Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Colocrossing ipv6 support!
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Colocrossing ipv6 support!

ldrrpldrrp Member
edited October 2016 in Providers
«1

Comments

  • TheLinuxBugTheLinuxBug Member
    edited October 2016

    Based on the fact its been this long and not been setup, I doubt they have a network operations team with the knowledge to be able to implement it. I can't think of any other valid excuse for not having IPv6 active in 2016. Pretty sad they run a forum where all the hosts that sell on it but them already support IPv6 and can't even offer the service them selves.

    I know one thing, if I was a SMB / Enterprise looking for colo/dedicated in the Buffalo area and was told there is no ipv6 support I would laugh at them and find a more competent provider.

    my 2 cents.

    Cheers!

  • AnthonySmithAnthonySmith Member, Patron Provider

    They did a blog post about the benefits of ipv6 while not supporting ipv6.... I don't even have the words.

  • ldrrpldrrp Member
    edited October 2016

    yea thats kinda lame

  • @TheLinuxBug said:
    Based on the fact its been this long and not been setup, I doubt they have a network operations team with the knowledge to be able to implement it. I can't think of any other valid excuse for not having IPv6 active in 2016.

    This!

    No other possible explanation.

    Thanked by 1qrwteyrutiyoup
  • That post was painful to read. Did they grab a random guy off the street, give him 5 minutes of education and then say "Go forth and write technical articles!"??

    Thanked by 1qrwteyrutiyoup
  • @TheLinuxBug said:
    I can't think of any other valid excuse for not having IPv6 active in 2016.

    Complexity/interop, cost and need.

    I mean, I'm a proponent, but it it was hobbled from the very beginning because real-world transition issues weren't really taken into account - as far as I can tell. But, hey, it looks really great on paper . . .

    Thanked by 1qrwteyrutiyoup
  • meh...

    $7

  • brueggusbrueggus Member, IPv6 Advocate

    I would love to see IPv6 at Colocrossing. I would be able to shut down a bunch of my HE.net-tunnels then.

    However, even providers which "provide" IPv6 do not really seem to care about their v6-connectivity:

    • Deutsche Telekom: Have constant issues with Cogent but still use them as a v6 peering partner. www.videolan.org, www.cogentco.com unreachable, just to name few examples. Customer service recommends to use a different browser and disable AV software. kkthxbai
    • Serverhub/eonix: IPv6 in Seattle completely broken for weeks. Claim that it's HE's fault. So what? Reroute your traffic then.
    • online.net: Some IPv6 subnets unreachable in Paris for few days. Let's see how long it takes...

    We'll probably need Google to save the world and rank IPv6-enabled sites higher than others.

    Thanked by 2VirMach emg
  • jbilohjbiloh Administrator, Veteran

    @brueggus said:
    I would love to see IPv6 at Colocrossing. I would be able to shut down a bunch of my HE.net-tunnels then.

    However, even providers which "provide" IPv6 do not really seem to care about their v6-connectivity:

    • Deutsche Telekom: Have constant issues with Cogent but still use them as a v6 peering partner. www.videolan.org, www.cogentco.com unreachable, just to name few examples. Customer service recommends to use a different browser and disable AV software. kkthxbai
    • Serverhub/eonix: IPv6 in Seattle completely broken for weeks. Claim that it's HE's fault. So what? Reroute your traffic then.
    • online.net: Some IPv6 subnets unreachable in Paris for few days. Let's see how long it takes...

    We'll probably need Google to save the world and rank IPv6-enabled sites higher than others.

    Excellent analysis.

    Ask @Francisco about his experience with constant ipv6 in NJ.

    Thanked by 1Francisco
  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @jbiloh said:

    @brueggus said:
    I would love to see IPv6 at Colocrossing. I would be able to shut down a bunch of my HE.net-tunnels then.

    However, even providers which "provide" IPv6 do not really seem to care about their v6-connectivity:

    • Deutsche Telekom: Have constant issues with Cogent but still use them as a v6 peering partner. www.videolan.org, www.cogentco.com unreachable, just to name few examples. Customer service recommends to use a different browser and disable AV software. kkthxbai
    • Serverhub/eonix: IPv6 in Seattle completely broken for weeks. Claim that it's HE's fault. So what? Reroute your traffic then.
    • online.net: Some IPv6 subnets unreachable in Paris for few days. Let's see how long it takes...

    We'll probably need Google to save the world and rank IPv6-enabled sites higher than others.

    Excellent analysis.

    Ask @Francisco about his experience with constant ipv6 in NJ.

    Honestly they shouldn't even offer it if they aren't going to maintain it at all. It was a huge mess and I have no doubt it'll be soon enough just because they'll lose their configuration again.

    Francisco

  • An interesting story about IPv6 was recently published by InfoWorld where a security researcher took 10 VPSs and divided them into equal groups of 5.
    
    One group of VPSs would have the SSH port open on IPv4 with the root password set to “password” while the 2nd group would have the same configuration on IPv6.
    
    Believe it or not, the IPv4 group of VPSs was compromised in less than 15 minutes! Botnets continously scan IP ranges for vulnerable services and having SSH setup with “password” as the root password is about as insecure as you can get.
    
    The most amazing fact about this experiment is that the IPv6 VPS hosts were not breached. In fact, the IPv6 servers weren’t even targeted. That will probably change in the near future, but for now, IPv6 could serve as another barrier between your organization and the bad guys.
    
    

    I lol'd

    Thanked by 4doghouch MikeA emg Pwner
  • jbiloh said: Ask @Francisco about his experience with constant ipv6 in NJ.

    Francisco said: Honestly they shouldn't even offer it if they aren't going to maintain it at all. It was a huge mess and I have no doubt it'll be soon enough just because they'll lose their configuration again.

    That's interesting because we had no issues.

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @DigitalFyre said:

    jbiloh said: Ask @Francisco about his experience with constant ipv6 in NJ.

    Francisco said: Honestly they shouldn't even offer it if they aren't going to maintain it at all. It was a huge mess and I have no doubt it'll be soon enough just because they'll lose their configuration again.

    That's interesting because we had no issues.

    They have at least 1 router that completely loses all V6 connectivity and it isn't us since our session stays up, it's them losing their peering/routing tables.

    I have over a dozen tickets with them since we signed up there complaining and they get it temporarily fixed but that's it.

    Francisco

  • Francisco said: They have at least 1 router that completely loses all V6 connectivity and it isn't us since our session stays up, it's them losing their peering/routing tables.

    I have over a dozen tickets with them since we signed up there complaining and they get it temporarily fixed but that's it.

    In PNJ?

    The one time we had an issue it was a Juniper problem, and it was our gear, not theirs. When was that?

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @DigitalFyre said:

    Francisco said: They have at least 1 router that completely loses all V6 connectivity and it isn't us since our session stays up, it's them losing their peering/routing tables.

    I have over a dozen tickets with them since we signed up there complaining and they get it temporarily fixed but that's it.

    In PNJ?

    The one time we had an issue it was a Juniper problem, and it was our gear, not theirs. When was that?

    Yeah. We (were?) uplinked to some Cisco 6500 and no less than probably 10 times it would simply stop forwarding traffic to everyone uplinked to it and we'd lose connectivity for an hour+ at a time. V6 would break any time they made modifications to the configuration on the unit, it would lose its settings, etc.

    This went on for about 3 years and only recently has been addressed because it was hurting Vultr's reputation a lot. They've supposedly replaced the unit but i'm fairly upset that us and everyone else uplinked off that router suffered all that time.

    Mix that with them replacing the majority of their transit with Telia while still charging $2/mbit+ pricing, it's just a bad experience.

    Francisco

  • Francisco said: Yeah. We (were?) uplinked to some Cisco 6500

    That's odd. IIRC, Cisco 6500 are old as dirt.

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @DigitalFyre said:

    Francisco said: Yeah. We (were?) uplinked to some Cisco 6500

    That's odd. IIRC, Cisco 6500 are old as dirt.

    Uh huh, but still very popular :) You can get them cheap, they'll hold a million routes (but take a year to converge), have IPV6, and will route like a monster.

    Francisco

  • DigitalFyre said: That's odd. IIRC, Cisco 6500 are old as dirt.

    They are, however a 6500 is cheap (albeit not very power efficient) and does 4x10G and 48x1G perfect as L3 with static BGP/OSPF etc. or with just a few upstreams (1+1 and a peering exchange was the limit, now less).

    IPv6 capability is... limited, but there. Works not too bad but don't expect wonders - IIRC it is not fully ASIC based.

    Thanked by 1mohamed
  • brueggusbrueggus Member, IPv6 Advocate

    online.net: Some IPv6 subnets unreachable in Paris for few days. Let's see how long it takes...

    As a matter of fairness: online.net has fixed their network.

  • jh_aurologicjh_aurologic Member, Patron Provider

    @William said:

    DigitalFyre said: That's odd. IIRC, Cisco 6500 are old as dirt.

    They are, however a 6500 is cheap (albeit not very power efficient) and does 4x10G and 48x1G perfect as L3 with static BGP/OSPF etc. or with just a few upstreams (1+1 and a peering exchange was the limit, now less).

    IPv6 capability is... limited, but there. Works not too bad but don't expect wonders - IIRC it is not fully ASIC based.

    With multiple 10G Linecards, the 65XX or 76XX should be also capable of handling a few more fulltables / prefixes (as far as I know). The routes are only limited by the cards itself - control plane should handle much more with sufficient ram and specific tcam partition :)

  • AnthonySmithAnthonySmith Member, Patron Provider

    @jbiloh since you decided not to address it, just to allow me a tiny bit of order in my brain, could you explain the thinking behind blogging about the benefits of IPv6 while being one of the slowest adopters of the technology in the market?

    I mean someone must have thought it was a good idea, I just really cant understand why, I would like too though.

  • @William said:
    They are, however a 6500 is cheap (albeit not very power efficient)

    I always imagined red lights and clanging sirens at the power plant, and men then running to shovel more coal when they power up . . .

    Thanked by 1Clouvider
  • @AnthonySmith said:
    @jbiloh since you decided not to address it, just to allow me a tiny bit of order in my brain, could you explain the thinking behind blogging about the benefits of IPv6 while being one of the slowest adopters of the technology in the market?

    I mean someone must have thought it was a good idea, I just really cant understand why, I would like too though.

    This may be another false positive regarding IPv6 at CC. It's not the first:

    https://www.lowendtalk.com/discussion/41121/cc-finally-getting-ipv6

    https://www.lowendtalk.com/discussion/33228/colocrossing-ipv6-soon-what-a-joke/p2

    To quote jbiloh from the latter thread (August 2014): "We know ipv6 is important to many of our customers and we are working on delivering on their requests for native ipv6. At this point I expect we will have it long before most of you expect."

    I'm not sure whether "long before most of you expect" is accurate in October 2016, but perhaps it is if our expectations about IPv6 at CC have been sufficiently lowered by now ...

    See also

    https://www.lowendtalk.com/discussion/61594/what-s-the-deal-with-colocrossing/p2

    where jbiloh provides a more detailed reply (August 2015).

    But, yes, none of this answers your question about why that blog entry ...

  • jbilohjbiloh Administrator, Veteran

    Our security and denial of service protection platforms don't yet fully support ipv6. Once that changes we'll add ipv6 service. All of our routers, switches and portal system support it at this time.

    Right now the Internet is far too dangerous to grow our risk profile relative to ddos attacks and other naughty things.

  • @jbiloh always lying first, why do you live like that?

    Thanked by 2TheLinuxBug Pwner
  • emgemg Veteran

    @jbiloh said:
    Our security and denial of service protection platforms don't yet fully support ipv6. Once that changes we'll add ipv6 service. All of our routers, switches and portal system support it at this time.

    Right now the Internet is far too dangerous to grow our risk profile relative to ddos attacks and other naughty things.

    Just curious, but what will it take for CC to update the security and DoS protection platforms so that they will fully support IPv6?

    What does "security platform" mean in this context? Firewall? IDS or IPS? Some type of UTM?

  • AnthonySmithAnthonySmith Member, Patron Provider
    edited October 2016

    jbiloh said: Our security and denial of service protection platforms don't yet fully support ipv6. Once that changes we'll add ipv6 service. All of our routers, switches and portal system support it at this time.

    Right now the Internet is far too dangerous to grow our risk profile relative to ddos attacks and other naughty things.

    You see, that's called a side step, I just asked a question out of genuine curiosity, you side stepped it rather than answer it, I now genuinely think less of you as a person.

    Edit: but not really.

    Thanked by 2Foul Pwner
  • AnthonySmith said: You see, that's called a side step, I just asked a question out of genuine curiosity, you side stepped it rather than answer it, I now genuinely think less of you as a person.

    Edit: but not really.

    Perhaps we shouldn't be too hard on jbiloh.

    From what I can tell, IPv6 simply hasn't been a priority for CC. Their business and growth hasn't yet depended on IPv6. When this changes, they'll do something about IPv6, but apparently this isn't yet the case.

    Perhaps, at various points in the past, CC really intended to introduce IPv6 soon (based on past remarks by jbiloh), but it appears that they then decided against doing so (maybe a case of shifting priorities). Such things happen.

    As for that blog post, yes, it's ironic, but it doesn't say anything false.

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @emg said:

    @jbiloh said:
    Our security and denial of service protection platforms don't yet fully support ipv6. Once that changes we'll add ipv6 service. All of our routers, switches and portal system support it at this time.

    Right now the Internet is far too dangerous to grow our risk profile relative to ddos attacks and other naughty things.

    Just curious, but what will it take for CC to update the security and DoS protection platforms so that they will fully support IPv6?

    What does "security platform" mean in this context? Firewall? IDS or IPS? Some type of UTM?

    Remember, CC didn't build their platform from the ground up, they just have Rio's with maybe some upstream ACL's. If Rio hasn't released proper IPV6 support then there isn't much he can do.

    With that being said, IPV6 based DDOS isn't all that common. The biggest flood I've seen over V6 was just around a gbit/sec or so. Normally it's < 100k PPS thrown from some booters using HE tunnels.

    Francisco

    Thanked by 1emg
Sign In or Register to comment.