Posts categorized "IPv6"

March 28, 2013

Video Interview: Emil Ivov about how the Jitsi softphone works with IPv6 and DNSSEC

How does the Jitsi softphone work with IPv6? And what role could DNSSEC play with VoIP? At IETF86 earlier this month, I sat down with Emil Ivov, project leader of the Jitsi Project to talk about a wide range of topics including how Jitsi got started and why it does so much with IPv6 (interesting reason!), what they are looking to do with Jitsi now, the role of DNSSEC and why they added that support to Jitsi... and much, much more... I quite enjoyed talking to Emil and the Jitsi project is certainly one that I will continue to watch - and use!

If you found this post interesting or useful, please consider either:

Posted by on March 28, 2013 in IPv6, Standards, VoIP, VoIP Security | | Comments (0) | TrackBack (0)

| |

June 07, 2012

Why World IPv6 Launch Is Critical To Preserve The Open Internet

Worldipv6launch 256With yesterday's World IPv6 Launch bringing about the permanent enablement of IPv6 access on thousands of websites around the world (including this one), I recorded a video for the Internet Society's stream of videos about why I see IPv6 as critical to preserve the "open" nature of the Internet.

As I say in the video (below), my big fear is that IPv4 address exhaustion will create a situation where Internet Service Providers (ISPs) will use what is called "carrier-grade NAT (CGN)" or "large-scale NAT (LSN)" to put all their subscribers behind a single public IPv4 address.

The ISPs then become the gatekeepers. They can determine what you will view - or what you will pay to view certain types of content. They could also potentially restrict customer's access to the next great new service... the next Twitter or Facebook, for instance... until that service pays the ISP for access to customers.

It can completely flip the Internet around from one that thrives on "permission-less innovation" where anyone can create any service and make it available to all... to an Internet that is "permission-based" with gatekeepers controlling access at key points.

The migration to IPv6 does not, of course, remove the threat that the Internet very well could move toward a permission-based network... but the move to IPv6 removes IPv4 address exhaustion as an excuse to implement walled gardens.

To me, deploying IPv6 is a critical step to keeping the Internet open to innovation!

To learn more about IPv6 and how you can get started, check out the resources we are listing at the Internet Society Deploy360 Programme.

If you found this post interesting or useful, please consider either:

Posted by on June 07, 2012 in Internet, IPv6 | | Comments (0) | TrackBack (0)

| |

January 09, 2012

Out at CES In Las Vegas This Week On The Hunt For IPv6-Enabled Consumer Devices...

IPv6 your products obsolete 300As I noted over on the Deploy360 blog today, I'll be down at the massive International Consumer Electronics Show (CES) in Las Vegas this week. I'm traveling on Wednesday, at the show Thursday through Saturday and then returning home Saturday evening.

I'm there with my team from the Internet Society and one of our primary purposes will be to get a sense of the state of IPv6 support - or NOT - among consumer electronics providers. As large carriers look at how they can roll out IPv6 within their networks, having home equipment that supports IPv6 will become more important in the years ahead.

At the show, we will be meeting with some vendors who want to understand more about how to move their products to IPv6 and also talking with media about the launch of our new Deploy360 site to help accelerate the deployment of IPv6 and DNSSEC. We'll also be part of a presentation on Saturday with a representative from Comcast explaining IPv6 issues to a IEEE conference for consumer electronics vendors.

And, of course, we'll be walking all over the show floor seeking out vendors who have IPv6 support. We'll see what we find!

On a personal note, it will be interesting to go to CES. While I've attended hundreds of shows/conferences over the years, including the even larger CeBIT show over in Germany, I've never made to CES before this year. I've heard a great amount about the madness there, of course, and watched the coverage from afar. So it will be interesting to be on the ground there.

You can, of course, expect that I'll be tweeting a good bit both from @danyork and @deploy360 (although a colleague of mine may be doing most of the tweeting from that account). I'm also planning to put up some posts on CircleID related to what I find... and of course the Deploy360 blog.

IF YOU ARE OUT AT CES and want to connect, please shoot me an email, call me or ping on Twitter.

Let the fun begin...

If you found this post interesting or useful, please consider either:

Posted by on January 09, 2012 in Conferences, IPv6 | | Comments (0) | TrackBack (0)

| |

January 06, 2012

And Thus Was Born... the Internet Society Deploy360 Programme!

Deploy360logo 300How can we accelerate the usage and deployment of IPv6 and DNSSEC? What are the barriers to getting those technologies more widely deployed? How can we "take away the pain" of getting started with IPv6 and DNSSEC?

When I joined the staff of the Internet Society back in late September, the project I joined was charged with looking at questions like that and developing a means to promote online resources that would help speed up the usage of IPv6 and DNSSEC.

Yesterday, after a long 3 months of hard work, we formally announced what we are now calling the "Internet Society Deploy360 Programme" located at:

http://www.internetsociety.org/deploy360/

On that site, you will find real-world deployment information about how to get started with both technologies. Case studies, how-to documents, links to other sites, and much, much more...

THIS LAUNCH IS JUST THE BEGINNING!

The site is certainly incomplete... we wanted to get the site out there and now my task over the months ahead is to fill the site up with answers to questions and pointers to new information.

We're not looking to add ALL the information found on the web about IPv6 and DNSSEC, but rather the best information we can find.

And where we can't find information that answers specific questions, we'll be creating new materials either directly ourselves or with partners. As an example, I'm working right now on some tutorials about how to add DNSSEC support into Firefox, and how to configure DNSSEC for your domain at a couple of different registrars.

And let me tell you, it is EXTREMELY clear to me now that this program(me) is definitely needed, as many parts of both DNSSEC and IPv6 are in desperate need of geek-to-common-language translation! Just sorting through some of the steps myself, it's very clear that there's a good bit of pain that needs to be taken away...

To that end, we will be constantly adding new material and resources as we both find and create new content - both in text, video and other forms.

Our goal is also to help foster the conversation around these topics, and so we'll have a constant stream of blog posts and will, of course, be engaging via many forms of social media. You can be part of what we are doing by:

and I would definitely encourage you to join us on as many of those channels as you use. We're also actively seeking volunteers to assist us and have been rather humbled and pleased by the great amount of interest and support we've already seen.

I'm excited to get this project out there... and am looking forward to the months ahead as we build the momentum to help get both IPv6 and DNSSEC more widely deployed!

Please do take a look around the Deploy360 site. I'd love to hear any feedback or suggestions you have. Are there other questions we can be answering? What are the barriers you have found to using these technologies? Are there sites or resources that you found very helpful that we don't have on the site yet? Please do let me know! Drop me an email, fill out our feedback form, ping me on one of the various social media... heck, leave a comment to this blog post! Somehow... I'd love to know what you think.

And with that, I'm off to write some content...

If you found this post interesting or useful, please consider either:

Posted by on January 06, 2012 in Internet, IPv6 | | Comments (0) | TrackBack (0)

| |

December 08, 2011

Heading to Boston for USENIX LISA 2011 Conference Dec 8 and 9

LISA11 1
Today I'm driving about 2 hours southeast into downtown Boston to attend the USENIX Large Installation System Administration (LISA) conference. As I wrote about on an ISOC blog, the head of my team within the Internet Society, Richard Jimmerson, will be speaking today at 2pm Eastern on the topic of:
IPv6, DNSSEC, RPKI, etc.: What’s the Holdup and How Can We Help?

You’re busy. We get it. This industry moves fast and you’ve got your hands full keeping your networks updated and secure from the threat of the day. But why is it taking so long to deploy IPv6, DNSSEC, and other standards coming out of the IETF? These standards are the future of the Internet, but deployment to date has been slow.

He'll be outlining the new ISOC project of which I am a part that aims to help speed up the deployment of these standards - and asking for feedback and help. I will be there along with another team member, Megan Kruse, to talk with folks about the project and interact with people involved with IPv6, DNSSEC and other technologies.

It's been a good number of years since I last attended a USENIX conference but I'm very much looking forward to getting back with the crowd. Looks like some excellent technical talks so I'm looking forward to learning a good bit.

If you are down at LISA, please do feel free to drop me a note - or find me on Twitter. I expect I'll be tweeting out of the event and probably posting some thoughts and comments.

If you found this post interesting or useful, please consider either:

Posted by on December 08, 2011 in Conferences, Internet, IPv6 | | Comments (0) | TrackBack (0)

| |

November 09, 2011

And So It Begins... Comcast Starts Rolling Out IPv6 Production Network

Ipv6 200For those of us wanting to see IPv6 deployed, yesterday brought the great news that Comcast has started rolling out its IPv6 production network to customers.

Now, granted, the initial rollout was to only 100 homes in San Francisco's East Bay. It is also restricted to a single computer directly connected to a Comcast cable modem. This initial rollout did not support home routers which are typically found for WiFi in many/most homes these days.

Still... it's a start!

The experience Comcast gains with this initial rollout will only help them with wider rollouts and the inclusion of home routers.

Kudos to Comcast for this start of their IPv6 rollout... I'm looking forward to hearing of other service providers starting their IPv6 deployments! (Time Warner, I'm talking about you! :-)

UPDATE: Comcast has now come out with two of their own blog posts on this topic:

Notice in particular this great part to the technical piece:

It is also important to note that we are deploying native dual stack, which means a customer gets both IPv6 and IPv4 addresses. That means we are not using tunneling technology or large scale Network Address Translation (NAT). Using a tunnel introduces additional overhead compared to not using one (native IPv6), as your traffic must traverse a relaybefore going to the destination and back. And NAT technologies rely on two layers of NAT, one in your home (in a home gateway device), and one within a the service provider's network that usually shares a single IPv4 address across possibly hundreds of customers or more. Using NAT presents many challenges compared to not using NAT, as your traffic must traverse a NAT device before going to the destination and back. In addition, we believe those two layers of NAT will break a number of applications that are important to our customers.

If you found this post interesting or useful, please consider either:

Posted by on November 09, 2011 in Internet, IPv6 | | Comments (0) | TrackBack (0)

| |

November 02, 2011

Want to Learn About Deploying IPv6, DNSSEC? Attend the ION Conference in Toronto on Nov 14th

IONConference
Would you like to learn about how to deploy IPv6? Would you like to hear from people who are already using IPv6 within their networks? Would you like to learn a bit about DNSSEC and how it can help you secure your online presence?

If so, please join us in Toronto, Ontario, Canada, for our next "Internet ON" (ION) Conference on Monday, November 14, 2011, starting at 12:30pm and sponsored by the Internet Society (my new employer). The sessions on the agenda include:

  • New ISOC Initiative – Bridging the Divide Between IETF Standards and Industry-wide Deployment
  • Panel Discussion: Challenges and Opportunities in Deploying IPv6, DNSSEC, and Other Key Technologies
  • World IPv6 Day Recap (my presentation)
  • Ask the Expert: Next Steps to Implementing IPv6
  • Closing Remarks and Q&A

We're looking forward to providing a great session for people to ask questions and talk about how to get these technologies actually deployed in networks today.

The ION conference is part of the larger 2011 Canadian ISP Summit that takes place on the following two days and is included as part of the registration for the Canadian ISP Summit.

However, registration for the ION conference is FREE if you just want to attend the half-day session on Monday. You can sign up through the Canadian ISP Summit registration page, where one of the available options is for the ION ONLY registration.

(NOTE: If you do sign up for the free ION Only registration, the lunch and dinner listed on the agenda are not included. Those are part of the full registration.)

If you do want to register for the full Canadian ISP Summit, which has a great agenda of technical and business talks , we have a discount code of "ISOCDC" which can get your $50 off the registration if used by November 11, 2011.

We just had a very successful ION event in Buenos Aires last month and we're looking forward to great conversations and discussions up in Toronto - I hope to see you there!

P.S. A couple of people have already asked me if I'm going to be able to spend more time in Toronto (and meet them). Unfortunately due to family medical issues I'm just in Toronto for Monday and will be flying back Tuesday morning. Normally I would have loved to stay for this full event because some of the other sessions look great - and Toronto is also an outstanding place to visit.

If you found this post interesting or useful, please consider either:

Posted by on November 02, 2011 in Internet, IPv6 | | Comments (0) | TrackBack (0)

| |

44% of SIP Implementations at SIPit 29 Supported IPv6!

Sipitlogo
Last week (Oct 24-27) was the 29th SIPit interoperability test event hosted by ETSI in Monaco. Organizer Robert Sparks has provided his usual outstanding summary of what occurred:
https://www.sipit.net/SIPit29_summary

The key point for me, given my new role, was right up at the top:

44% of the implementations present supported IPv6.

Now, of course ideally we'd like that to be 100%, but hey, it's at least a good start!

There is also some narrative further down the report about "IPv6 Focused Tests" with some interesting info. One interesting note seems to be this:

Most UAs that supported dual-stack had a configuration to tell the application to ignore any returned AAAAs due to issues encountered in deployments where endpoints autoconfigured IPV6 that didn't actually work.

In the web world this has been referred to as the "happy eyeballs" problem where a browser will try a DNS AAAA record to get to a site over IPv6 and then eventually will fail back to trying the A record to go over IPv4. The delay will cause the user to be very UNhappy. There are a couple of ways to address the issue with the usual one being to try both IPv6 and IPv4 addresses simultaneously and then connect over whichever one responds back first. (There is an entire "happy eyeballs" Internet-Draft that goes into this topic for those interested.)

From this simple sentence it would sound to me like the implementations are NOT supporting a "happy eyeballs" approach for SIP but are rather providing an "ignore IPv6" configuration setting. I wasn't there so I don't know... but I would hope that over time all dual-stack SIP implementations would move to supporting this kind of approach (versus disabling IPv6).

It was also good to see that tests occurred in a mixed environment:

We successfully tested calls going though a mix of v4 and v6 hops (accruing Via and Route/Record-Route headers with addresses in both families.

Wearing my security hat I was also pleased to see this:

80% of the endpoints present supported SRTP using sdes

Again, you'd love 100%, but at least this shows the availability of SRTP should companies decide to enable SRTP.

Lots of other great commentary in the SIPit 29 summary around STUN/TURN/ICE and many other issues. Definitely worth a read if you are interested in SIP.

And... if you a creator of SIP-related hardware and software, watch the SIPit website for news of the next SIPit event so that you, too, can join in the testing!

And if you have not heard of SIPit before, here's a video I did back in September 2009 with organizer Robert Sparks:

If you found this post interesting or useful, please consider either:

Posted by on November 02, 2011 in IPv6, SIP | | Comments (3) | TrackBack (0)

| |

September 30, 2011

Speaking Next Week on IPv6 and VoIP Security at 7th Real-Time Communications Conference in Chicago

Rtcconf2011
If any of you will be in Chicago next week, October 4-6, 2011, for the 7th Annual Real-Time Communications Conference & Expo, I'll be there on the 5th and 6th as a speaker.

I'll be speaking twice. First on Wednesday the 5th at 4pm on "The Current State of VoIP Security", wearing my VOIPSA hat and leading off a series of talks about security. I'll be providing an overview of the main threats to VoIP and communications security in general, leading the way into the two more specific talks following mine.

I'm rather excited that my second session will be my first public appearance wearing my new Internet Society hat (if you are not aware, I've posted details about my recent move) and will of course be about IPv6... more specifically "How IPv6 Will Impact SIP And Telecom".

Due to ongoing events on the personal front, I wasn't sure that I was going to make it out there... and quite frankly there's still a chance that I won't... but I should be out there.

If you look at the conference schedule, the speakers include outstanding people involved with so many different aspects of real-time communications. It should be truly an excellent event!

P.S. You can still register if you would like to attend!

If you found this post interesting or useful, please consider either:

Posted by on September 30, 2011 in IPv6, Security, VoIP Security, VOIPSA | | Comments (0) | TrackBack (0)

| |

September 14, 2011

Ch-changes - Taking A New Job At The Internet Society To Join The Fight For The Open Internet

In the end, my impending job change is perhaps best explained by two quotes: this prescient quote from the 1992 film Sneakers:

“There’s a war out there, old friend. A world war. And it’s not about who’s got the most bullets. It’s about who controls the information. What we see and hear, how we work, what we think… it’s all about the information!”

and this quote from poet Mary Oliver:

“Tell me, what is it you plan to do with your one wild and precious life?”

For a longer explanation, read on... but perhaps not on a mobile phone... this one's a bit on the lengthy side...

Bleeding "Voxeo Blue"

voxeologohoriz.pngJust shy of four years ago, I wrote here about joining this incredibly remarkable company, Voxeo, that probably none of you had ever heard of.

I hope I changed that a wee bit. :-)

Around a thousand blog posts later, a hundred videos, too many speaking engagements and webinars to count, many articles, a ton of analyst briefings and media interviews ... and countless tweets, Facebook posts and other updates later... it has been truly an amazing journey.

Along the way I have come to truly love the company - and I don't use that term lightly - and the incredible people who are gathered together focused on making Voxeo THE platform for developing and deploying communications applications. As I mentioned in a recent post, Voxeo is a rocketship, firing into the skies and leaving its competitors behind.

Over these four years, I have been living, breathing, eating, sleeping all things Voxeo... I have been proud to be a "Voxeon"... slice open my skin and it bleeds "Voxeo blue"...

The Larger Battle

And yet... I have never been able to escape the siren call of the larger battle going on all around us. It did not surprise me to find that the Voxeo blog in which I published the most posts is "Speaking of Standards". Listeners to my weekly reports into the FIR podcast have perhaps grown weary of my rants about "single points of failure" and the need for services that are "distributed and decentralized" that allow you to retain control over your information and content. Readers of my blogs have seen my many posts on the theme of "the open Internet".

We have before us a choice of futures.

One choice leads to a future where innovative companies like Voxeo can emerge, thrive, disrupt and succeed.

Another choice leads to a future where what little "innovation" there is exists only at the will of the gatekeepers to the network after appropriate requirements and/or payments are met. Other choices lead to outcomes somewhere in between those polarities.

How will we choose?

Walled Gardens, Redux

The Walled Garden (1)
I began my time online some 30 years ago in the 1980's era of the big "information services". CompuServe, AOL, Prodigy, Delphi, The Source, GENIE... and many other names that have long since faded into history.

People accustomed to the ubiquity of the Web today might find it hard to believe that once upon a time you could only get certain news, technical, financial, movie or sports info on the service to which you subscribed... that you could only communicate with people who had accounts on the same system as you.

It was the era of the proverbial "walled gardens"... where each service tried to keep the walls high enough and the content pretty enough that you would never leave.

The forces of "openness" were around, too. Academic networks like BITNET and JANET on the one end and home-grown networks of BBS's like FidoNet on the other, with other networks and things like UUCP and Usenet floating around as well.

And then came this "Internet", the one network to interconnect them all.

And out of that interconnection and interoperability came the world we live in today... out of that chaotic world of engineers and open standards came this network that is now no longer simply a research network but instead has become critical communication infrastructure... and a critical component of commerce.

And with that rise to prominence come all those who would seek to change the nature of the network... for perceived safety... for convenience... for profit... for control... for "security"...

So now we see services like Facebook, Google+, Twitter and more that seek to provide a nice pretty space in which you can exchange messages, photos and more... without ever leaving the confines of the service... they are a walled garden with just many ways to access the garden and to look over the walls.

Everyone wants to own your eyeballs... to host your content... to provide your identity...

And we see companies like Apple, Google and Microsoft seeking to control a large degree of how we connect to and use the mobile Internet...

And we see a change from "permissionless innovation" where anyone can set up a new service... to a model where you have ask permission or agree to certain "terms of service" in order to connect your new service to other services or to have your app available on some platforms...

And we see countries that want to throw up a wall around their citizens... sometimes to keep information from coming in... and sometimes to keep information from going out... and sometimes to be able to shut down all access...

And we see players who did control our communications systems always looking for opportunities where they could maybe, just maybe, stuff the proverbial genie back in the bottle and regain that control they lost...

It's a crazy time...

As one who has lived through our online evolution, and who in fact has been able to do what I do and to live where I live because of the "open Internet", I don't want to see us return into a fractured world of walled gardens.

We can make a different choice.

And So, A Choice

IsoclogoIn the midst of all this craziness exists a global nonprofit organization that many of you may not have heard of. It has a very simple mission:

to promote the open development, evolution, and use of the Internet for the benefit of all people throughout the world.

The Internet Society, or "ISOC" for short, exists to promote the idea that "the Internet is for everyone", where "everyone" includes people all around the world... and yes, it includes the corporations, service providers, governments and other organizations, too. To support that mission, ISOC undertakes a wide variety of education and policy initiatives around the world, all with the aim of fostering the growth of the open Internet. Local "chapters" of ISOC have sprouted up around the globe pursuing these initiatives at a local/regional level. Perhaps more relevant to many readers, ISOC is the organizational home of the Internet Engineering Task Force (IETF), the group that creates the RFCs and the open standards that describe how the Internet operates today. A significant amount of ISOC's focus is on facilitating the creation and promotion of these open standards. (For those curious to learn more, ISOC's 2010 Annual Report is available online.)

I was actually a dues-paying member of ISOC back in the early '90s, when each month I would read through their print magazine (very ironically, but this was pre-Web) "On The Internet" to learn more about how the Internet was evolving throughout the world. I rejoined again a year or two ago to help in some small way support this very important work. (You can join, too.)

And on this coming Monday, September 19th, I will join the Internet Society as a staff member.

The Missing Link

Missing Link
The particular project I will join within ISOC is a brand new initiative targeted at helping bridge the gap between the standards created within the IETF and the network operators and enterprises who are actually deploying networks and technologies based on those standards. To help translate those standards into operational guidance... to help people understand how to deploy those standards and why they should, what benefit they will see, etc

The initiative is currently called the "Deployment and Operationalization Hub", or "DO Hub", and while that may or may not be its final name, the idea is to find/curate content that is already out there created by others, create content where there are gaps, make it easy to distribute information about these resources... and promote the heck out of it so that people get connected to the resources that they need. The initial focus will be, somewhat predictably, on IPv6, but also DNSSEC and possibly another technology. It is a new project and the focus is being very deliberately kept tight to see how effective this can be,

My title will be Senior Content Strategist and my role will very much be about the creation, curation and distribution of information. Writing articles, reviewing resources, blogging, creating videos, screencasts, etc, Once we have the initial repository built out, there will be a phase next year where we will be out on the conference circuit talking about these technologies and helping people understand how they can get started... and continually adding even more content.

For a guy who loves teaching, writing and "demystifying emerging technology", it's kind of tailor-made. In fact, when ISOC approached me a few months ago with the job description, my wife and I both looked at each other and said "wow, that's me!"

In the end, the goal is to help make it as easy as possible to deploy and use open standards... so that we might wind up collectively making the choices that can lead to an open Internet where innovation can thrive.

I'll still be living in Keene, NH. (Many ISOC employees are remote.) I'll still be blogging in my various blogs. I'll still be speaking at conferences from time to time. I'll be back at IETF meetings again (which I'm VERY much looking forward to). None of that really changes with this move.

Every New Beginning Comes From...

..some other beginning's end. ("Closing Time", by Semisonic)

Leaving Voxeo was decidedly NOT an easy choice. I agonized over the decision for an insanely long time. I work with awesome people who I know I will miss, have been thoroughly enjoying what we are doing and have been looking forward to where the company is going... it has some amazing plans that will even further disrupt the industry!

Some will tell me that I am crazy... that Voxeo is the closest they've seen to a "sure thing"... that leaving is a dumb move.

They may be right.

And yet... recent events in my personal life have highlighted the fragility of our lives and the limited time we have - and the need to pursue one's passion.

And so it is that I end one beginning and start a new one... with the hope that in some small way the new work I do will help companies like Voxeo thrive - and indeed to help continue and expand the conditions that create companies like Voxeo.

We have a choice of futures before us...

Image credits: Gerry Balding, Thomas Gehrke on Flickr.

Posted by on September 14, 2011 in Internet, IPv6, Personal, Voxeo | | Comments (16) | TrackBack (1)

| |

Next »

Subscribe


  • Or enter your email address:

Become a Fan

Full Disclosure

  • Dan York, CISSP, is Senior Content Strategist at the Internet Society and is also the Chairman of the VOIP Security Alliance (VOIPSA).

    Please note that neither the Internet Society nor VOIPSA have any connection to this weblog and any opinions stated here are entirely Dan's.

Archives

More...

Categories

My Latest Book


  • Migrating Applications to IPv6

Other Places I Write

Twitter Updates

    follow me on Twitter

    Disruptive Conversations

    Voice of VOIPSA