Tag Archives: ipv6


So we survived the day pretty well. Yay for things going as they should ;)

A quick summary would be having one query regarding being unable to hit our test site and that turned out to be a browser issue at the client. The following counters from it (stats from around 15h00 SAST):

   2012-06-06  --  228 IPv4 only
   2012-06-06  --  5 Confused
   2012-06-06  --  1 Web Filter
   2012-06-06  --  46 Dual Stack - IPv6 Preferred
   2012-06-06  --  16 Dual Stack - IPv4 Preferred

Not bad, considering we only took it live sometime last night. Some other people didn’t get by quite so well on v6 day though. Yahoo was one of them. When trying to go to ‘www.yahoo.com’, we get redirected to ‘za.yahoo.com’ with the following DNS records:

vandali % host za.yahoo.com
za.yahoo.com is an alias for fd-fp2.wg1.b.yahoo.com.
fd-fp2.wg1.b.yahoo.com is an alias for ds-fp2.wg1.b.yahoo.com.
ds-fp2.wg1.b.yahoo.com is an alias for ds-any-fp2.wa1.b.yahoo.com.
ds-any-fp2.wa1.b.yahoo.com has address
ds-any-fp2.wa1.b.yahoo.com has IPv6 address 2a00:1288:f00e:1fe::3001
ds-any-fp2.wa1.b.yahoo.com has IPv6 address 2a00:1288:f006:1fe::3000
ds-any-fp2.wa1.b.yahoo.com has IPv6 address 2a00:1288:f006:1fe::3001
ds-any-fp2.wa1.b.yahoo.com has IPv6 address 2a00:1288:f00e:1fe::3000

This then blows up at one of their Accelerators:

Worth a slight thought, since Yahoo actually appears to see use over much of Africa.

All said and done, a fairly good day. Didn’t notice any major blowouts elsewhere in the internet (although I should note I wasn’t tracking all news), and I look forward to some write-ups by the usual people (Renesys, HE, Evilrouters, etc) in the next few days. We appear to remain one of the most well-connected IPv6 ISPs in South Africa, and in a pretty good position overall.

6th of the 6th, launch ALL the things

So, it’s World IPv6 Day^W^W^WIPv6 Launch Day (rebranding lulz). Go test your IPv6 at some appropriate site like here (hosted in South Africa) or here (somewhere else than South Africa, I didn’t check).

Google also had some conference announcement about the next stage in Maps. I wonder if it’s this thing I saw on Google Maps last night: Mapmaker. It appears to be 4sq meets Waze meets .. something. Let’s see at 9am PST.

Update: here’s a screenshot.

Second update: (fuck you WordPress editor) apparently Mapmaker’s been live since mid-April. Talk about a quiet launch.

Mapmaker Intro Screen


Hai, can I hav sum intergnats plox?

Alternative post title: IPv6 all up in hurr

Some years ago, before the age of cheap international access on local ISPs arrived here, dual-homing (or n-homing, depending on how pimp you were) on your residential connection was quite the fashion among .za tech-heads. But not the fancy sort with BGP and decent best-route selection, just a really grubby sort: two accounts, one local (as in .za routing table) and one international. You can read up about the full setup over here on Stefano’s site.

Due to the nature of the split, there was some fun. Fun in the order which things might come up, fun in which session’s routing is ready first, fun in DNS server overwriting, that sort of thing. Of course, I mean fun tongue-in-cheek, since it was mostly an annoyance. Especially when ddclient picks the wrong PPP session (“the config says ppp1, why are you using ppp0?”), or doesn’t want to ignore its cachefile (forcing you to wrap it in another script and delete the cache yourself), or when your line flaps and all pppd instances go into this weird race condition where they suddenly all acquire the same IP, or ….. well, I guess you get the idea. It was painful.

Thankfully times have progressed, and now it’s possible to get IPv6. Hell, if you’re in the right place you can even get a static allocation of v6. Working for AS37105, this is of course one of the work perks, since we (the tech team on the v6 deployment) dogfood it ourselves to make sure we know that things are actually working. Things we usually note are the following:

  • explosions in HE.net’s v6 core – hey, it happens
  • client apps misbehaving – surprisingly, chrome on my desktop is one of these
  • “mixed” support – mikrotik, for instance. you can telnet/ssh it on v6, but not winbox to a v6 address (I don’t recall if I’ve tested whether it connects if a hostname resolves to v6 address..mental note)

Personally, the best part for me is not having to ever deal with broken dyndns anymore, or having to maintain lots of funky NATs, or having to tunnel home and route traffic via the tunnel. If I just quickly want to ssh to my desktop, it has a hostname in DNS and it works. If I quickly want to check up on my traffic stats or anything else, I browse to yariman (my gateway/home store). It’s great, and makes my life that much nicer.

All of this said, World IPv6 Day next week! Are you all ready for your few days of carnage as other shitty ISPs run around unprepared? Bring on the future!

One other thing, props to PH.Fat for another good track. The track alone is cool enough for me to share it, but then I saw that the album (available on their website) is creative commons, and that just wins a bit harder. Nicely done, guys :)

P.S. Fuck you, WordPress content editor, and your stupidity in paragraph designation flow after bulletpoints.

IPConnect And You

The alternative title for this post would be “How your DSL connection actually works (if you’re in South Africa)”, but of course that’s silly long so we won’t go for that. This post is the one that was promised in a recent post, because it’s a subject that is often not entirely understood when being discussed, and I figured I’d rather get it done before I forget about it.

So, first things first: PPPoE. PPPoE is the protocol that’s used to dial up your session to your ISP. Okay, actually, I’ll have to back up a bit further than that. To summarise very shortly from Wikipedia, “Digital subscriber line (DSL) is a family of technologies that provides digital data transmission over the wires of a local telephone network”. The gist of this means “fast internet over your phoneline, while leaving the voice circuit free”. It accomplishes this is by sending specific digital signals over the same line at a higher frequency (this is why POTS filters are used, see more here), and these digital signals are often ethernet frames transported over an ATM circuit. This very last bit isn’t important to the layman reader, except to understand that in the configuration we have in South Africa, it’s not the ideal way to manage a connection.

Now there’s two ways one can normally work with this traffic when you, the customer, dials in. The first is how it currently works: you dial in from your computer, and Telkom “terminates” the session. What “terminates” means in this instance is that their systems are the peer that your communication speaks to (think tin-cans-with-string). The second instance (a scenario called Bitstream) is where your ISP would be the peer for your communication, and they would terminate the session on their LNS (L2TP Network Server). In either case, how this dialing works is by encapsulating a protocol called the Point-to-Point Protocol, or PPP, inside the ethernet frames (think school textbook with your notepapers pushed into the book at all the relevant pages). So effectively the PPP packets carry your actual data, with the ethernet bits being the boat for the river that is the Public Switched Telephone Network, or PSTN.

As mentioned in the previous paragraph, Telkom terminates the PPPoE session here. When you’re dialing in, their AAA servers get an access request for “alex@mydomain.co.za”, look up the AAA servers responsible for “mydomain.co.za” and sends off an access request with the same information, essentially asking “is alex@mydomain.co.za allowed to dial in with this information that was given?”. If your ISPs AAA servers respond “yes”, Telkom’s equipment will go ahead with attempting to set up your connection.

Here’s where it gets sticky. Because it’s Telkom’s network terminating the connection, there isn’t a lot of control that they can give over to the ISP on how to handle customer sessions on their equipment at a national scale, so instead they go for preconfiguring their routers with specific IP pools and routing information. This is why, if you dial from a certain line over and over again, you can quite possibly end up getting the same IP (because the device terminating your connection has a specific, finite set of IPs it could possibly give you). The configuration which Telkom uses for this is designed only around IPv4, and around their equipment “forwarding” your ISP your traffic once it has “de-encapsulated” it. Consequently, for various reasons (technical and otherwise), it is essentially impossible to deliver native IPv6 to an ADSL user in South Africa dialing up with PPPoE. This same configuration is also why all the static IP products in the market require a bit “extra” on top of just a normal dialing process.

The alternative configuration, Bitstream, is one where your ISP would be terminating all traffic, and could give you whatever services they are able to provide (within the constraints of their technical ability). Obviously the latter is the more desired option, and has been requested from Telkom for quite some time now.

Well, that’s it. I’ve tried to not go into an abundance of overly technical details in this post as I felt those could be better served elsewhere, but if there’s any questions or remarks, please do leave a comment so that I could look into it and attempt to answer or clarify.

South African IPv6 Usage

Over the past while Simeon’s blog has had a few posts concerning IPv6, and this alongside a few other posts that I’ve come across essentially indicate a very sad state of IPv6 in South Africa.

A quick check on Sixxs shows that while there’s a whole lot of allocations, many aren’t seen on the internet at all. We (AS37105) have had our network fully IPv6-capable for quite some time and we’ve even tested native IPv6 connectivity (dual-stack and IPv6-only) delivered to the customer over iBurst‘s network on a PPPoE session, so with all this IPv6 and no-one to send packets to we started looking at who we could get online. We’ve had a pretty good relationship with JAWUG over the years, and as of last night we’re transiting a bit of best-effort IPv6 for them. One of our customers, SA Digital Villages, has also had an IPv6 allocation for some time and their transit is now IPv6-enabled as well.

Here’s to hoping for more IPv6 in SA soon!


P.S. In another post I’ll explain why it’s hard to get IPv6 to a Telkom DSL customer in South Africa natively.

Time, NTP and Shiny Things

I see that Regardt beat me to the punch on this one, but we recently got a Meinberg timeserver going. It’s stratum1, publicly accessible and speaks IPv6 fluently! We’ve added it to the pools, so if you use the poolservers you’re quite likely to end up on it sometime.