This is more in the way of a leading question for those who are attending NANOG 40. I'll ask it the same way I did at NZNOG back in February -- what problem is it that IPv6 is actually supposed to solve? I used to know the answer to this, but I don't now. In 1997 (or even years before, reading Scott Bradner's eloquent advocacy for it back then) it would have been: address space, security, extensions, QOS. But it seems to me these have either been sidestepped, addressed somewhat, or the benefits have not overcome the costs in a clear business case sense. As I said -- my purpose in posing this is to stimulate discussion at Bellevue. It was the most interesting thing talked about at Palmerston North, at least until the cold beer arrived. fh
what problem is it that IPv6 is actually supposed to solve?
that's an easy one. in 1993-5, the press was screaming that we were about to run out of ip space. a half-assed design was released. the press stopped screaming. victory was declared, everyone went home. and, as usual, ops and engineering get to clean up the disaster. randy
On Wed, May 30, 2007 at 05:34:44PM -0700, Randy Bush wrote:
about to run out of ip space. a half-assed design was released. the press stopped screaming. victory was declared, everyone went home.
Actually, they didn't go home. Victory, "they" think, is never having to go home (but IETF Dallas is another story). I'm sorry this story is a bit long, the way I tell it, but hopefully it is entertaining (or at least easy to delete and ignore). At my first IETF, I attended a 'Scotch BoF'. It was singularly the most disturbing experience I've ever had at an IETF. Not merely because I don't drink, nor merely because of the antics of Internet professionals at a level of intoxication reminiscent of college dormatories. Every drink of scotch requires a toast, and every toast must be suffixed with "...and the Universal Deployment of IPv6." This phrase is uttered not jovially...not with celebratory thrust one usually attributes to, well, a toast...but rather with a low, monotonic, metronomic chant, in a chorus. You could hear it from outside the room, four doors down the hall. It is very much reminiscent of the "congregation answers" lines in church proceedings. Upon entry, I spent a few moments looking around for the Dark Altar these chants were directed to, as I expected to find chicken entrails, and black candles burning low. Perhaps a statue of a goat, or an incense burner, something to mark the demonic power they're hoping has the will and fortitude to see IPv6 "universally deployed" if only their chants will appease it. Actually I suppose you could say there was incense, but it was the dank, hot and humid incense of far too many people crowded in a hotel room with open flasks of single-malt. You could smell it down the hall, as near as the elevators. The point is I came to a realization: They were praying, and the altar they were praying to is an entity absent all too often in IETF proceedings in numbers sufficient to exert a presence...so it's fitting that there was no icon to represent it in their church. Operators. They're praying to the Big Operator in the Sky to deliver them to the promised land, an IPv6 network upon which their applications will multiply and flourish, and their products can be sold. Truly, I was a pilgrim in an unholy land.
and, as usual, ops and engineering get to clean up the disaster.
Except that this time, there are masses of people who now prostrate themselves before the Dark Altar of Operators, intoning mystic rituals of their own invention in hopes to appease you. Like the world's children who write to Santa Claus every year, these people have a list of toys they would like the Internet's operators to place in their stockings, and they're rapidly becoming more and more prepared to "be good children" to get them. It's progress, I think, that this places a substantially fairer share of power in the hands of those who can do something with it. For, after all, Santa Claus can always choose to give coal. But one might hope that at some point, they will give up praying for their answers, and will seek them instead. Obligatory operational content: Stock up on coal. If someone asks if you're a God, say "Yes." -- David W. Hankins "If you don't do it right the first time, Software Engineer you'll just have to do it again." Internet Systems Consortium, Inc. -- Jack T. Hankins
David W. Hankins wrote:
...
Obligatory operational content: Stock up on coal. If someone asks if you're a God, say "Yes."
You have put your finger on the problem. Someone crossed the ipv4 and ipv6 streams and the Operator was sent back to the interdimensional vastness from which it came.
THe intention was that ipng would address the issues you quote Scott as raising. What could be addressed cleanly, and was addressed, was the number of bits in the address. In part, I think this was due to unrealistic expectations. Security, as you well know, is not a network layer question, nor is it a link layer question, an application layer question, a transport layer question, or a "magic security layer wherever the right place to put it turns out to be" question. It is a question that is different at every layer, and requires some level of response at each layer. Ditto QoS: there is a question of ensuring each application the bandwidth, delay, and jitter characteristics it needs, the number of memory-to- memory copies between end station processes it needs, the number of competing windowing systems it needs (cf ssh vs TCP with large windows), and a list of other things. Part of this is the denial factor. It is popular to bash IPv6 over a number of issues, and I, co-chair of the IPv6 Operations Working Group, have points on which I comment. I note that those who run businesses that depend on large numbers or addresses being available aren't asking this question any more. They may not *like* the answer, but the answer available to them is IPv6, and there aren't any others. Increasingly, they are asking me and others what they need to do to get on with life. On May 30, 2007, at 5:27 PM, Fred Heutte wrote:
This is more in the way of a leading question for those who are attending NANOG 40.
I'll ask it the same way I did at NZNOG back in February -- what problem is it that IPv6 is actually supposed to solve? I used to know the answer to this, but I don't now. In 1997 (or even years before, reading Scott Bradner's eloquent advocacy for it back then) it would have been: address space, security, extensions, QOS. But it seems to me these have either been sidestepped, addressed somewhat, or the benefits have not overcome the costs in a clear business case sense.
As I said -- my purpose in posing this is to stimulate discussion at Bellevue. It was the most interesting thing talked about at Palmerston North, at least until the cold beer arrived.
fh
At 5:27 PM -0700 5/30/07, Fred Heutte wrote:
This is more in the way of a leading question for those who are attending NANOG 40.
I'll ask it the same way I did at NZNOG back in February -- what problem is it that IPv6 is actually supposed to solve?
I used to know the answer to this, but I don't now. In 1997 (or even years before, reading Scott Bradner's eloquent advocacy for it back then) it would have been: address space, security, extensions, QOS. But it seems to me these have either been sidestepped, addressed somewhat, or the benefits have not overcome the costs in a clear business case sense.
Most of those features were completely gone by 1995, leaving larger address space as the sole practical benefit and no actual transition plan. This wisdom of this approach is questionable at best, and I'll admit to being part of the team that went along... However, even with just bigger address space, there *is* a real problem that will be solved by IPv6, and that's avoiding the even larger chaos that results from true depletion of IPv4 space for all ISP's who need more space for their growth. I've already ranted about this here and on ARIN PPML, so see the attached link for one answer to your question. /John ref: http://lists.arin.net/pipermail/ppml/2007-May/007163.html
Most of those features were completely gone by 1995
TLAs et alia lasted until 2000+. and i think anycast is still broken, though we can at least ignore it and use v4-style anycast, which turns out to be what we need.
leaving larger address space as the sole practical benefit and no actual transition plan. This wisdom of this approach is questionable at best, and I'll admit to being part of the team that went along...
well, you get two points for copping to it. i lay on the train tracks and was squashed. i take the arin proclamation as "a problem is looming. the solution space is not as appealing as we might wish. the time to figure out the transition plan is now. don't expect arin to figure it out for you." i like 40 more bits as well as the next geek. but how the hell do we get from here to there? either we sort out how a v6-only site gets to the internet, there is still ipv4 space at every site and all that implies, or the users are screwed. randy
i think anycast is still broken, though we can at least ignore it and use v4-style anycast, which turns out to be what we need.
<recant> i am told by a good friend who lurks that this was actually fixed a year or two ago. a team of ops-oriented folk were sufficiently persistent and strident to get it fixed. randy
On Wed, 30 May 2007 18:52:12 PDT, Randy Bush said:
i think anycast is still broken, though we can at least ignore it and use v4-style anycast, which turns out to be what we need.
<recant> i am told by a good friend who lurks that this was actually fixed a year or two ago. a team of ops-oriented folk were sufficiently persistent and strident to get it fixed.
Fixed as in "new RFC released", or "New IOS shipped that DTRT", or "Most sites have actually *deployed* the new code"?
At 6:28 PM -0700 5/30/07, Randy Bush wrote:
well, you get two points for copping to it. i lay on the train tracks and was squashed.
Well, I became a contentious objector... (RFC1669). One can confirm a real sense of humor to the cosmos, because I now get to be lead advocate for the very scenario I noted back then really might not be viable... :-)
i like 40 more bits as well as the next geek. but how the hell do we get from here to there? either we sort out how a v6-only site gets to the internet, there is still ipv4 space at every site and all that implies, or the users are screwed.
We aggressively work on getting "little" Internet content sites (aka the 'servers' of new Internet endsites) reachable via IPv6, whether by native IPv6 to endsite, tunnel to endsite, or tunnel transition mechanism within the ISP. ISPs need to take the lead on this for now new sites, by actively promoting IPv6 with IPv4 connections. Doing that, plus the significant effort of IPv6 backbone work is serious work. Big content providers have to figure out how to do native IPv6 (or fake it really well) before the first IPv6-only user arrives... Their readiness has to be 100% on that day (or the day they can't themselves obtain additional IPv4 space), but it's fairly academic until that point. /John
participants (7)
-
David W. Hankins
-
Fred Baker
-
Fred Heutte
-
John Curran
-
Randy Bush
-
Roy
-
Valdis.Kletnieks@vt.edu