Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
The Internet

One Year After World IPv6 Launch — Are We There Yet? 246

Posted by samzenpus from the state-of-things dept.
darthcamaro writes "One year ago today was the the official 'Launch Day' of IPv6. The idea was that IPv6 would get turned on and stay on at major carriers and website. So where are we now? Only 1.27% of Google traffic comes from IPv6 and barely 12 percent of the Alexa Top 1000 sites are even accessible via IPv6. In general though, the Internet Society is pleased with the progress over the last year. '"The good news is that almost everywhere we look, IPv6 is increasing," Phil Roberts,technology program manager at the Internet Society said. "It seems to be me that it's now at the groundswell stage and it all looks like everything is up and to the right."'"
This discussion has been archived. No new comments can be posted.

One Year After World IPv6 Launch — Are We There Yet? More

One Year After World IPv6 Launch — Are We There Yet?

Comments Filter:

  • But its still difficult (Score:5, Informative)

    by Chrisq ( 894406 ) on Friday June 07, 2013 @08:05AM (#43934637)
    But its still difficult to get an ipv6 home connection in many areas. I can see that for years to come we will have an ipv6 backbone, ipv6 in amjor organisations but most people connected via NAT and an IPv4 isp
    • Haven't done any shopping lately, but do most people's home routers support IPV6? I'm pretty sure mine doesn't. I think this is part of the problem with ISPs rolling out IPV6. Many of the customers don't have the hardware at home to deal with it.

      • Many of the customers don't have the hardware at home to deal with it.

        It hardly matters. I signed up for the Comcast IPv6 trial years ago - downtown business-class connection - they're not even rolling it out in this area yet. There are a few tiny areas where you can get one on a residential service, but mostly no - most people only have access to IPV4. Until IPv6 is available from the prevalent carriers, I'm not going to worry too much about end-users not adopting.

        If the device manufacturers would just

    • But its still difficult to get an ipv6 home connection in many areas. I can see that for years to come we will have an ipv6 backbone, ipv6 in amjor organisations but most people connected via NAT and an IPv4 isp

      In the UK at least, it isn't difficult to get an IPv6 connection. However, you need to know you want one when you shop around, as the majority of ISPs still don't do it. If you're an "average user" and therefore know nothing of IPv6 or how the internet works, adoption is at rock bottom because:
      1. You need to be clued up enough to ask an ISP if they offer v6 (the "big 4" don't)
      2. You need to be clued up enough to know when the ISP is lieing
      3. You need to be clued up enough to buy an IPv6 capable router (mo

      • Where is the advantage to home users if they use IPv6? If you buy a router that is interoperable with IPv6, what difference does it make to you if the network provides a IPv4 or IPv6 connection to your local network?

        • All modern operating systems support IPv6, since it's a software issue rather than a hardware one. So everyone can already do IPv6 on their local network.

          What we're talking about here is IPv6 for the WAN interface on your router. Pretty much nobody should need IPv6 internally right now.

          • What we're talking about here is IPv6 for the WAN interface on your router. Pretty much nobody should need IPv6 internally right now.

            That doesn't really make sense. Unless you're going to do some horrendous ALG on the router, you are going to need IPv6 both internally and externally in order to talk to IPv6 services - running IPv6 on the router's WAN interface but only IPv4 internally isn't going to help you (also there's almost no reason not to run IPv6 internally anyway)

          • Re: (Score:2)

            by mellon ( 7048 )

            Actually, you are almost certainly using IPv6 internally whether your ISP provides IPv6 or not. Any Bonjour connections you are using, for example between your computer and printer, are done on IPv6.

        • Its marginal, to be sure, right now. There *can* be some websites that are IPv6 only that you won't be able to access if you only have ipv4. As far as I know there aren't any that are worth while visiting. Also, If large websites support IPv6 in addition to v4, if on eis down you should be able to access the other if they are on different servers. So you might have more uptime?

          There are other things that Ipv6 is good at that probably wouldn't matter to most home users. Like having mutliple machines externa

        • Where is the advantage to home users if they use IPv6?

          Well, this is the problem. For the majority of home users there is very little advantage _at the moment_, so even if they know enough to shop around for a v6 connection they probably won't bother. And the vast majority of users don't know the first thing about how the internet works, so wouldn't know to shop around for a v6 connection anyway.

          Its basically a chicken & egg problem: The people who are going to have problems with the IPv4 address shortage are the server operators, who would want to roll o

        • To home users, it provides a whole host of IP addresses that can be used to enhance their security. For instance, if someone sets up a DHCP to pool a certain set of addresses to his laptop, that would exceed anything that was available when IPv4 was not in such a shortage. For instance, one could set it up so that the laptop would pool 65,536 addresses within a certain range, while addresses outside that can be static for certain devices.

          To business users, plenty, since it blows up the number of routab

          • Re: (Score:2)

            by Bengie ( 1121981 )
            You're not supposed to subnet past the /64, so you'll still need more than a /64 to properly segment your LAN. While the number of routable IP addresses will increase, the number of routes will go down, which is all the router cares about.

    • Re: (Score:2)

      by AmiMoJo ( 196126 ) *

      I use a VPN service (Mullvad) to block spying (it's just too creepy) and censorship. Mullvad has some IPv6 support but it is still beta.

    • I changed ISP a couple of years ago because of that. Going IPv6 at home was not hard but needed some work and some duplication (firewall, DHCP range, ...). Hosted servers that I look after have had IPv6 addresses for several years.

    • Comment removed based on user account deletion

    • Also, it seems that the IPv4 address shortage has been put on the back burner. I don't feel like doing the research but somehow I feel its not as big of an issue as people thought it would be.

    • But its still difficult to get an ipv6 home connection in many areas. I can see that for years to come we will have an ipv6 backbone, ipv6 in amjor organisations but most people connected via NAT and an IPv4 isp

      In north america this is the major hurdle. There are too many people trying to push the problem down the road, to the point it will finally bite them or their customers. I work for a large US corporation and their answer is "yeah, yeah, whatever, too much work, too short sighted". What is often missed is not the the USA or Canada is running out addresses, but the rest of the world practically has and that we will end being cut off from new services, who can't new IPv4 addresses.

      If you want IPv6 today, then

  • What groundswell? (Score:5, Interesting)

    by Antique Geekmeister ( 740220 ) on Friday June 07, 2013 @08:22AM (#43934729)

    Not a single business partner, client, or home user that I've dealt with for the last 3 year has an active IPv6 DNS registration. _None_.

    The critical factor for IPv4 exhaustion was the lack of "/24" addres spaces for businesses and buildings. This has been impressively ameliorated by the use of NAT, which shares numerous intenral and protected IP addresses behind a single or pair of public addresses and should be the _default_ configuraiton in most businesses and organizaitons, simply to reduce the constant external vulnerability scanning of any host directly connected to the Internet.

    The growth of high capacity load balancers for web servers and other network services has also helped tremendously, allowing a wide set of behind the scenes hosts to be serviced by a single exposed device and reducing the IPv4 footprint of these services. Also, people have learned how to economize in the ir IPv4 use: They _do no tneed_ a different IP address for their email server, their FTP server, their web server, their phone server, their chat server, and their IRC server. The services are being easily funneled through a single exposed router or firewall, far more efficiently than before.

    The result has been that the great need for IPv6 simply has not yet occurred, and is unlikely to occur for another 10 years. The foundation of the need for IPv6 is basically that of ubiquitous comuputing: the idea that every single device scattered around the home or around the workplace will have its own IP address for remote communications, and they _should not have_ public IP addresses. Providing public, routable IP addresses puts them at risk of attack at all times: putting them in the unroutable, easily tracked and maintained IPv4 address space handles almost all internal network needs quie effectively and is a signigicant security advantage and eases scanning and tracking of local resources.

    • Re:What groundswell? (Score:5, Informative)

      by Alioth ( 221270 ) <no@spam> on Friday June 07, 2013 @08:37AM (#43934813) Journal

      That's tremendously short sighted. Should we wait until IPv4 exhaustion is actually causing us lots of problems, or should we get things ready in advance, and make an orderly transition and avoid the problems (arguably the problems started already with all the issues NAT brings when you want to actually establish end to end connections - especially when you discover the guys at the far end happened to use exactly the same RFC1918 netblocks as you did and now someone has to renumber their internal network. We avoided that one by the skin of our teeth - we have a Very Expensive Piece Of Machinery that gets remote support from Siemens who made it. The netblocks they use for their internal networks are the same as ours - it was just blind luck our network addressing didn't end up overlapping, and their network was an adjacent /24 of RFC1918 space to one of our internal networks!)

      • Re: (Score:2)

        by AmiMoJo ( 196126 ) *

        Should we wait until IPv4 exhaustion is actually causing us lots of problems, or should we get things ready in advance, and make an orderly transition and avoid the problems

        Yes, we should. Unfortunately I will have to pay a lot extra to get a broadband connection that supports IPv6 so I'm in no hurry.

    • Not a single business partner, client, or home user that I've dealt with for the last 3 year has an active IPv6 DNS registration. _None_.

      The critical factor for IPv4 exhaustion was the lack of "/24" addres spaces for businesses and buildings. This has been impressively ameliorated by the use of NAT, which shares numerous intenral and protected IP addresses behind a single or pair of public addresses and should be the _default_ configuraiton in most businesses and organizaitons, simply to reduce the constant external vulnerability scanning of any host directly connected to the Internet.

      The growth of high capacity load balancers for web servers and other network services has also helped tremendously, allowing a wide set of behind the scenes hosts to be serviced by a single exposed device and reducing the IPv4 footprint of these services. Also, people have learned how to economize in the ir IPv4 use: They _do no tneed_ a different IP address for their email server, their FTP server, their web server, their phone server, their chat server, and their IRC server. The services are being easily funneled through a single exposed router or firewall, far more efficiently than before.

      The result has been that the great need for IPv6 simply has not yet occurred, and is unlikely to occur for another 10 years. The foundation of the need for IPv6 is basically that of ubiquitous comuputing: the idea that every single device scattered around the home or around the workplace will have its own IP address for remote communications, and they _should not have_ public IP addresses. Providing public, routable IP addresses puts them at risk of attack at all times: putting them in the unroutable, easily tracked and maintained IPv4 address space handles almost all internal network needs quie effectively and is a signigicant security advantage and eases scanning and tracking of local resources.

      Um, yeah, creating a single bottleneck and point of attack to the internet seems like a great idea... It's not that your ideas don't have merit (although you do over state and misstate some of them) but that they only address the needs of a certain set of users. NAT is not an unmitigated good. NAT has significant shortcomings.

      • I wasn't going to get into this, but the single bottleneck is why you deploy them in high availability failover pairs, or multi-hosted sites for international high availability environments. IPv6 doesn't really help this problem in any way: you still need some kind of a router to protect your publicly exposed services, unless you're interested in maintaining local routers for _every single exposed environment_.

        The support benefits, and corporate political benefits, of having a chokepoint for all Internat se

    • Re:What groundswell? (Score:5, Interesting)

      by dbIII ( 701233 ) on Friday June 07, 2013 @08:56AM (#43934963)
      This myth again - you should know better. Nobody is suggesting removing the firewalls that can prevent the constant external vulnerability scanning of any host directly connected to the Internet. They can do it quite well without the utter pain in the neck that is NAT. Yes, NAT saves newbies arses, but so now does the default configuration of even cheap and nasty ADSL routers so taking it away probably will make zero difference.

      They _do no tneed_ a different IP address for their email server, their FTP server, their web server, their phone server, their chat server, and their IRC server.

      Are you seriously making such a suggestion in 2013 when we are knee deep in virtual machines or are you joking? It doesn't take much complexity before you end up wanting to have two separate things running the same service and then you've got to do some arcane mucking about with non-standard ports and port forwarding if you've only got one real IP address. You've also got to be sure that the ports you've chosen are not being blocked at the other end and that can very seriously limit your choices, to the point where people connecting through mobile/cell networks have to be allowed all the way in to an almost unprotected network by VPN since you have run out of ports the telco allows. In such a case NAT becomes the security risk instead of the security solution you are trying to convince the gullible it is.

      The services are being easily funneled through a single exposed router or firewall

      Nobody is suggesting changing that. You still get all that filtering only without the constriction of NAT.

      • > Yes, NAT saves newbies arses

        Yes, it really does. Many of the groups I work with are staffed by newbies, even in their IT departments. Maintaining Internet exposed firewalls is as fragile, and dangerous, as handling electrical power directly off the power grid before it's been stepped down to 120 Volt. Errors are very common, and profoundly dangerous. It should be avoided by anyone who doesn't absolutely need it

        > Are you seriously making such a suggestion in 2013 when we are knee deep in virtual mach

        • No, I'm suggesting that in 2013 we have load balancers and proxies that do an excellent job of distributing exposed services to arbitrary numbers of internal hosts. The hosts generally have no need, or excuse, to be exposed directly to the Internet. Therefore they do not need a routable IP address. There are a few services, such as SMTP, that deal well with multiple available public IP addresses. And there are some web services that deal very well with multi-homed IP addresses in multiple physical locations. Google is an excellent example of that.

          But that is precisely what IPv4 is running out of - having multiple available public IP addresses. Even for NAT, when they do Port Address Translation, they prefer to have more than 1 public address for the purpose, especially for load balancing. This is the very thing that IPv6 addresses so well that the need to have NAT disappears.

          Also, it is a good idea to have separate routable IP addresses for different virtual machines, as well as for imap servers, smtp servers, ftp servers, web servers, irc ser

    • This has been impressively ameliorated by the use of NAT, which shares numerous intenral and protected IP addresses behind a single or pair of public addresses and should be the _default_ configuraiton in most businesses and organizaitons, simply to reduce the constant external vulnerability scanning of any host directly connected to the Internet.

      A simple stateful firewall will mitegate the dangers of scanners just as well as a NAT. In fact, the extensive address-space in IPv6 actually makes scanning much less effective since the vast majority of the addresses a scanner is going to try aren't even in use.

      The growth of high capacity load balancers for web servers and other network services has also helped tremendously

      And the growth of virtualisation has done the exact opposite.

      The result has been that the great need for IPv6 simply has not yet occurred, and is unlikely to occur for another 10 years.

      The great need on the consumer end has indeed not yet occurred, and probably won't for some time. On the ISP side too, most of the ISPs still have plenty of IPv4 addresses to go around,

    • This has been impressively ameliorated by the use of NAT... The growth of high capacity load balancers for web servers and other network services has also helped tremendously... people have learned how to economize in the ir IPv4 use... The result has been that the great need for IPv6 simply has not yet occurred, and is unlikely to occur for another 10 years.

      I'm trying to think of a good analogy here. Maybe something like this: The holes in our boat has been impressively patched with paper, and the bucket brigade has helped tremendously by emptying the water out of the inside of our boat. Because of this, the sinking of our boat has simply not yet occurred, and is unlikely to occur for another 10 days.

      It's not a great analogy, but do you see what I'm saying here? You have a serious problem that could be catastrophic. So far, we've mitigated the problem and

    • Re: (Score:2, Flamebait)

      by Bengie ( 1121981 )

      This has been impressively ameliorated by the use of NAT, which shares numerous intenral and protected IP addresses behind a single or pair of public addresses

      Yet another person who doesn't understand NAT. How do these people get jobs in networking?!

    • Re: (Score:3)

      by jrumney ( 197329 )

      This has been impressively ameliorated by the use of NAT, which shares numerous intenral and protected IP addresses behind a single or pair of public addresses and should be the _default_ configuraiton in most businesses and organizaitons, simply to reduce the constant external vulnerability scanning of any host directly connected to the Internet.

      How does having a single IPv4 address for an entire organization reduce the constant vulnerability scanning compared with having 100 IPv6 addresses somewhere withi

    • "should be the _default_ configuraiton in most businesses and organizaitons, simply to reduce the constant external vulnerability scanning of any host directly connected to the Internet."

      Sure, so long as they don't expect to ever need an outside-compatible VoIP solution, video conferencing, incoming remote-operation connections from a company to provide tech support, IM software (Yes, it has business uses!), that sort of thing. NAT is an ugly hack. It only works as well as it does because almost all protoco

    • The critical factor for IPv4 exhaustion was the lack of "/24" addres spaces for businesses and buildings.

      Keyword "was" due to registry pressure and documentation requirements. Runout is quite different. Runout will occur within the next year in the US.

      This has been impressively ameliorated by the use of NAT, which shares numerous intenral and protected IP addresses behind a single or pair of public addresses and should be the _default_ configuraiton in most businesses and organizaitons, simply to reduce the constant external vulnerability scanning of any host directly connected to the Internet.

      SPI is more secure than NAT. Lack of disambiguating context within ALGs leads to increased complexity and remotely exploitable assumptions.

      They _do no tneed_ a different IP address for their email server, their FTP server, their web server, their phone server, their chat server, and their IRC server. The services are being easily funneled through a single exposed router or firewall, far more efficiently than before.

      What does this matter when there are not enough IPv4 resources to go around? Lets assume for a moment each person can live with a single IPv4 address for all of their shit.. There are still more people than IPv4 addresses.

  • Betteridge's Law of Headlines (Score:3, Insightful)

    by Anonymous Coward on Friday June 07, 2013 @08:33AM (#43934781)

    I can't think of a better place to cite it. I mean come on, I don't even have to click through and RTFA. It's right there in the summary that no, we aren't there yet.

  • IPv6: Who gives a shit? (Score:3, Interesting)

    by Anonymous Coward on Friday June 07, 2013 @08:36AM (#43934803)
    The Chinese government loves IPv6 because it provides extra granularity for surveillance of their citizens. Fuck that. They can kiss my shiny metal NAT.

    • Re: (Score:2)

      by pe1rxq ( 141710 )

      There is this new thingy called 'privacy extensions', is only 12 years old so you might not have heard about it yet.....

      • From what I've read, privacy extensions seems to be IPv6's equivalent of dynamic addresses in IPv4. Essentially, it's one alternative to using EAU-64. But a better idea is to configure a DHCP server so that services that need static IP addresses have them, and services that need dynamic IP addresses have them as well.

        • Re: (Score:2)

          by Bengie ( 1121981 )
          Except that the privacy addresses change every 15 minutes-ish and each application could have a different IP address for every request if wanted. DHCP on IPv4 cannot change your IP address without breaking your connections, IPv6 does not do that because it is generally understood that you will have lots of IP addresses.
          • Even in IPv6, if the temporary IP address is being used for a connnection, terminating it will break. But after a transition to a new IP address, any new connections will be made with that, while the older IP address will be deprecated once its use is complete. But the other IP addresses that the host has won't be used in making those types of connections, unless otherwise specified.

  • Increasing (Score:3, Funny)

    by BlindRobin ( 768267 ) on Friday June 07, 2013 @08:48AM (#43934877)

    '"The good news is that almost everywhere we look, IPv6 is increasing,"
    Every time we measure it the mean distance between the Earth and its moon is increasing. Wooooo Hoooooo.

  • Huh?! (Score:3)

    by bradgoodman ( 964302 ) on Friday June 07, 2013 @09:02AM (#43935025) Homepage
    IPv6 has gone "live"? First I've heard of it! :-O

  • And the root cause is... (Score:5, Insightful)

    by stove ( 38601 ) on Friday June 07, 2013 @09:25AM (#43935247)

    Me: "Hello, big boss! I'd like to go to IPv6 soon!"

    BB: "What will that take?"

    Me: "Oh, probably a couple of months worth of completely dedicated work from your best network folks. If you don't exclusively task them, could take a year."

    BB: "Sounds complex. Is it risky?"

    Me: "Absolutely! We could totally drop off the internet or lose internal connectivity for quite a while if we mess it up."

    BB: "What, exactly, am I getting from this expensive and risky thing?"

    Me: "More or less what you have now. The features it does you don't really care about."

    BB: "So it's expensive and risky and I get nothing out of it."

    Me: "Yep! When can I start?"

    *doorslam*

    • Theoretically, you could lose some business in the future if you don't support ipv6 and the customer doesn't have access to a 6to4 tunnel. It still seems like a long way off before that's an issue.

    • Re: (Score:2)

      by wasabii ( 693236 )

      I pulled it off in my network in about a month. Since it's enabled by default in pretty much every major OS, the only thing required was to lease IP space and configure the routers to push addresses. Magically now most of my trafffic goes over IPv6.

  • I suspect it'll take a while. (Score:3)

    by applematt84 ( 1135009 ) on Friday June 07, 2013 @09:27AM (#43935255) Homepage
    IPv4 is the backbone of nearly all networked systems and applications; to expect EVERYONE to switch over to IPv6 immediately is a bit naive. It's not just the service providers (Quest, Lightbound, AT&T, Verizon, etc) that have to update their WHOLE infrastructure, but applications and operating systems have to natively support IPv6. Many home users cannot afford to upgrade their hardware and software on a whim and won't have a budget to do so for a few more years (mostly due to slow economy and unemployed consumers). I suspect it will take five to 10 years before we start seeing IPv6 make its way into mainstream services. I have a VM with Rackspace and it has a public IPv6 address, but the only service that I've found useful (or even readily available) are the primary Debian mirrors. Having worked as an IT Consultant for small businesses, a SysAdmin in the ISP vector (gaining insight from a vendor aspect) and now as a SysAdmin for a software company (consumer aspect), I have first hand experience at witnessing the readiness from two different ends of the spectrum. The insight I've gained tells me that NO ONE is ready to simply flip a switch; it's going to be a painful, multi-year migration.

    • Re: (Score:2)

      by Bengie ( 1121981 )
      Good news, the Internet backbone has been IPv6 for over 10 years now and Cable modem and DSL hardware in the past 5-8 years have all supported IPv6 natively also.

      As for "most software". Well, the most commonly used software is the web-browser, which has been IPv6 for a while now also. Most people purchase new hardware on a 5-8 year cycle and nearly all networking hardware in the past few years has been IPv6.

      All 4g smartphones are IPv6, it is a requirement for 4g.
      • Thank you for politely sharing this information.

      • No, not all Cable modems and DSL Modems have supported ipv6. There are also several that are insanely difficult to set up, and bugs are everywhere.

        • Re: (Score:2)

          by Bengie ( 1121981 )
          Many DOCSIS2.0 cable modems and all DOCSIS3.0. The top few cable companies, which represent almost 70% of the USA's broadband base, are nearly done with their DOCSIS 3.0 rollout. Rule of thumb, if it supports more than 30Mb, it is IPv6.

    • to expect EVERYONE to switch over to IPv6 immediately is a bit naive.

      "Switch over to IPv6" is a concept that detractors have pulled out of thin air, as it bears no relationship to how IPv6 rollout was planned and expected. Adding the word "immediately" just makes the misconception worse.

      IPv6 was always intended to run alongside IPv4 for the foreseeable future, because old IPv4-only equipment will be around for decades until it rots and it will need to be reachable until it is replaced. So, please don't

      • Sheesh ... there's no need to be the southern end of a north-bound mule about it. I'm simply stating what I've observed from being at different ends of the spectrum. I never stated that what I said was exact fact ... only what I was speculating.

    • Re: (Score:2)

      by wasabii ( 693236 )

      Good news, every piece of software you are now running is IPv6 compatible. If an application establishes a connection to a host name, all of the underlying OS stacks can do so over IPv6 if addresses are available and connections can be made.

      Of course, those apps that have four little input boxes and only support hard coding an IP for a connection still won't work. Have any of those? I don't.

  • FTFS:

    it all looks like everything is up and to the right

    I'm confused, is up and left an option? I'd love it if my graphs with negative slope indicated time travel instead of a decrease over time!

  • Hardware limitations (Score:3)

    by rcoxdav ( 648172 ) on Friday June 07, 2013 @10:07AM (#43935731)
    I have been looking at the IP v6 specs for enterprise level hardware, top of the line products from Cisco and the likes. The last I check, a few months ago, the accelerated routing on their top of the line Layer 3+ switch had about 1/2 the aggregate routing for IPv6 as it did IPv4, and older hardware is much worse.

    Until the hardware ASIC's are acellarated as much for IPv6, I think businesses will lag unless they need to use IPv6 due to contract requirements (military and the likes). Why would they pay more for modern hardware that is slower than what they have to adopt IPv6 when IPv4 is satisfying their needs, even if NAT is a gimped solution. It still works, and is pretty fast.

  • not quite there yet (Score:5, Insightful)

    by ei4anb ( 625481 ) on Friday June 07, 2013 @10:48AM (#43936229)
    $ nslookup -type=AAAA google.com
    Name: google.com
    Address: 2a00:1450:4007:80a::1001

    $ nslookup -type=AAAA slashdot.org
    Name: slashdot.org
    $

  • IPv6? (Score:5, Funny)

    by ArcadeMan ( 2766669 ) on Friday June 07, 2013 @11:13AM (#43936575)

    Me and my 255 friends are still on IPv1, you insensitive clod!

Slashdot Top Deals

I tell them to turn to the study of mathematics, for it is only there that they might escape the lusts of the flesh. -- Thomas Mann, "The Magic Mountain"

Close