On 08/14/2011 07:43 PM, Tim Wilde wrote:
On 8/14/2011 8:36 PM, Charles N Wyble wrote:
Yes, they prove that IPv6 is not a viable technology as it currently stands and we should be working on the next big thing, of course! IPv42, here I come!
:) It certainly is being debated back and forth quite a bit. With apparent 0 forward progress being made. It's important that we keep our audience in mind. Yes much v6 is being deployed (Owen and his band of merry men being the notable leaders) and various pockets of link layer availability from the big providers. It's time to just do it already. Mark it experimental. Tell people ZOMG you may have to r3numb3r. Why hasn't anyone capitalized on this opportunity yet and rolled out decent CPE with a fat margin. I mean seriously, why not? Just wrap it in some buzzwords (security, gaming, whatever). The vendors already do that at bestbuy.
On a serious note, though, really, what DOES it say about the real-world maturity / actual chances of adoption for IPv6 that Charles' statement above is, in fact, true?
Well stated. Hopefully folks will chime in with an answer.
or start a flamewar (well, okay, I am trying to start a flamewar, that's what Sunday nights are for :)), it's honestly something that puzzles me. It just doesn't feel right...
Yeah. Same here. It's why I dropped off NANOG. I got tired of the constant bickering. Everyone just needs to do what seems right for their network. What I'm curious about, is how many people actually deployed networks following their preferred method? I mean he.net is clear about what it believes is right and has stuck to it for several years now. Know how long it took me to have v6 working on my network? 10 minutes. Just pfsense and an he.net tunnel. radvd and done. Instant v6 LAN wide. v6.facebook/netflix/google all works. My linux boxes hit v6 mirrors automatically. Sourceforge download via v6. Easy. Boring. Current working theory: If you have other (sane,expected,normal) mitigation techniques in place on your network, dealing with any (perceived?) v6 security issues should be easy I think. I haven't labbed this all up yet. But I will. Soon. Q3 is all about security for me. Expect to see some posts about operationally focused security research in Q3. Because I want to prove/disprove all the things I see flying around. I've got the gear, I've got the time. It's time for the rubber to hit the road. I seem to recall a thread asking v6 status and a bunch of people responding with AS numbers and prefixes. Hopefully that list keeps growing. That's on the provider side of course. Is anyone here not deploying a v6 network, so that someone else doesn't do it for you (which again, it's my feeling that a well engineered "enterprise" LAN wouldn't be susceptible to a lot of the attacks). My memory is a bit fuzzy about all the details. I'll solicit requests for tests in a while, once my current projects are wrapped up. What about all the other folks out there? Who pushed whatever blasted prefix size, or moaned about neighbor table overflows, or about NAT vs FW or whatever other inane nonsense. I WANT MY LINK LAYER NATIVE V6! AND I WANT IT NOW!
Regards, Tim
-- Charles N Wyble charles@knownelement.com @charlesnw on twitter http://blog.knownelement.com Building alternative,global scale,secure, cost effective bit moving platform for tomorrows alternate default free zone.