9.26.2009

Disable IPv6

Short preface. In May 2005, I successfully graduated Kyiv Politechnical Institute with master degree work "Transition mechanism for IPv6 protocol". The main idea there was to start transition from small networks by assigning routable (in future) IPv6 addresses to these networks. After some time, these networks would create more and more pressure on their ISP to enable IPv6 routing between them. Later this would bring big telcos to enable IPv6 on main routers. The way from small networks to big group of interconnected networks – the way to Internet II.

And what do we have now, after 17 years of developing? All we have is 1,690,000 pages, cached by Google with keyword disable ipv6.
And I'm not joking... Of course, number of articles, posts and forum threads with enable IPv6 is 2 times higher. But why so many people are trying to disable Next Generation Internet Protocol? Why to disable protocol, which was designed to make networks bigger, simpler, more reliable and faster (here I mean enhanced routing capabilities of IPv6 protocol - hierarchical address space, which allows to make routing decisions more quickly)? The answer is simple and complicated at the same time. Regular users disable IPv6, because modern software trying to use it in wrong way. Why this happens?
Let’s see. Most of the computers, connected to Internet, are connected to IPv4 part of Internet only. But at the same time, it might be that Operating Systems (OS) of their computers already support IPv6 (and all modern ones do support IPv6). It's not a problem till that time you're trying to make any network connection. Of course, it’s stupid be connected to Internet and not use it. So you’re starting to type www.mib.net.ua in web browser, checking for new emails in your favourite Email client, etc. What happens then? Name resolving – application (browser, Email client) sends request to OS in order to get IP address of desired hostname. Remember, we have OS with IPv4/IPv6 support, so resolver libraries (part of OS, responsible for interaction with DNS servers) requesting IPv4 and IPv6 addresses. Imagine, that DNS returned 2 addresses, like on image below:
disable IPv6
What then? Then we may read RFC2893:
DNS resolver libraries on IPv6/IPv4 nodes MUST be capable of handling both A6/AAAA and A records. However, when a query locates an A6/AAAA record holding an IPv6 address, and an A record holding an IPv4 address, the resolver library MAY filter or order the results returned to the application in order to influence the version of IP packets used to communicate with that node.

If it returns both addresses, the application will have the choice which address to use, and thus which IP protocol to employ.
If it returns both, the resolver MAY elect to order the addresses - IPv6 first, or IPv4 first. Since most applications try the addresses in the order they are returned by the resolver, this can affect the IP version "preference" of applications.

Check image above again. As you can see there, this is FreeBSD and it returns IPv4 address followed by IPv6. So application running on FreeBSD will first try to connect using IPv4 address. Usually, this connection will be successful. But if OS returns IPv6 address first, then application will try to connect using it. Since we’re not connected to IPv6 network, connection will fail. But anyway some time will be lost. For user this means slower speed of application. And this speed can be increased by… disabling IPv6. Yes, this is true. If you disable IPv6 on OS level, it won’t request IPv6 address of hostname via DNS. No IPv6 address – no connection attempt via IPv6 network – no loss of time – no speed loss. Yes, so simple and so sad.
More complicated way is to develop software more carefully. It's possible to add IPv6 settings in Configuration menu and allow user to decide - how application should behave if IPv4 and IPv6 addresses returned by resolver. This is done in some applications, like Mozilla, already. Hope that soon this becomes de-facto for all software.

Make Internet smarter - leave a comment :)