IPv6 Deployment

Mailman List Mirror (Read Only)
1

This is more in the way of a leading question for those who are
attending NANOG 40.

I'll ask it the same way I did at NZNOG back in February --
what problem is it that IPv6 is actually supposed to solve?

I used to know the answer to this, but I don't now. In 1997
(or even years before, reading Scott Bradner's eloquent advocacy
for it back then) it would have been: address space, security,
extensions, QOS. But it seems to me these have either been
sidestepped, addressed somewhat, or the benefits have not
overcome the costs in a clear business case sense.

As I said -- my purpose in posing this is to stimulate discussion
at Bellevue. It was the most interesting thing talked about at
Palmerston North, at least until the cold beer arrived.

fh

2

what problem is it that IPv6 is actually supposed to solve?

that's an easy one. in 1993-5, the press was screaming that we were
about to run out of ip space. a half-assed design was released. the
press stopped screaming. victory was declared, everyone went home.

and, as usual, ops and engineering get to clean up the disaster.

randy

3

THe intention was that ipng would address the issues you quote Scott as raising. What could be addressed cleanly, and was addressed, was the number of bits in the address.

In part, I think this was due to unrealistic expectations. Security, as you well know, is not a network layer question, nor is it a link layer question, an application layer question, a transport layer question, or a "magic security layer wherever the right place to put it turns out to be" question. It is a question that is different at every layer, and requires some level of response at each layer. Ditto QoS: there is a question of ensuring each application the bandwidth, delay, and jitter characteristics it needs, the number of memory-to-memory copies between end station processes it needs, the number of competing windowing systems it needs (cf ssh vs TCP with large windows), and a list of other things.

Part of this is the denial factor. It is popular to bash IPv6 over a number of issues, and I, co-chair of the IPv6 Operations Working Group, have points on which I comment. I note that those who run businesses that depend on large numbers or addresses being available aren't asking this question any more. They may not *like* the answer, but the answer available to them is IPv6, and there aren't any others. Increasingly, they are asking me and others what they need to do to get on with life.

4

Most of those features were completely gone by 1995, leaving
larger address space as the sole practical benefit and no actual
transition plan. This wisdom of this approach is questionable at
best, and I'll admit to being part of the team that went along...

However, even with just bigger address space, there *is* a real
problem that will be solved by IPv6, and that's avoiding the even
larger chaos that results from true depletion of IPv4 space for all
ISP's who need more space for their growth. I've already ranted
about this here and on ARIN PPML, so see the attached link for
one answer to your question.

/John

ref: http://lists.arin.net/pipermail/ppml/2007-May/007163.html

5

Most of those features were completely gone by 1995

TLAs et alia lasted until 2000+. and i think anycast is still broken,
though we can at least ignore it and use v4-style anycast, which turns
out to be what we need.

leaving larger address space as the sole practical benefit and no
actual transition plan. This wisdom of this approach is questionable
at best, and I'll admit to being part of the team that went along...

well, you get two points for copping to it. i lay on the train tracks
and was squashed.

i take the arin proclamation as "a problem is looming. the solution
space is not as appealing as we might wish. the time to figure out the
transition plan is now. don't expect arin to figure it out for you."

i like 40 more bits as well as the next geek. but how the hell do we
get from here to there? either we sort out how a v6-only site gets to
the internet, there is still ipv4 space at every site and all that
implies, or the users are screwed.

randy

6

i think anycast is still broken, though we can at least ignore it and
use v4-style anycast, which turns out to be what we need.

<recant>
i am told by a good friend who lurks that this was actually fixed a year
or two ago. a team of ops-oriented folk were sufficiently persistent
and strident to get it fixed.

randy

7

well, you get two points for copping to it. i lay on the train tracks
and was squashed.

Well, I became a contentious objector... (RFC1669). One can
confirm a real sense of humor to the cosmos, because I now
get to be lead advocate for the very scenario I noted back then
really might not be viable... :slight_smile:

i like 40 more bits as well as the next geek. but how the hell do we
get from here to there? either we sort out how a v6-only site gets to
the internet, there is still ipv4 space at every site and all that
implies, or the users are screwed.

We aggressively work on getting "little" Internet content sites
(aka the 'servers' of new Internet endsites) reachable via IPv6,
whether by native IPv6 to endsite, tunnel to endsite, or tunnel
transition mechanism within the ISP.

ISPs need to take the lead on this for now new sites, by actively
promoting IPv6 with IPv4 connections. Doing that, plus the
significant effort of IPv6 backbone work is serious work.

Big content providers have to figure out how to do native IPv6
(or fake it really well) before the first IPv6-only user arrives...
Their readiness has to be 100% on that day (or the day they
can't themselves obtain additional IPv4 space), but it's fairly
academic until that point.

/John

8

Fixed as in "new RFC released", or "New IOS shipped that DTRT", or "Most sites
have actually *deployed* the new code"?

9

about to run out of ip space. a half-assed design was released. the
press stopped screaming. victory was declared, everyone went home.

Actually, they didn't go home. Victory, "they" think, is never having
to go home (but IETF Dallas is another story).

I'm sorry this story is a bit long, the way I tell it, but hopefully
it is entertaining (or at least easy to delete and ignore).

At my first IETF, I attended a 'Scotch BoF'. It was singularly the
most disturbing experience I've ever had at an IETF. Not merely
because I don't drink, nor merely because of the antics of Internet
professionals at a level of intoxication reminiscent of college
dormatories.

Every drink of scotch requires a toast, and every toast must be
suffixed with "...and the Universal Deployment of IPv6." This phrase
is uttered not jovially...not with celebratory thrust one usually
attributes to, well, a toast...but rather with a low, monotonic,
metronomic chant, in a chorus.

You could hear it from outside the room, four doors down the hall.

It is very much reminiscent of the "congregation answers" lines in
church proceedings. Upon entry, I spent a few moments looking around
for the Dark Altar these chants were directed to, as I expected to
find chicken entrails, and black candles burning low. Perhaps a
statue of a goat, or an incense burner, something to mark the
demonic power they're hoping has the will and fortitude to see
IPv6 "universally deployed" if only their chants will appease it.

Actually I suppose you could say there was incense, but it was the
dank, hot and humid incense of far too many people crowded in a hotel
room with open flasks of single-malt. You could smell it down the
hall, as near as the elevators.

The point is I came to a realization: They were praying, and the
altar they were praying to is an entity absent all too often in IETF
proceedings in numbers sufficient to exert a presence...so it's
fitting that there was no icon to represent it in their church.

Operators.

They're praying to the Big Operator in the Sky to deliver them to the
promised land, an IPv6 network upon which their applications will
multiply and flourish, and their products can be sold.

Truly, I was a pilgrim in an unholy land.

and, as usual, ops and engineering get to clean up the disaster.

Except that this time, there are masses of people who now prostrate
themselves before the Dark Altar of Operators, intoning mystic
rituals of their own invention in hopes to appease you. Like the
world's children who write to Santa Claus every year, these people
have a list of toys they would like the Internet's operators to place
in their stockings, and they're rapidly becoming more and more
prepared to "be good children" to get them.

It's progress, I think, that this places a substantially fairer
share of power in the hands of those who can do something with
it. For, after all, Santa Claus can always choose to give coal.

But one might hope that at some point, they will give up praying
for their answers, and will seek them instead.

Obligatory operational content: Stock up on coal. If someone
asks if you're a God, say "Yes."

10

David W. Hankins wrote:

...

Obligatory operational content: Stock up on coal. If someone
asks if you're a God, say "Yes."

You have put your finger on the problem. Someone crossed the ipv4 and
ipv6 streams and the Operator was sent back to the interdimensional
vastness from which it came.