Re: V6 still not supported (was Re: CC: s to Non List Members, (was Re: 202203080924.AYC Re: 202203071610.AYC Re: Making Use of 240/4, NetBlock))

[Daniel Karrenberg]

On 14-03-2022 05:06, Fred Baker wrote:

... Where IPv6 has a problem today is with enterprise. IMHO, this is basically 
because enterprise is looking at the bottom line. If ISPs were to do what 
Mythic Beasts says they do, which is charge their users for address space, IPv6 
is virtually free while IPv4 costs something. I suspect that enterprise would 
change its tune dramatically. ...


This has already started to happen. For example my preferred hosting 
provider recently made the IPv4 address a line item on their invoices. 
The total price did not change. Customers can now save money by electing 
not to use IPv4. This makes sense for both the supplier and the customer 
and it will happen more and more. The cost of clinging to IPv4 will rise 
and it will become more visible.


Daniel

Re: V6 still not supported (was Re: CC: s to Non List Members, (was Re: 202203080924.AYC Re: 202203071610.AYC Re: Making Use of 240/4, NetBlock))

[Fred Baker]

> On Mar 11, 2022, at 8:39 AM, Joe Maimon  wrote:
> 
> Google's statistics...

I'm not sure which of you I'm replying to. The comment was made on NANOG the 
other day that we should discount Google statistics because they have been 
promoting IPv6 for a decade. It's true that they have been doing so. But they 
aren't the only people with statistics.

https://www.vyncke.org/ipv6status/compare.php?metric=p=in,my,sa,be,de,fr,gr,vn,tw,gf,zz,us,jp,th,br,mx,ae,lk,uy,hu,lu,fi,il,pt,gt,ch,gp,gb,mq,nl,ca,ee,ec,re,au,np,tt,at,ro,ga,ie,no,gy,bt,py,pe,kw,sx,mm,nz,co,cz,bo,ni,tg,ph,pl,sg,is,ar,kr,om,cl,sv,jm,si,mo,se,lv,jo,cg,ba,lc,zw,ir,id,md,hn,by,sk,al,rw,pf,ge,bz,dk,ru,hr,rs,it,vc,ke

You might look at the following links. Eric Vyncke has been putting up charts 
basically on Google, Akamai, and APNIC statistics for a while. One thing to 
consider is that around 90 countries (92 in this capture, as low as 89 a couple 
of days ago) have 5% or greater response rate using IPv6. Google and Akamai 
have their own content networks, and in at least some countries only 
externalize  records or respond to IPv6 requests. APNI isn't that way; they 
don't operate a content network, but rather accept traffic from across the 
backbone. Consider that a content network essentially reports traffic from a 
customer network to their first hop ISP, while when APNIC reports an IPv6 
access, the father form APNIC to the collector in question has to include every 
network and every router in the path. Now look at these:

https://www.vyncke.org/ipv6status/compare.php?metric=p=in
https://www.vyncke.org/ipv6status/compare.php?metric=k=in
https://stats.labs.apnic.net/ipv6/CC?x=1=1=1=30=IN

I think the APNIC numbers demonstrate that paths through the backbone generally 
support IPv6 end to end, and that from a routing perspective there is no reason 
to favor IPv4.

There are 8 Countries (this evening) that Google reports roughly equal response 
rates from using IPv4 or IPv6. cf 
https://www.vyncke.org/ipv6status/compare.php?metric=p=in,my,sa,be,de,fr,gr,vn.
 This doesn't prove that IPv6 has taken over the world, but it does prove that 
those who would discount available statistics sources are a little too shrill 
in doing so.

Where IPv6 has a problem today is with enterprise. IMHO, this is basically 
because enterprise is looking at the bottom line. If ISPs were to do what 
Mythic Beasts says they do, which is charge their users for address space, IPv6 
is virtually free while IPv4 costs something. I suspect that enterprise would 
change its tune dramatically.

Re: V6 still not supported (was Re: CC: s to Non List Members, (was Re: 202203080924.AYC Re: 202203071610.AYC Re: Making Use of 240/4, NetBlock))

[Abraham Y. Chen]

Hi, Ca By:

1)    Re: Ur. Pt. 1) " ... the number is 46% in the USA.  ":    Whoa! 
Your revised number is even higher. And, I could round it up to 50%! 
Seriously, please be specific about where are you reading the number 
that you are reporting? I commented after reading your second reference, 
because I could not find relevant data from the first one. Is there 
something hidden there? Please identify.


2)    Re: Ur. Pt. 2): I have to wait for your clarification for Pt. 1) 
above to proceed with these additional statements.


Regards,


Abe (2022-03-11 15:06)




On 2022-03-11 11:19, Ca By wrote:



On Fri, Mar 11, 2022 at 7:15 AM Abraham Y. Chen  wrote:

Dear Ca By:

1)    It appears that you are reading the Google graph too
optimistically, or incorrectly. That is, the highest peaks of the
graph are about 38%. The average of the graph is about 36%. Citing
"over 40%" from these is a gross exaggeration. In fact, the peaks
were reached on weekends and holidays due to more residential
usage, you can clearly see such by zooming into the graph. In
addition, the graph has been exhibiting an asymptomatic trend ever
since a few years back. The COVID-19 pushed this graph up a bit
due to the lock-down and work-from-home factors. Below was an
analysis pre-pandemic:


Sorry for being imprecise in my communication, the number is 46% in 
the USA.



https://circleid.com/posts/20190529_digging_into_ipv6_traffic_to_google_is_28_percent_deployment_limit/

2)    Since Google is one of the stronger IPv6 promoters, usage of
IPv6 outside of the Google domain can only be lower, by simple
logic deduction.


Google’s number represents how many users reach it over ipv6. Given 
Google’s ubiquity in the usa, it is a fair barometer for the usa at 
large.  This data is helpful for content providers  estimating demand 
for ipv6 (46% of users will use ipv6 if it is available)  and for the 
network operator community to understand where their peers sit.


In summary, there is a lot of ipv6 on the usa internet today. Almost 
half for Google, per their published numbers. Over 75% end to end ipv6 
on some large mobile networks.  Hence my appeal to view published data.


Reading anecdotal Nanog mails from a handful of folks concluding ipv6 
has failed will not leave the passive impartial observer with an 
accurate view.


Regards,


Abe (2022-03-11 10:11)


--
NANOG Digest, Vol 170, Issue 12

Message: 12
Date: Thu, 10 Mar 2022 08:00:17 -0800
From: Ca By  
To: Saku Ytti  
Cc: Joe Greco  ,nanog@nanog.org
Subject: Re: V6 still not supported (was Re: CC: s to Non List Members
(was Re: 202203080924.AYC Re: 202203071610.AYC Re: Making Use of 240/4
NetBlock))
Message-ID:
  

Content-Type: text/plain; charset="utf-8"

On Wed, Mar 9, 2022 at 11:56 PM Saku Ytti  
  wrote:


On Wed, 9 Mar 2022 at 21:00, Joe Greco  
  wrote:


I really never thought it'd be 2022 and my networks would be still
heavily v4.  Mind boggling.

Same. And if we don't voluntarily agree to do something to it, it'll
be the same in 2042, we fucked up and those who come after us pay the
price of the insane amount of work and cost dual stack causes.

It is solvable, easily and cheaply, like most problems (energy,
climate), but not when so many poor leaders participate in decision
making.

--
   ++ytti


Ah, the quarterly ipv6 thread? where i remind you all? most of the USA is
on ipv6 (all your smartphone, many of your home router, a growing amount of
your clouds [i see you aws])

https://www.worldipv6launch.org/measurements/

Google sees over 40% of their users on ipv6, with superior latency

https://www.google.com/intl/en/ipv6/statistics.html



-- next part --




Virus-free. www.avast.com




<#m_6390985030485347940_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>




--
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus

Re: V6 still not supported (was Re: CC: s to Non List Members, (was Re: 202203080924.AYC Re: 202203071610.AYC Re: Making Use of 240/4, NetBlock))

[Joe Maimon]

Grant Taylor via NANOG wrote:



I believe that talking about removing IPv4 in any capacity /now/ is a 
disservice to the larger conversation.


We mostly agree. Except that there is a significant vocal portion of the 
IPv6 spectrum that would like to start obsoleting IPv4 now.


I have my doubts about getting back to a single protocol Internet 
(IPv6) in my lifetime, much less my career.


I both doubt and very much hope that it will not be quite that long, but 
even so, the fact that it can even be considered a possibility should be 
a significant wake up call.


In any event, all this underscores the reality that IPv4 requires more 
investment to carry along until that point.



And until that point, IPv6 is an optimization, not a requirement.


How long do you wait during the "optimization" window before actually 
deploying IPv6?  The 11th hour?  Why not start deploying IPv6 with new 
green field deployments at the 2nd hour?



Until you have the itch to do so, until you have a business case to do 
so, until you no longer have any excuse not to do so. The opt in 
optimization is optional.


Joe

Re: V6 still not supported (was Re: CC: s to Non List Members, (was Re: 202203080924.AYC Re: 202203071610.AYC Re: Making Use of 240/4, NetBlock))

[Grant Taylor via NANOG]

On 3/11/22 9:39 AM, Joe Maimon wrote:
I am not really convinced that IPv4 can be 
ignored/marginalized/obsoleted without penetration reaching over 90%, 
globally.


I feel like that's an unfair characterization / summarization.

The VAST MAJORITY of the pro IPv6 discussions that I see are targeting 
parity between IPv4 and IPv6.  As such, there is absolutely no ignoring, 
no marginalizing, no obsoleting of IPv4 in those discussions.


The vast majority of the discussions that I've participated in have not 
been IPv4 exclusive or IPv6.  --  The breakdown tends to be three 
categories, exclusive IPv4 (old), dual IPv4 and IPv6 (current), and 
exclusive IPv6 (far Far FAR future).


As I see it, if we divide the three categories equally, 0-33% is IPv4 
only, 34-66% is dual IPv4 and IPv6, and 67-99% (can be) IPv6 only.  -- I 
fudged the numbers a %, to simplify the 1/3 fractional math.  --  As 
such, we have crossed over from the exclusive IPv4 (0-33%) into the dual 
IPv4 and IPv6 (34-66%).  We have a long way to go before even 
considering exclusive IPv6 (67% (or higher)).


I believe that talking about removing IPv4 in any capacity /now/ is a 
disservice to the larger conversation.


I have my doubts about getting back to a single protocol Internet (IPv6) 
in my lifetime, much less my career.



And until that point, IPv6 is an optimization, not a requirement.


How long do you wait during the "optimization" window before actually 
deploying IPv6?  The 11th hour?  Why not start deploying IPv6 with new 
green field deployments at the 2nd hour?




--
Grant. . . .
unix || die



smime.p7s
Description: S/MIME Cryptographic Signature

Re: V6 still not supported (was Re: CC: s to Non List Members, (was Re: 202203080924.AYC Re: 202203071610.AYC Re: Making Use of 240/4, NetBlock))

[Joe Maimon]

Ca By wrote:




Google’s number represents how many users reach it over ipv6. Given 
Google’s ubiquity in the usa, it is a fair barometer for the usa at 
large.


Given google's popularity on handheld platforms, the users of which tend 
to be much less sensitive to IPv4 translation mechanisms and have a much 
higher penetration of native v6, I would restate that a bit more 
conservatively as


Google's statistics are likely a fair barometer for USA usage in the 
large content provider arena which have a strong mobile representation.






Reading anecdotal Nanog mails from a handful of folks concluding ipv6 
has failed will not leave the passive impartial observer with an 
accurate view.


Its incontrovertible that IPv6 has racked up a long list of failures in 
its original objectives, expectations, predictions and timelines, even 
up to this point.


I am not really convinced that IPv4 can be 
ignored/marginalized/obsoleted without penetration reaching over 90%, 
globally. And until that point, IPv6 is an optimization, not a requirement.


Perhaps it will accelerate at some percentage point. But if it drags out 
for another decade or two, all bets are off.



Joe

Re: V6 still not supported (was Re: CC: s to Non List Members, (was Re: 202203080924.AYC Re: 202203071610.AYC Re: Making Use of 240/4, NetBlock))

[Ca By]

On Fri, Mar 11, 2022 at 7:15 AM Abraham Y. Chen  wrote:

> Dear Ca By:
>
> 1)It appears that you are reading the Google graph too optimistically,
> or incorrectly. That is, the highest peaks of the graph are about 38%. The
> average of the graph is about 36%. Citing "over 40%" from these is a gross
> exaggeration. In fact, the peaks were reached on weekends and holidays due
> to more residential usage, you can clearly see such by zooming into the
> graph. In addition, the graph has been exhibiting an asymptomatic trend
> ever since a few years back. The COVID-19 pushed this graph up a bit due to
> the lock-down and work-from-home factors. Below was an analysis
> pre-pandemic:
>

Sorry for being imprecise in my communication, the number is 46% in the USA.


>
> https://circleid.com/posts/20190529_digging_into_ipv6_traffic_to_google_is_28_percent_deployment_limit/
>
> 2)Since Google is one of the stronger IPv6 promoters, usage of IPv6
> outside of the Google domain can only be lower, by simple logic deduction.
>
>
Google’s number represents how many users reach it over ipv6. Given
Google’s ubiquity in the usa, it is a fair barometer for the usa at large.
This data is helpful for content providers  estimating demand for ipv6 (46%
of users will use ipv6 if it is available)  and for the network operator
community to understand where their peers sit.

In summary, there is a lot of ipv6 on the usa internet today. Almost half
for Google, per their published numbers. Over 75% end to end ipv6 on some
large mobile networks.  Hence my appeal to view published data.

Reading anecdotal Nanog mails from a handful of folks concluding ipv6 has
failed will not leave the passive impartial observer with an accurate view.


Regards,
>
>
> Abe (2022-03-11 10:11)
>
>
> --
> NANOG Digest, Vol 170, Issue 12
>
> Message: 12
> Date: Thu, 10 Mar 2022 08:00:17 -0800
> From: Ca By  
> To: Saku Ytti  
> Cc: Joe Greco  , nanog@nanog.org
> Subject: Re: V6 still not supported (was Re: CC: s to Non List Members
>   (was Re: 202203080924.AYC Re: 202203071610.AYC Re: Making Use of 240/4
>   NetBlock))
> Message-ID:
>
> 
> Content-Type: text/plain; charset="utf-8"
>
> On Wed, Mar 9, 2022 at 11:56 PM Saku Ytti   wrote:
>
>
> On Wed, 9 Mar 2022 at 21:00, Joe Greco  
>  wrote:
>
>
> I really never thought it'd be 2022 and my networks would be still
> heavily v4.  Mind boggling.
>
> Same. And if we don't voluntarily agree to do something to it, it'll
> be the same in 2042, we fucked up and those who come after us pay the
> price of the insane amount of work and cost dual stack causes.
>
> It is solvable, easily and cheaply, like most problems (energy,
> climate), but not when so many poor leaders participate in decision
> making.
>
> --
>   ++ytti
>
> Ah, the quarterly ipv6 thread? where i remind you all? most of the USA is
> on ipv6 (all your smartphone, many of your home router, a growing amount of
> your clouds [i see you aws])
> https://www.worldipv6launch.org/measurements/
>
> Google sees over 40% of their users on ipv6, with superior latency
> https://www.google.com/intl/en/ipv6/statistics.html
>
>
>  -- next part --
>
>
>
> 
>  Virus-free.
> www.avast.com
> 
> <#m_6390985030485347940_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
>

Re: V6 still not supported (was Re: CC: s to Non List Members, (was Re: 202203080924.AYC Re: 202203071610.AYC Re: Making Use of 240/4, NetBlock))

[Abraham Y. Chen]

Dear Ca By:

1)    It appears that you are reading the Google graph too 
optimistically, or incorrectly. That is, the highest peaks of the graph 
are about 38%. The average of the graph is about 36%. Citing "over 40%" 
from these is a gross exaggeration. In fact, the peaks were reached on 
weekends and holidays due to more residential usage, you can clearly see 
such by zooming into the graph. In addition, the graph has been 
exhibiting an asymptomatic trend ever since a few years back. The 
COVID-19 pushed this graph up a bit due to the lock-down and 
work-from-home factors. Below was an analysis pre-pandemic:


https://circleid.com/posts/20190529_digging_into_ipv6_traffic_to_google_is_28_percent_deployment_limit/

2)    Since Google is one of the stronger IPv6 promoters, usage of IPv6 
outside of the Google domain can only be lower, by simple logic deduction.



Regards,


Abe (2022-03-11 10:11)


--
NANOG Digest, Vol 170, Issue 12

Message: 12
Date: Thu, 10 Mar 2022 08:00:17 -0800
From: Ca By
To: Saku Ytti
Cc: Joe Greco,nanog@nanog.org
Subject: Re: V6 still not supported (was Re: CC: s to Non List Members
(was Re: 202203080924.AYC Re: 202203071610.AYC Re: Making Use of 240/4
NetBlock))
Message-ID:

Content-Type: text/plain; charset="utf-8"

On Wed, Mar 9, 2022 at 11:56 PM Saku Ytti  wrote:


On Wed, 9 Mar 2022 at 21:00, Joe Greco  wrote:


I really never thought it'd be 2022 and my networks would be still
heavily v4.  Mind boggling.

Same. And if we don't voluntarily agree to do something to it, it'll
be the same in 2042, we fucked up and those who come after us pay the
price of the insane amount of work and cost dual stack causes.

It is solvable, easily and cheaply, like most problems (energy,
climate), but not when so many poor leaders participate in decision
making.

--
   ++ytti


Ah, the quarterly ipv6 thread? where i remind you all? most of the USA is
on ipv6 (all your smartphone, many of your home router, a growing amount of
your clouds [i see you aws])

https://www.worldipv6launch.org/measurements/

Google sees over 40% of their users on ipv6, with superior latency

https://www.google.com/intl/en/ipv6/statistics.html



-- next part --


--
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus

Re: V6 still not supported (was Re: CC: s to Non List Members (was Re: 202203080924.AYC Re: 202203071610.AYC Re: Making Use of 240/4 NetBlock))

[Saku Ytti]

On Thu, 10 Mar 2022 at 16:01, Joe Greco  wrote:

> I am reading your response as to imply that this is somehow my fault
> (for my networks) and that I am a poor leader for not having embraced
> v6.  If that's not what you meant, great, because I feel like there's
> been systemic issues.

No, I meant us as the community of people building the internet in the
last 20 years. Poor state of IPv6+IPv4 not any individual's fault,
some share more fault than others, but we're all culpable. My
apologies, I didn't intend it to read as I'm blaming you.
You can't go IPV6 only in your own network, you have other networks to
talk to, other applications to use to, things to buy which you assert
little control over.

-- 
  ++ytti

Re: V6 still not supported (was Re: CC: s to Non List Members (was Re: 202203080924.AYC Re: 202203071610.AYC Re: Making Use of 240/4 NetBlock))

[Tom Beecher]

>
> Google sees over 40% of their users on ipv6,* with superior latency *
>

Uncle Geoff generally debunked this years ago.

https://www.youtube.com/watch?v=Lt-Xx2CmuQE_channel=NANOG

On Thu, Mar 10, 2022 at 11:01 AM Ca By  wrote:

>
>
> On Wed, Mar 9, 2022 at 11:56 PM Saku Ytti  wrote:
>
>> On Wed, 9 Mar 2022 at 21:00, Joe Greco  wrote:
>>
>> > I really never thought it'd be 2022 and my networks would be still
>> > heavily v4.  Mind boggling.
>>
>> Same. And if we don't voluntarily agree to do something to it, it'll
>> be the same in 2042, we fucked up and those who come after us pay the
>> price of the insane amount of work and cost dual stack causes.
>>
>> It is solvable, easily and cheaply, like most problems (energy,
>> climate), but not when so many poor leaders participate in decision
>> making.
>>
>> --
>>   ++ytti
>
>
> Ah, the quarterly ipv6 thread… where i remind you all… most of the USA is
> on ipv6 (all your smartphone, many of your home router, a growing amount of
> your clouds [i see you aws])
>
> https://www.worldipv6launch.org/measurements/
>
> Google sees over 40% of their users on ipv6, with superior latency
>
> https://www.google.com/intl/en/ipv6/statistics.html
>
>
>
>>

Re: V6 still not supported (was Re: CC: s to Non List Members (was Re: 202203080924.AYC Re: 202203071610.AYC Re: Making Use of 240/4 NetBlock))

[Ca By]

On Wed, Mar 9, 2022 at 11:56 PM Saku Ytti  wrote:

> On Wed, 9 Mar 2022 at 21:00, Joe Greco  wrote:
>
> > I really never thought it'd be 2022 and my networks would be still
> > heavily v4.  Mind boggling.
>
> Same. And if we don't voluntarily agree to do something to it, it'll
> be the same in 2042, we fucked up and those who come after us pay the
> price of the insane amount of work and cost dual stack causes.
>
> It is solvable, easily and cheaply, like most problems (energy,
> climate), but not when so many poor leaders participate in decision
> making.
>
> --
>   ++ytti


Ah, the quarterly ipv6 thread… where i remind you all… most of the USA is
on ipv6 (all your smartphone, many of your home router, a growing amount of
your clouds [i see you aws])

https://www.worldipv6launch.org/measurements/

Google sees over 40% of their users on ipv6, with superior latency

https://www.google.com/intl/en/ipv6/statistics.html



>

Re: V6 still not supported (was Re: CC: s to Non List Members (was Re: 202203080924.AYC Re: 202203071610.AYC Re: Making Use of 240/4 NetBlock))

[Joe Greco]

On Thu, Mar 10, 2022 at 09:55:42AM +0200, Saku Ytti wrote:
> On Wed, 9 Mar 2022 at 21:00, Joe Greco  wrote:
> > I really never thought it'd be 2022 and my networks would be still
> > heavily v4.  Mind boggling.
> 
> Same. And if we don't voluntarily agree to do something to it, it'll
> be the same in 2042, we fucked up and those who come after us pay the
> price of the insane amount of work and cost dual stack causes.
> 
> It is solvable, easily and cheaply, like most problems (energy,
> climate), but not when so many poor leaders participate in decision
> making.

I am reading your response as to imply that this is somehow my fault
(for my networks) and that I am a poor leader for not having embraced
v6.  If that's not what you meant, great, because I feel like there's
been systemic issues.

There are several ASN's I run infrastructure for, on an (as you
put it) "voluntary" basis, for organizations that run critical bits
of Internet infrastructure but which aren't funded like they are
critical bits.

The problem is that I really don't have the ability to donate more
of my time, since I am already 150% booked, and I'm not willing to
hire someone just to donate their time.

I have no idea what it is I can agree to do to make something happen
here that is accomplished "easily and cheaply".  From my perspective,
IPv4+6 is many times the effort to deploy as just IPv4, somewhere
between 5x-10x as much work depending on the specifics.  I love many
of the ideas behind v6, but adoption seems tepid.  I had to fight
years ago to get IPv6 via broadband, and most common end-user gear
still does not seem to support it, or enable it by default.

Looking at the results, I think we've screwed this up.  Just like the
e-mail ecosystem was screwed up by poor design and then stupid bolt-on
fixes, so we've finally arrived at a point where people just don't 
even want to deal with the problem.  At least with e-mail, you can
plausibly outsource it if you're not masochistic.  I feel like IPv6 is
that same sort of problem, except you can't outsource it.  You can
avoid it by throwing some more IPv4 NAT and proxies into the mix
though.  And tragically, that seems to be what's happened.

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"The strain of anti-intellectualism has been a constant thread winding its way
through our political and cultural life, nurtured by the false notion that
democracy means that 'my ignorance is just as good as your knowledge.'"-Asimov

Re: V6 still not supported (was Re: CC: s to Non List Members (was Re: 202203080924.AYC Re: 202203071610.AYC Re: Making Use of 240/4 NetBlock))

[Saku Ytti]

On Wed, 9 Mar 2022 at 21:00, Joe Greco  wrote:

> I really never thought it'd be 2022 and my networks would be still
> heavily v4.  Mind boggling.

Same. And if we don't voluntarily agree to do something to it, it'll
be the same in 2042, we fucked up and those who come after us pay the
price of the insane amount of work and cost dual stack causes.

It is solvable, easily and cheaply, like most problems (energy,
climate), but not when so many poor leaders participate in decision
making.

-- 
  ++ytti

Re: V6 still not supported (was Re: CC: s to Non List Members (was Re: 202203080924.AYC Re: 202203071610.AYC Re: Making Use of 240/4 NetBlock))

[Joe Greco]

On Wed, Mar 09, 2022 at 09:46:41AM -0800, David Conrad wrote:
> Tim,
> 
> On Mar 9, 2022, at 9:09 AM, Tim Howe  wrote:
> > Some of our biggest vendors who have supposedly supported
> > v6 for over a decade have rudimentary, show-stopping bugs.
> 
> Not disagreeing (and not picking on you), but despite hearing 
> this with some frequency, I haven???t seen much data to corroborate 
> these sorts of statements.

Fine.  We could start at the top, with protocols that are defective
by design, such as OSPFv3, which lack built-in authentication and 
rely on IPsec.  That's great if you have a system where this is all
tightly and neatly integrated, but smaller scale networks may be
built on Linux or BSD platforms, and this can quickly turn into a
trainwreck of loosely cooperating but separate subsystems, maintaining
IPsec with one set of tools and the routing with another.

Or ... FreeBSD's firewall has a DEFAULT_TO_DENY option for IPv4 but
not for IPv6.  Perhaps not a show-stopping bug, granted.  But, wait,
if you really want end-to-end IPv6 (without something like NAT in
between doing its "faux-firewalling") endpoints, wouldn't you really
want a firewall that defaults to deny, just in case something went
awry?  If I've got a gateway host that normally does stateful
firewalling but it fails to load due to a typo, I'd really like
it to die horribly not packet forwarding anything, because someone
will then notice that.  But if it fails open, that's pretty awful
because it may not be noticed for months or years.  So that's a
show-stopper.

As exciting as it would be to go all-in on v6, it's already quite a
bit of a challenge to build everything dual-stack and get to feature
parity.  The gratuitous differences feel like arrogant protocol
developers who know what's best for you and are going to make you 
comply with their idea of how the world should work, complexity be
damned.

I really never thought it'd be 2022 and my networks would be still
heavily v4.  Mind boggling.

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"The strain of anti-intellectualism has been a constant thread winding its way
through our political and cultural life, nurtured by the false notion that
democracy means that 'my ignorance is just as good as your knowledge.'"-Asimov

V6 still not supported (was Re: CC: s to Non List Members (was Re: 202203080924.AYC Re: 202203071610.AYC Re: Making Use of 240/4 NetBlock))

[David Conrad]

Tim,

On Mar 9, 2022, at 9:09 AM, Tim Howe  wrote:
> Some of our biggest vendors who have supposedly supported
> v6 for over a decade have rudimentary, show-stopping bugs.

Not disagreeing (and not picking on you), but despite hearing this with some 
frequency, I haven’t seen much data to corroborate these sorts of statements.

>   A subset of these vendors will listen to you and fix the
> problems.  Give them your support and loyalty.  I want to name names so
> bad…


Perhaps the right approach would be similar for network operators to move to a 
timed full disclosure model (like Google’s Project Zero for security issues)?  
In the software security world, this model seems to have had a positive impact 
in getting fixes out. If a vendor who claims v6 support doesn’t actually 
support v6 (or, if a vendor fixes a known lack of v6 support), it would seem to 
me that this is information that folks on NANOG (and elsewhere) would find 
useful.

Regards,
-drc



signature.asc
Description: Message signed with OpenPGP