Forgot your password?
typodupeerror
OS X

Mac OS X Problem Puts Up a Block To IPv6 204

Posted by kdawson
from the twenty-five-or-six-to-four dept.
An anonymous reader lets us know of an experiment conducted in Norway to determine real-world problems in using IPv6 today (Google translation; Norwegian original). "According to a Norwegian article in digi.no, Redpill Linpro did an experiment with regard to IPv6 on one of the largest online newspapers there (www.vg.no). They added a hidden iframe that pointed to an IPv6-enabled domain to test real-life problems about the reported IPv6 holes. The result was that mainly Mac OS X, older versions of Opera, and a few Linux distributions exhibited problems. For Mac OS X it took 75 seconds to time out before failing back to IPv4." From the consultant's report: "Mac OS X has a problem in that it will prefer 6to4-based IPv6 over IPv4-based connectivity, at least if its local IPv4 address is an RFC 1918-based private address as commonly found in NAT-ed home network environments. This is unfortunate, as 6to4 has shown itself to be much less reliable than IPv4."
This discussion has been archived. No new comments can be posted.

Mac OS X Problem Puts Up a Block To IPv6

Comments Filter:
  • by WrongSizeGlass (838941) on Tuesday May 04, 2010 @05:57PM (#32091520)
    I wonder if this is a Mac issue or if IPv6 just isn't proper;y supported "out in the wild" yet? TFA doesn't mention a Windows test.
  • by Anonymous Coward on Tuesday May 04, 2010 @05:57PM (#32091522)

    jcr, what's the real story behind this? You were heavily involved in the quality assurance of Mac OS X when you worked at Apple, were you not?

  • puts up a "block"? (Score:3, Insightful)

    by BitwiseX (300405) on Tuesday May 04, 2010 @05:58PM (#32091534)
    Hardly. Sounds like something that's pretty simple to fix before IPv4 addresses run out.
    An interesting article none the less.
  • by Anonymous Coward on Tuesday May 04, 2010 @05:58PM (#32091548)

    "Mac OS X, older versions of Opera, and a few Linux distributions exhibited problems"

    What? That's like saying my Rolex, Fishing Poll and some other wristwatches have an issue with something. Sometime tells me the OS X in the headline was just for sensationalism.

  • by Anonymous Coward on Tuesday May 04, 2010 @06:10PM (#32091678)

    couldn't find a juicier and more misleading title? zealous jackass.

  • by bsDaemon (87307) on Tuesday May 04, 2010 @06:16PM (#32091720)

    Because it's cool to hate Apple, or at least 'typical' Apple customers, so any time there is a product fault or a questionable business move we're going to hear about it, just like years ago there were more stories about Microsoft being schmucks than there were stories actually related to Linux or BSD. Now that Oracle has Sun in-tow, we're seeing more stories about poor ol' Sun, mostly as a back-handed attack on Oracle. It's the tao of the slashdot.

  • by Anonymous Coward on Tuesday May 04, 2010 @06:20PM (#32091766)

    If it's Mac only then it's a Mac issue. If it's all platforms then it's an IPv6 issue.

    As it turns out it's Mac, Opera and some flavours of Linux.

  • by the_humeister (922869) on Tuesday May 04, 2010 @06:22PM (#32091782)

    Apple is now hated slightly less than MS, which is pretty significant given how maybe a decade ago they were not hated at all. That's what happens when you become a corporate behemoth.

  • by Monkey_Genius (669908) on Tuesday May 04, 2010 @06:22PM (#32091786)
    Problem meets Nutshell.
  • by Anonymous Coward on Tuesday May 04, 2010 @06:23PM (#32091794)

    It's always worth pointing out when those who are so smug about being superior to Microsoft fux something up that Microsoft got right.

  • by Anonymous Coward on Tuesday May 04, 2010 @06:26PM (#32091818)

    yes. i used to work for apple. i also like to put my initials at the end so i can feel special. it lets people know that i'm important. who cares that my name would already appear above the post. but to show that putting my initials are justified, i'll post anonymously.

    -jcr

  • by OnlyJedi (709288) on Tuesday May 04, 2010 @06:27PM (#32091834) Homepage

    Because OSX is an entire operating system used by 7.95% of users [w3counter.com], while Linux is used by only 2.34% of users. Opera is just a web browser used by only 1.42% of users.

    For those 1.42% using Opera, it's rather easy to upgrade to a new version. As already stated there are versions available that fix the problem, and only requires a simple application install. Even if Opera never released a patched version, moving to Safari/Firefox/Chrome/(gasp!)IE isn't too hard, at least when compared to moving to a new OS.

    Updating an OS is more of a chore, especially in a large company with many computers. There is no update yet for OSX which addresses the issue, and even when it comes out there's no guarantee it will work with anything besides 10.6. Users of 10.5 may be, and users of 10.4 will almost certainly be, stuck no matter what web browser they choose. They would be forced to upgrade to 10.6; for users with older hardware, that might require them to buy new systems just to keep internet access. That's why the issue is bigger for OSX users than Opera users.

    (disclaimer: I am a happy user of OS X 10.6 on my iMac and MBP)

  • by Trepidity (597) <delirium-slashdo ... org minus author> on Tuesday May 04, 2010 @06:30PM (#32091862)

    It seems like it depends on the connectivity of the host as well. If the server has good IPv6 and good IPv4 connectivity, this problem can still manifest itself if the client has good IPv4 connectivity, but crappy IPv6 connectivity only via a 6to4 tunnel. In that case, OSX will prefer the 6to4 tunnel rather than the native IPv4 connection. If it were all native connections (native IPv6 and native IPv4), it'd be much less of a problem; it really seems to be preferring the tunnel that's causing all the reliability issues. The fix (applied to glibc, among others) seems to be to distinguish between native IPv6 connectivity and tunnel-based connectivity, and deprioritize tunnel-based connectivity.

  • by Alrescha (50745) on Tuesday May 04, 2010 @06:33PM (#32091886)

    The two points seem to be 'OS X is slow in falling back to an IPv4 address' and 'OS X seems to prefer IPv6 to IPv4'. It's perfectly obvious that OS X needs to improve its handling of certain connectivity problems, but how is *either* of these a "block" to IPv6?

    A.
    (who turns off IPv6 tunneling in his router because the gateways seem to go away a lot)

  • by phantomcircuit (938963) on Tuesday May 04, 2010 @06:58PM (#32092098) Homepage

    The problem is that the fallback mechanism apparently takes upwards of a minute to kick in. Clearly the solution is to attempt to connect via both ipv4 and ipv6 simultaneously and then go with which ever connection succeeds first and drop the other one.

  • Re:Not so simple (Score:3, Insightful)

    by klapaucjusz (1167407) on Tuesday May 04, 2010 @07:01PM (#32092124) Homepage

    Agreed, it's a reason to avoid IPv6 on the server. It is certainly not a reason to avoid IPv6 on the client altogether.

  • Re:Not so simple (Score:3, Insightful)

    by j h woodyatt (13108) <jhw@conjury.org> on Tuesday May 04, 2010 @07:17PM (#32092232) Homepage Journal

    We'd like the transition to be smooth, such that it's already complete, before IPv4 addresses run out or become rare...

    At this point, the transition is either going to be a very bumpy ride, or it's not going to happen at all. Smooth is no longer an option. Get used to it.

  • by Anonymous Coward on Tuesday May 04, 2010 @07:19PM (#32092256)

    Apple charges for security/bug fixes? Since when?

    Oh, right, no they don't.

  • by exomondo (1725132) on Tuesday May 04, 2010 @07:21PM (#32092282)

    Because it's cool to hate Apple

    Or, as per his post, because they are the only ones that haven't actually fixed the problem yet?

  • Re:Chicago (Score:3, Insightful)

    by Anonymous Coward on Tuesday May 04, 2010 @07:45PM (#32092480)

    And it's not shiny, maybe one day they'll implement it as iPv6

    Ahh yes your right, It has to have Apple's very affective from of marketing voodoo attached to it.

    1) Wait until IPv6 is rolled out across the internet
    2) Wait another 5 years for the rest of the industry to be using it without any problems
    3) Hold a press conference showcasing a prototype of a Mac running on IPv6
    4) Claim it as a new innovation that the world has never seen and generate ridiculous amounts of unnecessary media hype
    5) ?????
    6) Profit

  • by ekhben (628371) on Tuesday May 04, 2010 @08:19PM (#32092738)

    Yes.

    IPv6 tunnels, firewalls set to drop ICMP, removal of router fragmentation in IPv6, and application name resolution behaviours combine to cause a noticeable number of IPv6 connections to open successfully, but not send data.

    If you have the choice, avoid tunnels, both by using a native v6 connection yourself, and by only peering with known-good native v6 entities, which is what Google do.

    If you have the choice, avoid dual stack. Test it, by all means, so you're ready to provide service should v6 actually work, but avoid presenting AAAA and A records for the same name.

    If you have no choice, set your interface MTU to 1280 bytes, which resolves a large number of the problems.

  • by iluvcapra (782887) on Tuesday May 04, 2010 @08:24PM (#32092770)

    Apple is now hated slightly less than MS, which is pretty significant given how maybe a decade ago they were not hated at all.

    They weren't hated, they were held in contempt for making closed boxes that no one wanted to buy. What truly enrages the ilk of slashdot is that over the past ten years is that Apple has made a killing selling closed boxes, when all of the "common sense" of open source evangelism told them this was unpossible.

  • by larkost (79011) on Tuesday May 04, 2010 @08:54PM (#32092954)

    No, it wasn't. It was a large re-architecting of a lot of subsystems. This does not mean a lot for most users, thus they only announced a couple of user-visiable feautres. Not the same thing at all.

    For developers Snow Leopard was a rather feature-rich update.

  • by ekhben (628371) on Tuesday May 04, 2010 @08:59PM (#32092990)

    Almost certainly the latter.

    The article, and the accompanying 'raw' data, are not sufficiently detailed to draw the conclusion that OS X is at fault. The observation is that browsers with Mac OS X in the User-Agent string are more commonly using 6to4 addresses. The faulty assumption is that Mac OS X prefers 6to4 addresses to RFC1918 addresses.

    The reality is that getaddrinfo() on several platforms prefers IPv6 addresses over IPv4, if the host OS has an active IPv6 service. This is not unique to OS X, nor is it a bug.

    The interesting part is that the only CPE devices which support IPv6 are Apple Airports - the Extreme and Express models. They use 6to4 if there is no native IPv6 address provided. No ADSL modems available to consumers support IPv6 out of the box, ergo, almost every Airport user has 6to4 enabled. If one assumes that most Airport users are also Mac users, then the observation that excluding Mac OS X User-Agents from the result set also excludes the bulk of IPv6 users is not surprising.

    If Apple has an issue, it's that they enable 6to4 by default on a consumer device, when 6to4 is a known-bad mechanism that should be avoided.

    If one is running dual stack services, one should be aware of the most common pitfalls: see http://www.potaroo.net/ispcol/2010-05/v6hints.html [potaroo.net] for details.

  • by Savage-Rabbit (308260) on Tuesday May 04, 2010 @09:51PM (#32093330)

    How is their a difference? if Mac did not properly support IPv6 then it is their problem.

    I'm not sure quite what he meant by "properly supported in the wild" but it sounded like he was trying to point out that sometimes you do get bugs because you implement things correctly but somebody else screwed up their implementation. A while back I had a problem connecting Linux and OS X based VPN daemons to some Microsoft VPN servers. At first it seemed obvious that this was Apple screwing up. After some considerable wiresharking and digging in Apple's source code [apple.com] I found out that Microsoft's VPN server sends malformed protocol messages which the Linux/OS X based counterparts try to parse according to the letter of the specification and exit with an error when they run into problems. Not that I'm trying to absolve Apple of all blame they can fuck up like everybody else and do so regularly, however that doesn't change the fact that it's entirely possible to render your software unusable by implementing it according to specifications. In a situation like that you can either change your software to take the buggy implementation by <insert name of manufacturer> into account or stick to your guns and piss off your users.

  • Real problem (Score:3, Insightful)

    by countach (534280) on Tuesday May 04, 2010 @10:18PM (#32093490)

    The real problem here is not some obscure technical problem on the Mac, but rather that it took someone obscure in Norway to go look and see if IPV6 works. How this IPV6 cutover is going to proceed with the current level of interest, I don't know.

  • Re:Troll? (Score:4, Insightful)

    by Amarantine (1100187) on Wednesday May 05, 2010 @06:50AM (#32096008)
    Yes, but they were only funny the first 500 times. Really, these kind of jokes pop up at the top of *every* article that has even remotely to do with Apple.

"Go to Heaven for the climate, Hell for the company." -- Mark Twain

Working...