ISP customer assignments

The address space is daunting in scale as you have noted, but I don't see
any lessons learned in address allocation between IPv6 and IPv4.

That's probably because IPv4 was a technology where the expected host
address allocation strategy was (last+1) and IPv6 is a technology where
the default host address allocation strategy involves shooting into an
extremely extra-sparse 64-bit address space. These are incredibly
different things.

Consider
as a residential customer, I will be provided a /64, which means each
individual on Earth will have roughly 1 billion addresses each.

Um, no. Unless by "roughly" we use a definition where 1 is roughly
equal to 18 billion. Yes, that's right, a /64 is 18 billion *billion*.

Generally speaking, we shouldn't *want* end users to be provided with a
single /64. The number of addresses is not the point. The idea of
getting rid of the horribleness that is CIDR is the point.

For example, consider the network 206.55.76.0/23. If I assign that to
an Ethernet interface, I have a problem because two addresses in the
middle of the network, 206.55.76.255 and 206.55.77.0, are less-than-
fully-usable because stupid idiot retards out on the Internet will see
that last octet and will firewall it. And by "stupid idiot retards,"
I don't necessarily mean end users, I mean *VENDORS*. (You know who
you are.)

The current revision of IPv6 introduces a way to nail down the boundary
between network and host. This is fantastic, from an implementation
point of view. It simplifies the design of silicon for forwarding
engines, etc.

And here's the kicker. If it /really/ bothers you, just bear in mind
that having another whole 64 bits as the host space means that if ever
the V6Internet is in crisis and is running out of IP space, unlike IPv4,
we can "fix" that problem by changing the addressing strategy within
the local AS.

Organizations will be provided /48s or smaller, but given the current
issues with routing /48's globally, I think you will find more
organizations fighting for /32s or smaller...

Oh puhhhhhleeeze. Where do we get these newbies from. Part of the
reason for forming a group such as NANOG was that there were lots of
routing issues; we still see requests for help for that sort of stuff
today on the IPv4 Internet. Anyone who remembers the fun days of the
early commercial Internet would likely say that we've got it easy
today.

so what once was a
astonomical number of addresses that one cannot concieve numerically, soon
becomes much smaller. I can see an IPv7 in the future, and doing it all
over again... I just hope I retire before it comes... The only difference
I can see between IPv4 and IPv6 is how much of a pain it is to type a 128
bit address...

You don't do that. Or at least, you shouldn't do that. We have a
fairly reliable DNS system these days...

Just like back in the day when Class B networks were
handed out like candy, one day we will be figuring out how to put in
emergency allocations on the ARIN listserv for IPv6 because of address
exhaustion and waste.

Not likely to happen in this century.

One of the lessons that *was* learned was that it's better to go too
big than too small. People just have a rough time visualizing how
massively immense 2^128 actually is. But this discussion is really
not relevant to NANOG; if you wish to fight this battle, the people
with the clue-by-fours are over on the IPv6 lists.

Food for thought...

Only if by "food" you mean "I went down to Lardburger and ate until I
had a heart attack and died."

You're not bringing anything new to the table, least of all in the fact
department, which is about the only way you could manage to convince
people that there's a problem.

And the very thing you're complaining about would actually be the
obvious safety valve if there's a problem. That immense, extremely
sparse space that forms the host portion of an IPv6 address... that
is where we dip into in the extremely unlikely event there's a problem.

... JG

Generally speaking, we shouldn't *want* end users to be provided with a
single /64. The number of addresses is not the point. The idea of
getting rid of the horribleness that is CIDR is the point.

You underestimate the power of the marketing department and the bean counters. I assure you, residential ISPs are looking for schemes to give out as little address space as possible.

The current revision of IPv6 introduces a way to nail down the boundary
between network and host. This is fantastic, from an implementation
point of view. It simplifies the design of silicon for forwarding
engines, etc.

And it's 150% Wrong Thinking(tm). IPv6 is classless - PERIOD. The instant some idiot wires /64 into silicon, we're right back to not being able to use x.x.x.0 and x.x.x.255. Addresses are 128-bits; you cannot make any assumptions about what people may or may not be doing with those bits. If I don't use SLAAC, then I'm not bound by it's lame rules.

You don't do that. Or at least, you shouldn't do that. We have a
fairly reliable DNS system these days...

And where did DNS get the name/number assignments? In my case, it's either been typed in by ME or automatically updated by DHCP.

--Ricky

Joe Greco <jgreco@ns.sol.net> writes:

the people with the clue-by-fours are over on the IPv6 lists.

They've upgraded to clue-by-six's. Not as handy, but will last longer.

Bjørn

You underestimate the power of the marketing department and the bean counters. I assure you, residential ISPs are looking for schemes to give out as little address space as possible.

That has not been my (limited) experience. If you are aware of any ISPs
which are not handing out a reasonable address space to customers, please
call them out.

The current revision of IPv6 introduces a way to nail down the boundary
between network and host. This is fantastic, from an implementation
point of view. It simplifies the design of silicon for forwarding
engines, etc.

And it's 150% Wrong Thinking(tm). IPv6 is classless - PERIOD. The instant some idiot wires /64 into silicon, we're right back to not being able to use x.x.x.0 and x.x.x.255. Addresses are 128-bits; you cannot make any assumptions about what people may or may not be doing with those bits. If I don't use SLAAC, then I'm not bound by it's lame rules.

You don't do that. Or at least, you shouldn't do that. We have a
fairly reliable DNS system these days...

The assumption that IPv6 addresses are harder has not been my
experience. A server address of 2610:b8:5::1 is just as easy
for me to remember as 67.217.144.1. Granted, auto configured
addresses are much harder to remember.

And where did DNS get the name/number assignments? In my case, it's either been typed in by ME or automatically updated by DHCP.

Anything I put in DNS is a server/router, and gets a static address, just
like with IPv4.

Rick et al,

I work at an ISP, and I know staff at several other ISPs, we are all
trying to do this right. If a /56 makes sense and is supported by the
IPv6 technology and we won't have issues supplying these to customers
(technically speaking), then we will most likely do this or something
similar. The issue is more of a nuanced issue.

There seems to be a variance between "It's OK to just give out a /64" to
"You better be thinking about giving out a /48". I can live in those
boundaries and am most likely fine with either. I'm leaning toward a /56
for regular subscribers and a /48 only for business or large scale
customers, and undecided on dial-up. How does this sound?

This wasn't suppose to digress to this level of vitriol.

- Brian

From: Ricky Beam [mailto:jfbeam@gmail.com]
Sent: Monday, October 05, 2009 10:23 PM
To: Joe Greco; Robert.E.VanOrmer@frb.gov
Cc: nanog@nanog.org
Subject: Re: ISP customer assignments

> Generally speaking, we shouldn't *want* end users to be provided

with

a
> single /64. The number of addresses is not the point. The idea of
> getting rid of the horribleness that is CIDR is the point.

You underestimate the power of the marketing department and the bean
counters. I assure you, residential ISPs are looking for schemes to
give
out as little address space as possible.

> The current revision of IPv6 introduces a way to nail down the
boundary
> between network and host. This is fantastic, from an implementation
> point of view. It simplifies the design of silicon for forwarding
> engines, etc.

And it's 150% Wrong Thinking(tm). IPv6 is classless - PERIOD. The
instant some idiot wires /64 into silicon, we're right back to not
being
able to use x.x.x.0 and x.x.x.255. Addresses are 128-bits; you cannot
make any assumptions about what people may or may not be doing with
those
bits. If I don't use SLAAC, then I'm not bound by it's lame rules.

> You don't do that. Or at least, you shouldn't do that. We

have

> You underestimate the power of the marketing department and the bean
> counters. I assure you, residential ISPs are looking for schemes to give
> out as little address space as possible.

That has not been my (limited) experience. If you are aware of any ISPs
which are not handing out a reasonable address space to customers, please
call them out.

Once one of them actually realises how much address space they've been
given, and that giving more perceived value to a customer will win them
the business, I think they will e.g. same price, same quota/bandwidth,
one ISP giving you 64K more address space. I think customers will say,
"I fully understand what it's for, and I don't really know what I'll
use it for .. but I'll have it if I ever need it."

>> The current revision of IPv6 introduces a way to nail down the boundary
>> between network and host. This is fantastic, from an implementation
>> point of view. It simplifies the design of silicon for forwarding
>> engines, etc.
>
> And it's 150% Wrong Thinking(tm). IPv6 is classless - PERIOD. The
> instant some idiot wires /64 into silicon, we're right back to not being
> able to use x.x.x.0 and x.x.x.255. Addresses are 128-bits; you cannot
> make any assumptions about what people may or may not be doing with those
> bits. If I don't use SLAAC, then I'm not bound by it's lame rules.
>

I think it is both "classless" and "classfull" (although it's different
enough that we probably should stop using loaded IPv4 terms ...)

Forwarding is purely "classless" - the best route is the one with the
longest matching prefix length, regardless of where that prefix length
lands within the 128 bits.

For 1/8th of the address space, it's "classful". It's been shown that
humans work best with simplicity, so introducing fixed operational (but
not forwarding) boundaries between node, subnet and global prefixes
makes IPv6 much more operationally simple than dealing with IPv4
classes, subnets or classless addressing. I think anybody who has dealt
operationally with IPX, Appletalk, XNS, DECnet or even Ethernet with
it's single OUI/Node ID boundary would agree.

If the plan for the "classful" 1/8th ends up being wrong, the
"classless" forwarding means that we don't have to deploy new routing
code or hardware to change to a different addressing model, be it
"classless" or something else.

It's _classless_. There's none of this Class A, B, C, D, or E nonsense. The word everyone is dancing around is, "hierarchical". How the bits get divided up depends on what you want to do with it. SLAAC, in it's current form, requires a 64-bit prefix, but there are other ways to assign addresses that do not have that requirement.

--Ricky

There seems to be a variance between "It's OK to just give out a /64" to
"You better be thinking about giving out a /48". I can live in those
boundaries and am most likely fine with either. I'm leaning toward a /56
for regular subscribers and a /48 only for business or large scale
customers, and undecided on dial-up. How does this sound?

The starting point is to give everybody a /48 per site. If a business customer
has 3 sites, then give them enough space for a /48 for each site. Could be
3 /48s or could be a /46.

But, if you have a lot of residential customers, it is quite
reasonable to give them
a /56 per site instead. Be prepared for some customers to ask for two
/56s because
they have a granny-flat or in-law apartment in the house. Also be
prepared for some
to ask for a /48 because they are running a business at home, or they
are technical
types who have a their own home network lab.

Your plan for /56 to residential subscribers and /48 to business
subscribers sounds
perfectly fine as long as your systems have some way to accomodate
that grey area,
either by recording a /48 against a residential subscriber or counting
them as a class
of business customer that pays a residential rate.

Charging a customer extra for more IPv6 addresses just will not fly in
a competitive
market.

--Michael Dillon

Sorry to be a curmudgeon and let me play devil's advocate for a minute. I realize that the address space is enormous; gigantic, even, but if we treat it as cavalierly as you all are proposing, it will get used up. If its treated like an infinite resource that will never, ever be used up as we have done with every other resource on the planet, won't we find ourselves in a heap of trouble?

Curtis

Michael Dillon wrote:

At this stage we're only 'being cavalier' with 1/8th of the space.

We can be more restrictive with the the other 7/8ths if those predicting
rapid consumption turn out to be correct.

Right now that would be a nice problem to have.

Tim

And I will play devil's advocate to the devil's advocate ... wait, does that
make me God's advocate? Nice!

Sorry to be a curmudgeon and let me play devil's advocate for a minute. I
realize that the address space is enormous; gigantic, even, but if we treat
it as cavalierly as you all are proposing, it will get used up. If its
treated like an infinite resource that will never, ever be used up as we
have done with every other resource on the planet, won't we find ourselves
in a heap of trouble?
Curtis

But the thing is - no-one is proposing we treat it as infinite - just that
we treat it the way it was designed to be used.

The IETF community "did the math" and decided a /48 per customer was both
scalable and sufficient.

The community, by and in large, decided that /56s were more appropriate for
"small customers" and that is fine, even if some still view it as
additional, unneeded complexity.

My opinion, based on having done the math as well and operational experience
to date, seems to jive that /48s (or even moreso /56s) will work. So let's
get to it!

/TJ

Sorry to be a curmudgeon and let me play devil's advocate for a minute. I
realize that the address space is enormous; gigantic, even, but if we treat
it as cavalierly as you all are proposing, it will get used up. If its
treated like an infinite resource that will never, ever be used up as we
have done with every other resource on the planet, won't we find ourselves
in a heap of trouble?

Of course, you are right.

That's why, when some people took a close look at the numbers based on
a /48 per site, and published their findings, the RIRs made an adjustment to
address allocation policy so that it was acceptable to allocate a /56 for a
consumer customer, i.e. private residence of some sort. By doing that, they
calculated that they could mitigate the small risk that we would run very low
on IPv6 addresses around 100 years from now. Having made the change, we
are now confident that there are plenty of IPv6 addresses to last more than
a century, which basically means that you and your children and your grand
children will all be dead when IPv6 gets close to exhaustion.

Geoff Huston wrote this: <http://www.potaroo.net/ispcol/2005-07/ipv6size.html&gt;
to explain the small risk, and his proposals to adjust the HD ratio and go to
a /56 for private residential assignments was basically accepted. If only a few
of the biggest cable ISPs use the /56 model, then we are OK.

I have great confidence that our descendants will avoid the Idiocracy and
be capable of designing and deploying a replacement for IPv6 if that is ever
needed. <http://en.wikipedia.org/wiki/Idiocracy&gt; Last time I checked, my
taps were still delivering fresh clean "toilet water", not Brawndo energy drink.

--Michael Dillon

How are other providers approaching dial-up? I would presume we are in the
same boat as a lot of other folks - we have aging dial-up equipment that
does not support IPv6 (3com Total Control). Our customer base has dropped
quite a bit, and we have even kicked around the idea dropping that service
and forcing customers to purchase broadband service or go elsewhere.

I expect we won't invest any more into dial-up equipment, and when a
dial-up customer happens to ask about IPv6 (if ever), we'll strongly
encourage them to move to broadband, and as a last resort manually
configure a /64 tunnel to them.

What are other providers doing, or considering doing?

How are other providers approaching dial-up? I would presume we are in the
same boat as a lot of other folks - we have aging dial-up equipment that
does not support IPv6 (3com Total Control). Our customer base has dropped
quite a bit, and we have even kicked around the idea dropping that service
and forcing customers to purchase broadband service or go elsewhere.

Separate these technical issues from IPv6 allocation plans. If you intend to
continue running an ISP in two years from now, either make a simple plan
and allocate a /48 to every customer site, whether or not they are currently
taking an IPv6 service from you. Or, take the slightly more complex plan
and allocate a /56 per site where it is known for sure, 100% that the site
is a private residence. If it is not, or there is doubt, then allocate a /48.

I expect we won't invest any more into dial-up equipment, and when a
dial-up customer happens to ask about IPv6 (if ever), we'll strongly
encourage them to move to broadband, and as a last resort manually
configure a /64 tunnel to them.

You might use up a /64 for the two tunnel endpoints, but be sure to allocate
the customer at least a /56.

What are other providers doing, or considering doing?

In general, big providers are not going to attempt to cope with any older
equipment that does not fully support IPv6. But small providers will be
rather innovative and try things like your tunnel suggestion. After all,
if Hurricane Electric can run an IPv6 tunnel broker, why can't you?

--Michael Dillon

Dan White wrote:

How are other providers approaching dial-up? I would presume we are in the
same boat as a lot of other folks - we have aging dial-up equipment that
does not support IPv6 (3com Total Control). Our customer base has dropped
quite a bit, and we have even kicked around the idea dropping that service
and forcing customers to purchase broadband service or go elsewhere.

What are other providers doing, or considering doing?

I'd like to beat this dead horse some more if you gents don't mind. I think there's still some life left in the beast before we haul it off to the glue factory.

I'm actually taking an IPv6 class right now and the topic of customer assignments came up today (day 1). The instructor was suggesting dynamically allocating /127s to residential customers. I relayed the gist of this thread to him (/48, /56 and /64). I expect to dive deeper into this in the following days in the class.

What are providers doing for residential customers and how does it different from business customers? At what point are you assigning bigger blocks?

To go along with Dan's query from above, what are the preferred methods that other SPs are using to deploy IPv6 with non-IPv6-capable edge hardware? We too have a very limited number of dialup customers and will never sink another dollar in the product. Unfortunately I also have brand-new ADSL2+ hardware that doesn't support IPv6 and according to the vendors (Pannaway) never will. We also have CMTSs that don't support IPv6, even though they too are brand-new. Those CMTSs top out at DOCSIS 2.0 and the vendor decided not to allow IPv6 to the CPEs regardless of the underlying CM's IPv6 support or lack thereof (like Cisco allowed for example). Are providers implementing tunneling solutions? Pros/cons of the various solutions?

Thanks
  Justin

Out of curiosity who is conducting this class and what was their rationale for using /127s?

Doug

As a point of view on this, a member of staff from APNIC was doing a Masters of IT in the last 3-4 years, and had classfull A/B/C addressing taught to her in the networks unit. She found it quite a struggle to convince the lecturer that reality had moved on and they had no idea about CIDR.

I have from time to time, asked people in ACM and IEEE about how one informs the tertiary teaching community about this kind of change. The answers were not inspiring: compared to civil engineering, where compliance issues and re-training by professionals is almost regulated (sorry for the R- word) as a function of professional indemnity insurance and status, its much more common for the syllabus to be under continual review.

-George

I'm going to have to pull the "mixed-hat" on this one. If you are
comparing this to a true "academia" environment, I'd agree with you.
Too much theory, not enough reality in things. However, I've yet to see
the part about where the person is being trained from.

I happen to train people at CCIE level. I also happen to do consulting,
implementation, and design work. In my training environment, there are
all sorts of re-thinking of what/how things are being taught even within
the confines of comparison to a lab environment. But that's a personal
point of view trying to keep reality involved and be worthwhile.

I'm not trying to open any sort of debate or can of worms here, but just
because one is receiving training does not mean the instructor has no
functional knowledge of something. I'm interested in hearing the
playout on this one as well.

How many addresses do you like on point-to-point circuits?

Scott

George Michaelson wrote:

Does the CCNA exam still ask questions about RIP and classful addressing?

Just askin'

   - mark

I'm going to have to pull the "mixed-hat" on this one. If you are
comparing this to a true "academia" environment, I'd agree with you.
Too much theory, not enough reality in things. However, I've yet to see
the part about where the person is being trained from.

I happen to train people at CCIE level. I also happen to do consulting,
implementation, and design work. In my training environment, there are
all sorts of re-thinking of what/how things are being taught even within
the confines of comparison to a lab environment. But that's a personal
point of view trying to keep reality involved and be worthwhile.

I'm not trying to open any sort of debate or can of worms here, but just
because one is receiving training does not mean the instructor has no
functional knowledge of something. I'm interested in hearing the
playout on this one as well.

How many addresses do you like on point-to-point circuits?

How ever many the protocol designers thought there should be.