There's also the possibility:
:- continued to be used as they are, just not seen on the Internet.
Unrouted address space isn't always missing matter.
(E.g., see GSMA PRD IR.40, http://www.gsmworld.com/documents/ireg/ir4040.pdf)
Randy,
Organizations need to have IPv6 on their DMZ servers.
ISP's needs to provide IPv6 to these organizations, either
directly or via tunnel.
It's actually rather simple.
/John
Chuck et. al;
You left out: The "killer-app."
Compelling content *only* available via the alternative technology.
The IPv-ONLY google/porn/web/tube/iphone/whatever that enough people
want/desire/need/are-willing-to-pay-for to move the network to IPv6.
Dancing turtles and possible future v6-only porn-repositories aside, I
was recently recently wondering about another end-user v6 enticement
that I'm sure must have been considered but which I haven't seen
proposed before.
I wonder what it would take to convince a major online retailer
(Amazon?), an auction site (eBay?) or even transaction handlers
(google checkout, paypal?) to put up v6 portals that offered
across-the-board (or even select) discounts to customers coming in
through their v6-only portal?
Perhaps I'm simply too naive, but I would imagine that even a small %
discount (from within the business' profit margin) would be incentive
enough to get customers to at least start asking how they can get
access to this cheaper IPv6 portal... (the lengths many people will go
to to save a little money, often even spending more than they save in
the process, is amazing in and of itself)
...I would think it would also cause additional publicity for the
sites from the ensuing (even if only in the tech community) news
reporting, and that there may even be future gov't incentives
(write-off the discount?) for such practices.
Just some thoughts...
~Aaron
repetition of an incomplete analysis does not make it complete.
maybe an example will help
if the data on one of those servers is derived from peoplesoft, sap,m
siebold, ... running within my infrastructure, either peoplesoft et alia
speak v6 and v4 or i need an alg or other payload translation mechanism.
think real time bank account data for another example, i.e. a slow batch
data write don't cut it.
randy
Would that be Teredo and a proprietary PNRP?
http://blogs.msdn.com/p2p/archive/2007/03/22/teredo-and-the-pnrp-global-cloud.aspx
Figuring out how maintain security without a hierarchical namespace, or a trackable address space represent sizable concerns. Would controlling teredo.ipv6.microsoft.com become essential?
-Doug
You don't believe the killer app will be "sorry, no more IP addresses?"
Nope. Not at all.
--chuck
Adrian Chadd wrote:
You don't believe the killer app will be "sorry, no more IP addresses?"
I bet it won't. There are too many people willing to patch what we have rather than toss it out and start over. As the IP addresses run ever lower, ISPs will probably patrol usage even more and reclaim IPs. Then router vendors will probably propose new routing schemes that don't require bit boundaries, so allocations can be made outside the powers of two, and ISPs will reclaim more and reallocate it. The routing tables will get bigger, but since memory is getting cheaper, we can work around that, too. IPv4 will probably become more and more of a kludge, but until somebody actually comes up with something IPv6 can do that cannot be backported to IPv4, customers are not going to give a rodent's behind about IPv6. There is a chance that some people will be roped in with "IPv6: It's Shiny and the Japanese Are Doing It," but not enough to make IPv6 a customer-driven initiative. IPv6 will most liekly be deployed and refined outside of the mass market: cell phones, personal nets, educational and research facilities, etc. Providers might slowly start building elaborate proxies to allow IPv4 clients to attach to IPv6 hosts (which will be hysterical: now with IPv6, everybody's a NAT client) as they convert their individual backbones to v4, or perhaps those proxies, like digital TV converter boxes, will live at the endpoints. But any dreams anybody may have of a flag day where IPv4 is turned off and IPv6 turned on are never going to come true unless the industry decides to do it en masse, so that all the customers who will be deeply offended have nowhere else to go.
If you want IPv6, you're seriously going to need to think of how it can happen slowly and with as much of the pain as possible put upon the network engineers, who know what they are working for, and not the end users, who don't care how it works as long as their flash games, lolcatz, and porn keep working.
I think this is one reason why the transition is hard: supporting dual stacks in clients when the demonstrated quality of the v6 network is noticably worse than the v4 network is a difficult business case to sell.
When you depends on users being able to talk to you reliably, having them use a low-quality transport when a high-quality transport is also available has a direct impact on the bottom line, without even considering the capex/opex costs of supporting IPv6. The difference in performance/reliability might be relatively small to a single user, but to a company who is trying to service millions of clients every minute (and is earning revenue from each visit) the aggregate effect is surely much more significant.
Providing access to (e.g.) web services over both IPv4 and IPv6 using (e.g.) a single URL hence reduces revenue when serving the non-zero (but small) set of dual-stack clients, and does not increase revenue from the set of IPv6-only clients in any practical sense since that set is (to all intents and purposes) empty.
Providing separate URLs for services over IPv6 requires user education, which is arguably even more expensive.
The way to avoid this scenario is presumably to improve the quality of the IPv6 network such that the risk of revenue loss from IPv6 support falls below an acceptable threshold. Which would be much easier to do if people were using it, and opening trouble tickets when things need to be fixed 
Joe
OK. Now what's in it for *Amazon*? And who's going to foot the bill?
Now, if somebody came up with a clever way for Amazon's connectivity
providers to be able to provide IPv6 bytes cheaper than IPv4 bytes....
You can, and this will work for a while. When it stops working
(which is not at all predictable) you're going to need a fairly
sizable IPv6 Internet so that you can continue to connect new
customers up, and unfortunately, that means we need to start
getting folks moving ahead of time since we don't exactly know
how long your workarounds will last.
I'd like to know when Google is going to go IPv6. Vint Cerf's answer was (essentially) "I'm pushing for it."
The problem is twofold. First, if Google isn't going to index IPv6 content, no one cares if their content isn't available that way. Second, when other people try to explain IPv6 to management they often hear "Is Google using IPv6?"
Heck, Google could offer incentives for IPv6 deployment and suddenly people would clamor for it- say side by side results. Most appropriate IPv4 on the left, most appropriate IPv6 on the right. (Even just an IPv6 icon that people could click on to learn about IPv6 would help).
-Don
>You left out: The "killer-app."
>Compelling content *only* available via the alternative technology.
>The IPv-ONLY google/porn/web/tube/iphone/whatever that enough people
>want/desire/need/are-willing-to-pay-for to move the network to IPv6.I wonder what it would take to convince a major online retailer
(Amazon?), an auction site (eBay?) or even transaction handlers
(google checkout, paypal?) to put up v6 portals that offered
across-the-board (or even select) discounts to customers coming in
through their v6-only portal?
i presume it would take you to pay for the shortfall plus the cost of their implementing this distinction
Perhaps I'm simply too naive, but I would imagine that even a small %
discount (from within the business' profit margin) would be incentive
enough to get customers to at least start asking how they can get
access to this cheaper IPv6 portal... (the lengths many people will go
to to save a little money, often even spending more than they save in
the process, is amazing in and of itself)
i cant understand why any retailer would limit its access to the marketplace for the sake of an obscure technical argument that their beardy long haired IT guy reckons is a good idea. imagine the board room discussion..
"and this will limit us to only 0.5% of our global market?"
"and we need to by $x,xxx,xxx of new hardware to make this happen?"
"and it will take xxxx man hours at a cost of $xxx,xxx?"
this is the core of my argument here about whether v6 is the obvious solution to v4 depletion - what is the cost to push this technology vs other options. it needs to be cheaper else you are working an uphill battle
...I would think it would also cause additional publicity for the
sites from the ensuing (even if only in the tech community) news
reporting, and that there may even be future gov't incentives
(write-off the discount?) for such practices.
well, that may well be worth some $$$ but only if you are the first one! and if i were amazon, i'd say okay i'll do this but i'm only going to list my networking books on this v6 system - i can entertain the technical world, not lose any revenue, incur a minimal cost, and get the marketing points
Steve
Randy is right. It's very simple from 30,000 feet; it's a lot messier
in detail if done at scale. I'll give just example, using your
suggestion of converting DMZ: how do you keep your firewall rules
consistent between v4 and v6 addresses and prefixes? This involves
vendor technology (the firewall box), communication with your ISP
(handling prefix changes), local technology (you do have a change
control process for firewall rules, right, and perhaps a database of
machines and addresses?), and training. It may also involve upgrading
some of the servers because of the rapid changes in v6 support. (I'll
cite a personal example: I upgraded the OS on a machine of mine
recently, and found that my mailing lists weren't working. Why?
Because the version of Postfix had been changed to one with v6 support,
and I had to specify v6 loopback addresses in some mysterious place.)
That's not to say this is an excuse for delay. Converting is going to
get harder when you acquire more gear, not easier. Planning and
back-end conversions (i.e., ISP databases that hold customer IP
address ranges) should have been done years ago. It's now become
urgent; I'm glad people are finally starting to take it seriously.
(Metanote: IPv6 is far from the best possible design. Given all of
the constraints, including the political ones, it may be, as Bjarne
Stroustrup said of C++, the best design possible. Whatever -- it
exists as a reasonably stable design; starting over would cost us 15
more years that we just don't have.)
--Steve Bellovin, http://www.cs.columbia.edu/~smb
1. IPv4 address space is a scarce resource and it will soon be exhausted.
2. It hasn't run out already due to various efficiency improvements.
3. These are themselves limited.
4. IPv6, though, will provide abundant address space.
5. But there's no incentive to change until enough others do so to
make it worthwhile.6. Economists call this a collective action problem. Traditional
solutions include legislation, market leadership, and agreements among
small actors to achieve such leadership.
Let's keep in mind here, that a number of "organizations" -- the US Gov't, Japan and a few other places that get pay for things without a real market incentive are moving to support IPv6.
They will in turn put more pressure on their transit providers, vendors and IP talkers to talk to them on IPv6. This may help build #5's case up.
Cisco (via Linksys), Netgear and other consumer brand router manufacturers may start supporting IPv6 if the ISPs that are providing broadband start it, or the employers of these home customers (vis-a-vis the US Gov't) start making it easier to use their IPv6 VPN vs their IPv4 VPN.
Content providers (as response to customer pressure) may opt to make their services available on native IPv6 if the networks that are using IPv6 have crappy IPv6-IPv4 gateways. (e.g. Video distributors, etc).
Market forces are already underway here, I fail to see why so many people are so concerned. Yes, we like hierarchical allocations, they are yummy to routers. Yes, we deal with humans and some adopt much slower than others.
Maybe I'm missing something,
DJ
Are you saying we (collectively) would take yet *another* 15 years to come up with another and/or better design?
-brett
Whatever -- it exists as a reasonably stable design; starting over
would cost us 15 more years that we just don't have.)Are you saying we (collectively) would take yet *another* 15 years to
come up with another and/or better design?
i have always wanted to see third system syndrome
randy
Not so much to design it as to reach this point of maturity.
More precisely, I don't see any reason why it would take significantly
less. In fact, it can't take much less, no matter what. Figure two
years for the basic design, 3-5 years for the IETF (or whomever) to
engineer all the pieces (it's more than just the IP header, and until
we have a new design we won't even be able to start identifying the
pieces), 3 years for design/code/test (in the NANOG world, that
includes new ASICs, line cards, etc.), and 3-5 years for much existing
gear (routers, end systems, etc.) to be replaced with the IPvN stuff.
That adds up to 11-15.
I have a lot of confidence in those figures; if anything, I suspect
that I'm being too optimistic.
IPv6 isn't what I wanted it to be (and I was on the IPng directorate).
That said, it's what we have, and I think we *really* need something
with a lot more address space.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
IPv6 isn't what I wanted it to be (and I was on the IPng directorate).
That said, it's what we have, and I think we *really* need something
with a lot more address space.
At a very low, hardware centric level, IPv6 would be a lot easier to
implement if
1) The addresses were 64 bits instead of 128 bits.
2) The extension headers architecture was completely revamped to be more
hardware friendly.
I hear a lot of noise about wanting to do 40GE/100GE with L2/L3 switching,
but it is difficult to extremely difficult to implement hardware that can
accommodate all the flexibility of v6 and keep up.
IPv6 is a software architect's dream and a hardware architect's nightmare
Bora
Wow, a blast from the past. The *current* IPv6 design was selected to a
good extent because it was *easier* to do in hardware than some of the other
contenders. You think 64 versus 128 is tough - think about the ASIC fun and
games to support *variable length* addresses (not necessarily even a multiple
of 4 bytes, in some of the proposals. Could be 7, could be 11, check the
address length field for details. Yee. Hah).
The length of the address (64 vs 128) is not the hard part. Just increases
the cost and the complexity of the ASIC
The extension headers become a real problem when L4 filtering is desired.
Bora
I'm not going to revist all of the design issues; as I said, at this
point IPv6 is what is is. On that point, you're mostly right; there
were indeed a class of CLNP-derived solutions that were rejected. That
said, some of us -- including me -- wanted to use the two high-order
bits of the address to select among {64,128,192,256}-bit addresses.
Settling on 128 bits was a compromise between that group and advocates
of a 64-bit fixed-length address. History since then persuades me that
sticking with 64 bits would have been a very bad mistake.
--Steve Bellovin, http://www.cs.columbia.edu/~smb