> On Nov 11, 2019, at 16:02 , Mark Andrews <[email protected]> wrote:
>
>
>
>> On 12 Nov 2019, at 10:12, Scott Leibrand <[email protected]
>> <mailto:[email protected]>> wrote:
>>
>> I think you underestimate the complexity of enterprise networking, and the
>> relative lack of skill of the folks managing most enterprise networks,
>> largely due to the fact that they can't enforce at-scale standardization as
>> consumer networks do (so they can't just hire a small number of software
>> architects to manage an entire network via automation).
>
> I know one can turn on IPv6 along side IPv4 and gradually move stuff across
> to supporting
> both IPv4 and IPv6. I know that HTTP, SMTP and DNS servers have supported
> IPv6 for over
> 2 decades. DHCP servers have supported IPv6 nearly as long. I know
> firewalls have supported
> IPv6 for over 2 decades now. I know Windows has supported IPv6 since Windows
> XP. I know Apple,
> Oracle (Sun), VMS, Linux, … have supported IPv6 as long if not longer. I
> know turning on IPv6
> doesn’t mean turning off IPv4. Most CDN’s support IPv6 these days as well
> and you don’t have
> to be running IPv6 in house to project a IPv6 presence on the net. Routers
> have supported IPv6
> for decades as well though not at the $50 mark until recently.
>
> Turning on IPv6 isn’t hard even if most it the plant isn’t using it. The
> front office can
> definitely use it just like homes use it today. Getting to the state where
> you are ready
> to go IPv6-only is hard as it requires every piece of equipment to support
> IPv6, but don’t
> confuse the two.
In fairness, turning on IPv6 at all in an enterprise environment can be hard if:
+ Your vendor supplied user management/equipment management
solutions
(laptop provisioning, forced updates, security policy agents,
etc.) don’t support it.
+ Your various logging, reporting, auditing, IDS, etc. tools are
lagging in IPv6 support.
+ You have internal databases with 32-bit integer fields for
logging IP address information
+ You have applications that can’t handle it when presented with
an IPv6 address as a
line item in a host inventory response or such.
It can also be scary if your staff is even more clueless about IPv6 than they
already are about the
IPv4 network that they keep running on bandaids and bailing wire because they
don’t really
understand it, but the vendor set it up in 2009 and it’s still somehow running.
I’m not saying this is a good thing. I’m not saying I support enterprises
continuing to accumulate
technical debt in this area to the detriment of virtually everyone else on the
internet, but I’m
saying that there are actual impediments beyond the “you can turn it on in some
places and
not turn off IPv4 and everything is just fine.”
>> When it comes down to making a decision about whether to implement IPv6, the
>> decision is usually "build vs. buy" - "build" a new network, new server
>> infrastructure, etc., vs. "buy" more IPv4 addresses. On residential
>> networks, they can "build" at a sufficient scale to be cheaper than
>> "buying". On enterprise networks, the "buy" option is usually cheaper (and
>> far less risky to the revenue-generating portions of the business).
>
> In many cases it is just enable.
In more cases, it’s not.
We should be looking for ways to improve that situation.
Owen
_______________________________________________
ARIN-PPML
You are receiving this message because you are subscribed to
the ARIN Public Policy Mailing List ([email protected]).
Unsubscribe or manage your mailing list subscription at:
https://lists.arin.net/mailman/listinfo/arin-ppml
Please contact [email protected] if you experience any issues.
