My view is that deploying only IPv6 in the LANs is the wrong approach in the short term, unless you're sure that all your applications are ready, or you have translation tools (that often are ugly), and you're disconnected from the rest of the IPv4 Internet. I'm deploying large (5000 sites) IPv6 networks for customers, and we also decided that at a given point, if your traffic is IPv6 dominant, it made be sensible to consider deploying IPv6-only in the access and core network. I just explained it yesterday in another mailing list: "The trick is to keep dual stack in the LANs (even if the LANs use net10 and NAT), so the "old" applications that are still only available with IPv4, keep running. In order to do that, you need an automatic tunneling protocol. For example, softwires, and in fact this is the reason we needed it. Softwires is basically L2TP, so you can guess we are talking simply about VPNs "on demand". In order to keep most of the traffic as IPv6 within the network, the access to the rest of the Internet, for example for http, is proxied by boxes (that also do caching functions, as in many networks is done to proxy IPv4-to-IPv4), but in our case to IPv4-to-IPv6. What I will never do at this stage and probably for many years, is to drop IPv4 from the LANs, unless I have a closed network and don't want to talk with other parties across Internet, and I'm sure all my applications already support IPv6. This has been presented several times in different foras such RIR meetings. And yes ... I'm already working on an ID to explain a bit more all the details." Regards, Jordi
De: Barrett Lyon <blyon@blyon.com> Responder a: <blyon@blyon.com> Fecha: Fri, 29 Jun 2007 09:23:59 -0700 Para: <jordi.palet@consulintel.es> CC: <nanog@merit.edu> Asunto: Re: ICANN registrar supporting v6 glue?
If you deploy dual-stack, it is much easier to keep doing the DNS queries using IPv4 transport, and there is not any practical advantage in doing so with IPv6 transport.
Thanks Jordi, not to sound too brash but, I'm already doing so. I am trying not to deploy a hacked v6 service which requires an incumbent legacy protocol to work.
Of course, is nice to have IPv6 support in as many DNS infrastructure pieces as possible, and a good signal to the market. Many TLDs already do, and the root servers are moving also in that direction. Hopefully then the rest of the folks involved in DNS move on.
I would like to support v6 so a native v6 only user can still communicate with my network, dns and all, apparently in practice that is not easy to do, which is somewhat ironic given all of the v6 push lately. It also seems like the roots are not even fully supporting this properly?
-Barrett
********************************************** The IPv6 Portal: http://www.ipv6tf.org Bye 6Bone. Hi, IPv6 ! http://www.ipv6day.org This electronic message contains information which may be privileged or confidential. The information is intended to be for the use of the individual(s) named above. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, including attached files, is prohibited.