IPv6 on SOHO routers?

Mark Newton wrote:

Those of us who use ADSL or (heaven forbid) Cable are kinda out of luck.
I haven't yet found ADSL2+ CPE that does IPv6 over PPPoE or PPPoA out
of the box.

Any cablelebs certified docsis 3.0 CM or CMTS supports ipv6.

Your cable provider will have to upgrade their CMTS (line card swap) before you can leverage it directly on the cable in a consumer environment.

DSL aggregation routers are challenge where again equipment lifecycle plays in to whether you're in a position to deploy.

Matthew Moyle-Croft wrote:

The only ADSL one listed "Billion 7402R2" doesn't _actually_ do IPv6 yet, but it might if they release software for it!
Which would be nice as we sell them to customers and would love to magically turn on IPv6 to them one day.

Hi MMC,

You might want to contribute to
<http://au.billion.com/forums/index.php?showtopic=10042&gt;

and suggest to them that Internode wants this release for their customers.

Mark.

I don't know why Leo thinks so, but even I can observe the "extra
recurring support cost of having to work through two stacks with every
customer that dials in" as being far greater than any technology
costs in either single-stack scenario. The 'recurring' part is the
real killer.

If the customer would be v6-only, I agree.

If the customer is v4-only, I would posit that it's in most cases impossibleto get the customers upgraded to v6. I would also argue (based on my understanding) that translating or tunneling v4-only clients over v6-only network would cause pretty much equal or greater complexities as dual-stack.

If the customer is dual-stack, I would agree that v6-only is simpler, but that gets back to the point of, "does the whole internet support v6 or is there alternative, reliable way to reach the rest?" As a result you will need to deal with v4 connectivity issues as well.

NB: we have had dual-stack backbone for about 6 years and are not seeing major pain. Sure, v6-only would be even easier in the longer term, but as far as I've seen, the major transition issues are at the edges, not in the core network.

In a message written on Thu, Mar 13, 2008 at 03:26:48PM +0200, Pekka Savola wrote:

>ISP's are very good at one thing, driving out unnecessary cost.
>Running dual stack increases cost. While I'm not sure about the 5
>year part, I'm sure ISP's will move to disable IPv4 support as soon
>as the market will let them as a cost saving measure. Runing for
>"decades" dual stacked does not make a lot of economic sense for
>all involved.

So, can you elaborate why you think the cost of running dual stack is
higher than the cost of spending time&money on beind on the bleeding
edge to do v6-only yet supporting v4 for your existing and future
customers still wedded to the older IP protocol?

You are mixing stages of adoption. The Internet will progress as
follows:

1) Early adopters deploy IPv6 while continuing to make most of their
   money off IPv4. We're already well into this state.

2) Substantially all (> 90%?) of the Internet is dual stacked, or has
   other transition mechanisms in place.

3) IPv4 is removed from the network, leaving only IPv6.

Your comment compares the cost of phase 1 to the cost of phase two,
making the assumption that it's more expensive to be an early adopter
than it is to run dual stack down the road. On that point, I agree.

My point is once we're in phase #2 the bean counters will look
around and start to ask "can we reduce cost if we remove IPv4".
The answer will be yes. Initially the answer will be "but our
customers will be upset", and it won't happen, but the bean counters
are persistent, and will keep asking the question over and over.
They will make sure phase 2 lasts no longer than it must.

Which brings us into phase 3. While engineers may see it as simple
clean up, large networks will see phase 3 has a huge money saving
operation by that point in time. Once the first major (top 10?)
network removes IPv4 support I expect all the rest to follow within
2 years, tops. Edge and nitche networks may support it longer, but
it will drop from the Internet core quickly.

The specific original comment was that we would run dual-stacked, that
is in phase 2, for "decades". I proport there are strong economic
reasons why that is probably not ging to be the case.

1) Early adopters deploy IPv6 while continuing to make most of their
  money off IPv4. We're already well into this state.

2) Substantially all (> 90%?) of the Internet is dual stacked, or has
  other transition mechanisms in place.

Who has the other transition mechanisms in place? What is the cost of deploying those transition mechanisms? At present it's not obvious how you can explain to the bean counters that deploying these are profitable.

3) IPv4 is removed from the network, leaving only IPv6.

Your comment compares the cost of phase 1 to the cost of phase two,
making the assumption that it's more expensive to be an early adopter
than it is to run dual stack down the road. On that point, I agree.

That's not all. I also tried to point out that in order to get to 2), you're facing a decade of slow transition or you have to deploy transition mechanisms which have substantial cost. A transition mechanism is also needed to move from 2) to 3).

My point is that it seems somewhat premature to talk extensively of 2) -> 3) transition because we haven't even figured out 1) -> 2) yet. Getting to 2) is the challenge, from there it is straightforward.

My point is once we're in phase #2 the bean counters will look
around and start to ask "can we reduce cost if we remove IPv4".

I agree but you don't clearly address how exactly we're going to get to 2) in the first place -- that's a huge step. In order to move to stage 2), a LOT of deployment is needed and/or a lot of transition mechanisms (mainly translation in this context, I assume) need to be deployed which has significant cost involved.

I agree that if 90% or 99% of net is dual-stack or using a working transition mechanisms (so the expectation is that almost everything would work with v6-only), the jump to 3) will be relatively quick for the reasons you say.

We've been a decade in step 1). We'll likely continue to be another decade in step 1) before moving to 2) unless radical transition technology is developed and deployed in a significant scale (and someone figures out a business model how it helps in the short term). Once we get 2), the time it takes to move to 3) is probably almost an order of magnitude less than what it took to get to 2).

The specific original comment was that we would run dual-stacked, that
is in phase 2, for "decades". I proport there are strong economic
reasons why that is probably not ging to be the case.

I may interpret your steps differently, but I see at least a decade more of work before we get to step 2) (i.e., before we get to 90% penetration).

In a message written on Thu, Mar 13, 2008 at 05:18:16PM +0200, Pekka Savola wrote:

Who has the other transition mechanisms in place? What is the cost of
deploying those transition mechanisms? At present it's not obvious
how you can explain to the bean counters that deploying these are
profitable.

It's very hard, so most people aren't deploying, yet.

My point is that it seems somewhat premature to talk extensively of 2)
-> 3) transition because we haven't even figured out 1) -> 2) yet.
Getting to 2) is the challenge, from there it is straightforward.

The driver for 1-2 is the end of the IPv4 free pool. It doesn't
much matter if the cause is IPv4 simply not being available anymore,
or if the result is some way of moving IPv4 addresses around for
money; they both will get the bean counters attention real quick.
In essense the cost of IPv4 is going to dramatically rise, one way
or another.

And that's only the first order effect of getting the addresses.
Second order effects like hanling the routing table deaggregation
haven't begun to be calculated.

So basically the IPv4 free pool exhaustion will drive 1-2 rather
rapidly. Once we're in state 2, simple economics will drive the
2-3 transtion rather rapidly.

20 years ago was 1988. The World Wide Web did not even exist. AOL
(the first service branded under that name) wasn't launched until
1989. A T1 served an enter university campus. 9600 baud was a
fast modem. In essense, the entire industry as we know it was built
in the last 20 years.

Now think hard about a prediction we'll still be running IPv4 in 20
years. A two decade transition period just does not fit this industry's
history.

MS, Apple, Linux, *BSD are ALL dual stack out of the box currently. The
core is IPv6/dual stack capable, even if it's not enabled everywhere,
and a large chunk of Asia and Europe are running IPv6 right now. The US
Govt. is under mandate to transition to v6 by the end of the year. The
only bits that are missing right now are the routers and switches at the
edge, and support from transit providers, and if they're going to keep
supplying the Fed with gear and connectivity, at least one major player
in those areas of the NA market is going to HAVE to make it happen.

From there, I'd expect a slow but steady uptake across the rest of North

America.

Pekka Savola

I don't know why Leo thinks so, but even I can observe the
"extra recurring support cost of having to work through two
stacks with every customer that dials in" as being far
greater than any technology costs in either single-stack
scenario. The 'recurring' part is the real killer.

This is why any ISP that has not moved their core network
over to MPLS, really needs to take a serious look at doing
so now. If you do this then you only really need to support
IPv6 on your edge routers (MPLS PE) which are used to connect
IPv6 customers. Those PEs will use 6PE to provide native IPv6
to your customers.

Dual stack is not the only solution.

Note that it is also possible to use something like GRE tunnels
over IP4 to build an IPv6 overlay. Depending on the scale of
your network (and your capital budget) this may also be an
attractive way to ease into IPv6 without changing everything.

There is a whole smorgasbord of choices to make. It's not an
easy slam-dunk proposition and you can't just find someone
to tell you how to handle your network situation. It's not
like the early 1990's when you could get away with following
the crowd.

--Michael Dillon

To be fair, I've encourntered an awful lot of SNA which is still out there, so you might be surprised how long things linger. But your point is well taken - once IPv4 stops being the primary internetworking protocol, it'll be reduced to special cases pretty quickly.

David Barak
Need Geek Rock? Try The Franchise:
http://www.listentothefranchise.com

I changed the subject line.

My point is that it seems somewhat premature to talk extensively of 2)
-> 3) transition because we haven't even figured out 1) -> 2) yet.
Getting to 2) is the challenge, from there it is straightforward.

The driver for 1-2 is the end of the IPv4 free pool. It doesn't
much matter if the cause is IPv4 simply not being available anymore,
or if the result is some way of moving IPv4 addresses around for
money; they both will get the bean counters attention real quick.
In essense the cost of IPv4 is going to dramatically rise, one way
or another.

And that's only the first order effect of getting the addresses.
Second order effects like hanling the routing table deaggregation
haven't begun to be calculated.

Many people seem to have waken up from the slumber lately with a realization that when IANA/RIR v4 pool runs out in a couple of years, v6 had better be ready for prime time!

While the goal may be good, a reality check might be in order. AFAICS, the impact will be that residential and similar usage will be more heavily NATted. Enterprises need to pay higher cost per public v4 address. IPv4 multihoming practises will evolve (e.g., instead of multihoming with PI, you multihome with one provider's PA space; you use multiconnecting to one ISP instead of multihoming). Newcomers to market (whether ISPs or those sites which wish to start multihoming) are facing higher costs (the latter of which is also a good thing). Obviously DFZ deaggregation will increase but we still don't end up routing /32's globally.

While price for a /20 or /16 of address space might go up pretty high, a /24 can still be obtained with a reasonable cost. Those ISPs with lots of spare or freeable v4 space will be best placed to profit from new customers and as a result v6 will remain an unattractive choice for end-users.

IANA and RIRs running out of v4 space may allow making a better case to an ISP's management that their backbone should be made v6 capable (to support customers who want v6) but it doesn't provide the case for the ISP to deploy v6 to its residential users, and it doesn't provide a case for the enterprises to start v6 transition (because they need to support v4 anyway). It may also make a case for ISPs which don't have much spare IPv4 space and cannot free or obtain it to try to market v6 to their end-users.

So v6 capabilities in the ISP backbones will improve but the end-users and sites still don't get v6 ubiquituously. This is a significant improvement from v6 perspective but is still not enough to get to 90% global v6 deployment.

Jamie,

MS, Apple, Linux, *BSD are ALL dual stack out of the box currently.

The fact that the kernel may support IPv6 does not mean that IPv6 is actually usable (as events at NANOG, APRICOT, and the IETF have shown). There are lots of bits and pieces that are necessary for mere mortals to actually use IPv6.

The core is IPv6/dual stack capable, even if it's not enabled everywhere,

I'm told by some folks who run core networks for a living that while the routers may sling IPv6 packets as fast or faster than IPv4, doing so with ACLs, filter lists, statistics, monitoring, etc., is lacking. What's worse, the vendors aren't spinning the ASICs (which I'm told have a 2 to 3 year lead time from design to being shipped) necessary to do everything core routers are expected to do for IPv6 yet.

and a large chunk of Asia and Europe are running IPv6 right now.

I keep hearing this, but could you indicate what parts of Asia and Europe are running IPv6 right now? I'm aware, for example, that NTT is using IPv6 for their FLETS service, but that is an internal transport service not connected to the Internet. I'm unaware (but would be very interested in hearing about) any service in Asia or Europe that is seeing significant IPv6 traffic.

The US Govt. is under mandate to transition to v6 by the end of the year.

I thought parts of the USG were under a mandate to be "IPv6 capable" (whatever that means) by this summer. If there is a mandate to be running IPv6 within the USG by the end of the year, people are going to have to get very, very busy very, very quickly.

The
only bits that are missing right now are the routers and switches at the
edge, and support from transit providers,

My understanding is that there are lots of bits and pieces that are missing in the infrastructure, but that's almost irrelevant. What is _really_ missing is content accessible over IPv6 as it results in the chicken-or-egg problem: without content, few customers will request IPv6. Without customer requests for IPv6, it's hard to make the business case to deploy the infrastructure to support it. Without infrastructure to support IPv6, it's hard to make the business case to deploy content on top of IPv6.

and if they're going to keep
supplying the Fed with gear and connectivity, at least one major player
in those areas of the NA market is going to HAVE to make it happen.

Remember GOSIP?

Regards,
-drc

While the goal may be good, a reality check might be in order. AFAICS, the impact will be that residential and similar usage will be more heavily NATted. Enterprises need to pay higher cost per public v4 address. IPv4 multihoming practises will evolve (e.g., instead of multihoming with PI, you multihome with one provider's PA space; you use multiconnecting to one ISP instead of multihoming). Newcomers to market (whether ISPs or those sites which wish to start multihoming) are facing higher costs (the latter of which is also a good thing). Obviously DFZ deaggregation will increase but we still don't end up routing /32's globally.

I am confused by your statement. It appears you are saying that it is a good
thing for sites that wish to multihome to face higher costs. If that is truly
what you are saying, then, I must strenuously disagree. I think that increased
cost for resilient networking is a very bad thing.

While price for a /20 or /16 of address space might go up pretty high, a /24 can still be obtained with a reasonable cost. Those ISPs with lots of spare or freeable v4 space will be best placed to profit from new customers and as a result v6 will remain an unattractive choice for end-users.

Only for some limited period of time. Even those "freeable" /24s will get
used up fairly quickly.

IANA and RIRs running out of v4 space may allow making a better case to an ISP's management that their backbone should be made v6 capable (to support customers who want v6) but it doesn't provide the case for the ISP to deploy v6 to its residential users, and it doesn't provide a case for the enterprises to start v6 transition (because they need to support v4 anyway). It may also make a case for ISPs which don't have much spare IPv4 space and cannot free or obtain it to try to market v6 to their end-users.

The case for IPv6 end-user deployment will most likely occur when new
IPv4 addresses for those customers become more costly than supporting
a NAT-PT infrastructure with the appropriate DNS hackery and such.

It would be nice (and cheaper in the long run) if ISPs were ahead of that
curve in some way, but, the reality is that's probably going to be the driver.
Eventually, enough NAT-PT eyeballs will drive IPv6 native content
capabilities (although in ability to get IPv4 addresses for new content
hosts may also serve as a driver there).

In terms of enterprise, I think that will be the last group to convert.
I don't think you will see much enterprise level migration until they
are faced with their ISPs wanting to shut down IPv4 and raising the
IPv4 transit costs accordingly. However, once we reach somewhat
minimal critical mass in IPv6 content, and, NAT-PT solutions are
more readily available and better understood, I think you'll see
most new enterprise deployments being done with IPv6.

So v6 capabilities in the ISP backbones will improve but the end-users and sites still don't get v6 ubiquituously. This is a significant improvement from v6 perspective but is still not enough to get to 90% global v6 deployment.

I'm not sure why 90% is necessary or even desirable in the short
term. What's magic about 90%? What I think is more interesting
is arriving at the point where you can deploy a new site entirely
with IPv6 without concerns about being disconnected from some
(significant) portion of the internet (intarweb?).

Once we're at that point, the rest can sort itself as the timeframe
becomes merely an issue of economics. Prior to that point, the
issues are of much greater potential impact beyond the mere
financial.

Owen

No, that's what we have IPv6 for ('cause, you know, IPv6 /32s are smaller than IPv4 /32s... or something...)

Regards,
-drc

If ISP's are waiting for new IPv6-only content to create customer
demand to justify their business case for IPv6 enablement, then
that's their choice.

Reality will win in the end, and my $$ will be on the providers who
justified their IPv6 enablement on being able to continue to grow.

/John

While the goal may be good, a reality check might be in order. AFAICS, the impact will be that residential and similar usage will be more heavily NATted. Enterprises need to pay higher cost per public v4 address. IPv4 multihoming practises will evolve (e.g., instead of multihoming with PI, you multihome with one provider's PA space; you use multiconnecting to one ISP instead of multihoming). Newcomers to market (whether ISPs or those sites which wish to start multihoming) are facing higher costs (the latter of which is also a good thing). Obviously DFZ deaggregation will increase but we still don't end up routing /32's globally.

I am confused by your statement. It appears you are saying that it is a good thing for sites that wish to multihome to face higher costs. If that is truly what you are saying, then, I must strenuously disagree. I think that increased cost for resilient networking is a very bad thing.

I understand your reasoning (we've been through this before so we'll just have to agree to disagree). If a site is unwilling to pay, e.g., 10000$/yr for its multihoming, maybe it should stop polluting the global routing table and instead use other redundancy mechanisms. Today, it's too cheap to pollute global DFZ; increasing the cost motivates finding other mechanisms to obtain redundancy.

While price for a /20 or /16 of address space might go up pretty high, a /24 can still be obtained with a reasonable cost. Those ISPs with lots of spare or freeable v4 space will be best placed to profit from new customers and as a result v6 will remain an unattractive choice for end-users.

Only for some limited period of time. Even those "freeable" /24s will get
used up fairly quickly.

Even a single /8 will allow 64K allocations for multihoming perspective; that's more than we have today, and there is a lot more spare or freeable space to use.

[...]

However, once we reach somewhat minimal critical mass in IPv6 content, and, NAT-PT solutions are more readily available and better understood, I think you'll see most new enterprise deployments being done with IPv6.

I agree with most of what you're saying but given that most enterprise admins are familiar with v4 and not with v6, if the enterprise is going to be completely behind a NAT or NAT-PT anyway, it may be difficult to find the benefit to deploy the enterprise network with v6 rather than with v4 private addresses. Easier company mergers is probably one of the highest on the list, "futureproofing the network" is probably not considered worth the expense.

So v6 capabilities in the ISP backbones will improve but the end-users and sites still don't get v6 ubiquituously. This is a significant improvement from v6 perspective but is still not enough to get to 90% global v6 deployment.

I'm not sure why 90% is necessary or even desirable in the short
term. What's magic about 90%?

Don't ask me for the magic number -- I just took what Leo offered.

What I think is more interesting is arriving at the point where you can deploy a new site entirely with IPv6 without concerns about being disconnected from some (significant) portion of the internet (intarweb?).

I agree that's an interesting (earlier) scenario. To me what you require represents a situation where basically every ISP is offering v6 and it's widely considered to have similar SLAs as v4 today has, and it's used sufficiently widely and is reliable.

To get there in practice, ISPs will need users which require this kind of SLAs and reliability. So, while 90% user and content penetration is is not needed to reach this goal, it will need to be significantly higher than, say, 5%. Who are going to be the first v6 end-sites and content provides? It's a thankless job to be on the bleeding edge and it may be difficult to define a business case for it.

and a large chunk of Asia and Europe are running IPv6 right now.

I keep hearing this, but could you indicate what parts of Asia and
Europe are running IPv6 right now? I'm aware, for example, that NTT is
using IPv6 for their FLETS service, but that is an internal transport
service not connected to the Internet. I'm unaware (but would be very
interested in hearing about) any service in Asia or Europe that is
seeing significant IPv6 traffic.

you mean aside from the ipv6 forum mailing list? [ note that ipv6 forum
members do not actually run ipv6, they just think other people should. ]

the stats i am seeing, and they are not really great measurements, but
they're what we have, are coming up on 1% ipv6 traffic. and this is
pretty much the same asia, europe, and north america, with less down south.

My understanding is that there are lots of bits and pieces that are
missing in the infrastructure, but that's almost irrelevant. What is
_really_ missing is content accessible over IPv6 as it results in the
chicken-or-egg problem: without content, few customers will request
IPv6. Without customer requests for IPv6, it's hard to make the
business case to deploy the infrastructure to support it. Without
infrastructure to support IPv6, it's hard to make the business case to
deploy content on top of IPv6.

actally, drc, here is where you and i diverge. there will never be
demand for ipv6 from the end user. they just want their mtv, and do not
care if it comes on ipv4, ipv6, or donkey-back.

it is we operators, and the enterprise base, which will feel the ipv4
squeeze and need to seek alternatives. and, imiho, ipv6 is the
preferable alternative we have today. and it is we the operators who
get to make it deployable so that the customers will not have to care
how their mtv is delivered.

and the chicks ain't free.

randy

There are already things like http://ipv6.google.com/, though
content which is _only_ available over IPv6 is probably more likely
to stimulate demand.

Leo Bicknell wrote:

In a message written on Wed, Mar 12, 2008 at 03:06:24PM -0500, Frank Bulk - iNAME wrote:

Furthermore, he stated that networking equipment companies like Cisco will
be moving away from IPv4 in 5 years or so. This is the first time I've
heard this posited -- I had a hard believing that, but he claims it with
some authority. Anyone hear anything like this? My own opinion is that
we'll see dual-stack for at least a decade or two to come.

ISP's are very good at one thing, driving out unnecessary cost.
Running dual stack increases cost. While I'm not sure about the 5
year part, I'm sure ISP's will move to disable IPv4 support as soon
as the market will let them as a cost saving measure. Runing for
"decades" dual stacked does not make a lot of economic sense for
all involved.

labels in the core, for a long while.

This transition will be about as smooth as the US moving to the metric system. (e.g. everyone buys soda in two liter bottles, wine in 750ml bottles, but can't mentally buy liters of gasoline....or 1.1826 liters of beer, aka 'forty').

Same could be said for the Auto Industry. Thank [some dead mathematician] that 3/4" lug nuts are also 19mm or we'd really be screwed

No flag day here (I would pay serious money to see that happen though, it would be a total riot from the get go). There is some interesting movement in the US in particular to put up 'enough' v6 window dressing to be compliant with US gov't contracts and so on which will match up with the OMB [unfunded] mandate to be IPv6 compatible by this june.

As for the SOHO, not sure if anything other the next chip revision and firmware are needed. Besides, will they be NAT boxen with a dozen application layer gateway helpers like today? Or will they be actual firewalls. Hard to say which is more difficult or code complex. With the pace of silicon replacement in SOHO product lines, the next silicon spin could do the either stack or both for the same cost.

best regards,
andy

Stuart Henderson wrote:

                                                              What is _really_ missing is content accessible over IPv6 as it results in the chicken-or-egg problem: without content, few customers will request IPv6.

There are already things like http://ipv6.google.com/, though
content which is _only_ available over IPv6 is probably more likely
to stimulate demand.

But there's no $$ benefit for being either the chicken or the egg.

The carriers (many still with oversized debt loads) don't see any advantage for deployment in a general sense. But they'll likely have an easier time than access providers.

it's a 'no thanks, but I need more address space' for many of the access providers, given the orders of magnitude of ports, customers, customer care, billing systems and so on that may have to be updated to handle yet another layer in their networks.

And content providers without an audience are just toying around. Maybe they'll have the easiest time. hard to say.

It's almost like the volunteer line, where everyone else in line has to step back so that someone gets stuck being first doing the dirty work.

Same for the end user. They don't care how a microwave oven works, they simply toss in a bag, press the popcorn button and expect results.

regards,
andy