Men, women, and technology

I risk being sexist here, but tell me if I am wrong...

My [step] daughter got FTTC (Fibre to the Cabinet, really fast internet link) today in her new house.

BT engineer this morning, fits it all.

She has a FireBrick FB2700 pre-configured and labeled up ready...

She lets BT man finish, and, err, goes to work. Will plug it all in later when she gets home.


No man would have failed to plug in their new toy the millisecond the BT man finishes, and probably has it plugged in and waiting before he has finished...

Am I wrong?

So, the old Internet gets another day!

I thought it would be today, though, to be fair, they did say 31st or 1st. I expect tomorrow now. They can't really put me on standby to talk to journalists and then mess me about. At the end of the day, right now, anything I say is as speculative as anyone else, hence posting it now. Not like there was an NDA or anything so formal.

Though, please, next person to say "ooh, look, less than 10 million IPs in IANA" needs shooting. The countdown is a made-up clock. It goes from 117,440,512 to 0 in an instant, and any number not a multiple of 16,777,216 is clearly made up, at least for now while it is just /8 blocks. The issue is the day it goes from 117,440,512 to 0 could have been any day from start of last December.

So, lets see - I suspect the "end of the Internet" is tomorrow...

The news that IPv4 is finally running out is not the end of the world - it simply marks a key milestone that will finally make people more aware of the issues. IPv6 has been around since 1995 and any modern computers simply work with IPv6 and IPv4. You don't have to switch over or take yourself off the internet to make use of IPv6, in spite of what some bad reporting in the press has said (yes, I mean you, fox news and news.com.au).

A home user with one of these new IPv6 routers will be able to access all of the internet, making use of IPv6 or IPv4 as needed and doing so behind the scenes with no fuss or complication.

Consumer broadband IPv6 routers

We are finally seeing some consumer broadband IPv6 routers, at last, so worth explaining where it is at...

Consumer routers are the last bit in the jigsaw puzzle that is IPv6 deployment. The consumer kit (PC, phones, iPad, etc) does IPv6. The core networks do it. ISPs can do it reasonably easily. What is missing is the bit in the middle. The bit on the end of that phone line.

We have been nagging manufacturers for years, and finally some progress...

1. CISCO: There are (expensive) CISCO DSL routers. Have been around for years. Pricey but generally work. One or two quirks still. Not in consumer market really.

2. Broadcom chipset - Comtrend. Nice small router with 4 port switch, WiFi, 3G dongle host USB port, sensibly priced but not quite entry level.

3. Same chipset we think - Billion. Chunky, 4 port switch, separate Ethernet WAN as well, Wifi. Bit pricey.

4. Zyxel - not yet, but expect single port as well as a 4 port with wifi soon. Will have to be competitive pricing. Maybe this will be the entry level box we are after. We'll see

5. PPPoe Modem(s) and FB2700. Obviously very nice, but not consumer market either.

What we need is a router that is cheap enough for consumer market, and ideally cheap enough to be the give away router with new service, but does IPv6. It is also crucial the IPv6 has a basic stateful firewall - i.e. "at least as good as the one you get as a side effect of NAT on IPv4" by default.

The new broadcom chipset boxes look quite sensible. They are not quite there yet, but damn close. We have things like "edit the config and it turns off IPv6", and "no IPv6 option on PPPoA", and "only works with a /48", but apart from quirks like this which they should fix, they do work!!! Notably they do:-
  • Autoconfig IPv6 prefix from ISP (not DNS) using DHCPv6 (yuck)
  • Router announce the prefix on the LAN
  • Firewall incoming IPv6 sessions (by default)
  • Allow firewall config (reasonably simply)
  • NAT and non-NAT IPv4 also with firewall
  • Seemingly decent DSL modem including annex M
So sounds like these will be what we get for now, assuming they can fix a few quirks.

Zyxel were also interesting. For a start, thanks to them for coming to a meeting with us, and we hope our feedback gets to the right people. They are a tad behind, but are doing their own thing not just re-using the same broadcom chipset.

They did seem a tad surprised we were saying "dual stack" not "IPv6 only". We explained this to them.

At one point they nearly uttered "IPv6" and "NAT" in the same sentence and the 2x4 was on standby. That was explained very forcefully.

We also explained a few details, like usable PPPoA/PPPoE relay to PPPoE on LAN, and baby jumbo for full 1500 MTU PPPoE, and things like DNS on DHCPv6 and on router announcements too. I think they took it all in.

So, watch this space on zyxel...

When IPv6 routing breaks...

Well, I have had an interesting experience today because some things I wanted to get to were on IPv6 that had broken routing. As it happens some google IPv6 blocks are borked, though nearly all sorted now (not sure of cause yet, pretty sure them not us though). But one web site linked to google translate and stalled, and my blog is on google and not been accessable all day. Some stuff was not working well for me.

Sadly the outage was a black hole, so some browsers stalled for a long time and some gave up. It is the worse case scenario. Yes, on one machine it eventually fell back to IPv4, and then it tried to load the style sheet or an image and again stalled for minutes. Not good.

What is interesting is that this is the first time I have really experienced this myself in a really long time, if ever - IPv6 has "just worked" for us for so long. I know it is an issue on some broken installations and have seen customers with it, but not suffered personally. It is ironic that google are so careful and cautious about IPv6 deployment, but even though we route via two direct links and two transit links, none were working. We even shut down links one by one to try and find a fix.

Now, it will be fixed, and TBH, if I could have been arsed, I could have forced IPv4 handling of the pages that I needed.

What worries me is how people react to something like this. Personally, I understand "shit happens" and I have seen enough broken routing with recent LINX issues to know how things can break and how a lot of people work hard to fix them when they do (sometimes I am one of them!).

So it is not a special case for IPv6. But people will see IPv6 broken, would have been fine on IPv4, and think bad things about IPv6. People need to realise IPv4 can (and does) also break!

In this case the fact I had IPv4 means I could access information even when there was a problem. I had an alternative means. And to be quite frank I have managed to get in this situation the other way around on several occasions (almost always my own doing) where IPv4 was borked but IPv6 worked and rescued the situation. I had a customer to the same recently with some badly formatted fire-walling rules. It is the choice of networks that provides an extra level of fall-back, and that is good!

So yes, you can see something like this and blame IPv6, but that really is not the right thing to do. Blame Sod's law, not IPv6.


It will get more fun!

Classic one this morning - someone calling saying "That IP block is not working, it is going to Düsseldorf"

Well, I trace and it works, and I trace from London and it works, and I am told "no, it is definitely going to Düsseldorf"..

I even ssh to his box and trace and it is fine.

Finally we do a screen and I do a trace, and he is "but that is different to when I do it"...

So final step - get him to do the trace while I watch on his box using screen...

And yep, his trace goes via Düsseldorf, and does not get to where it should.

Fortunately one of us is on the ball and I carefully explain that a legacy IP address starting 91.155... is not the same as a legacy IP address starting 90.155...

Imagine how fun this will be when someone is typing in a long string of hex.

I am so glad we are all working on auto-config and the like so nobody has to see IP addresses any more. It will mean the new Internet will be simpler than the old.


DHCPv6 and CISCO 877W

OK, lots of attempts got nowhere with this.

Finally, turning off fire-walls on the router, again, and it works.

This just highlights yet another reason DHCPv6 is wrong!
PPP is not subject to firewall rules!

We also have highlighted in the testing that DHCPv6 does prefix delegation with timings and not attached to the life of the PPP session (or at least till the next session starts). Another brokenness with using DHCPv6 rather than PPP IPV6CP...

P.S. Interesting - someone else using DHCPv6 (on linux) also hitting fire-walling rules meaning it did not work... Fundamental flaw here I think.

P.P.S Apparently DHCPv6 is not enough for the 877W - it does not set the gateway. It looks scarily like we may have to do RA as well. We'll test. Thankfully the consumer routers we have been looking at don't seem to need that. Extra mad.

Another 20% off == VAT back

This time it is Burtons!

Hmm, test or survey?


Interesting. And fun. And easy.

Some questions did not really allow the right answer. e.g. "Do you intend to make your network IPv6 ready before IPv4 exhaustion" - well, no, as I did that years ago. They should really avoid questions that make presumptions or allow that as an answer.

What is a tad odd is that it is in part a survey not a test, and that is not clear when you start. I can understand doing a survey. But I think it should be clearer.

I may do our own tests and certs. I am sure we can ask trickier ones :-)

I got to Sage and it seemed to have no more questions...

No sign of tests on "how to do an IPv6 traceroute" for example, which they list on the main page...


The end is nigh!

Can everyone please start referring to IPv4 as the "old Internet"...

Let's all stubbornly assume "IP" and "Internet" is IPv6 unless qualified as IPv4 or "old" Internet, and so confuse the hell out of people until they get clue.

After all, IPv6 is the current version of the IP protocol, and IPv4 is the OLD version.

Someone asks your IP address, automatically and immediately quote "two double owe one colon ..."

The end is nigh - though annoyingly I am not supposed to say when, but very very nigh indeed now, believe me. I said to someone leaving the office on holiday for a long weekend yesterday "don't come back until the [old] Internet runs out"... that "Nigh".

And yes, it is the beginning of the end but it marks one hell of a milestone. IANA running out is big. It is down hill for the old Internet now. Things getting worse and worse. CGNAT, SRV for http? all sorts... [deity] knows what!

One message to the hard of thinking: This is not a format race. It is not Blu-ray vs HD DVD or (for the older of us) Betamax vs VHS. It is not about IPv6 being a success, or better than IPv4, whatever that means.  It is about the fact we are moving on. IPv4 is over. It has run out. IPv6 is here, and the addressing plan means it is here to stay. Do not put your head in the sand, please...

So "Internet" means IPv6
"IP" means IPv6
"IP address" means 2001:.... (whatever)

Have fun.

Stupidity from Nokia this time...

Trying to sort the data SIMs and work through some of the remaining niggles. We are making some progress (we have 1500 byte MTU now). Some things are taking longer (IPv6 for a start :-( )

One thing we want to have the option to do is handle the username and password from the phone itself (or iPad or whatever). This is especially important if passing the connection to one of our customers (e.g. corporate network) as it lets them validate the user, not only by the SIM, but by other details. They could even use those clever HOTP keyrings which would be cool.

Sadly it seems that the mobile network want to send the mobile number as the username and password as the password regardless.

However, light at the end of the [L2TP] tunnel as we can tell them to not override the credentials from the phone (in a platform RADIUS response).


Except, if we do that they will reject any connection that is using the password of password. WTF? This is, it seems, quite common for phones to send when not set up with a username and password (which is, itself, quite common). Some makes of phone simply do not work.

So we can either not get any end user credentials.

Or we can get them, but not get any connections for some makes of phone unless a username and password is set up. And if an end user happens to pick password as the password it will also not work and we won't know why! That will be great for tech support...

What kind of numpty devised such a broken system?
Would never have happened if I still worked there...


Tesco falling for basic maths error

TV advert:-
"20% deducted at the till - equivalent to the VAT"

So annoying people have no bloody clue on the most basic of maths.

OK, a note for the hard of thinking, and I really should not have to do this.
  • Imagine something is priced at £1.00, plus 20% VAT
  • That makes it £1.20 in the shops, at the till. The price you normally pay is £1.20
  • Of that £1.20, the VAT element is clearly 20p
  • Now, take 20% off the £1.20 at the till. 20% of £1.20 is 24p.
  • That means you are paying 96p at the till, not £1.00
  • Not equivalent to the VAT at all, in fact a better deal

OMG! The drivel starts!



"That distribution system is coming to a close"
What? no? IPv4 is not closing. The distribution system is fine. It is the allocation system that is running out.

"Every internet connected computer, smartphone, car, gadget and gizmo is assigned a four-digit IP address which allows it to communicate with the net..."
Err, no. It is IPv4 because it is version 4, not because it uses 4 digits. It uses 32 bits, which in decimal notation might be 12 digits with some dots. Not 4 digits!

"Web developers have tried to compensate for this problem by creating IPv6 - a system which recognises six-digit IP addresses."
OMG! It is "Web developers" that have created IPv6 is it, wow... And six digit IP addresses? WTF?!?!?

“But IPv6 is not backwards compatible. If I changed my mobile phone to run IPv6 rather than IPv4, then all of a sudden I wouldn’t be able to see the IPv4 network – none of it. Nobody. Nothing. We’re not going to do that."
Err, WTF would you stop using IPv4. Look, idiot, your mobile almost certainly does IPv6 already. Mine does on the WiFi and will on the mobile network just as soon as the network gets its act together. You don't turn off IPv4!!!

"Though web developers and ISPS have known about this problem for years there aren’t presently any acceptable solutions."
Err, so what's IPv6 then? Seems like a perfectly acceptable solution to me.

"Time is running out, and developers are no closer to fixing the problem, things are looking grim."
Err, it was fixed back in 1995.

“The issue now is if IPv6 isn’t a workable solution and v4 has run out, you’re stuck between a rock and a hard place.”
Err, works for me!

"A short-term solution may be for ISPs may be able to sell IP addresses that connect through what’s known as “Network Address Translation” – which allows more than one user to connect to a public IP address. But like trying to use a mobile phone on New Year’s Eve this presents its own problems - because it slows down the connection speed, or could potentially make it unusable."
OK, now I am lost. Sell IPs that connect through NAT? And why does NAT slow things down? I suppose maybe if CGNAT boxes are over loaded, but NAT does not solve the other end - more web sites and so on not having IPv4 addresses.

With this level of technical journalism is there any hope that anyone will get the right message?

P.S. news.com.au article has been updated to remove a couple of the stupid comments following my blog post. The fox news one still has them.

DHCPv6 working!!!!


OK, it seems this stupid router does not like being delegated a /64, even though it only has one interface. It wants bigger. It does not ask for bigger though.

Sending it a /48 and it accepts it!

It even delegates a /64 to the LAN via RADV.




Well, I thought I'll sort a simple DHCPv6 on the LAN side first for testing. Not too hard. Apart from some power glitch at office meant I could not get started for a few hours...

Yeh, right...

I can't see how to send a gateway or even prefix length, so looks like devices have to have router announcement handling and DHCPv6 to work. So why would you have DHCPv6 in the first place. OK never mind.

Finally got it answering on the LAN and go for PPP side.

Of course the DHCPv6 is different coding for the two, and the PPP side is bypassing all the normal routing. Great, except it means doing the wrong things on the wrong processor. Eventually got it sending the IPv6 PPP DHCPv6 replies...

Now to see what the router makes of what I sent :-)


DHCPv6 over PPP

Why why why why why????

OK, making progress on this - apart from working with some guy in China to try and beat up the WG on this and get PPP parameters anyway, I am trying to sort the coding for DHCPv6 on our LNS.

For a start it is a new protocol I did not have, which is a pain. PPP would have been easy. I have decided not to go down the DHCPv6 relay route as it is as complex to do, and adds a dependency on another box, plus delays things. We have enough data from RADIUS to reply directly. Of course we don't see DHCPv6 until PPP is complete and all that information has been thrown away, but I am sure I can cope somehow.

For a start I have had to bodge it around the source filters on the PPP side because it would not allow traffic from an FE80:: link local for good reason. Done that!

Then I had to get rid of sanity checks that confirmed DHCP was from an Ethernet interface as well as somehow pass the PPP endpoint details via the UDP stack to the DHCPv6 handler. Something one should not have to do between protocol layers. Done that!

I finally have the DHCPv6 server seeing the packet and with enough information to proceed.

Next step is it talking to the L2TP system (another bodge) to get the data needed to reply, and then to send the reply to L2TP (as normal routing will not work as it is link local IP). That is tomorrow's job.

Then we have to do all the same bodges in reverse for the CPE end on the FB2700 I expect.


However, good news is we have two DSL routers on the bench that are trying DHCPv6 on the WAN PPP. They don't seem to DHCPv6 or SLAAC on the LAN when statically configured, which is probably a bug, so fingers crossed that once we have the WAN side sorted they will.


Tricky parenting questions...

OK, so my 15 year old daughter just asked me a tricky question...

None of those easy parenting questions like "where to babies come from, Daddy?"*, it was "how can the Internet run out, Daddy?"

Fortunately I have spent all morning making slides to explain all of this to Reading University, and given that it is pitched at the level of university students, I gave her the talk.

I think she got the gist of it quite well :-)

[*OK I know, bad example for a 15 year old]


IPv6 Expert?

OK but this is silly.

I am now doing talks on IPv6 ...

Jan: UKNOF talk (was today)
Feb: talk to Reading Uni
Feb: talk to LINX
Mar: talk to UKUUG
Mar: talk at Tref's (end of IPv4) event
May: talk at BT

Plus interviews on the day IANA allocate the last block but not allowed to say what day that will be :-)

Anyone else want me to do talks - I am asking for expenses now - just so you know. And that is 1st class train not standard as I have to work on the way and want power and coffee, and premium inn (or better) not travelodge (well, obviously!).

I need to find a diary app for this blog :-)


Busy Week

Well, tomorrow I am at the [our favourite telco] ISP forum all day, so will be on irc if anyone wants me to ask even more awkward (is that orcward now?) questions...

But will be in London for 3 days with that and UKNOF, so should be fun.

Call recording

I should have studied law. Maybe I'll take a course.

Anyway, was reading RIPA, as you do. We were trying to find the bit that allows call recording for personal use and failed, but did find a fun bit...

RIPA 3(3) says that intercept/recording is lawful if it is conducted by someone who provides the telecommunications service for purposes connected with the provision of that service.

A&A offer a recorded call service. That would suggest that A&A (the provider of telcoms) can record the call as part of the service and that is lawful intercept. As such needs no warrant and no warnings or notices or anything?

Did I miss anything?

Open letter to Three

Well, lets see what they say...

[and now we spot the typo! too late]



Well, we have been doing IPv6 for over 8 years now, but the configuration on the customer equipment has always been static (manually set up). Given that the customers using IPv6 were pretty geeky and were using cisco routers or pppd on linux, it was not unreasonable.

However, we now need cheap consumer routers that just work without any complex setup. The last thing we need is people having to type in IPv6 addresses in to anything!

Well, this is where we are. We have router manufacturers starting to make routers and asking us for what we need. We make an LNS (FB6000) for the ISP end and PPPoE router (FB2700) for end user end. At the moment we are like everyone else, expecting a static config on the FB2700, though we do make it a lot easier than most :-).

The trick is a way to tell the router a few key details :-
  • Router link IPv6 address so it can talk to the internet (i.e. a proper IPv6) for things like setting clock, updating s/w, etc. This could use the LAN address though.
  • IPv6 DNS server addresses so not having to rely on IPv4
  • Prefix to announce on the LAN so equipment connected knows DNS and router and IPs
There is scope for much more, like ntp servers, and so on, these can all be sorted by names using DNS and the common case needs just the above. It allows machines on a LAN to know what IP they have, where the router is and what DNS to use.

This is basically the information that was supplied using PPP for IPv4. On the LAN DHCP was typically used, and a prefix was not delegated but NAT used (ug!). So the obvious choice is to use PPP to provide these IPv6 details. IP6CP is already a PPP protocol and already used to define one parameter (interface 64 bit address). It could easily have more parameters.

However, there seems to be some suggestion of using DHCPv6 for this. I am at a loss why. Some suggestions of avoiding more than one protocol, but it is a pain for router manufacturers and LNS manufacturers to use so who is behind this?
  • LNS already has IPv6 details by RADIUS as it needs these for routing and source filtering
  • LNS already has PPP and knows how to handle and route PPP
  • LNS already has IP6CP to negotiate interface address
  • Adding extra IP6CP parameters is an easy change at LNS or router
  • DHCPv6 means LNS has to accept FE80:: link local that it would normally drop/filter
  • DHCPv6 on LNS has to pass these to IP/UDP layer but has to include interface details to identify source (not normally needed at UDP layer)
  • DHCPv6 on LNS has to be able to reply to specific PPP link (not usually needed for UDP)
  • DHCPv6 on LNS either needs this totally new DHCPv6 protocol, or, just as complex, a DHCPv6 relay
  • DHCPv6 relay means DHCPv6 server needs IP allocation details as well as RADIUS does and they need to be in sync
  • Router already has PPP and IP6CP and adding more parameters is easy
  • DHCPv6 on router would need whole new DHCPv6 protocol adding
I really cannot see why anyone actually coding either end of this link would think DHCPv6 was a good idea or that IP6CP was a bad idea.

Anyone know CISCOs view on this? What will be in their LNSs?

Update: Thanks to Simon for tracking this down. Seems I am not alone...
These proposals cover the problem quite well and make specific proposals.

The demise of shops?

I was pondering, especially with the fiasco with the Three store and the police earlier, how do high street shops expect to survive...

Some shops really seem to have no clue what their unique selling points are. To me they are:-
  1. You can see a choice of things to buy, and actually see they are real, touch them, try them out (try them on if clothes), discuss them with the shop keeper, etc.
  2. You can walk away with the item if you decide to buy it
  3. You can deal with problems later face to face
There are some shops with such little clue - I have been to shops that don't have what I want but will be able to order it in. This misses the point - I can order in almost anything on the internet for next day delivery and have the distance selling directive on my side. Why would I have a shop get it in and then have to go to the shop to get it?

Some have no clue what they are selling, and a web site can carry way more detail.

Ultimately the thing shops have to appeal to is impulse buying - people seeing something and wanting one. Actually seeing the thing there and then is a huge help psychologically and is way better than a picture on a web site. Having it in stock to take away is also a huge help.

I remember the days of real shops. You had shop-keepers not sales-men and they knew what they were selling and could tell you about it and help you choose a product. Then they had stock, took cash without wanting to know your date of birth and favourite colour, and made buying things much more useful and fun. Well, nostalgia isn't what it used to be...

I've been thinking that getting phones on-line already gives more choice. Now it seems that things like resolving problems is better on-line too.

Three shop and SoGA

Intesting conversation in the three shop in Bracknell.

They seem to think unlocking a phone invalidates the warranty. Ha. It was not unlocked though...

However, what is more fun is that it is a phone, under 6 months old, with a charging fault, and they are refusing to replace it.

We had this with carphone warehouse, and sued them.
Seems we'll have to do the same with the three store.

I get sick of this.

Ha, we were discussing this loudly outside their store, and posting on irc, twitter, blog, facebook, and so on, and they only called the police. Thankfully the police were not interested.

Daft thing is, since our SIMs working 3 PAYG phones we have spent thousands in that very shop. Why create such bad publicity?

Orange still breaking the law!

Back in 1999 when the The Telecommunications (Data Protection and Privacy) Regulations 1999 (No. 2093) came in to force we had a long chat with Orange, OFTEL/OFCOM and the ICO about Orange not providing anonymous call rejection on their mobile services. Indeed no mobile providers offering it.

The whole thing went on for a long time with excuse after excuse. We were told you can "Just press the red button". We were told orange could not tell the number was withheld (wrong!). We were told that as ACR was not part of an ETSI spec they could not do it (even though they did other things with incoming calls that were not part of an ETSI spec). We were eventually told that even though the ICO agreed they were in breach of the law and that we could ask the ICO to take enforcement action, the ICO would do nothing (they claimed they did not have to even though the act says they shall take enforcement measures).

The key phrase from 12(3) of that Act, and now 11(3) of The Privacy and Electronic Communications (EC Directive) Regulations 2003 (No. 2426) is:-

"Where a facility enabling the presentation of calling line identification prior to the call being established is available, the provider of a public electronic communications service shall provide the called subscriber with a simple means of rejecting incoming calls where the presentation of the calling line identification has been prevented by the calling user or subscriber."

The wording has only subtly changed in the new legislation. The key thing is that the called subscriber has the means to reject the call, not the called user. This means if I pay the bill, I have means to reject such calls even when the phone is in someone else's hands. That can only really be done with a anonymous call rejection service that I can turn on. Pressing the red button only works for the phone user.

Apparently, as a friend of mine has just been told by Orange, they still do not offer ACR.

So, I wonder if the ICO want to take action yet.

What is interesting is the law allows for a civil case of an affected party to claim damages resulting from this failure. It is hard to see how you would have costs and I bet no claim has been made. But it does raise an interesting issue. A&A do offer a mobile service with ACR but on geographic numbers and with charges for incoming calls. Someone could move to A&A because Orange do not do ACR and then sue for the additional charges they have. What fun. I may suggest my friend does this!

AFAIK it is not just Orange that are still in breach of this law, and I am basing this article on what Orange told an Orange customer (a friend of mine). If I am wrong and Orange do offer ACR I will be more than happy to publish that fact and an apology. Either way I'd love to hear from Orange about when they will comply with a law from last millennium...


And so it begins...

Well, we have clearly made an impression.

I think we now have around 3 different DSL router manufacturers finally getting some clue and ask *us* to test their latest IPv6 offerings.

Most seem to be going for new kit to do it, and typically starting with the more up-market WiFi models rather than entry level single port Ethernet models.

My staff have a directive to test everything they can - we are after a cheap, (give-away price), single port DSL router with a good DSL level chipset that will do IPv6 native over PPP (as well as IPv4 non-NAT and NAT) and offer sensible fire-walling options to the end user.

We are also after really cheap modems that will with PPPoA/PPPoE bridge or PPPoE/PPPoE bridge with 1508 byte frames (1500 IP over PPP) and just work, including annex M ADSL2+.

We are happy to look at changes on the LNS end to work with such kit, but to be honest DHCPv6 looks so much the wrong protocol for the job I am tempted to try and write an RFC on this. It should be PPP for prefix delegation, IMHO.

World IPv6 day!

OK, great, lets have something newsworthy about IPv6....

But then I read what is happening, and well, WTF?

It seems several major internet services (Google, Facebook, Yahoo!, Akamai and Limelight Networks) will be turning on IPv6 access for 24 hours. Other organisations are encouraged to do the same.

So lets get this straight...
  • Deliberately do not set up IPv6 access now, wait until 8th June 2011
  • Deliberately turn *OFF* IPv6 access on 9th June 2011
Maybe I am being thick here, but IPv6 has been around since the last millennium. Our web site has been on IPv6 for over 8 years and we have had pretty much all services we offer on IPv6 for almost that long. In fact, over 3,000 web sites that we run for customers have had IPv6 for as long.

So what it will mean as an ISP? Well, Google for example is already IPv6 for all of their services for our customers because of their ISP specific DNS, so no change there on world IPv6 day. In fact, for us, the whole thing will be a non event. We could not "participate" if we wanted to, as we did this last decade.

So, 10/10 for publicity stunt, but why are people not simply turning on IPv6 now, or 10 years ago? Why wait until 8th June, and why turn it off again on the 9th?

One nice thing is a test site for IPv6 access.


How much?!?

OK, getting a duff telecoms bill is not new, and not so bad when you have a £100 mobile bill or something.

Today I had a heart racing moment when I saw one of our many monthly BT bills was £34,000 more than usual. OK not a huge percentage, but scary.

Ran it through our checking tool that checks each line item looks correct, and it was happy - so even more fucking scary. The prospect that it could be right is not impossible if they had found something not correctly billed for a few years and caught up or something, or some charge I had missed in a briefing last month. At the end of the day, that comes out of my pocket FFS.

Thankfully, after spending some time trawling through it, I confirmed they had in fact screwed up and it was not in fact correct. They double billed thousands of lines for the same time period. The fact that the bill was 200 pages more than usual was a clue, but I had to be sure.

How does anyone manage to make mistakes like that and hope they are not noticed?!


Busy day

Well, some bug hunting as is always fun on a Saturday. Tracked a silly problem on the new DNS caching forwarder code. Thanks to carl for testing. New Fb code released, and looking pretty good.

LINX being ill again, but hopefully that will be sorted soon.

And I have talks coming up, at least 2 over the next 6 weeks and maybe 3.
Seems I am the person to ask for a talk on IPv6...

Maybe BT on 18th Jan, UKNOF on 20th Jan, and Reading Uni on 24th Feb. So been busy making slides up today...

I'll have to start charging at this rate :-)



Well, I clearly have a reputation for being a pedant, somehow. And so people keep asking for advice on VAT!

So if you are charging for services for January - what VAT rate do you charge?

The rules are in the VAT Act, and have not changed. They are the same any time the VAT rate changes.

It is suppliers choice, not customers. You can either charge based on the "actual" tax point or the effective tax point (e.g. invoice date). So one of these :-

1. Invoice date before 4th Jan, charge VAT on everything at 17.5%
2. Invoice date on or after 4th Jan, charge VAT on everything at 20.0%
3. Split VAT charges so services pre 4th are at 17.5% and those on/after 4th are at 20.0%

What you can't do :-

1. Invoice before 4th Jan, charging VAT at 20% for services before 4th.
2. Invoice on/after 4th Jan, charging VAT at 17.5% for services on/after 4th


(well, almost, special case: if invoice to a connected party (e.g. director or director's wife) who cannot reclaim VAT, charged at 17.5% for any service on/after 4th Jan, then you have to invoice an extra 2.5% VAT. Finance Act (No.2) 2010.)

Orc problems

Well, I never thought I would even have problems with an Orc, let alone problems with two of them.

The Orc in the office (and original Blizzard shop display type model) has a problem with the metal post that holds him up - it has snapped off! Hopefully a trip to a welder will solve the problem and he can stop leading suspiciously against the wall.

The other Orc with a problem is our BT CRM (who is a female Orc on WoW)... He has moved on to another part of BT. Shame as he was actually someone that cared. That will not be quite so easy to fix...


Up to half price

OK, I have seen adverts for sales that say "Up to half price" and I am not actually sure what they mean!

If they said "up to one third of the price" I would know they mean the price is at most one third of the normal price, i.e. at least two thirds off the normal price.

If they said "up to half off the price" or "up to 50% off [the price]" I would know they mean the price is at least half the normal price, i.e. some price the same as or more than half the normal price. Of course "up to anything off" could in fact be full normal price! Isn't "up to" a lovely phrase...

But what to they mean "up to half price"?

The examples they list on the advert are mostly just under half price, e.g. £299.99 instead of £599.99, so fit perfectly with "up to" meaning "less than or the same as" half the normal price.

But then one is £299.99 instead of £329.99, i.e. nearly 91% of the normal price. Well above half price.

So they have examples that are below half price and above half price. So whatever you think "up to half price" means, they are not actually doing what they say. Trading standards should stop this nonsense.

P.S. The example I am looking at is an Argos advert in a newspaper.




We finally have confirmation that the FireBrick FB2700 works with BT FTTC lines and can provide full 1500 byte MTU IPv4 and IPv6 native using PPPoE to the BT VDSL modem.

Well done team.
(yes, that is 3 of us working on this on new year's day at 10pm, we are totally mad)

We'll release new code tomorrow which makes this all automatic when an FTTC or FTTP line is detected, so making the config really simple.

[yes, going for most relevant acronyms in a blog post title of 2011 award]


Well, it's a new year, and what have we to look forward to?

To be honest I am quite optimistic. We have had a couple of years of things being hard work lately, but 2011 is looking good.

I suppose for me, for work, the biggest thing is the FireBricks. They have taken a year or two longer than any of us thought to get to this stage, and probably cost half a million so far, but finally they are working and people are buying them. Indeed we have to organise a launch party now! I think it is quite something for a small UK company (well, two small UK companies working together) to actually design and make a proper electronic high tech product that we can be proud of, from scratch.

We still have all the challenges with working with our favorite telco, but that has improved a lot - at least in some attitudes, so should be easier from now (thanks Ian). We have the capacity now to expand the business without any major headaches, at least for this coming year.

I see IPv6 as a challenge - to actually get it in to people's homes and businesses. Technically simple, obviously, but challenging none the less. We have an opportunity to become experts in IPv6 (some say we are already), and the FireBrick helps with that.

Of course we all have to deal with the increasingly meddlesome nanny state causing havoc. Lets hope we can try and educate them, especially on how the internet actually works.

It will be interesting for the family too - kids getting older (as they do, every year!). Who knows, one or two of them may find their own places this year - that will be strange.

Time marches on...

ISO8601 is wasted

Why did we even bother? Why create ISO8601? A new API, new this year, as an industry standard, has JSON fields like this "nextAccessTim...