This goes back a number of years. There was a product that literally was a cardboard box that contained everything one needed to get started on the Internet. Just add a modem and a computer, and you were on your way. No fuss, no "learning curve".
I'm beginning to think that someone needs to create a similar product, but for IPv6 internet. The Internet service providers would provide the same sort of kit to get people started. Just add a CSU/DSU (like a cable modem) and a computer, and you are on your way.
Also, I think we need a *real* book called "IPv6 for Dummies" (maybe even published by IDG Books) that walks through all the beginner stuff. There's beginner stuff that I've seen by using a search engine; a dead-tree book, though, may well be better for Joe Average.
This goes back a number of years. There was a product that literally was a cardboard box that contained everything one needed to get started on the Internet. Just add a modem and a computer, and you were on your way. No fuss, no "learning curve”.
MCI (way back, original MCI when I worked there) had “MCI One” that was similar with bundled voice/internet/etc, may be what you’re thinking of or not…
I'm beginning to think that someone needs to create a similar product, but for IPv6 internet. The Internet service providers would provide the same sort of kit to get people started. Just add a CSU/DSU (like a cable modem) and a computer, and you are on your way.
Also, I think we need a *real* book called "IPv6 for Dummies" (maybe even published by IDG Books) that walks through all the beginner stuff. There's beginner stuff that I've seen by using a search engine; a dead-tree book, though, may well be better for Joe Average.
While I don’t disagree on a dummy package so to speak, I spent *years* explaining IPv4 to my mother, to no avail, so I highly doubt anyone can explain IPv6 to anyone outside of this (NANOG) group with any certainty, even if you call it “IPv6 for Dummies.” The “bundle” that you are talking about would have to be *literally* plug-n-play such that the end user would have no idea that it was IPv6 vs. IPv4 vs. any-other-IPv-anything.
Just my pair-o-pennies(tm)
Just my opinion after 25+ years of doing this stuff and trying to explain what I (or we) do to family/friends/etc.
I am a small provider with a 16 bit asn, a /20 and a /22 of ipv4 and a /32 of v6, but no clue yet how to get from where I am today to where we all should be. The flame wars and vitrol and rhetoric is too much noise for me to derive anything useful from. Someone needs to stand up and lead. I will happily follow.
Whats really needed, is for you gods of ipv6, to write that 'ipv6 for ipv4 dummies', targeting service providers and telling us exactly what we need to do. No religious wars about subnet allocation sizes or dhcpv6 vs slaac or anything. Tell us how to get it onto our network, give us reasonable deployment scenarios that leverage our experience with IPv4 and tell us what we are going to tell our customers. Help us understand WHY nat is not a security model, and how to achieve the same benefits we have with nat now, in an ipv6 enabled world.
If a consumer internet connection works I wouldn't expect the typical user to have to know that IPv6 exists, let alone anything about it. If you need to manually see anything at that level then hasn't the ISP, OS vendor or app developer done something horribly wrong?
IPv6 for dummies for app developers and small ISPs, OTOH ...
I agree that something like that needs to be done. Maybe I’ll do it. In the meantime, have you got an IPv6 lab set up? I’m guessing that with your /32 allocation in hand, you likely do. Have you run through HE.net’s excellent personal IPv6 certification program? Until you gain fluency in IPv6, you won’t understand any advice anyway.
If you’re already reasonably skilled at IPv6 manipulations, then you should be able to start designing a practical IPv6 deployment scheme. The essential processes are (a) getting IPv6 into your provisioning system, so you keep track of your assignments, and (b) distributing /48 (or whatever) prefixes to customers across your core network. (b) depends entirely on your IGP (OSPF, iBGP, MPLS, etc) and the CPE at your customers.
This goes back a number of years. There was a product that literally was a cardboard box that contained everything one needed to get started on the Internet. Just add a modem and a computer, and you were on your way. No fuss, no "learning curve".
I'm beginning to think that someone needs to create a similar product, but for IPv6 internet. The Internet service providers would provide the same sort of kit to get people started. Just add a CSU/DSU (like a cable modem) and a computer, and you are on your way.
These days, wouldn't that be a pre-loaded tablet or smartphone with internal cell card - generally delivered pre-configured, in a cardboard box?
"Too much noise" has been v6's problem from the start. Every time I've looked at v6 for use in the enterprise or even at home over the last ~15 years, the answer is always "wait -- v6 isn't standardized yet", "implement now -- v6 is ready for production", "wait -- v6 is missing critical features", "implement now -- v6 is easier than v4" and "wait -- v6 is too complex, and we don't have the best practices figured out yet" -- all simultaneously, depending on who you ask, the phase of the moon, local weather patterns, etc. And, to a significant degree, that's still happening today.
That's exarcerbated by the long development cycle, multiple conflicting revisions/implementations over the years, and a severe case of feature creep. Most people started to tune out around the third time we heard "it's really here, for real this time!", and were completely underwhelmed (or overwhelmed, as the case may be) when the "really here for real" version arrived after a long hype cycle.
So basically.... IPv6 is the Duke Nukem Forever of the networking world. Took forever to get here, was completely underwhelming when it did, and wasn't compelling enough for people to pony up money for other than as a curiosity. Unfortunately v6 is an essential part of making the Internet continue to work, because in any other scenario it would have been abandoned as vaporware 10-15 years ago. If a product is in development for 20 years, the expectation is that it's perfect out of the box, reduced to the simplest possible implementation, and easily understood -- and that's not what we have.
This stuff has been consumerized. If you walk into any vzw store you can for $99 and $60 a month no contract walk out with a mifi with v6. You don't even have to ask, or configure anything, pretty much as it should be, the consumer wants internet, Facebook email, and all the upper layer services that the find valuable enough to pay a service provider and buy hardware for.
Running an ISP or IT department assumes a certain amount of familiarity with the craft, which means you should be buying the picees that meet your needs, rather than what other people think you need.
> The flame wars and vitrol and rhetoric is too much noise for me to
> derive anything useful from. Someone needs to stand up and lead. I
> will happily follow.
"Too much noise" has been v6's problem from the start. Every time I've
looked at v6 for use in the enterprise or even at home over the last ~15
years, the answer is always "wait -- v6 isn't standardized yet",
"implement now -- v6 is ready for production", "wait -- v6 is missing
critical features", "implement now -- v6 is easier than v4" and "wait --
v6 is too complex, and we don't have the best practices figured out yet"
-- all simultaneously, depending on who you ask, the phase of the moon,
local weather patterns, etc. And, to a significant degree, that's
still happening today.
That's exarcerbated by the long development cycle, multiple conflicting
revisions/implementations over the years, and a severe case of feature
creep. Most people started to tune out around the third time we heard
"it's really here, for real this time!", and were completely
underwhelmed (or overwhelmed, as the case may be) when the "really here
for real" version arrived after a long hype cycle.
So basically.... IPv6 is the Duke Nukem Forever of the networking
world. Took forever to get here, was completely underwhelming when it
did, and wasn't compelling enough for people to pony up money for other
than as a curiosity. Unfortunately v6 is an essential part of making
the Internet continue to work, because in any other scenario it would
have been abandoned as vaporware 10-15 years ago. If a product is in
development for 20 years, the expectation is that it's perfect out of
the box, reduced to the simplest possible implementation, and easily
understood -- and that's not what we have.
Yet I can take a Windows XP box. Tell it to enable IPv6 and it
just works. Everything that a node needed existed when Windows XP
was released. The last 15 years has been waiting for ISP's and CPE
vendors to deliver IPv6 as a product. This is not to say that every
vendor deployed all the parts of the protocol properly but they
existed.
Most of the noise was people saying "We don't need IPv6" and second
guessing the design decisions because they still had IPv4 think.
If you look at the protocol it basically hasn't changed in the last
15 years. There has been minor tweak but what was there was complete
enough to deploy.
There is a million ways to implement a service provider network and that
goes for both IPv4 and IPv6. Writing a simple text that covers all
possibilities is impossible. What is your setup like?
Implementing IPv6 can be very simple, almost just run the "on" command. Or
it can be very hard. It depends on what equipment you got and what features
you need. And your luck.
In my case it turned out to be hard. I thought it would be easy. I bought
equipment that had IPv6 written all over it and it was a greenfield
network. The plan was to have IPv6 from birth. That was not to be.
A year later knew far too much about:
DHCPv6 relay chaining - not supported. Relay chaining is when you have the
access switch tag the DHCPv6 request with a customer identifier and then
your access router has to do DHCPv6 relay on that.
DHCPv6 relay in supervlan - not supported.
IPv6 must not be enabled at the same time as MPLS layer 2 VPN (VPLS).
DHCPv6-PD: When we said we had DHCPv6 support we meant IA_NA not IA_PD.
DHCPv6 snooping not supported with prefix delegation.
MPLS VPNv6 not supported.
IPv6 prefixes more specific than /64 gets routed in CPU without any
warnings.
No support for route injection by DHCPv6-PD snooping.
Oh and they just said they fixed most of the above issue in a new firmware
that is not compatible with the hardware I got.
I am afraid that even in 2015 many IPv6 implementations are still half
baked. I was left feeling like I was the first guy to actually test this
stuff.
I managed to duct tape it all together despite the above limitations. But
forget about easy.
On 7/14/15, 8:02 PM, "NANOG on behalf of Mike" <nanog-bounces@nanog.org on
This goes back a number of years. There was a product that literally
was a cardboard box that contained everything one needed to get
started on the Internet. Just add a modem and a computer, and you
were on your way. No fuss, no "learning curve".
I'm beginning to think that someone needs to create a similar product,
but for IPv6 internet. The Internet service providers would provide
the same sort of kit to get people started. Just add a CSU/DSU (like
a cable modem) and a computer, and you are on your way.
Also, I think we need a *real* book called "IPv6 for Dummies" (maybe
even published by IDG Books) that walks through all the beginner
stuff. There's beginner stuff that I've seen by using a search
engine; a dead-tree book, though, may well be better for Joe Average.
Just my pair-o-pennies(tm)
I am a small provider with a 16 bit asn, a /20 and a /22 of ipv4 and a
/32 of v6, but no clue yet how to get from where I am today to where we
all should be. The flame wars and vitrol and rhetoric is too much noise
for me to derive anything useful from. Someone needs to stand up and
lead. I will happily follow.
I also co-authored RFC6782, intended to be guidance for landline ISPs
deploying IPv6:
We really tried to make it step-by-step, and you don¹t necessarily need
to hit each step (as we explain in the document).
Whats really needed, is for you gods of ipv6, to write that 'ipv6 for
ipv4 dummies', targeting service providers and telling us exactly what
we need to do. No religious wars about subnet allocation sizes or dhcpv6
vs slaac or anything. Tell us how to get it onto our network, give us
reasonable deployment scenarios that leverage our experience with IPv4
and tell us what we are going to tell our customers. Help us understand
WHY nat is not a security model, and how to achieve the same benefits we
have with nat now, in an ipv6 enabled world.
Send me private email and we can set up time to talk. I won¹t know the
IPv6 capabilities of every piece of equipment you have, but I might be
able to help you plan.
This is only true for dual-stacked networks. I just tried to set up an IPv6-only WiFi network at my house recently, and it was a total fail due to non-implementation of relatively new standards... starting with the fact that my Juniper SRX doesn't run a load new enough to include RDNSS information in RAs, and some of the devices I wanted to test with (Android tablets) won't do DHCPv6.
The XP box is in an even worse situation if you try to run it on a v6-only network.
And yet we've known for years now that dual-stack wasn't going to be an acceptable solution, because nobody was on track to get to 100% IPv6 before IPv4 runout happened.
Go to any business with hardware that is 3-5 years old in its IT infrastructure and devices ranging from PCs running XP to the random consumer gear people bring in (cameras, printers, tablets, etc.) and see how easy it is to get everything talking on an IPv6-only (no IPv4 at all) network... including using IPv6 to do automatic updates and all the other pieces that need to work. We're nowhere near ready for that.
Yet I can take a Windows XP box. Tell it to enable IPv6 and it
just works. Everything that a node needed existed when Windows XP
was released. The last 15 years has been waiting for ISP's and CPE
vendors to deliver IPv6 as a product. This is not to say that every
vendor deployed all the parts of the protocol properly but they
existed.
This is only true for dual-stacked networks. I just tried to set up an IPv6-only WiFi network at my house recently, and it was a total fail due to non-implementation of relatively new standards... starting with the fact that my Juniper SRX doesn't run a load new enough to include RDNSS information in RAs, and some of the devices I wanted to test with (Android tablets) won't do DHCPv6.
That’s a pretty old load then, as I’ve had RDNSS on my SRX-100 for several years now.
The XP box is in an even worse situation if you try to run it on a v6-only network.
Only if you care about DNS.
And yet we've known for years now that dual-stack wasn't going to be an acceptable solution, because nobody was on track to get to 100% IPv6 before IPv4 runout happened.
An IPv6-only DNS server with RFC-1918 IPv4 connectivity to your XP box does solve the problem in question.
Go to any business with hardware that is 3-5 years old in its IT infrastructure and devices ranging from PCs running XP to the random consumer gear people bring in (cameras, printers, tablets, etc.) and see how easy it is to get everything talking on an IPv6-only (no IPv4 at all) network... including using IPv6 to do automatic updates and all the other pieces that need to work. We're nowhere near ready for that.
Anyone who has that already has IPv4 addresses on all that ancient gear, so they can, in fact, dual stack at least that fraction of their network.
How about helping them deploy instead of continually trying to throw red herrings in their path.
On 7/15/15, 11:57 AM, "NANOG on behalf of Matthew Kaufman"
Go to any business with hardware that is 3-5 years old in its IT
infrastructure and devices ranging from PCs running XP to the random
consumer gear people bring in (cameras, printers, tablets, etc.) and see
how easy it is to get everything talking on an IPv6-only (no IPv4 at
all) network... including using IPv6 to do automatic updates and all the
other pieces that need to work. We're nowhere near ready for that.
This is painfully true.
I don¹t have much sympathy for Windows XP, since it¹s a year past extended
End of Support, and it¹s a 15-year-old operating system, now five
generations obsolete?
But specific-purpose consumer electronics are failures: not just cameras,
but game consoles, set-top boxes, audio-video systems.
Even security critical stuff like software updates, anti-virus updates,
CRL checks, are almost completely unavailable over IPv6. Unless you run a
large enough enterprise to have your own update servers; then they can
pull updates over IPv4, and serve clients over IPv6.
However, if you dual-stack now, you¹ll be able to identify which things
are still dependent on IPv4, and either engineer differently, or
substitute equipment over time.
>
> Yet I can take a Windows XP box. Tell it to enable IPv6 and it
> just works. Everything that a node needed existed when Windows XP
> was released. The last 15 years has been waiting for ISP's and CPE
> vendors to deliver IPv6 as a product. This is not to say that every
> vendor deployed all the parts of the protocol properly but they
> existed.
This is only true for dual-stacked networks. I just tried to set up an
IPv6-only WiFi network at my house recently, and it was a total fail due
to non-implementation of relatively new standards... starting with the
fact that my Juniper SRX doesn't run a load new enough to include RDNSS
information in RAs, and some of the devices I wanted to test with
(Android tablets) won't do DHCPv6.
You can blame the religious zealots that insisted that everything
DHCP does has to also be done via RA's. This means that everyone
has to implement everything twice. Something Google should have
realised when they releases Android.
The XP box is in an even worse situation if you try to run it on a
v6-only network.
Which is fixable with a third party DHCPv6 client / manual configuration
of the nameservers.
And yet we've known for years now that dual-stack wasn't going to be an
acceptable solution, because nobody was on track to get to 100% IPv6
before IPv4 runout happened.
Go to any business with hardware that is 3-5 years old in its IT
infrastructure and devices ranging from PCs running XP to the random
consumer gear people bring in (cameras, printers, tablets, etc.) and see
how easy it is to get everything talking on an IPv6-only (no IPv4 at
all) network... including using IPv6 to do automatic updates and all the
other pieces that need to work. We're nowhere near ready for that.
None of which is the fault of the protocol. Blame the equipement vendors
for being negligent.
