The Choice: IPv4 Exhaustion or Transition to IPv6
andy at nosignal.org
Fri Jun 29 08:51:16 UTC 2007
On 28 Jun 2007, at 18:27, John Curran wrote:
> At 10:16 AM -0700 6/28/07, Randy Bush wrote:
>>> Interoperability is achieved by having public facing
>>> servers reachable via IPv4 and IPv6.
>> that may be what it looks like from the view of an address allocator.
>> but if you actually have to deliver data from servers you need a path
>> where data from/in both protocols is supported on every link of the
>> chain that goes all the way to every bit of back end data in your
>> system. and if one link in that chain is missing, <sound of glib
> Organizations need to have IPv6 on their DMZ servers.
> ISP's needs to provide IPv6 to these organizations, either
> directly or via tunnel.
> It's actually rather simple.
*That* sounds simple, but that method doesn't bear any resemblance to
* Software that does not support v6 needs to be rewritten (I used
to herd some reverse proxies owned by a Juniper company that did not
support v6 addressing. I don't 100% convincingly know whether my
monitoring tools do. I don't think my IP phone does.)
* Operational staff need to be retrained. Hostmasters need to be
retrained. Support staff need to be retrained. Your customers'
technical contacts need to be retrained. Everything has to keep
working whilst your staff are learning these new skills. 2009 might
be a great year for consultants. ;-)
* If you don't already have v6, then rolling out your v6 assignment
to peers and upstreams will feel a lot like building a network from
scratch all over again. A big co-ordinated effort involving a lot of
* Testing budgets will need to swell seriously. If you host an
online application, you need to start your testing from scratch.
* Policy for v6 assignment and allocation needs to be finished and
agreed upon. If you read the address policy lists you'll know that
this is not going to happen for some time. (c.f. Afrinic's decision
to give themselves a five-hundredth of their assignment - something
they could have done for each of their ~250 or so members without
impact, and the bruhaha this caused.) I daren't even mention ULA-
* Your security policy needs auditing and reworking for v6.
* It needs to be rolled transparently to end users, unless you want
to increase your support burden.
I'm not saying that v6 should be binned in favour of turning off the
internet when we run out of v4, but this is a non-exhaustive list of
projects we all should be undertaking. Is everyone on the list
working through their own list ? I'd wager not.
More information about the NANOG