On Mon, Jun 1, 2015 at 6:36 PM, Matt Palmer <mpalmer@hezmatt.org> wrote:
On Mon, Jun 01, 2015 at 11:30:00AM -0400, Christopher Morrow wrote:
I don't get why 'ipv6 address on my vm' matters a whole bunch (*in a world where v4 is still available to you I mean),
It simplifies infrastructure management considerably. Having to balance between "how many subnets will I ever need?" vs "how many machines could I end up with in a subnet?" is something I never thought would become annoying, until I had the opportunity to not worry about it... then it was frustrating to have to go back to it. Not having to use a VPN/NAT/jump box to hit all my infrastructure seems like a small benefit, but it saves having to maintain a VPN/jump box (and all its attendant annoyances). Oh, yeah, never having to faff around with split-horizon DNS management... "Family Guy Tooth Fairy" on YouTube. <grin>
sure, most of that you have to worry about if you're building your own cloud thingy... but in that case, why not just do the 'right thing' as you see fit (which you seem to have done, yay!). If you're just using aws/ec2/gce/whatever... all of that is taken care of for you, so there's nothing to setup and what ip address the vm has just isn't relevant. Whether or not they use ipv6 isn't relevant really either, honestly (for the management and even interprocess comms).
In short, there's a whole pile of dodgy hacks we deploy almost without thinking about it, because "that's just how things are done", to work around limitations in IPv4 deployments. Having IPv6 everywhere *within* the infrastructure makes all of those hacks disappear, and like most things we "just do because we have to", you don't realise how much of a PITA they were until they're gone.
so... the 'dodgy hacks' only really matter if you have to keep them running (keep a nat box and a bastion and ...) if that's all done for you by the chosen provider then, none of these arguments hold. your bit about subnet sizing and numbering also glosses over a slew of 'where did machine X go?' (naming) problems. which, incidentally you avoid with: "dhcp address and name" in the v6 world. So... I don't really see any of the above arguments for v6 in a vm setup to really hold water in the short term at least. I think for sure you'll want v6 for public services 'soon' (arguably like 10 yrs ago so you'd get practice and operational experience and ...) but for the rest sure it's 'nice', and 'cute', but really not required for operations (unless you have v6 only customers) -chris
-- And Jesus said unto them, "And whom do you say that I am?" They replied, "You are the eschatological manifestation of the ground of our being, the ontological foundation of the context of our very selfhood revealed." And Jesus replied, "What?" -- Seen on the 'net