On Wed, 13 Jul 2005, Joseph T. Klein wrote:
For any who use IPv6, I am interested in NAT/PT, 6to4, faith and DSTM experiences. Drop me a line if your willing to share your data.
I have not touched NAT-PT, faith, or DSTM, as my personal network runs fully dual-stack, and my personal network's upstream is v4-only. (This response is on-list due to the comments I have about 6to4, below.) I have used 6to4 in the past. However, it seems that there is a lack of reachable 2002::/16 routes in the v6 backbone, as much of the world seems currently unreachable to a 6to4 client. So I now use an explicit tunnel network from Hurricane Electric's www.tunnelbroker.net. HOWEVER, I still use 6to4 -- sort of. My edge router has a 6to4 interface and 2002 address solely for the purpose of routing packets to 6to4 clients directly via 6to4 encapsulation, rather than backfeeding through tunnelbroker.net. This way, even though all my v6 addresses are "native", my outbound packet traffic to 6to4 remote hosts is typically more direct (and reliable). I've recommended this type of 6to4 setup (edge router only, just for outbound packets) to other v6 networks, and it's been implemented in a few places where I've recommended it. IMHO, though, it really should be implemented as widely as possible to help v6 gather traction. Relying on 2002::/16 backbone routes is not only [apparently] unreliable, but a huge latency and v6 backbone transit waste. (And to those who are curious, this setup still conforms to RFC3964, sections 5.1 and 5.2, with the condition that src_v6 is not in 2002::/16, but the rest of the security checks are still testable and valid. Though this scheme adds a little setup overhead to v6 networks, it should be a "one shot deal", and can go away if and when v6 becomes nearly ubiquitous.)
Yeah I know deploying IPv6 on a large scale is an annoying thought, but I think some of the resistance to IPv6 is more from "don't bother me, I'm busy" than any hard fast technological reason.
I tend to agree. At the $orkplace I've been slowly working v6 provisions into a legacy network management tool that covers the whole business operation, such that we can at some point flip the switch and handle v6 just the same as we handle v4. -- -- Todd Vierling <tv@duh.org> <tv@pobox.com> <todd@vierling.name>