IPv6 Security [Was: Re: misunderstanding scale]
Lamar Owen
lowen at pari.edu
Tue Mar 25 14:46:17 UTC 2014
On 03/24/2014 09:39 PM, Paul Ferguson wrote:
> I'll leave it as an exercise for the remainder of... everywhere to
> figure out why there is resistance to v6 migration, and it isn't "just
> because" people can't be bothered.
I'm sure there are numerous enterprises in the same shape I am in, with
significant equipment investment in non-quite-ipv6-ready gear, and
insufficient technology refresh capex monies to get ipv6-ready
capacity-equivalent replacements. Cisco 6500/7600 even with Sup720 has
issues, and I know of a number of networks still running Sup2 on
6500/7600 or even older (including some gear in my own network, where I
still have old gear, older even than I'm willing to admit publicly,
serving in core roles; I just decommissioned a failing Extreme Summit 1i
this past Saturday, and still have two more in core roles, doing Layer 3
IPv4 in one case). I know I'm not alone.
While much of this gear may be fully depreciated, the cost of the
forklift upgrade is major, and the gear is not the biggest part of the
cost. Repairs are not anywhere near as draining on the capex budget as
complete chassis upgrades are, and so we keep old gear running because
it's what we can afford to do.
So capex is a big part of it; but then there's training costs and the
opex of dealing with a new-to-us technology.
Just my very-late-to-the-party opinion, and not likely to change
anything at all, but in hindsight it seems we might have been better off
with ipv4.1 instead of ipv6, which, IMO, just simply bit off too much in
one bite. Much like how the Fountainhead project at DG got eclipsed by
the much less ambitious Eagle, and never really went anywhere due to its
pie-in-the-sky goals, when all the customers really wanted was a 32-bit
Eclipse, which Eagle provided. (Tracy Kidder, "The Soul of a New
Machine" which should be on every tech's must-read list). Yeah, I know,
too late to matter, as ipv6 is here and here to stay. But the
transition could have been smoother and less traumatic to equipment
vendors' customers. At least that's my opinion and experience, your
mileage may vary.
More information about the NANOG
mailing list