like http://ipv6.cnn.com/ but as I use a laptop that becomes a nuisance when travelling :o

For those interested in a decent binaries news server you can still access newszilla6.xs4all.nl for free.:cool:

BTW, this URL: http://v6.testmyipv6.com/ipv6_prefixes.html reveals some very interesting capabilities of your IPv6 connection.
From their http://v6.testmyipv6.com/ and clicking on the IPv6-only Test link, I get:



Congratulations, you have connected to a server that will display your method of connectivity, either IPv6 (preferred) or IPv4 (old and crusty). This page is fairly plain and non-flashy for a reason -- decreased bandwidth for testing applications and devices that are using limited-bandwidth connectivity and/or limited support for advanced HTML/XHTML features.





Excellent!

You are successfully using IPv6 to connect to this server!

Your IPv6 address is 2001:0:53aa:64c:3813:52b9:b7dc:9d94.




But clicking on the Dual-Stack (IPv6 & IPv4) Test I get:



You are connecting to this server via IPv4, your address being 72.35.98.107.
It's time to step up to IPv6!
If you can't get native IPv6 transport from your ISP, please check into using a tunnel broker. Click here (http://www.google.com/search?q=ipv6+tunnel+brokers) to find a list of tunnel brokers.







f your browser is able to connect to the IPv6-only Test (http://v6.testmyipv6.com/), yet using the Dual-Stack Test (http://ds.testmyipv6.com/) returns a page with a red box stating that you are using IPv4, then your browser and/or IP stack in your machine are preferring IPv4 over IPv6, which is undesired/broken behavior.




The Dual-Stack Test (http://ds.testmyipv6.com/) is meant to test whether your client is choosing IPv6 over IPv4 when making a connection to the server since it is known on the Internet with both IPv6 and IPv4 addresses. The proper behavior of your client, assuming that the IPv6-only test works for you, is that the Dual-Stack Test would have an identical result to the IPv6-only test and confirming that you are preferring IPv6 over IPv4 when connecting to a dual-stack destination. If the result is a page with a red box stating that you are using IPv4, then your browser and/or IP stack are preferring IPv4 over IPv6, which is undesired/broken behavior.



Okay, so I can connect via IPv6 or IPv4, but my client (Chromium ?) is using IPv4 over IPv6. Is this something I can change?

Found this, but I would like an "expert" opinion on what it will actually do: Configure your Ubuntu box as a IPv6 router (https://wiki.ubuntu.com/IPv6#Configure_your_Ubuntu_box_as_a_IPv6_router)

Okay, so I can connect via IPv6 or IPv4, but my client (Chromium ?) is using IPv4 over IPv6. Is this something I can change?

edit your /etc/gai.config as I described earlier .........

VINNY

EDDIT in post #22 .....:)

Wow, what a thread to catch up on. You guys have been doing some pretty neat investigation, was fun to read.

I'm sure you've realized now what Teredo is: a tunneling protocol that allows IPv6 capable hosts to communicate on IPv4 networks like the Internet. By installing and configuring miredo, you're creating a virtual tunnel adapter whose address is in the 2001:0::/32 range, the dedicated range for Teredo clients. The other end of your Teredo connection is to a Teredo relay someplace on the Internet. A Teredo server (not the same thing as a relay) takes care of configuring the tunnel when you first connect. A number of public servers and relays exist.

When your computer sends traffic to the IPv6 Teredo adapter, it's actually IPv4 datagrams that then get encapsulated in IPv6. These are forwarded to the Teredo relay, which un-encapsulates the traffic and forwards it to its IPv4 destination.

A Teredo address reveals clues about its construction. After the first 32 bits, the next 32 bits (the ones you guys have been asking about) are the IPv4 address of the Teredo server that configured your tunnel. The next 16 bits are flags, the next 16 bits are an obfuscation of the IPv4 UDP port via which your client is tunneling, and the final 32 bits are an obfuscation of your IPv4 address.

Teredo is actually kind of a sucky protocol, and it's on the dinosaur path. It has a number of security issues, not least in that it creates tunnels that bypass NAT devices. It's a useful tool for routing around many firewalls, unfortunately. If I were building an enterprise network, I'd block it completely. There are much better ways to accomplish this particular form of IPv6 transition, namely NAT64/DNS64.

Wow, what a thread to catch up on. You guys have been doing some pretty neat investigation, was fun to read.


Teredo is actually kind of a sucky protocol, and it's on the dinosaur path. It has a number of security issues, not least in that it creates tunnels that bypass NAT devices. It's a useful tool for routing around many firewalls, unfortunately. If I were building an enterprise network, I'd block it completely. There are much better ways to accomplish this particular form of IPv6 transition, namely NAT64/DNS64.

Hummm so would this NAT64/DNS64 work with my crusty old router that may/may not be IPv6 capable ?

heck my ISP is not even using IPv6 yet ....or at least "host" dose not return any AAAA records for it.

did you take a look at my nmap results ........do you think I'm reasonably secure using miredo ?

we value your opinion :)

VINNY

NAT64/DNS64 (https://en.wikipedia.org/wiki/NAT64) is a much simpler method of allowing IPv6 hosts to communicate with IPv4 hosts. It avoids tunneling and doesn't require that your ISP's DNS server return AAAA records. Even if your ISP is completely IPv6-clueless, you can make your internal home network IPv6-only with the purchase of a NAT64/DNS64 gateway.

https://upload.wikimedia.org/wikipedia/commons/thumb/0/05/NAT64.svg/640px-NAT64.svg.png

Interestingly enough, even Microsoft, the inventor of Teredo, is deprecating it in favor of NAT64/DNS64. All that client/server/relay/broker stuff is really brittle and I'm glad to see it going away.

Not everything is accessible with NAT64, such as SIP, Skype, MSN, Google talk, and sites with IPv4 literals.

Oops! :eek:

I notice that there are two Tayga apps in the repository. Time to experiment some more!

did you take a look at my nmap results ........do you think I'm reasonably secure using miredo ?
Teredo, by itself, isn't so bad -- but because it advertises a globally unique IPv6 address to the Internet and also has to sit on a UDP port awaiting incoming traffic, it exposes your computer to potential attack. This is typical for anything that performs NAT traversal. The success of any attack depends on what else is running on your computer and how you've configured your tunnel adapter.

A Symantec paper (https://www.symantec.com/avcenter/reference/Teredo_Security.pdf) covers the risks rather well, even though it's six years old. It gets technical -- IPv6 is a complicated protocol; to assume that it's automatically more secure is a very bad assumption. I predict that during these early days of IPv6 we'll see an increase in attacks, mostly because bad guys will get very good at finding misconfigured IPv6 security controls.

My advice: unless you really need Teredo to do something, I'd suggest stopping your experiment soon. There was some effort a couple years ago to beef up Teredo's validation, but the efforts have largely gone nowhere. Trawling through Google will reveal some half-hearted attempts to explain away the weaknesses, but they are just that: explanations. Fundamentally, allowing unauthenticated tunnels through a private network is a bad idea.

I notice that there are two Tayga apps in the repository. Time to experiment some more!
6rd is probably a better option for you, and SIIT might also work. But I don't have any hands-on experience with these particular protocols.

Here's my plan:
Yesterday I replaced my old wireless router with one which supports IPv6. Today I am going to get TW to replace their modem with one which supports IPv6. Then I am going to make my wireless work in IPv6 only, and use tnat64 from the repository to connect to IPv4 websites.

Workable?

Today I am going to get TW to replace their modem with one which supports IPv6.

Is the TW modem the only limiting factor for TW customers? I had the impression, from where I'm not sure, that the ISPs have other infrastructure that prevents IPv6 connectivity. Have you discussed it with TW?

(Curious TW customer here .....).

Thanks GG!

Here's my plan:
Yesterday I replaced my old wireless router with one which supports IPv6. Today I am going to get TW to replace their modem with one which supports IPv6. Then I am going to make my wireless work in IPv6 only, and use tnat64 from the repository to connect to IPv4 websites.

Workable?
A NAT64 translator usually won't work properly without a DNS64 to synthesize appropriate AAAA records. totd appears to be the Linux tool that will do this for you. I don't have any personal experience with any of the Linux NAT64/DNS64 stuff yet, though, so I can't offer an opinion on how well these utilities behave.

Is the TW modem the only limiting factor for TW customers? I had the impression, from where I'm not sure, that the ISPs have other infrastructure that prevents IPv6 connectivity. Have you discussed it with TW?

(Curious TW customer here .....).

Thanks GG!

As I understand it, hardware which needs to inspect packets to determine where they go must use DOCSIS 3.0 in order to work in an IPv6 environment. Equipment which simply passes packets along isn't affected by nor will affect IPv6 packets.

TW has reported that they are "IPv6 ready" and that "1%" of their customer base is on IPv6 already. I suspect that they are rolling out the business class users first, then premium users, etc... But, your cable modem has to use DOCSIS 3.0 or it can't do IPv6. My modem is a Cisco DCP2100R2, which uses DOCSIS 2.0. So, I am going to get it replaced one way or another. If TW doesn't agree to a swap, or wants to "rent" a DOCSIS 3 class router to me, then I will decline the offer, buy a Motorola SB6121 (http://www.amazon.com/Motorola-SB6121-SURFboard-DOCSIS-Cable/dp/B004XC6GJ0) and call them up and give them the serial number and MAC address and tell them to activate it.

Thanks GG. I have a SB5101 on my end of my TW cable, so I'll wait and see how you fare with them and plan my migration accordingly.

Thanks GG. I have a SB5101 on my end of my TW cable, so I'll wait and see how you fare with them and plan my migration accordingly.

Oops... "The SB5101 cable modem is a high-speed ultra-broadband data solution incorporating DOCSIS 2.0 technology."

Oops... "The SB5101 cable modem is a high-speed ultra-broadband data solution incorporating DOCSIS 2.0 technology."

Precisely so -- thus my need to plan a migration! ;-)

Found a couple of interesting tools:

nm-tool


:~$ sudo nm-tool
[sudo] password for jerry:


NetworkManager Tool


State: connected (global)


- Device: eth0 -----------------------------------------------------------------
Type: Wired
Driver: atl1c
State: unavailable
Default: no
HW Address: 38:60:77:78:40:C8


Capabilities:
Carrier Detect: yes


Wired Properties
Carrier: off




- Device: wlan0 [GreyGeek] ----------------------------------------------------
Type: 802.11 WiFi
Driver: rtl8192ce
State: connected
Default: yes
HW Address: 74:DE:2B:36:E4:35


Capabilities:
Speed: 72 Mb/s


Wireless Properties
WEP Encryption: yes
WPA Encryption: yes
WPA2 Encryption: yes


Wireless Access Points (* = current AP)
WIN_f0a6: Infra, 2C:E4:12:46:F0:A5, Freq 2412 MHz, Rate 54 Mb/s, Strength 80 WPA WPA2
BettyBoop: Infra, C0:C1:C0:24:95:3C, Freq 2412 MHz, Rate 54 Mb/s, Strength 80 WPA2
linksys: Infra, 00:13:10:89:75:0D, Freq 2437 MHz, Rate 11 Mb/s, Strength 100
5dfe: Infra, 20:4E:7F:7A:09:02, Freq 2412 MHz, Rate 54 Mb/s, Strength 100 WPA WPA2
belkin.fec: Infra, 08:86:3B:29:8F:EC, Freq 2462 MHz, Rate 54 Mb/s, Strength 69 WPA WPA2
*GreyGeek: Infra, 20:AA:4B:3A:85:E3, Freq 2462 MHz, Rate 54 Mb/s, Strength 67 WPA2
GarberNetgear: Infra, 2C:B0:5D:81:97:BE, Freq 2422 MHz, Rate 54 Mb/s, Strength 79 WPA2
WIN_A9E8: Infra, 4C:17:EB:20:A9:E7, Freq 2412 MHz, Rate 54 Mb/s, Strength 85 WPA WPA2
The Alois Family:Infra, 00:1E:58:32:BB:35, Freq 2412 MHz, Rate 54 Mb/s, Strength 79 WPA


IPv4 Settings:
Address: 192.168.1.100
Prefix: 24 (255.255.255.0)
Gateway: 192.168.1.1


DNS: 207.69.188.186
DNS: 207.69.188.187
DNS: 192.168.1.1
:~$


and
routel


:~$ routel
target gateway source proto scope dev tbl
default 192.168.1.1 static wlan0
169.254.0.0/ 16 link wlan0
192.168.1.0/ 24 192.168.1.100 kernel link wlan0
127.0.0.0 broadcast 127.0.0.1 kernel link lo local
127.0.0.0/ 8 local 127.0.0.1 kernel host lo local
127.0.0.1 local 127.0.0.1 kernel host lo local
127.255.255.255 broadcast 127.0.0.1 kernel link lo local
192.168.1.0 broadcast 192.168.1.100 kernel link wlan0 local
192.168.1.100 local 192.168.1.100 kernel host wlan0 local
192.168.1.255 broadcast 192.168.1.100 kernel link wlan0 local
2001:4978:f:580::/ 64 kernel sixxs
fe80::/ 64 kernel sixxs
fe80::/ 64 kernel wlan0
default 2001:4978:f:580::1 sixxs
default unreachable kernel lo unspec
::1 :: none lo local
2001:4978:f:580::2 :: none lo local
fe80::4878:f:580:2 :: none lo local
fe80::76de:2bff:fe36:e435 :: none lo local
ff00::/ 8 sixxs local
ff00::/ 8 wlan0 local
default unreachable kernel lo unspec
jerry@jerry-Aspire-7739:~$


Don't know what those two "unreachable" defaults are, but I'm assuming that there can be only one default.


and, not a new tool, but some interesting output:
ip r s t all


:~$ ip r s t all
default via 192.168.1.1 dev wlan0 proto static
169.254.0.0/16 dev wlan0 scope link metric 1000
192.168.1.0/24 dev wlan0 proto kernel scope link src 192.168.1.100 metric 2
broadcast 127.0.0.0 dev lo table local proto kernel scope link src 127.0.0.1
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1
broadcast 192.168.1.0 dev wlan0 table local proto kernel scope link src 192.168.1.100
local 192.168.1.100 dev wlan0 table local proto kernel scope host src 192.168.1.100
broadcast 192.168.1.255 dev wlan0 table local proto kernel scope link src 192.168.1.100
2001:4978:f:580::/64 dev sixxs proto kernel metric 256
fe80::/64 dev sixxs proto kernel metric 256
fe80::/64 dev wlan0 proto kernel metric 256
default via 2001:4978:f:580::1 dev sixxs metric 1024
unreachable default dev lo table unspec proto kernel metric -1 error -101 hoplimit 255
local ::1 via :: dev lo table local proto none metric 0
local 2001:4978:f:580::2 via :: dev lo table local proto none metric 0
local fe80::4878:f:580:2 via :: dev lo table local proto none metric 0
local fe80::76de:2bff:fe36:e435 via :: dev lo table local proto none metric 0
ff00::/8 dev sixxs table local metric 256
ff00::/8 dev wlan0 table local metric 256
unreachable default dev lo table unspec proto kernel metric -1 error -101 hoplimit 255
jerry@jerry-Aspire-7739:~$



You'll notice that in the "nm-tool" listing are the other "AP"'s local to me, and among them, mine has the lowest signal strength at 67%, and I am only 10' from my wireless router! This is the same problem that my other wireless, the WR1043ND, gave me. I am beginning to suspect that it is a problem with the cable modem from TimeWarner.

Don't know what those two "unreachable" defaults are, but I'm assuming that there can be only one default.
It's intentional. Remember that in IPv6, automatic address assignment doesn't include a default gateway. Instead, IPv6 issues neighbor discovery probes, looking for routers on the same link as your interface. As the stack finds routers, it builds a routing table.

Now imagine that something happened, and all your neighbor routers died. Your routing table would be empty, and applications would send datagrams, receive no responses, and just keep trying over and over again. To prevent this, IPv6 automatically creates a default "unreachable" route on each local interface and assigns it a metric of -1, which means "always least preferred" -- you can see this in your ip r s t all output.

Under ordinary situations, when your computer has found a router, its entry in your route table will include a better metric, and "unreachable" is ignored. But when all your links die, and there are no routers to reach, your IPv6 stack falls back to the "unreachable" route. Thus, it can inform applications that the destination is, well, unreachable. At this point, it's up to the application to determine what to do, but at least it doesn't have to sit there and keep guessing all day.


You'll notice that in the "nm-tool" listing are the other "AP"'s local to me, and among them, mine has the lowest signal strength at 67%, and I am only 10' from my wireless router! This is the same problem that my other wireless, the WR1043ND, gave me. I am beginning to suspect that it is a problem with the cable modem from TimeWarner.
See my reply in the other thread. I was asking where you got that list from; now I know. I also wrote some more about signal strength, wireless frequencies, and NIC capabilities.

That clears up a lot of fog in my brain about IPv6!!! Thanks, Steve!

My pleasure.

... mine has the lowest signal strength at 67%, and I am only 10' from my wireless router! This is the same problem that my other wireless, the WR1043ND, gave me. I am beginning to suspect that it is a problem with the cable modem from TimeWarner.

I think I remember reading that you are having "line-dropping" kinds of issues too -- is that correct? Because, if it is, when it happened to me it turned out to be an issue with the physical cable to the house. And of course first I had to replace the cable modem, before I was able to convince TW that there was something wrong on their side of the modem. They have an ability (if you can get to the correct geek) to test the "reflection" of a test signal to your modem, which gives an indication of the conductivity of the cable. In my case, the guy said it was obvious that the reflected signal was only half as strong as it should be, indicating a lot of excess signal loss over the cable. Also it was not stable -- it was rising and falling in strength as he was observing it. I got a new cable in a few days, and among other things the installer found that a cover/shield on the utility box had been installed in such a way as to pinch the cable to my house, probably compromising the insulation and/or or the shield layer, but not the center conductor.

You may be on to something there, Dibl. I went outside and noticed that a root of a tree along the path where the cable was laid was pushing out of the ground next to the trunk, and embedded in the root, almost entirely, was a cable. But, it was too big for the typical coax and is probably the fiber optic cable that was laid in the early 1990's and is still dark.


I followed the cable to the pedestal and saw this:
3390

all out in the open, no protection from dust, dirt, rain, ice or snow. The last time that connection was touched was when we dropped cable tv five years ago.

You may be on to something there, Dibl. I went outside and noticed that a root of a tree along the path where the cable was laid was pushing out of the ground next to the trunk, and embedded in the root, almost entirely, was a cable. But, it was too big for the typical coax and is probably the fiber optic cable that was laid in the early 1990's and is still dark.


I followed the cable to the pedestal and saw this:
3390

All out in the open, no protection from rain, dust, ice, etc...

That does not appear to be a weatherproof connector, and the cable looks pretty wimpy too. Are you sure that cable is carrying your internet service? If so, you're lucky it lasted that long. Mine is a fatter orange cable, and carries the TV/ISP "bundle" from a service box in the back of my property. There are no such joints on it. It comes to a weatherproof box on the back of my house where the internet service is split off the CATV service.

Unfortunately, it is. But, that cable has been connected ONLY to our modem for Internet use, since we dropped cable tv years ago.

I think I will put new connectors on fresh ends of the cables and join them, then weather proof the joint.

Just installed miredo and went to http://test-ipv6.com/ and these are my results.

Added:
Just signed up for my SixXS IPv6 account. Awaiting the 'human' verification of my registration email response. Thinking about the results above, I wonder if a SixXS IPv6 account is even necessary. Guess it won't hurt to have it. I still don't get the color Star Wars console test.

Snowhog, did you hook up with SixXS yet? IF so, has your 10/10 score changed when you use the sixxs device and not teredo?

On my journey trying to get a 10/10 IPv6 rating, I looked into the DNS hosting of SiXS. They will not allow using their DNS facility unless you are accessing it through one of their tunnels. EVEN IF you are using one of their tunnels they do not recommend using their DNS if you are using a wireless connection (i.e., using aicuu and not their static IP tool).

So, for wireless connections, which I must use, SixXS offers no DNS ability. Ergo, IMO, the miredo tunnel is as good as SixXS, so I plan to remove my SixXS tunnel and just use the miredo. I'd get a 9/10 anyway, so what's to lose?

Anyone think of reasons why I should stay with SixXS?

I think I remember reading that you are having "line-dropping" kinds of issues too -- is that correct? Because, if it is, when it happened to me it turned out to be an issue with the physical cable to the house. And of course first I had to replace the cable modem, before I was able to convince TW that there was something wrong on their side of the modem. They have an ability (if you can get to the correct geek) to test the "reflection" of a test signal to your modem, which gives an indication of the conductivity of the cable. In my case, the guy said it was obvious that the reflected signal was only half as strong as it should be, indicating a lot of excess signal loss over the cable. Also it was not stable -- it was rising and falling in strength as he was observing it. I got a new cable in a few days, and among other things the installer found that a cover/shield on the utility box had been installed in such a way as to pinch the cable to my house, probably compromising the insulation and/or or the shield layer, but not the center conductor.

I checked that cable connection I posted a photo of and found that the Copper center wire on the service side had a green patina on it. :eek:. And, the Aluminum barrel connector between the two plugs was very oxidized. I replaced the barrel connector with a gold plated one and I used a plastic scratch pad to get bare Copper on the center wire. After putting it all together I went in and turned on the modem and wireless. BOOM! I got ESSID's for "GreyGeek" and "GreyGeek2", but not "GreyGeek5". I think GreyGeek is coming from a cache. In checking, both appear to be used because "GreyGeek2" is listed as the ESSID but "GreyGeek" is listed as the SSID.


Wireless Access Points (* = current AP)
linksys: Infra, 00:13:10:89:75:0D, Freq 2437 MHz, Rate 11 Mb/s, Strength 95
GarberNetgear: Infra, 2C:B0:5D:81:97:BE, Freq 2422 MHz, Rate 54 Mb/s, Strength 85 WPA2
NETGEAR: Infra, E0:46:9A:79:5B:2E, Freq 2412 MHz, Rate 54 Mb/s, Strength 90 WEP
5dfe: Infra, 20:4E:7F:7A:09:02, Freq 2412 MHz, Rate 54 Mb/s, Strength 77 WPA WPA2
WIN_f0a6: Infra, 2C:E4:12:46:F0:A5, Freq 2412 MHz, Rate 54 Mb/s, Strength 95 WPA WPA2
WIN_A9E8: Infra, 4C:17:EB:20:A9:E7, Freq 2462 MHz, Rate 54 Mb/s, Strength 74 WPA WPA2
belkin.fec: Infra, 08:86:3B:29:8F:EC, Freq 2462 MHz, Rate 54 Mb/s, Strength 95 WPA WPA2
Baby: Infra, 08:86:3B:07:2D:87, Freq 2462 MHz, Rate 54 Mb/s, Strength 92 WEP
The Alois Family:Infra, 00:1E:58:32:BB:35, Freq 2412 MHz, Rate 54 Mb/s, Strength 90 WPA
*GreyGeek2: Infra, 20:AA:4B:3A:85:E3, Freq 2442 MHz, Rate 54 Mb/s, Strength 90 WPA2
*GreyGeek: Infra, 20:AA:4B:3A:85:E3, Freq 2442 MHz, Rate 54 Mb/s, Strength 77 WPA2
PS3-9210729: Infra, 8C:7C:B5:3C:90:B4, Freq 2437 MHz, Rate 54 Mb/s, Strength 90 WPA


My signal strength is 90%, which is much better than 60%.

I fired up my wife's Acer One, also running Kubuntu Precise, and she reported 100% signal strength. The wireless chip in her box is the AR9285 and it is driven by the ath9k. It cannot connect to the 5GHz band either.

... the following info is about 30 minutes later... things don't look so good :( ..........

I closed the GreyGeek2 connection and deleted it. Then I created it again. The scan now shows:


Wireless Access Points (* = current AP)
linksys: Infra, 00:13:10:89:75:0D, Freq 2437 MHz, Rate 11 Mb/s, Strength 95
WIN_f0a6: Infra, 2C:E4:12:46:F0:A5, Freq 2412 MHz, Rate 54 Mb/s, Strength 94 WPA WPA2
5dfe: Infra, 20:4E:7F:7A:09:02, Freq 2412 MHz, Rate 54 Mb/s, Strength 90 WPA WPA2
GarberNetgear: Infra, 2C:B0:5D:81:97:BE, Freq 2422 MHz, Rate 54 Mb/s, Strength 89 WPA2
WIN_A9E8: Infra, 4C:17:EB:20:A9:E7, Freq 2462 MHz, Rate 54 Mb/s, Strength 95 WPA WPA2
BettyBoop: Infra, C0:C1:C0:24:95:3C, Freq 2412 MHz, Rate 54 Mb/s, Strength 90 WPA2
belkin.7da: Infra, 08:86:3B:16:E7:DA, Freq 2417 MHz, Rate 54 Mb/s, Strength 84 WPA WPA2
belkin.fec: Infra, 08:86:3B:29:8F:EC, Freq 2462 MHz, Rate 54 Mb/s, Strength 84 WPA WPA2
*GreyGeek2: Infra, 20:AA:4B:3A:85:E3, Freq 2442 MHz, Rate 54 Mb/s, Strength 74 WPA2


and GreyGeek no longer shows and GreyGeek5 doesn't show because my rtl8192ce chip isn't 5GHz compatible.
I rebooted the wireless and only GreyGeek2 shows.


Wireless Access Points (* = current AP)
linksys: Infra, 00:13:10:89:75:0D, Freq 2437 MHz, Rate 11 Mb/s, Strength 95
WIN_f0a6: Infra, 2C:E4:12:46:F0:A5, Freq 2412 MHz, Rate 54 Mb/s, Strength 94 WPA WPA2
5dfe: Infra, 20:4E:7F:7A:09:02, Freq 2412 MHz, Rate 54 Mb/s, Strength 94 WPA WPA2
WIN_A9E8: Infra, 4C:17:EB:20:A9:E7, Freq 2462 MHz, Rate 54 Mb/s, Strength 97 WPA WPA2
belkin.fec: Infra, 08:86:3B:29:8F:EC, Freq 2462 MHz, Rate 54 Mb/s, Strength 84 WPA WPA2
Baby: Infra, 08:86:3B:07:2D:87, Freq 2462 MHz, Rate 54 Mb/s, Strength 97 WEP
GarberNetgear: Infra, 2C:B0:5D:81:97:BE, Freq 2422 MHz, Rate 54 Mb/s, Strength 92 WPA2
*GreyGeek2: Infra, 20:AA:4B:3A:85:E3, Freq 2442 MHz, Rate 54 Mb/s, Strength 75 WPA2
The Alois Family:Infra, 00:1E:58:32:BB:35, Freq 2412 MHz, Rate 54 Mb/s, Strength 89 WPA
BettyBoop: Infra, C0:C1:C0:24:95:3C, Freq 2412 MHz, Rate 54 Mb/s, Strength 89 WPA2

It looks like my connection strength is still yo-yo-ing, but it is better than before. My next task is to cut off the two connectors and show fresh cable, insulation and shielding, and add new hardware. I wonder how I got 90% when I was cross-connected with GreyGeek2 and "GreyGeek". IF I could duplicate that and get 90% back that would be neat.

@GreyGeek what command are you using to get those outputs you posted ?

VINNY

@GreyGeek what command are you using to get those outputs you posted ?

VINNY

It's called "nm-tool"!

thank you ......... one more thing that can effect consistence is having to many splitters and week connections in the line between what you show in the picture and the modem.

VINNY

thank you ......... one more thing that can effect consistence is having to many splitters and week connections in the line between what you show in the picture and the modem.

Ya, I used to have four rooms wired for cable TV. When I dropped Cable TV I disconnected all the splitters and connected the cable directly to the cable modem, which is the only device the cable now feeds.

I learned that my rtl8192ce wireless chip does not support the 5GHz band width, even though my new Linksys E2500 does allow me to configure both bands. I reconfigured the wireless router to give the 5GHz band an ESSID of "GreyGeek5" and the 2.4GHz band an ESSID of "GreyGeek2". I saved the configuration to the wireless router but did not reboot it. I used NetworkManager's Connection Editor create a new connection, GreyGeek2. The map feature showed TWO ESSIDS, "GreyGeek2" and "GreyGeek", but I had changed that "GreyGeek" connection to "GreyGeek2", and the 5GHz band was named "GreyGeek5". I connected to GreyGeek2. When I showed the configuration window it indicated that the ESSID was "GreyGeek2" but showed "GreyGeek" as the SSID, even though GreyGeek didn't exist. The nm-tool showed that both "GreyGeek2" AND "GreyGeek" were connected APs and GreyGeek2 was giving me a 90% signal strength. My wife's Acer One 521, using a 2.4GHz ath9k driver was and continues to get 100%.

I rebooted the wireless and my Acer 7739. When they came back up I ran the nm-tool and it showed there was just one ESSID, "GreyGeek2" BUT, its signal strength was only in the 70s, and varied between 70 and 78. :( I can see 10 APs, and all are in the 90's except one, which matches my 74%. But, I'm 10 feet from my wireless and GarberNetgear has to be at least 100 feet from me.


Wireless Access Points (* = current AP)
WIN_f0a6: Infra, 2C:E4:12:46:F0:A5, Freq 2412 MHz, Rate 54 Mb/s, Strength 97 WPA WPA2
GarberNetgear: Infra, 2C:B0:5D:81:97:BE, Freq 2422 MHz, Rate 54 Mb/s, Strength 74 WPA2
linksys: Infra, 00:13:10:89:75:0D, Freq 2437 MHz, Rate 11 Mb/s, Strength 95
*GreyGeek2: Infra, 20:AA:4B:3A:85:E3, Freq 2442 MHz, Rate 54 Mb/s, Strength 74 WPA2
WIN_A9E8: Infra, 4C:17:EB:20:A9:E7, Freq 2462 MHz, Rate 54 Mb/s, Strength 97 WPA WPA2
BettyBoop: Infra, C0:C1:C0:24:95:3C, Freq 2412 MHz, Rate 54 Mb/s, Strength 97 WPA2
Baby: Infra, 08:86:3B:07:2D:87, Freq 2462 MHz, Rate 54 Mb/s, Strength 97 WEP
5dfe: Infra, 20:4E:7F:7A:09:02, Freq 2412 MHz, Rate 54 Mb/s, Strength 97 WPA WPA2
NETGEAR: Infra, E0:46:9A:6F:83:70, Freq 2437 MHz, Rate 54 Mb/s, Strength 95


I've been blaming the cable modem but on the suggestion of Dibl I checked the cable connection outside. A green platina covered the central Copper wire on one connection and the barrel connector was corroded. I replaced the barrel connector and polished the platina off of the Copper wire. I thought I had it licked when I got 90% on the mixed mode connection. If I could repeat that setup I would.

I am going to RadioShack tomorrow and get two new connectors and barrel, and make a fresh connection.