|
| News | Profile | Code | Photography | Looking Glass | Projects | System Statistics | Uncategorized |
Blog |
Shortly after getting back from NANOG47, I figured I'd query the friendly folks at Voxel dot Net (they host my web server, dax) about the state of their IPv6 offerings. Turns out it was good timing, since they were just starting up the pilot program (now publicized via an official Voxel blog entry) for IPv6 on dedicated servers.
Previous to this, I had a 6in4 tunnel with Hurricane Electric, which worked pretty well. Of course, unlike any transition mechanism, it suffered from 20 bytes of overhead, limiting the effective MTU to 1480 bytes. It was also very close to dax, also in the 111 8th carrier hotel in NYC (I think).
The following week Voxel moved my server to another switch (closer to their core, apparently, since latencies across the board dropped by a ms or two) and then assigned me a /64 for the link and a /56 for other purposes:
Reverse DNS for both of the blocks was delegated to my nameservers, and authority was transferred via the SWIP.
For the first time ever, I was able to do the following from one of my boxes:
% ping6 -mm -s 1452 he.net. PING6(1500=40+8+1452 bytes) 2001:48c8:1:2::2 --> 2001:470:0:76::2 1460 bytes from 2001:470:0:76::2, icmp_seq=0 hlim=56 time=97.509 ms 1460 bytes from 2001:470:0:76::2, icmp_seq=1 hlim=56 time=97.474 ms
For the first couple of days, I still had my default route pointed through my HE tunnel, so some traffic egressed via Voxel and came back via HE. I also used some IPv6 NAT (ugh!) before renumering my network from HE space to my shiny new Voxel /56. Renumbering was pretty easy, even though I had to hit every router in my network. It essentially consisted of a couple regular expressions:
:%s/2001:470:8ad6::\/48/2001:48c8:1:100::\/56/gi :%s/2001:470:8ad6:/2001:48c8:1:/gi :%s/48c8:1:\(.\):/48c8:1:10\1:/gi :%s/48c8:1:\(..\):/48c8:1:1\1:/gi :%s/48c8:1:ffff/48c8:1:1ff/gi
I am still keeping the HE tunnel around just in case I need to NAT some traffic through through it. The NAT rule I have in pf.conf is:
nat on gif3 from 2001:48c8:1:100::/56 to any -> 2001:470:1f06:c1d::2
Basically, if I add routes in Zebra pointing toward HE, the traffic will automatically have source NAT applied.
Other than dax, the rest of my network still has some tunnel overhead, since I run 6in4 tunnels internally, but there's no fixing that until everybody starts offering IPv6. That will be awhile.
Overall, Voxel's IPv6 transit is fantastic. From what I can tell, their upstreams consist of nLayer, Cogent, Hurricane Electric, TeliaSonera, and I think Level3 is in the mix somehow, too, but it seems they just do tunnels. If you look at their PeeringDB record (AS29791) they're also present at quite a number of Internet exchanges (IXes). The only sore spot is the connectivity to Google. Since I'm still using HE's nameservers for Google over IPv6, www.google.com still translates to records that provide AAAA RRs. Unfortunately, all traffic to Google goes through AMS-IX:
1 et3.starfire.prolixium.net (2001:48c8:1:105::1) 0.187 ms 2 gi7.dax.prolixium.net (2001:48c8:1:1ff::2d) 31.482 ms 3 voxel.prolixium.net (2001:48c8:1:2::1) 35.359 ms 4 0.ae2.tsr1.lga5.us.voxel.net (2001:48c8::82d) 31.133 ms 5 0.ae59.tsr1.lga3.us.voxel.net (2001:48c8::821) 35.091 ms 6 904.te1-2.tsr1.ams2.nl.voxel.net (2001:48c8::816) 124.026 ms 7 pr61.ams04.net.google.com (2001:7f8:1::a501:5169:1) 115.442 ms 8 * 9 * 10 * 11 * 12 * 13 * 14 * 15 vx-in-x68.1e100.net (2001:4860:b004::68) 212.501 ms
I'm sure that will improve in the future. Another neat thing (well, maybe not too neat) is I can now reach Cogent's IPv6 space from my network, where I previously couldn't, due to peering spats between them and HE. Cogent still won't peer with HE, for reasons unknown. I suspect they're just idiots.
Anyway, feel free to do an IPv6 traceroute from my looking glass. Hopefully more providers will offer IPv6 services they way Voxel does, in the near future.
New comments are currently disabled for this entry.
     |
This HTML for this page was generated in 0.000 seconds. |