On 28 Jun 2007, at 18:27, John Curran wrote:
Interoperability is achieved by having public facing servers reachable via IPv4 and IPv6.
that may be what it looks like from the view of an address allocator. but if you actually have to deliver data from servers you need a path where data from/in both protocols is supported on every link of the chain that goes all the way to every bit of back end data in your system. and if one link in that chain is missing, <sound of glib idea imploding>. Organizations need to have IPv6 on their DMZ servers. ISP's needs to provide IPv6 to these organizations, either
At 10:16 AM -0700 6/28/07, Randy Bush wrote: directly or via tunnel. It's actually rather simple.
*That* sounds simple, but that method doesn't bear any resemblance to reality. * Software that does not support v6 needs to be rewritten (I used to herd some reverse proxies owned by a Juniper company that did not support v6 addressing. I don't 100% convincingly know whether my monitoring tools do. I don't think my IP phone does.) * Operational staff need to be retrained. Hostmasters need to be retrained. Support staff need to be retrained. Your customers' technical contacts need to be retrained. Everything has to keep working whilst your staff are learning these new skills. 2009 might be a great year for consultants. ;-) * If you don't already have v6, then rolling out your v6 assignment to peers and upstreams will feel a lot like building a network from scratch all over again. A big co-ordinated effort involving a lot of third parties. * Testing budgets will need to swell seriously. If you host an online application, you need to start your testing from scratch. * Policy for v6 assignment and allocation needs to be finished and agreed upon. If you read the address policy lists you'll know that this is not going to happen for some time. (c.f. Afrinic's decision to give themselves a five-hundredth of their assignment - something they could have done for each of their ~250 or so members without impact, and the bruhaha this caused.) I daren't even mention ULA- Central policy. * Your security policy needs auditing and reworking for v6. * It needs to be rolled transparently to end users, unless you want to increase your support burden. I'm not saying that v6 should be binned in favour of turning off the internet when we run out of v4, but this is a non-exhaustive list of projects we all should be undertaking. Is everyone on the list working through their own list ? I'd wager not. Best regards, Andy Davidson