I use IPv6 all the time. I do have sendmail gateways configured to
use it, DNS, etc. I haven't yet though disposed of my IPv4 stack. Someday...
What I had in mind was that enabling automatic loading of IPv6 by default in 2.6 kernels, before some other things were sorted out, probably wasn't the best possible idea. And I don't see Linux distributins catching up with this change either. For example, you select that you want firewall during installation, and guess what, you get only IPv4 firewall, but IPv6 is left wide open. Not only that, ip6tables are *not* installed by default (like iptables).
Don't get me wrong. I don't have anything against IPv6. It is simply that IPv6 firewalling in Linux is still lacking many important features from IPv4 version of Netfilter (connection tracking being one of the major). This puts IPv6 on Linux slightly bellow my comfort level for machine connected directly to the Internet. And having IPv6 on local network only, doesn't make much sense (except for learning purpuses).
I've read somewhere that connection tracking was ported to IPv6, but kernel patch was refused because (surprise) it was mostly duplication of existing IPv4 code. Apperently it was decided that both IPv4 and IPv6 connection tracking should be handled by one module, and work is being done into that direction. I hope that one day we'll also see ip6tables merged into iptables, so that all firewalling can be done from one place. I don't see any benefits of having them separated (other than having me maintain two distinct firewall configurations).
For having only IPv6 stack, and getting rid of IPv4 stack. Well, people been telling me that IPv4 is dead since mid 90s, and that IPv6 is bright future just around the corner. Everybody will be using IPv6 before Christmass, and IPv4 will be dead and gone. I'd give it at least 10 more years.
I agree that IPv6 is bright future, but it still isn't "just around the corner". Major ISPs are nowhere near to support it, and for majority of people that want to taste IPv6, the only option is handfull of experimental free tunneling providers (not something you would call "production ready"). Furthermore, DNS standards are still not widely implemented, most of the Internet is still using depracated AAAA and ip6.int, instead of preffered (and much more usable and appropriate for IPv6 networks) A6, DNAME, and ip6.arpa.
-- Aleksandar Milivojevic <amilivojevic@xxxxxx> Pollard Banknote Limited Systems Administrator 1499 Buffalo Place Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7
