One Year On: IPv4 Exhaust
nanog at radu-adrian.feurdean.net
Mon Sep 26 10:38:53 UTC 2016
On Mon, Sep 26, 2016, at 01:01, Mark Andrews wrote:
> In message
> <1474840690.4107784.736591409.28E807DF at webmail.messagingengine.com>,
> "Radu-Adrian Feurdean" writes:
> > I know, but for the "server guys" turning on IPv6 it's pretty low on
> > priority list.
> Are those server guys interested in stopping attacks without
> collateral damage? You can't say that a IPv4 address == 1 customer
> today. Any protection measures you put in place based on IPv4
> addresses are likely to affect more than one customer.
To put in context, I live and work in France, where NO mobile operator
provides IPv6, but they do use CGN. Wired-line operators (some, not all)
barely start deploying CGNAT on some of the new customers. Pro/business
access operators MUST provide IPv4 in order to be able to survive.
Things will probably change, but this is the situation today. So "1 IPv4
= several customers" it's either mobile (with no alternative and
separate abuse handling process) or negligible.
> > My customers are eyeballs. Residential ones have dual-stack by default,
> > business - some have, some don't and some explicitly refuse (or ask for
> > v6 to be disabled).
> Lots of residentual customers don't have a unshared IPv4 address.
> The only reason you are seeing IPv4 from them is that the ISP has
> had to spend money working around the sheer lazyness of content
> providers in not providing IPv6.
Lots of residential customers still do here.
> > > Is somewhere between 11-14% worldwide enough for you to invest the
> > > time to turn on IPv6 enough? It should be.
> > Since they (the 11-14% worldwide) do have IPv4 anyway, some consider
> > it's not worth; at least not yet.
> Actually almost all of the world does not have complete IPv4, they
> have a subset of IPv4. You have just got used to not having complete
> > The issue with IPv6 deployment it's not as simple as some people
> > suggest. It's not a technical problem either, but it's a big one.
> In most cases it is just a matter of turning it on.
... and in some of those cases turning it on is subject to a "change
request" that requires validation from some level of management that
requests the answers to questions similar to following : "What do we
gain from this ? What does it cost to turn on ? What does it cost to
support the new feature ?". Giving acceptable answers to people that
don't necessarily understand IPv6 (some of them having spent their
entire life in "IPv4-only, behind NAT" environments) is not that
obvious, and this is the core of the "non-technical problem".
You probably don't have to deal a lot with this kind of people....
More information about the NANOG