Ars Technica on IPv4 exhaustion
Here's what the general public is hearing: http://arstechnica.com/information-technology/2014/06/with-the-americas-runn... And yes, I checked the dateline this time. :-) Cheers, -- jra -- Jay R. Ashworth Baylink jra@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274
On 6/17/14 4:20 PM, "Jay Ashworth" <jra@baylink.com> wrote:
Here's what the general public is hearing:
But only while they still have IPv4 addresses: ~$ dig AAAA arstechnica.com +short ~$
http://arstechnica.com/information-technology/2014/06/with-the-americas-ru nning-out-of-ipv4-its-official-the-internet-is-full/
Can't tech news sites *please* run dual stack while they're spouting end-of-IPv4 stories? Lee
On Jun 17, 2014, at 5:41 PM, Lee Howard <Lee@asgard.org> wrote:
<wishful thinking=on> I would love to see a few more properties do IPv6 by default, such as ARS, Twitter and a few others. After posting some links and being a log stalker last night the first 3 hits from non-bots were from users on IPv6 enabled networks. It does ring a bit hollow that these sites haven't gotten there when others (Google, Facebook) have already shown you can publish AAAA records with no adverse public impact. Making IPv6 available by default for users would be an excellent step. People like AT&T who control the 'attwifi' ssid could do NAT66 at their sites and provide similar service to the masses. With chains like Hilton, McDonalds, etc.. all having this available, it would push IPv6 very far almost immediately with no adverse impact compared to users IPv4 experience. - Jared
On 2014-06-17 23:48, Jared Mauch wrote:
On Jun 17, 2014, at 5:41 PM, Lee Howard <Lee@asgard.org> wrote:
[..]
http://news.slashdot.org/story/03/02/12/2036205/slashdot-over-ipv6 They still didn't get that hint... then again slashdot is way passed its prime. But even sites like Reddit don't have AAAAs. I guess now that it is 2014 and the address space is really as good as gone some sites will finally start buying IPv6 enabled equipment and start learning what the problems might be in their codebase, router equipment and most expensively: staff training. Oh well, they can't claim they where not told anything... Greets, Jeroen
IPv6 will never become the defacto standard until the vast majority of users have access to IPv6 connectivity. Everything I have at the colo is dual stacked, but I can't reach my own systems via IPv6 because my business class Verizon Fios connection is IPv4 *only*. Yes, Comcast is in the process of rolling out IPv6, but my Comcast circuit in Washington DC is IPv4 only. And I'd suspect that everyone with Time Warner, AT&T, Cox, etc are all in the same boat. Whether the reason for the lack of IPv6 deployment is laziness or an intentional omission on the part of large ISPs to protect their income from leasing IPv4 addresses doesn't matter to the vast majority of the end users; they simply can't access IPv6 via IPv4 only networks, without using some kludgy, complicated tunneling protocols. Andy -- Andrew Fried andrew.fried@gmail.com On 6/17/14, 5:48 PM, Jared Mauch wrote:
"IPv6 will never become the defacto standard until the vast majority of users have access to IPv6 connectivity." It may never become the defacto standard, period. Nearly 20 years to reach 2% penetration is a strong hint that the costs outweigh the benefits. IP's global addressing system is broken from the outset. See John Day's presentation "Surviving Networking’s Dark Ages - or How in the Hell Do You Lose a Layer!?" <http://irati.eu/wp-content/uploads/2013/01/1-LostLayer130123.pdf> (or, indeed, lots of them at once.) It's really all about scopes, not layers - the TCP/IP architecture is divided up the wrong way, and it will never be fixed. It's an escaped 1970s lab experiment that was able to extract the statistical multiplexing gain faster than rivals, but on a performance and security "buy now, pay later" basis. If you want to see a viable alternative approach, read my post "Network architecture research: TCP/IP vs RINA" <http://www.martingeddes.com/think-tank/nuclear-networking/> for an introduction. That said, I'm not expecting anyone to immediately resign their membership of the Seven Layer Adventists as a result. Yes, the Internet's intellectual foundations are rotten - but that is too much anxiety and dissonance for most people to cope with. May all your intentional semantics become operational, Martin On 17 June 2014 23:12, Andrew Fried <andrew.fried@gmail.com> wrote:
* mail@martingeddes.com (Martin Geddes) [Wed 18 Jun 2014, 18:17 CEST]:
It may never become the defacto standard, period. Nearly 20 years to reach 2% penetration is a strong hint that the costs outweigh the benefits.
Never before have we run out of IPv4 address space, so this time may well be different, now that an actual need for change is developing. [..]
their membership of the Seven Layer Adventists as a result. Yes, the
Nobody outside academia considers the OSI model a valid representation of the Internet. -- Niels.
On Jun 18, 2014, at 09:56 , Niels Bakker <niels=nanog@bakker.net> wrote:
The 2% number is also not particularly meaningful. Traffic levels as measured by Google are closer to 4%, but even that doesn't tell the whole story. The total deployment of IPv6 is probably much closer to 15-25% globally. The astonishingly lower traffic figures are a result of the following likely factors: 1. They represent the intersection of client AND servers that are IPv6 enabled. 2. They are further reduced by happy eyeballs often preferring IPv4 even when IPv6 would work. 3. End user and enterprise adoption is lagging, even where IPv6 could be fully deployed in minutes without any harm.
Never before have we run out of IPv4 address space, so this time may well be different, now that an actual need for change is developing.
Indeed. A time is coming when new content and services will be unable to be deployed on IPv4 due to lack of number resources. Once that starts to occur, IPv6 becomes the only viable alternative. The question at this point is not whether IPv6 will become the de facto standard, but how much pain we will inflict on the general public in that transition process. If we deploy IPv6 ubiquitously before we reach that point, then the pain of transition can be minimized. If we fail to do so, then the transition will be abrupt, painful, and very disruptive. Unfortunately, this is a classic recipe for the tragedy of the commons. We must all act in our mutual best interest deploying IPv6, or, we will all suffer together. Sadly, those who deploy IPv6 later will suffer the least at first and what happens in the long run remains to be seen. Owen
Op 18 jun. 2014, om 11:41 heeft Martin Geddes <mail@martingeddes.com> het volgende geschreven:
To be fair, it is only now that there is considerable leverage to actually use IPv6 outside of a academic scope. Our company is ready now, and it’s just a commercial retailer. I know we are way ahead of the curve but I didn’t find it all that hard. I see a lot of people crying foul, still, but IPv6 capable equipment is readily available now, and, it is up to you if you find it worthwhile to purchase. The worldwide IPv6 transit network is complete and most ISPs can actually deliver on IPv6 if you push them for it and don’t let them ship you off with „we can’t do it yet”. As such we’ve had IPv6 at work since 2012, and we got to talk to engineers and it wasn’t really that much of a problem. Also, the free BGP tunnel from HE.net really is a lifesaver in getting at least backup peering in place, and that worked fine for over a year.
I don’t know, 64 bits for the networks, and 64 bits for the hosts seems fine, although to be fair, a 96/32 split could have worked too, more about networks and aggregated routes, less about hosts. It’s also really good that there is a „absolute split” at 64 bits to designate the network prefix part. That makes network identifying a lot easier. I suppose that is where the shorter network prefix is coming from, it’s easier to remember.
I like that IPv6 is close enough to IPv4 that I can just run with it. That’s not a drawback. If you understand classless subnetting you can work with Ipv6.
May all your intentional semantics become operational, Martin
I didn’t find it all that hard to become operational. Not everything I have at work does IPv6, but that’s not really a requirement, is it? I don’t care enough for backwards compatability with IPv4, actually, I’m really glad it isn’t so failure states are much easier to diagnose. I can see how IPv4.2 SP2 would have subtle issues with IPv4.3 SP1, but there is a hot fix for that, but not for your model. SOL. Not very different if I must say. Cheers, Seth
A thought exercise for folks that think we need more network bits or fewer host bits or whatever... If you went from 64/64 to 96/32, what would you do with all those additional network numbers? Would you still assign /48s to end-sites or would you move that down to /80? If you'd move that to /80, then do you really expect a need for more than 281,474,976,710,656 end sites? Consider this... The world population is 7.1 billion, and expected 10.1 billion by 2100 (UN estimates). Let's figure each person needs an end site for their place of business, their two cars, their home, their vacation home, and just for good measure, let's double that to be ultra-conservative. That's 10 end-sites per person or 101 billion end sites. 281,474 billion - 101 billion = 281,373 billion remaining /48s. Of course, since we're giving ISPs /32s, let's assume that each ISP serves only 256 customers and that we therefore have a 256x inefficiency. That means we would burn up 25,856 /48 equivalents, leaving only 255,618 extra /48s lying around. Owen On Jun 18, 2014, at 10:45 , Seth Mos <seth.mos@dds.nl> wrote:
On Wed, 18 Jun 2014 14:17:29 -0400, Owen DeLong <owen@delong.com> wrote:
Can we stop with the lame "every person, and their dog!" numbering plans. The same MISTAKE has been repeated so many times in recent history you'd think people would know better. It's the exact same wrong-think that was applied to the 32bit IPv4 addressing in an era where there were a few dozen computers worldwide. (also that IPv4 was an "experiment" that was never imagined to be this big.) We're smart enough to mis-manage *any* resource. It's just a matter of "when" that it'll be back to haunt us. ("not within my lifetime" seems to be a very popular compromise.)
On Thu, 19 Jun 2014 12:21:12 -0400, Justin M. Streiner <streiner@cluebyfour.org> wrote:
How much IPv6 space would you propose an ISP provisions for each of its residential users?
A single /64 would, currently, be sufficient for 99% of households. The link can be /128, /127, /64, whatever -- between ISP and CPE doesn't matter to the customer. (maybe to their equipment) As this is being done via DHCPv6-PD, it's a simple matter to ask for more space (typically /60) in the rare cases the customer needs it. And in a decade when 16 LANs isn't enough, allow /56's. If it weren't for stupid SLAAC and it's nanolathed-in-diamond prefix===64 requirement, we could start out - day one - with more reasonable sizes. Give everyone their own entire internet (::/96) to carve up as they wish. It's not like anything even on the whiteboard today can handle a fraction of that many devices in a single LAN.
On Jun 19, 2014, at 11:27 , Ricky Beam <jfbeam@gmail.com> wrote:
I'm more going for not within the useful lifetime of the protocol. I figure we'll be lucky if IPv6 doesn't hit some non-address-size related scaling limit in less than 50 years. As such, I figure a conservative protocol lifetime of 100 years is not unreasonable. If you read the rest of my post, you would realize that I wasn't arguing to give out addresses to every person and their dog, but instead arguing that trying to shift bits to the right would be costly and pointless because there are more than enough bits on the left site already. If you can provide any sort of math to back up a claim to the contrary, then let's see it. If all you've got is we have grossly underestimated demand in the past, then I say sure, but we've so grossly overprovided for our estimate of demand in this case that it's unlikely to be an issue in any probable lifetime of the protocol. Owen
On Thu, 19 Jun 2014, Owen DeLong wrote:
Perhaps we should discuss this in a different way... Ricky, if you were to design a new protocol today such that you can give out addresses, at will without having to be conservative with the goal of minimizing human factor costs, and _guarantee_ that you will not run out of addresses in the useful life of the protocol, how big would that address space need to be? -- Brandon Ross Yahoo & AIM: BrandonNRoss +1-404-635-6667 ICQ: 2269442 Skype: brandonross Schedule a meeting: http://www.doodle.com/bross
On 6/17/14 6:12 PM, "Andrew Fried" <andrew.fried@gmail.com> wrote:
IPv6 will never become the defacto standard until the vast majority of users have access to IPv6 connectivity.
How many users have access to IPv6 connectivity? Since this is NANOG, let's talk about North America. Canada is way behind, just 0.4% deployment. The U.S. is one of the top countries, in both number of users and number of top web sites. Three of the big four U.S. ISPs have double-digit deployment. It's not the "vast majority" yet, because: 1. Older modems don't support IPv6 (older than, what, 2008?). As those churn, counts will rise. 2. Older gateways, especially consumer-owned retail devices, don't support IPv6. Churn would help, if new retail gateways supported IPv6. 3. The <10% of people with MacOS use IPv6 half the time (more or less) that it's available. I can't find statements right now, but I think those big three are all
Verizon Wireless and T-Mobile have great IPv6 deployments, too, maybe a couple more years for older handsets to age out. Still, >50% of VzW LTE devices use IPv6 now.
Well there's your problem.
I think all of those companies offer IPv6 on their business-only services (e.g., fiber, ethernet, etc.). For access methods shared with residential users (i.e., DOCSIS, DSL), it's not rolled out yet. . . RSN.
ISPs want to protect their income by continuing to turn up services. Lee
On Wed, Jun 18, 2014 at 2:25 PM, Lee Howard <Lee@asgard.org> wrote:
ISTR that every VZW LTE device is IPv6 ready/capable/connected, and that it is ~%50 of the _traffic_ that is IPv6 today.
Yeah, Verizon and VZW are not the same animal ... FiOS *needs* to get their IPv6 house in order. Anyone have any information on that front ...?
I believe Comcast has completed something like 90%+ of their IPv6 rollout, nationwide. Maybe more ... *(My residential circuit and business circuit, in different parts of Northern VA, are both native IPv6 out of the box.)* /TJ
On 6/18/2014 11:49 AM, TJ wrote:
For FiOS, the ONTs do transparent muckery at the IP level and aren't yet capable of equivalent IPv6 muckery. Verizon is also quite confident they don't actually have to do anything about it. Instead, they'll just roll out 6RD relays like Qwest/Centurylink did. You didn't REALLY need a 1480 MTU, did you? For Comcast business services, the SMC box on my demarc panel isn't IPv6 capable and neither are any of Comcast's other business CPE.
On Jun 22, 2014, at 6:41 PM, Darren Pilgrim <nanog@bitfreak.org> wrote:
Not true. The Netgear CCB tried to install here just a couple of days ago is IPv6 capable. Unfortunately, it breaks IPv4 by not being capable of bridge mode and insisting on NATing everything inside unless you subscribe to static IPv4 addresses from Comcast. OTOH, you can supply your own Motorola Surfboard DOCSIS 3 modem and it works just fine with Comcast Business. Owen
On 6/22/2014 6:56 PM, Owen DeLong wrote:
What's the model number? The Comcast techs here are quite insistent that none of the CPE capable of routed subnets are able to do IPv6.
OTOH, you can supply your own Motorola Surfboard DOCSIS 3 modem and it works just fine with Comcast Business.
Have you tried using that with a routed subnet?
On Jun 22, 2014, at 7:07 PM, Darren Pilgrim <nanog@bitfreak.org> wrote:
Not sure what you mean by “routed subnet”. I’ve got a router hooked up to it and everything on my internal network(s) is behind that router, so I’m using it with routed subnets by my definition of that term. If you have some specific way of setting up your services that’s different from that, you’d need to be specific before I could usefully comment. Owen
Did they ever explain why? Did the SMC function as a router, and act as the customer side of a stub network that allowed that /29 to hang off the router? If that was the case, and the Motorola D3 modem was L2-only, that might explain the change in capability. Frank -----Original Message----- From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Kalnozols, Andris Sent: Sunday, June 22, 2014 9:29 PM To: nanog@nanog.org Subject: Re: Ars Technica on IPv4 exhaustion <snip> My experience as a Comcast Business customer with a /29 IPv4 subnet was that swapping out the SMC modem/router for an IPV6-capable Motorola DOCSIS 3 modem meant that I could no longer have the /29. Andris
On 6/22/2014 7:41 PM, Frank Bulk wrote:
They didn't really go into detail. Your theory sounds correct; the four ports on the SMC router default to 10.1.10.0/24 but will also handle a routable /29 address from the WAN side of another router plugged into it. Since Comcast now charges $19.95 instead of $9.95/month for a /29, I inquired about the cost of an IPv6 assignment; same price as I recall being told. I then asked if that was for a /60 or /56 and he said no, eight IPv6 addresses (/125?). I politely thanked him and ended the phone call. I realize that I could have gotten a more realistic answer from another Comcast rep with more v6-fu but I didn't pursue it. Andris
On Jun 23, 2014, at 3:32 AM, "Kalnozols, Andris" <andris@hpl.hp.com> wrote:
The Comcast business SMC gateway speaks RIP to make the routed /29 work.. in theory it could be put into bridge mode and you can do the RIP yourself but they don't support that configuration (you'd need the key to configure it successfully and they didn't want to do when I asked). If you poke around in the web UI, it does support IPv6 in some form, but it doesn't seem to be active for me. If you don't have a static IP block from them and thus don't have the need to use RIP you can just use a regular DOCSIS 3 cable modem and get IPv6, but you only get one IPv4 number that way. -Laszlo
On Jun 22, 2014, at 20:41 , Laszlo Hanyecz <laszlo@heliacal.net> wrote:
In my experience, if you put a switch behind the modem (not a router), you can get as many IPv4 numbers as you have devices attached to the switch on Business Class. On residential, you're limited to one, but I have gotten multiples on business class. Owen
On Sun, Jun 22, 2014 at 10:41 PM, Laszlo Hanyecz <laszlo@heliacal.net> wrote: > The Comcast business SMC gateway speaks RIP to make the
routed /29 work.. in theory it could be put into bridge mode and you can do >the RIP yourself but they don't support that configuration (you'd need the >key to configure it successfully and they didn't want to do when I asked). If
It begins to sound like a job for a packet capture tool to grab a copy of a SMC's outgoing broadcast, and then an Ad Infinitium replay of the last 30 second broadcast. Even with md5 auth; RIPv2 protocol basically has nothing preventing message replay, so, as long as your original router is offline such that the sequence number does not increase, and if you can continuously replay your router's last RIP broadcast, you may not even need to know any keys......
you poke around in the web UI, it does support IPv6 in some form, but it
-- -JH
Yeah, Verizon and VZW are not the same animal ... FiOS *needs* to get
Our own fiber access vendor now does have IPv6 support, but I haven't been able to keep it in production because a ~7.8 Mbps traffic IPv6 ND traffic loop (side effect of another bug) knocked out voice services. Turns out that the traffic queue for IPv6 and DHCP (for the ONT's voice services) are the same, and so I essentially DDoSed my customers' voice service. Now, I'll admit that ~7.8 Mbps of Neighbor Discovery traffic is atypical, but I did learn that our access vendor does not have any rate-limiters in place for that kind of traffic. The vendor is planning to put voice in a higher priority queue to avoid the voice-loss issue. Some of you might ask why the access platform needs to be aware of ND traffic. My understanding is that for scalability and privacy reasons you don't want to flood that traffic to all access ports, but just to the ones that should respond. The platform needs to do some traffic inspection. Frank -----Original Message----- From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Darren Pilgrim Sent: Sunday, June 22, 2014 8:41 PM To: trejrco@gmail.com; Lee Howard Cc: NANOG Subject: Re: Ars Technica on IPv4 exhaustion On 6/18/2014 11:49 AM, TJ wrote: their
IPv6 house in order. Anyone have any information on that front ...?
For FiOS, the ONTs do transparent muckery at the IP level and aren't yet capable of equivalent IPv6 muckery. Verizon is also quite confident they don't actually have to do anything about it. Instead, they'll just roll out 6RD relays like Qwest/Centurylink did. You didn't REALLY need a 1480 MTU, did you? For Comcast business services, the SMC box on my demarc panel isn't IPv6 capable and neither are any of Comcast's other business CPE.
2. Older gateways, especially consumer-owned retail devices, don't support IPv6. Churn would help, if new retail gateways supported IPv6.
Several do now. What are $CABLECO, $CE_STORES, etc. doing to make sure consumers choose these or at least realize the consequences of failing to choose them? Owen
On 6/18/14 3:38 PM, "Owen DeLong" <owen@delong.com> wrote:
http://www.timewarnercable.com/en/residential-home/support/topics/internet/ buy-your-modem.html http://mydeviceinfo.comcast.net/ http://www.businesswire.com/news/home/20140107006526/en/CEA-Selects-Safe-Dr iving-IPv6-Implementation-Standards#.U6HuqS_9q_s However, I also don't think consumer education is the answer: http://www.wleecoyote.com/blog/consumeraction.htm Summary: Until it is perfectly clear why a consumer needs IPv6, and what they need to do about it, consumer education will only cause fear and frustration, which will not be helpful. This is a technology problem, not a feature problem, and consumers shouldn't have to select which Internet to be on. Lee
Short of consumer education, how do you expect to resolve the issue where $CONSUMER walks into $BIG_BOX_CE_STORE and says "I need a router, what's the cheapest one you have?" Whereupon $TEENAGER_MAKING_MINIMUM_WAGE who likely doesn't know DOCSIS 2 from DOCSIS 3, has no idea what IP actually is, and thinks that Data is an android from Star Trek says "Here, this Linksys thing is only $30." Unless/until we either get the stores to pull the IPv4-only stuff off their shelves or educate consumers, the continued deployment of additional incapable equipment will be a continuing problem. As bad as the situation is for cablemodems and residential gateways, at least there, an educated consumer can make a good choice. Now, consider DVRs, BluRay players, Receiver/Amplifiers, Televisions, etc. where there are, currently, no IPv6 capable choices available to the best of my knowledge. Owen
Not to mix this up but one of the main reasons I attended ICANN meetings over several years was an interest in the IPv4/IPv6 transition. To say interest was sparse is an under, er, over statement. There was a good session on legacy IPs, a topic more than marginally related, in Toronto in fall 2012, a few people here were there. Really, I can list them like that. I'd sit in on the "ISP" sessions, for years, but when they weren't talking about how to fill out travel reimbursement reports (Brussels) they were mostly talking about site takedowns for intellectual property violations and similar, very similar, trademark issues and domains, etc. In a nutshell the whole TLD thing and other registry/registrar and closely related business issues so dominated discussions it drowned everything else out about 99%. If I'd bring it up, shouldn't we be discussing what we can do as an organization about IPv4/IPv6?, I'd usually get a 1,000 mile stare like who let this guy in? I remember once being cut off with "oh, CGN will solve that (Sydney)." I realize RIRs are more directly involved in many ways but this should be, in my opinion, a high-priority global internet governance policy issue with RIRs implementing or enjoying the results, not driving the issue, or only as much as they can. Then again vis a vis ICANN you can say this about almost any issue not directly related to registry/registrar business matters. TL;DR: I think there's an exposure and public awareness problem, even with those who are chartered with being interested. -- -Barry Shein The World | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD | Dial-Up: US, PR, Canada Software Tool & Die | Public Access Internet | SINCE 1989 *oo*
ICANN != a good sampling of number resource issues or concerns. As you noticed, the whole mess with domain names and their IP issues is the monetary tail that wags the ICANN dog. ICANN barely pays attention to number resources and when they do, it’s primarily to do whatever has been agreed upon by the policy processes in the various RIRs. This is actually a good thing and we should seek to preserve this fact after ICANN loses its “adult supervision”. Owen On Jun 18, 2014, at 2:15 PM, Barry Shein <bzs@world.std.com> wrote:
On June 19, 2014 at 04:01 owen@delong.com (Owen DeLong) wrote:
Really. You're really completely discounting ICANN in having any leadership or participative role in the IPv4/IPv6 transition? Interesting. -- -Barry Shein The World | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD | Dial-Up: US, PR, Canada Software Tool & Die | Public Access Internet | SINCE 1989 *oo*
On Thu, 19 Jun 2014 13:51:06 -0400, Barry Shein said:
Really. You're really completely discounting ICANN in having any leadership or participative role in the IPv4/IPv6 transition?
Haven't seen any yet. Probably because you can't make money with IP addresses like you can with TLD's.... (Now where's my Nomex overalls? :)
On Thu, Jun 19, 2014 at 1:51 PM, Barry Shein <bzs@world.std.com> wrote:
Really. You're really completely discounting ICANN in having any leadership or participative role in the IPv4/IPv6 transition?
What leadership position have you seen them take ASIDE from marketing (in the last 2-3 yrs, but most of that has been ISOC not ICANN directly) in the last 5 yrs or so? -chris
But I thought ICANN was supposed to be the new and future nexus for all things internet governance? On June 19, 2014 at 13:57 morrowc.lists@gmail.com (Christopher Morrow) wrote:
-- -Barry Shein The World | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD | Dial-Up: US, PR, Canada Software Tool & Die | Public Access Internet | SINCE 1989 *oo*
On Thu, 19 Jun 2014 15:59:34 -0400, Barry Shein said:
But I thought ICANN was supposed to be the new and future nexus for all things internet governance?
Oh, come on Barry. This isn't your first rodeo, and I know you're *way* too smart to believe that press releases align with reality...
It depends on how you define Nexus. Currently the way number resource policy works is that global policy requires an identical policy be put through the policy development process in each of the 5 regional internet registries and adopted by all 5. It is then sent to the ASO AC (an elected body representing the 5 RIRs and their communities to ICANN) who validates that the 5 RIR policy processes were, in fact, followed and that identical (or nearly identical) policy was passed by each. If any differences need to be resolved, the ASO AC works with the RIRs in question to get those resolved through the policy processes. Once all 5 RIR communities have agreed on a common policy, the ASO AC ratifies it and sends it to the ICANN board for a final ratification. Once the ICANN board ratifies it, it is global policy. Generally, these policies are limited to the ones which govern how the RIRs interact with IANA to receive and/or return number resources that are managed by the RIRs. This particular mechanism has worked quite well for many years. It would be a shame to see ICANN take a more active (destructive) role in the process. Owen On Jun 19, 2014, at 12:59 , Barry Shein <bzs@world.std.com> wrote:
Well my suggestion was less in the realm of imposing changes in policy and more in the realm of providing resources (even if just as a nexus) and fora to help promote IPv6 adoption, brainstorm the problem. There is a cross-disciplinary aspect to this, it's not only a network engineering and operational issue, or only incidentally. -- -Barry Shein The World | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD | Dial-Up: US, PR, Canada Software Tool & Die | Public Access Internet | SINCE 1989 *oo*
My Apple TV appears to use IPv6, but since there's no UI for it (last I checked) I had to disable SLAAC on that subnet to keep it from trying to use my slow connection. So in my book, "some" v6 support is actually worse than "none" Matthew Kaufman (Sent from my iPhone) On Jun 18, 2014, at 1:09 PM, Owen DeLong <owen@delong.com> wrote:
----- Original Message -----
From: "Matthew Kaufman" <matthew@matthew.at>
I believe I recall suggesting that a couple days ago, and having Mark Andrews slap me around for it... Cheers, -- jra -- Jay R. Ashworth Baylink jra@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274
On 6/18/14, 1:09 PM, Owen DeLong wrote:
The $39.95 dlink on the endcap at frys and the $140 one with 802.11ac beam forming atennas and gig-e run the same v6 stack...
the software stack isn't the source of price discrimination.
this stuff ages out of the network or doesn't require ipv4 for the entirety of it's useful service life. turns out for example that smart-tv's generally aren't (smart). Your appletv does support v6 as do many of those android sticks even if they're sufficiently inexpensive enough to be disposable.
Owen
In message <E6F570A1-3911-437F-897F-81CB569377C1@delong.com>, Owen DeLong write s:
IPv6 is out there but you only seem get it in the quad radio boxes along with the corresponding price tag. We are already seeing reports of consumers complaining because they can't get a unshared IPv4 address when they move providers from DSL to Fibre and it breaks what they were doing on the DSL line. In this case it was DS-Lite providing the shared address but CGN or NAT64+DNS64 would also be a problem. The NAS box was no longer reachable because the other side was IPv4 only. I suspect this is the start of a long line of complaints because ISP's have been too slow in delivering IPv6 to *everyone* so that people are isolated from each other protocol wise. Note it is not like you have not been told for years that this day is coming. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
There are several obstacles to overcome, IMHO 1. The companies at the mid size and smaller levels have to invest in newer equipment that handles IPV6. 2. The network Admins at the above mentioned companies need to learn IPV6, most will want there company to pay the bill for this. 3. The vendors that make said equipment should lower the cost of said equipment to prompt said companies into purchasing said equipment. There is a huge difference between IPV4 and IPV6 and there will be a lot of network admins that simply do not want to learn or change there network. Thank You Edward Arthurs Manager of Network Installations Legacy Inmate Communications Legacy Contact Center Legacy Long Distance Intl. Inc 10833 Valley View Street Suite 150 Cypress, California 90630-5040 Office 1-800-577-5534 ext. 207 Direct 1-800-956-1595 Fax 1-714-827-7545 E-Mail: earthurs@legacyinmate.com E-Mail: legacyinstall@gmail.com This e-mail (including any attachments) may contain information that is private, confidential, or protected by attorney-client or other privilege. If you received this e-mail in error, please delete it from your system without copying it and notify sender by reply e-mail, so that our records can be corrected. No trees were harmed as a result of this e-mail; however, many electrons were severely inconvenienced. -----Original Message----- From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Mark Andrews Sent: Wednesday, June 18, 2014 4:02 PM To: Owen DeLong Cc: nanog@nanog.org Subject: Re: Ars Technica on IPv4 exhaustion In message <E6F570A1-3911-437F-897F-81CB569377C1@delong.com>, Owen DeLong write s:
IPv6 is out there but you only seem get it in the quad radio boxes along with the corresponding price tag. We are already seeing reports of consumers complaining because they can't get a unshared IPv4 address when they move providers from DSL to Fibre and it breaks what they were doing on the DSL line. In this case it was DS-Lite providing the shared address but CGN or NAT64+DNS64 would also be a problem. The NAS box was no longer reachable because the other side was IPv4 only. I suspect this is the start of a long line of complaints because ISP's have been too slow in delivering IPv6 to *everyone* so that people are isolated from each other protocol wise. Note it is not like you have not been told for years that this day is coming. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
On Wed, Jun 18, 2014 at 9:13 PM, Edward Arthurs <earthurs@legacyinmate.com> wrote:
if they have gear made in the last 7yrs it's likely already got the right bits for v6 support, right?
2. The network Admins at the above mentioned companies need to learn IPV6, most will want there company to pay the bill for this.
for a large majority of the use cases it's just "configure that other family on the interface" and done.
3. The vendors that make said equipment should lower the cost of said equipment to prompt said companies into purchasing said equipment.
the equipment in question does both v4 and v6 ... so why lower pricing? (also, see 'if made in the last 7 yrs, it's already done and you probably don't have to upgrade')
There is a huge difference between IPV4 and IPV6 and there will be a lot of
'huge difference' ... pls quantify this. (unless you just mean colons instead of periods and letters in the address along with numbers)
On Thu, 19 Jun 2014, Christopher Morrow wrote:
In the simplest cases, yes. Throw things that often exist in mid to large sized enterprises, like firewalls, DHCP servers, load balancers, log analyzers, etc, having to upgrade $XYZ to get IPv6 support or fix bugs, and there's a bit more to it. These are not insurmountable problems, but administrative/political/financial inertia is a real thing in many shops.
There could be problems with things like DHCPv6, depending on how the user's ISP provisions service. SLAAC 'just works' for the most part, but if the FooTronics 1000 an all-in-one router/firewall/wireless AP/printer/ belt sander/toaster from $BIGBOXSTORE doesn't come with firewall settings that let IPv6 work just out of the box, or at least have a big, shiny "Make IPv6 work" button, support calls will be generated. ISPs and FooTronics both hate support calls. Again, playing devil's advocate here. I just don't look forward to dealing with support calls from customers who bought kit from vendors who slammed in IPv6 support as quickly and cheaply as possible. jms
On Thu, Jun 19, 2014 at 11:11 AM, Justin M. Streiner <streiner@cluebyfour.org> wrote:
sure thing, except that the poster did not talk about mid/large enterprises, his point was about small ones... where v6 probably doesn't matter for things listed except firewalls.
sure.
yup. I sort of don't think the arguement about 'business connections' is even relevant though. I'd bet that the vast majority of connections to the 'net are actually consumer ones... Fixing those shoudl be the goal for the ISP side, so they can continue to grow customer bases without worrying about CGN and other associated expenses. Once you solve out the consumer problems the business link ones should 'just work'. Whether the enterprise wants to upgrade/install/side-step into v6 is not relevant.
Thank You for responding. If mid to small companies have equipment made in the last 7 years, they will not need to replace equipment. Most net admins at the mid to small companies have no idea about IPV6. Cost is a major consideration at the mid to small size companies, if they need to upgrade equipment. The difference between IPV4 and IPV6 for someone not familiar is huge, 1. There is a totally new format dotted decimal to colon. 2. The 32 bit to 128 bit is/or can be quite challenging for some net admins. Thank You -----Original Message----- From: christopher.morrow@gmail.com [mailto:christopher.morrow@gmail.com] On Behalf Of Christopher Morrow Sent: Thursday, June 19, 2014 10:14 AM To: Edward Arthurs Cc: nanog list Subject: Re: Ars Technica on IPv4 exhaustion On Wed, Jun 18, 2014 at 9:13 PM, Edward Arthurs <earthurs@legacyinmate.com> wrote:
if they have gear made in the last 7yrs it's likely already got the right bits for v6 support, right?
2. The network Admins at the above mentioned companies need to learn IPV6, most will want there company to pay the bill for this.
for a large majority of the use cases it's just "configure that other family on the interface" and done.
3. The vendors that make said equipment should lower the cost of said equipment to prompt said companies into purchasing said equipment.
the equipment in question does both v4 and v6 ... so why lower pricing? (also, see 'if made in the last 7 yrs, it's already done and you probably don't have to upgrade')
There is a huge difference between IPV4 and IPV6 and there will be a lot of
'huge difference' ... pls quantify this. (unless you just mean colons instead of periods and letters in the address along with numbers)
On Thu, 19 Jun 2014 10:53:20 -0700, "Edward Arthurs" said:
If mid to small companies have equipment made in the last 7 years, they will not need to replace equipment.
Most net admins at the mid to small companies have no idea about IPV6.
In other words, upgrading or replacing liveware is more expensive than getting the hardware upgraded....
On Thu, Jun 19, 2014 at 1:53 PM, Edward Arthurs <earthurs@legacyinmate.com> wrote:
these seem like the smallest of v6 problems, actually... and I would bet: http://getipv6.info would be helpful (eventually when small/mid-sized businesses start trying to transition)
You are correct, but this is the tip of the iceberg as other configurations will need to come into play as pointed out by several people on this thread. This learning curve is not impossible, if the net admin really applies his/her self to learning it. Thank You -----Original Message----- From: christopher.morrow@gmail.com [mailto:christopher.morrow@gmail.com] On Behalf Of Christopher Morrow Sent: Thursday, June 19, 2014 11:22 AM To: Edward Arthurs Cc: nanog list Subject: Re: Ars Technica on IPv4 exhaustion On Thu, Jun 19, 2014 at 1:53 PM, Edward Arthurs <earthurs@legacyinmate.com> wrote:
these seem like the smallest of v6 problems, actually... and I would bet: http://getipv6.info would be helpful (eventually when small/mid-sized businesses start trying to transition)
On Thu, Jun 19, 2014 at 2:32 PM, Edward Arthurs <earthurs@legacyinmate.com> wrote:
You are correct, but this is the tip of the iceberg as other configurations will need to come into play as pointed out by several people on this thread. This learning curve is not impossible, if the net admin really applies his/her self to learning it.
I'd still say that for uptake across the board the mid/small business (and even large business) isn't relevant. The numbers of these are so small as to be insignificant to the problem. Solving the problem for end-users seems like where ISP folk should spend their time, and really it's in their best interest to do that so they can keep expanding their customer base as ipv4 resources become less available in their networks and globally.
On Thu, Jun 19, 2014 at 4:27 PM, Lee Howard <Lee@asgard.org> wrote:
How does IPv6 to end users make IPv4 unnecessary for growth, if enterprises and content providers haven't deployed IPv6?
content folk are mostly getting v6 done already, right? (minus AWS/etc which are on-plan to deploy as near as I can tell) I don't think enterprise folk matter here, they'll get to v6 when they have enough problems related to v4 content reachability... and when they try the ISP network ought to be prepared to deal with them. which content providers (large-ish ones) are lagging still? -chris
On 6/19/14 4:30 PM, "Christopher Morrow" <morrowc.lists@gmail.com> wrote:
7.94% Google hits in the U.S. come from IPv6 addresses. http://www.google.com/intl/en/ipv6/statistics.html#tab=per-country-ipv6-ad option 7.29% of web sites have a working AAAA. http://www.employees.org/~dwing/aaaa-stats/
which content providers (large-ish ones) are lagging still?
https://www.vyncke.org/ipv6status/detailed.php?country=us Microsoft: live.com, Bing, MSN, microsoft.com Twitter Amazon LinkedIn WordPress eBay, PayPal Pinterest Instagram Ask.com Tumblr IMDB Craigs List Imgur Reddit CNN Disney, Go, ESPN GoDaddy HuffPo WordPress Adobe Vimeo Flickr Dropbox CNet BuzzFeed NYTimes Most porn sites (one has a dead AAAA). The web site of any TV channel, or any bank. Not to mention the million web pages at hosting providers. Lee
On Thu, Jun 19, 2014 at 5:24 PM, Lee Howard <Lee@asgard.org> wrote:
that's a bummer I had thought they were doing v6 :( (same for twitter actually) <longer list elided> So, I was focusing on the end-user (Consumer) set because given enough migration there that should push more application folk in the right direction. I think ipv6 still suffers from the chicken/egg problem: 1) users aren't asking so isps aren't selling/doing 1b) ISPs still ahve v4 or a solution (they think) to no-more-v4 and can keep rolling new customers out 2) content places have no one they can't reach today because there's v4 to everyone that they care about 3) both sides still playing chicken. oh well, see you on this same conversation in another 18 months time?
On 6/19/14 11:13 PM, "Christopher Morrow" <morrowc.lists@gmail.com> wrote:
Why? Some content providers have said that they think IPv4 runout is an ISP problem. As long as users have IPv4, there's no reason for them to move. What percentage of eyeballs would need to be dual-stack for app folk to decide to support IPv6?
I simply don't think this is the case anymore, at least in the U.S. IPv6 deployment to users is huge, and will automatically snowball as old CPE cycles out. Mid-sized operators will be coming up this year. Half of mobile is done. I don't know of any U.S. ISP or wireless carrier that is planning to use the address market or CGN as their exhaustion strategy.
I've said this several times, so for the record, here's my prediction: After ARIN runs out, and it may be 1-3 years after ARIN runs out, ISPs will incur the rising costs of IPv4 (through CGN or the address market). Eventually, costs will be so high that they offer IPv6 at a lower price, either for paid peering or to consumers. At that point, content providers will have a financial reason to migrate, and will painfully find that by the time they can do so, they will have already lost the users. To be clear, some content providers support IPv6, and some ISPs support IPv6. It's everybody else we need to move. And until they do, the Internet will be more expensive, or fragmented, or both. Also for the record: My prediction does not reflect any knowledge of any specific company's plan. Lee
On Jun 19, 2014, at 10:53 , Edward Arthurs <earthurs@legacyinmate.com> wrote:
I can get most network admins over both of those hurdles (and the other more meaningful ones) in a 45 minute training session. Yes, I've done so many times, so I know it works. For those with more complex needs, a two-day training course can take someone from marginally proficient in IPv4 to reasonably proficient in IPv6 for both Network and Systems administration. With a small amount of conceptual knowledge, the differences between IPv4 and IPv6 become very very small. Owen
On Thu, 2014-06-19 at 15:55 -0700, Owen DeLong wrote:
With a small amount of conceptual knowledge, the differences between IPv4 and IPv6 become very very small.
True story: At a previous employer, a local admin had pushed his network over 250-odd PCs and wanted more addresses. So we extended his /24 to a /23. All coordinated - it was after work on a Friday, he was going to renumber everything. This was before DHCP had been fully deployed, and he had a lot of statically configured machines. He rang the next day in a bit of a flap, because "the new addresses don't work!" We pressed for more info. "They all work fine up to 254", he said, "but from 255 up they aren't even accepted by the configuration untility! I've tried all the way up to 300!" He wasn't dumb - far from it - he'd just never been outside a /24 before, so had never needed to understand what the numbers *meant*. Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (kauer@biplane.com.au) http://www.biplane.com.au/kauer http://twitter.com/kauer389 GPG fingerprint: EC67 61E2 C2F6 EB55 884B E129 072B 0AF0 72AA 9882 Old fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A
I think it depends on the environment. Many small to midsized colleges use some type of NAC for their dorms. Some of the most popular ones don't have support for IPv6. I know there are more, but here are a few: NetReg (and it's commercial variants such as Infoblox Authenticated DHCP) ImpulsePoint Safeconnect Nomadix Gateway (used in many hotel guest networks) Cisco Clean Access when Inline mode (product is EOL but could explain why many schools couldn't do IPv6 in the dorms over the years) In my specific case, we couldn't use 802.1x for wired ports until recently so we've always had to depend an IP based solution for NAC. In a dorm setting, where a lot of the wired hosts don't support 802.1x(Roku,printers,Bluray players) , options are limited . With newer switches supporting mac-address based authentication (MAB in Cisco world, Mac-Radius in Juniper), we can start planning for IPv6 in our dorms in at least a limited deployment. On 6/19/2014 1:53 PM, Edward Arthurs wrote:
On 6/18/14, 4:09 PM, "Owen DeLong" <owen@delong.com> wrote:
I think this thread exemplifies a problem among the IPv6 early adopters who like to whine about the rate of adoption: the best of (y)our knowledge is likely stale, because things are changing constantly. People are fond of trotting out the same arguments they’ve been making for years about who is at fault for IPv6’s weak adoption without actually verifying that the issue still exists or is as bad as last time they looked i.e. ISP deployment levels, level of support in equipment, etc. Not saying that all the problems are solved, or that they didn’t contribute to the issue in the past, but the “guy walks into a big box store” tale of woe might be a bit exaggerated now. The problem now is that because IPv6 isn’t a feature most customers ask for, a product’s support for it (or lack thereof) is not consistently published in the vendor specs. For example: in ~September 2013 I was pleasantly surprised to find (via some colleagues observing it in the UI) that a number of current Sony TVs and BluRay players do in fact support IPv6, but at the time, it wasn’t listed as a feature on their model info on the site. Haven’t checked to see if it’s there now. @sonysupportusa on twitter has been helpful when asked questions about specific models’ IPv6 support, but as I told them, there’s really no substitute for having the info on the site. It’s not complete *cough* PS4 *cough* but they’re getting there. Similarly, Belkin’s home routers appear to support IPv6, but that doesn’t appear in the specs or features list on their site when I just checked it. I support a recommendation to consumer retailers to start requiring IPv6 support in the stuff that they sell, but unfortunately I don’t have very good data on how large of a request that actually is. Wes George Anything below this line has been added by my company’s mail server, I have no control over it. ----------- This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout.
On Wed, 2014-06-18 at 19:02 -0400, George, Wes wrote:
Similarly, Belkin’s home routers appear to support IPv6, but that doesn’t appear in the specs or features list on their site when I just checked it.
There's also an issue of what "IPv6 support" actually means. A few years ago it meant "has IPv6 printed on the box" :-) Now it means - what? For wireless or IPv4 support in such devices, the whole side of the box is covered with RFC numbers and protocol names (or the marketing names thereof). Even RIP gets a mention! But on the matter of what exactly the IPv6 support is, the box is often silent or very terse. Which makes buying a home device for use in an IPv6 environment very tricky - essentially you have to either spend hours researching, or you have to make sure the store will accept the product back if it doesn't work as you need it to. Someone who knows exactly what they are talking about can ask e.g., "does it support DHCPv6-PD?", but that's effectively impossible for most people - they can't articulate the actual features needed, they just want it to "just work". Sigh, one of many barriers still to fall... Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (kauer@biplane.com.au) http://www.biplane.com.au/kauer http://twitter.com/kauer389 GPG fingerprint: EC67 61E2 C2F6 EB55 884B E129 072B 0AF0 72AA 9882 Old fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A
On Jun 18, 2014, at 4:02 PM, George, Wes <wesley.george@twcable.com> wrote:
I actually tend to pay pretty close attention to the current state of these things. Do you know of any of the above devices that are IPv6 capable? Nobody anywhere earlier in the thread has offered one. Note I left gaming consoles out of the picture because there is now one on the market which does support IPv6 and another which I believe is likely to support it reasonably soon. So while your argument has some legitimacy and I’ve seen many people do it, I don’t think it quite applies to my statement.
Sure, but that argument seems to support my idea that consumer education is now necessary.
Interesting… I will look into that. FWIW, my conversations with Sony presages support over their 800 number in December had them telling me that there were no Sony products that supported IPv6 at this time, but that they were considering putting it on their road map. I will admit that I am lazy enough that once a vendor tells me they don’t support something, I don’t dig too much deeper to try and prove them wrong.
Yes, many of the home gateways are starting to have undocumented IPv6 support and that situation is rapidly improving. Notice I also did not mention home gateways as a “no vendor support” issue.
In my experience, retailers will sell whatever flies off the shelves without regard to whether it’s good for the consumer or not. As such, I believe it’s more of a consumer education issue if we want to effect real change in behavior at this point. Owen
For consumers I think I would phrase it more as the "next generation internet" and you need IPv6 in order to be able to connect to it and that eventually some sites you want to connect to may not be accessible over the current internet. Something like that. I am going to be real interested to see how the media handles the situation when ARIN runs out of IPv4 addresses. I could really see some big doom and gloom stories hit some of the mainstream media when that occurs. While it isn't the end of the world when ARIN runs out, it is still significant and I personally think that moment is going to be what starts to spur more CIOs to start asking questions about IPv6 and if their organization is ready (and the answer likely being no) -- Brian Hartsfield CCNA, CCDA AIM: kd4aej Twitter: Krandor1 Facebook: http://www.facebook.com/brian.hartsfield Linkedin: http://www.linkedin.com/in/brianhartsfield On Thu, Jun 19, 2014 at 10:02 AM, Lee Howard <Lee@asgard.org> wrote:
On Thu, 19 Jun 2014, Brian Hartsfield wrote:
IPv4 doom and gloom is just more irresponsible/un-informed journalism. ARIN getting close to running out of IPv4 addresses is not news. That this would eventually happen has been known for a very long time. Entities choosing to keep their heads in the sand and ignore that fact is another matter altogether. Were there (m)any "OMG WE'RE OUT OF IP ADDRESSES!!!1!111" articles when APNIC throttled final assignments down to one /22 per organization after they dipped into their last /8? Were there (m)any when RIPE got down to their last /8 jms
From: Brian Hartsfield <bh@tronstar.com> Date: Thursday, June 19, 2014 11:27 AM To: Lee Howard <Lee@asgard.org> Cc: Owen DeLong <owen@delong.com>, Wesley George <Wesley.George@twcable.com>, "nanog@nanog.org" <nanog@nanog.org> Subject: Re: Ars Technica on IPv4 exhaustion
Ah, it's running Internet-As-A-Service in the Cloud using a Client-Server architecture with time sharing. There's nothing there but buzzwords. First figure out what consumers actually get for it. Only after you know why they want it can you then figure out how to market it. Generally what you're looking for is "good, fast, cheap," only more so than IPv4. Lee
On Jun 19, 2014, at 11:27 AM, Brian Hartsfield <bh@tronstar.com> wrote:
Brian - Any suggestions on how ARIN should reach those CIO's in the meantime? (so as to reduce the number who experience such surprise) We've done some attempts at outreach to that community, and have advice from PR firms, etc., but I'm interested in a more "real world" perspective on getting their attention before we hit the wall... Thanks! /John John Curran President and CEO ARIN
That is a good question and I wish I had a good answer. I'm trying to beat the drums where I work for IPv6 and it is tough because nobody has thought about it and in our situation I actuallly have a good case. We develop mobile apps and with the amount of IPv6 VZW and T-mobile are doing having at least IPv6 to the load balancer at least needs to be thought about. It is just tough because most organizations have just not been thinking about IPv6 at all and it is going to take "something" to get it on their radar. -- Brian Hartsfield CCNA, CCDA AIM: kd4aej Twitter: Krandor1 Facebook: http://www.facebook.com/brian.hartsfield Linkedin: http://www.linkedin.com/in/brianhartsfield On Thu, Jun 19, 2014 at 2:35 PM, John Curran <jcurran@arin.net> wrote:
On Thu, 19 Jun 2014 14:35:55 -0400, John Curran <jcurran@arin.net> wrote:
Any suggestions on how ARIN should reach those CIO's in the meantime?
Refuse additional IPv4 assignments to those who have not deployed IPv6. And not just been assigned a v6 block, but actually running IPv6 to every customer who asks. (hard to police, sure.) NONE of my ISPs have been able to provide IPv6 over the last decade. That includes Verizon (aka UUNet), and AT&T (the not-Uverse-AT&T) who didn't get past the sales call when they made it clear we "aren't big enough to be connected to that gear." TWTC: No. Earthlink (ITC^D): No. TWC: No. (but my home connection is seeing RAs, but DHCPv6 instantly answers "no prefixes") AT&T Uverse (business): 6rd, not static, not available everywhere, and doesn't work every day. (also, those fools are eating protocol 41 at the border, so tunnels don't work.) And those are just the ISPs I directly deal with. That list gets longer if I include my employer's various ISPs around the globe. Heck, even the checkpoint in Hong Kong doesn't have IPv6.
On Jun 19, 2014, at 4:27 PM, Ricky Beam <jfbeam@gmail.com> wrote:
Ricky - You should consider submitting this as policy proposal <https://www.arin.net/policy/pdp_appendix_b.html> Thanks! /John John Curran President and CEO ARIN
On 6/19/14 5:02 PM, "John Curran" <jcurran@arin.net> wrote:
I support the idea of new policy proposals, but by the time this made it through a policy cycle, ARIN would have run out of unallocated IPv4 addresses. A similar constraint could be applied to recipients of IPv4 transfers; the community would want to consider that very carefully. Would there be a similar constraint for CDNs, hosting companies, and cloud providers? btw, Ricky, if you want support in getting your proposal submitted, John will team you up with somebody on the superlative Advisory Council https://www.arin.net/about_us/ac.html, many of whom are watching this list. Lee
for one, stop the scare tactics, "hitting the wall," etc. and cut the tea party fanaticism. how you acquire ipv4 space is likely to change and how much it costs you is very likely to change, and not for the better. they hear "the world is coming to an end" so often that they ignore it. they are very sensitive to "costs will go up." get geoff to do a one pager and see it is circulated randy
On Jun 19, 2014, at 07:02 , Lee Howard <lee@asgard.org> wrote:
I'm not entirely sure. I'm the first to admit that direct to consumer communications are not my specialty and that guidance/input from others that are more expert is welcome. Often the first step is identifying the problem and coming to consensus that consumer education is a vital part of the solution. Things I'd like to see get communicated to consumers: 1. The current addressing scheme for the internet is out of numbers and change is necessary. 2. Change has been in the works for several years, but has now reached the point where you (consumers) can benefit by paying attention and making intelligent and informed purchasing decisions. 3. There's plenty of vested interest out there that will happily take your money and leave you only on the old internet. Therefore, it is important to pay attention when choosing network equipment and other network-attached electronics. 4. New general purpose computers (desktop/laptop/tablet) are generally all compatible with the new protocol. 5. Only some routers/gateways/modems currently have IPv6 support. Ideally, it would be nice if the UNH/IOL and/or CEA could come up with a meaningful definition of IPv6 support and a logo to go with it that we could tell consumers to look for on the box. Ideally, this would be a set of standards that users of the logo agree to abide by rather than a fee-based testing regime that excludes smaller players. Obviously this is in a very rough form, but Lee's question is a legitimate one and deserves an answer. Hopefully in our collective talent pool, we can find ways to improve upon what I will say is a beginning straw man at best. Owen
On Thu, Jun 19, 2014 at 10:47 PM, Owen DeLong <owen@delong.com> wrote: .....
Ideally, it would be nice if the UNH/IOL and/or CEA could come up with a meaningful definition of IPv6 support and a logo to go with it that we could tell consumers to look for on the box. Ideally, this would be a set of standards that users of the logo agree to abide by rather than a fee-based testing regime that excludes smaller players.
You mean something like the IPv6 Ready logo at http://www.ipv6ready.org ?
I'm looking for a new consumer router to offer our customers that has GigE ports and supports IEEE 802.11ac, and all the products that our reseller and their partners have suggested don't have IPv6 Ready certification or the vendor can't confirm they meet RIPE's 554 document. D-Link has a long list of approved products, but I chose to stop using their products for other reasons. If any can recommend a mid-range consumer router that you think would meet our needs, please drop me a note off-list. Frank -----Original Message----- From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Gary Buhrmaster Sent: Thursday, June 19, 2014 9:41 PM To: Owen DeLong Cc: nanog@nanog.org Subject: Re: Ars Technica on IPv4 exhaustion On Thu, Jun 19, 2014 at 10:47 PM, Owen DeLong <owen@delong.com> wrote: .....
Ideally, it would be nice if the UNH/IOL and/or CEA could come up with a meaningful definition of IPv6 support and a logo to go with it that we could tell consumers to look for on the box. Ideally, this would be a set of standards that users of the logo agree to abide by rather than a fee-based testing regime that excludes smaller players.
You mean something like the IPv6 Ready logo at http://www.ipv6ready.org ?
This looks somewhat promising: http://www.downloads.netgear.com/files/GDC/R7000/R7000_DS_vA_19Mar14.pdf ~$200 If you want something cheaper, this: http://www.downloads.netgear.com/files/GDC/R6300V2/R6300v2_DS_20Jun13.pdf is about $100. I haven’t tried either of these myself yet, but other Netgear home products with IPv6 support have worked reasonably well in my experience and these are newer generation and do list IPv6 support in their data sheets. There may be cheaper models. I haven’t done any sort of thorough investigation. Of course the Apple Airport Express and Airport Extreme models also have 802.11ac support and known good IPv6 implementations. Owen On Jun 21, 2014, at 2:49 PM, Frank Bulk <frnkblk@iname.com> wrote:
Short of consumer education, how do you expect to resolve the issue where $CONSUMER walks into $BIG_BOX_CE_STORE and says "I need a router, what's the cheapest one you have?"
By making the answer "the cheapest is this FooTronics, but you're better off with this MegaBar. The FooTronics doesn't do IPv6 so it can't do X." Until there is an X that consumers care about, don't hold your breath. I can tell you from experience that the only practical effect of IPv6 on my home cable service is to make things periodically slow and flaky when T-W's internal routing flakes. Wahoo. I only leave it turned on because I know people at T-W who are using the problem reports to debug it. R's, John
On 6/18/2014 14:25, Lee Howard wrote:
Canada is way behind, just 0.4% deployment.
Any Canadian ISP folk in here want to shine a light on this dearth of residential IPv6 connectivity? Is there any progress being made on this front? -- Sadiq Saif
On 14-06-18 06:16 PM, Sadiq Saif wrote:
For that matter, how about on the other side of the equation. Why is it that certain large networks operating data centres in Canada do not provide IPv6 to all of said data centres? (I'm looking at you, AS701.)
On Wed, 18 Jun 2014, Sadiq Saif wrote:
Teksavvy does it (tunnel I believe) if you ask. Otherwise it's the usual: - 'why do we need this?'; - 'It costs money to upgrade for something low-demand'; - 'What's the market?'; - 'I don't have time'; - 'Aw gee do I have to??' wfms
On Thu, 19 Jun 2014, jim deleskie wrote:
Those all sounds like legit business questions.
Yup. On the otherhand at the other end of the customer spectrum: http://www.tbs-sct.gc.ca/it-ti/ipv6/ipv6tb-eng.asp
wfms
On 14-06-19 01:45 PM, William F. Maton Sotomayor wrote:
We offer IPv6 over DSL and it's native, but it's opt-in at the moment. I have the ability to enable it for all our DSL users but we're holding off due to training issues more than anything. -Gabe
Not residential IPv6 connectivity but today I got this news: http://www.ourmidland.com/prweb/cirrushosting-to-support-ipv-on-canadian-vps... El 6/18/2014 7:46 PM, Sadiq Saif escribió:
Well, I was just looking at my Bell Canada "Fibe" (IPTV/Internet) setup last nite and the gear Bell provides doesn't do IPv6 at all (not even an option). This gear is about 3 years old, so my hopes for them aren't very good... Thanks, Erik -----Original Message----- From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Sadiq Saif Sent: Wednesday, June 18, 2014 8:16 PM To: nanog@nanog.org Subject: Canada and IPv6 (was: Ars Technica on IPv4 exhaustion) On 6/18/2014 14:25, Lee Howard wrote:
Canada is way behind, just 0.4% deployment.
Any Canadian ISP folk in here want to shine a light on this dearth of residential IPv6 connectivity? Is there any progress being made on this front? -- Sadiq Saif
Videotron (AS5769) is offering 6RD (RFC5969) to all residential customers, if their gear supports it. (DHCP option 212) (But our MGMT still calls it beta for now.) JF Jean-François Dubé Technicien, Opérations Réseau IP Ingénierie Exploitation des Réseaux Vidéotron "NANOG" <nanog-bounces@nanog.org> a écrit sur 2014-06-18 20:16:01 :
6rd is in my opinion a band-aid solution, I don't see the point of offering IPv6 if it requires IPv4. native IPv6 should be offered where possible. We offer native IPv6 to all our DSL customers but only on an opt-in basis, we're although unfortunately unable to offer IPv6 over Cable since we still depend on a certain incumbent... -----Original Message----- From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Jean-Francois.Dube@videotron.com Sent: Friday, June 20, 2014 10:13 AM To: lists@sadiqs.com Cc: nanog@nanog.org; NANOG Subject: RE: Canada and IPv6 (was: Ars Technica on IPv4 exhaustion) Videotron (AS5769) is offering 6RD (RFC5969) to all residential customers, if their gear supports it. (DHCP option 212) (But our MGMT still calls it beta for now.) JF Jean-François Dubé Technicien, Opérations Réseau IP Ingénierie Exploitation des Réseaux Vidéotron "NANOG" <nanog-bounces@nanog.org> a écrit sur 2014-06-18 20:16:01 :
There are obviously layer 8-9-10 issues to deal with as well before native IPv6 can be deployed. Being a IP NOC grunt, I keep my focus on layer 1-7. JF Jean-François Dubé Technicien, Opérations Réseau IP Ingénierie Exploitation des Réseaux Vidéotron "NANOG" <nanog-bounces@nanog.org> a écrit sur 2014-06-20 10:22:17 :
The point is that you can offer IPv6 to a lot of people using various instatntiations of 100.64.0.0/10 but using globally unique IPv6 addresses providing them full true internet access without NAT. Yes, 6rd is a stopgap, but 6rd stopgap is better than multi-natted IPv4 only. Owen On Jun 20, 2014, at 07:22 , Gabriel Blanchard <gabe@teksavvy.com> wrote:
I concur with Owen here. 6RD is a band-aid, but a pretty effective one to introduce IPv6 to the staff and management in your organization. When you get to native deployment, your engineering and ops staff no longer freak out when they see some IPv6 config. They can even debug ISIS and the IPv6 RR without calling you in the middle of the night! On the management side, they actually see IPv6 traffic in the nice monthly graphs, so they’ll remember to put it in the next RFP and even not to cut it from the next budget, if you’re lucky. And 6RD performance is quite good when implemented properly (2-3% hit on bandwidth, 1 ms in latency). What hurts are CPEs with bad implementations (bad option 212 implementation or no MTU reduction). /JF On Jun 20, 2014, at 4:17 PM, Owen DeLong <owen@delong.com> wrote:
I notice an IETF meeting in Toronto one month hence. If Canadian operators (and content providers) were interested in talking about their common problems, it might be convenient to schedule some time adjacent to that meeting. Lee On 6/20/14 10:12 AM, "Jean-Francois.Dube@videotron.com" <Jean-Francois.Dube@videotron.com> wrote:
----- Original Message -----
From: "Jared Mauch" <jared@puck.nether.net>
"no" adverse impact? Seems to me I've seen a few threads go by the last few years that suggested that there were a few pathological cases where having the 4A record was worse than not... Cheers, -- jra -- Jay R. Ashworth Baylink jra@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274
In message <32832593.4076.1403046439981.JavaMail.root@benjamin.baylink.com>, Ja y Ashworth writes:
What's this "4A" garbage?
worse than not...
See the red line. https://www.google.com/intl/en/ipv6/statistics.html Additionally Google and FaceBook have basically forced the client side to fix their broken network configurations by publishing AAAA records to everyone. It only takes one or two big sites to force this issue which they have done. You are nowhere near the bleeding edge by publishing AAAA records today. Mark
On Jun 17, 2014, at 7:24 PM, Mark Andrews <marka@isc.org> wrote:
What I do find interesting (and without any data) is why some folks have removed IPv6, eg: http://xkcd.com/865/ But there is no AAAA for it anymore. My simple rant is: it's 2014, if you don't at least have IPv6 on for your edge facing your ISP and your allocation, you're doing it wrong. - Jared
These sites used to be dual-stacked: www.cablelabs.com (over 180 days ago via ipv6.cablelabs.com) www.att.net (over 44 days ago) www.charter.com (over 151 days) www.globalcrossing.com (over 802 days) www.timewarnercable.com (over 593 days) and www.t-online.de has been broken for over 33 days. Frank -----Original Message----- From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Jared Mauch Sent: Tuesday, June 17, 2014 7:42 PM To: Mark Andrews Cc: NANOG Subject: Re: Ars Technica on IPv4 exhaustion On Jun 17, 2014, at 7:24 PM, Mark Andrews <marka@isc.org> wrote:
In message
<32832593.4076.1403046439981.JavaMail.root@benjamin.baylink.com>, Ja
What I do find interesting (and without any data) is why some folks have removed IPv6, eg: http://xkcd.com/865/ But there is no AAAA for it anymore. My simple rant is: it's 2014, if you don't at least have IPv6 on for your edge facing your ISP and your allocation, you're doing it wrong. - Jared
Doesn't surprise me at all. Another thing I've seen lately is number of software (especially system management software) after being certified/tested with IPv6 no longer function when IPv6 is enabled. At least one vendor that broke IPv6 with a recent patch told me they only tested it once for IPv6 compatibility to get the marketing folks off their neck. After that, they no longer test with IPv6 since they don't have IPv6 internally. -----Original Message----- From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Lee Howard Sent: Thursday, June 19, 2014 8:54 AM To: Frank Bulk; 'Jared Mauch' Cc: NANOG Subject: Re: Ars Technica on IPv4 exhaustion On 6/17/14 11:43 PM, "Frank Bulk" <frnkblk@iname.com> wrote:
Check that one again. Surprised you didn't mention www.bing.com. Lee
Communicating off-list regarding TWC. Yes, I had forgotten about Bing. I actually never monitored that host, and no use considering there's no IPv6 on there now. Donley said that Cablelabs moved to a new hosting provider that (at that time) did not support IPv6. I'll chase Charter down again. Fessler was chasing down www.att.net, but I've not received an update on this (BCCing him this message). Frank -----Original Message----- From: Lee Howard [mailto:Lee@asgard.org] Sent: Thursday, June 19, 2014 7:54 AM To: Frank Bulk; 'Jared Mauch' Cc: NANOG Subject: Re: Ars Technica on IPv4 exhaustion On 6/17/14 11:43 PM, "Frank Bulk" <frnkblk@iname.com> wrote:
Check that one again. Surprised you didn't mention www.bing.com. Lee
On 6/21/14, 3:20 PM, "Frank Bulk" <frnkblk@iname.com> wrote:
Donley said that Cablelabs moved to a new hosting provider that (at that time) did not support IPv6.
Www.cablelabs.com does have a AAAA, it's just that cablelabs.com doesn't. Unfortunately all too common. We're also leaning on them to be more complete in their IPv6 support. Wes George This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout.
They have one on www.cablelabs.com, but it's not reachable: root@nagios:/home/fbulk# dig AAAA www.cablelabs.com +short 2620:0:2b10:101::3 root@nagios:/home/fbulk# wget -6 www.cablelabs.com --2014-06-22 21:17:31-- http://www.cablelabs.com/ Resolving www.cablelabs.com... 2620:0:2b10:101::3 Connecting to www.cablelabs.com|2620:0:2b10:101::3|:80... failed: Network is unreachable. root@nagios:/home/fbulk# It's been so long that I had forgotten that I had suggested they remove the AAAA while they don't actually have IPv6 connectivity. Perhaps they want to see how well Happy Eyeballs works. =) Frank -----Original Message----- From: George, Wes [mailto:wesley.george@twcable.com] Sent: Sunday, June 22, 2014 4:58 PM To: Frank Bulk Cc: NANOG; Donley, Chris (Cable Labs) Subject: Re: Ars Technica on IPv4 exhaustion On 6/21/14, 3:20 PM, "Frank Bulk" <frnkblk@iname.com> wrote:
Donley said that Cablelabs moved to a new hosting provider that (at that time) did not support IPv6.
Www.cablelabs.com does have a AAAA, it's just that cablelabs.com doesn't. Unfortunately all too common. We're also leaning on them to be more complete in their IPv6 support. Wes George This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout.
On Jun 17, 2014, at 16:07 , Jay Ashworth <jra@baylink.com> wrote:
Yes, currently less than 0.05% of end users and usually because they have misconfigured systems that think they have IPv6 access when they really don't. One could make a valid argument that this is no worse than systems with misconfigured IPv4 who cannot reach Google at all even if they don't publish AAAA records because their IPv4 is so badly misconfigured that it doesn't work either. I suspect it may well be approximately the same fraction of systems, though it may take longer to notice/resolve the IPv6 issues than the IPv4 ones. Owen
On Jun 17, 2014, at 8:46 PM, Owen DeLong <owen@delong.com> wrote:
One could make a valid argument that this is no worse than systems with misconfigured IPv4 who cannot reach Google at all even if they don't publish AAAA records because their IPv4 is so badly misconfigured that it doesn't work either. I suspect it may well be approximately the same fraction of systems, though it may take longer to notice/resolve the IPv6 issues than the IPv4 ones.
At the last RIPE i had some troubles with my IPv4 while my IPv6 worked fine. Folks internally grumbled about fixing IPv6 hosts because those with IPv6 are in the minority, but that is a diminishing view and honestly people who keep repeating that will slowly undercut themselves out of relevance. - jared
participants (45)
-
Alejandro Acosta
-
Andrew Fried
-
Barry Shein
-
Brandon Ross
-
Brian Hartsfield
-
Christopher Morrow
-
Darren Pilgrim
-
Edward Arthurs
-
Erik Soosalu
-
Frank Bulk
-
Gabriel Blanchard
-
Gary Buhrmaster
-
George, Wes
-
Jared Mauch
-
Jay Ashworth
-
Jean-Francois.Dube@videotron.com
-
Jeroen Massar
-
JF Tremblay
-
jim deleskie
-
Jimmy Hess
-
joel jaeggli
-
John Curran
-
John Levine
-
Justin M. Streiner
-
Kalnozols, Andris
-
Karl Auer
-
Laszlo Hanyecz
-
Lee Howard
-
Mark Andrews
-
Mark Tinka
-
Martin Geddes
-
Matthew Huff
-
Matthew Kaufman
-
Matthew Petach
-
Niels Bakker
-
Owen DeLong
-
Randy Bush
-
Ricky Beam
-
Sadiq Saif
-
Seth Mos
-
TJ
-
Valdis.Kletnieks@vt.edu
-
Vlade Ristevski
-
William Astle
-
William F. Maton Sotomayor