On 24-jul-2007, at 0:41, Durand, Alain wrote:
1) What is the IPv6 'service'? For example, is it reasonable to define a 'basic' level service as web+mail and an 'extended' service as everything else? Random ideas include for example offering a lower cost 'basic' service with v6 that would be 'proxied' to the rest of the v4 Internet....
I would say that IPv6 service is the ability to send packets to and receive packets from other systems also using the IPv6 service by being connected to the global IPv6 cloud. This means that if there is filtering, this must be under the control of the user. Interconnection with IPv4 is a separate problem, and I'm certainly in favor of proxying to achieve that for users who don't need to run more complex protocols over IPv4: http://www.ietf.org/internet-drafts/draft-van-beijnum-v6ops-connect- method-00.txt Hopefully, this will make it possible to start removing IPv4 from select parts of the network: http://arstechnica.com/news.ars/post/20070704-the-declaration-of-ipv6- independence.html
2) What is the connectivity model in IPv6 for the residential customer? 1 address versus prefix delegation?
Prefix of course.
what prefix size?
/48 is a nice round number, but even /64 will do the job for residential users.
is this prefix 'stable' or 'variable' over time? (ie renumbering is expected) (note: the answer to this question has huge implications)
As a residential ISP, you have to build the network, so you tell us. As long as the prefixes don't change too often and everything is done carefully, user impact is negligible.
What types of devices are connected? PCs or appliances or sensors?
Nobody knows, and why should you care?
What is the management model in the home?
Mostly: N/A.
Are there 'servers' (ie things that answers connections from the outside) in the home?
Of course.
Is there any kind of DNS delegation happening to the home?
You can't just give every address a name like with IPv4 and you don't really know what addresses customers are going to use. Solution: dynamic DNS. Problem: the authentication. Solution: set up a zone per customer that can be modified with DDNS from the addresses given out to the customer. Bonus: web interface for removing old crap.
3) What is the security model of all this?
Javascript is enabled, so: broken.
I just listened today half mistified to a presentation at IETF that was saying that the 'recommended' deployment model in the home is to put a NAT-like stateful firewall in the home gateway... This would mean that IPv6 would have to inherit all the NAT- traversal technologies from IPv4 to work... Is this really what we want?
No, but how do we avoid it? Vendors need to build good stuff and let the customer make their own decisions in the end, when security stuff gets in the way it WILL be disabled or worked around.
4) What about the 'legacy' devices that cannot upgrade to IPv6? What kind of service is expected for those? Does defining an 80% type solution as in 1) take care of them?
Start charging more for IPv4 / less for IPv6, smart users will have a garage sale and buy new stuff, conservative ones do nothing and pay you the extra couple of bucks until 2023.