DoD IP Space

Thu Feb 11 22:05:51 UTC 2021

> On 12 Feb 2021, at 08:11, Jim Shankland <nanog at shankland.org> wrote:
> 
> On 2/11/21 6:29 AM, Owen DeLong wrote:
>> 
>>> On Feb 11, 2021, at 05:55 , Izaac <izaac at setec.org> wrote:
>>> 
>>> On Wed, Feb 10, 2021 at 04:04:43AM -0800, Owen DeLong wrote:
>>>> without creating partitioned networks.
>>> Ridiculous.  Why would you establish such a criteria?  The defining
>>> characteristic of rfc1918 networks is that they are partitioned.
>>> 
>>> The ability to recognize and exploit partitions within a network,
>>> natural or otherwise, is the measure of competence in a network
>>> engineer.
>>> 
>>> Stop making excuses.
>> Ridiculous… TCP/IP was designed to be a peer to peer system where each endpoint was uniquely
>> addressable whether reachable by policy or not.
>> 
>> IPv6 restores that ability and RFC-1918 is a bandaid for an obsolete protocol.
>> 
>> Stop making excuses and let’s fix the network.
>> 
>> Owen
> 
> TCP/IP wasn't designed; it evolved (OK, a slight exaggeration). The ISO-OSI protocol stack was designed. Many years ago, I taught a course on TCP/IP networking. The course was written by someone else, I was just being paid to present/teach it. Anyway, I vividly remember a slide with bullet points explaining why TCP/IP was a transitional technology, and would be rapidly phased out, replaced by the "standard", intelligently designed ISO-OSI stack. By the time I taught the course, I had to tell the class that every single statement on that slide was incorrect. In the end, evolution beat out intelligent design, by a country mile.
> 
> It was probably a couple of years later -- the year definitely started with a 1 -- that I first heard that IPv4 was being phased out, to be replaced over the next couple of years by IPv6. We've been hearing it ever since.
> 
> That doesn't mean that we'll be living with IPv4 forever. A peer to peer system where each endpoint is uniquely addressable is desirable. But in a world of virtual machines, load balancers, etc., the binding of an IP address to a particular, physical piece of hardware has long since become tenuous. IPv4 is evolving into a 48-bit address space for endpoints (32-bit host + 16-bit port). That development has extended IPv4's useful life by many years.
> 
> There is pain associated with continuing to make IPv4 work. And there is pain associated with transitioning to IPv6. IPv6 will be adopted when the pain of the former path is much larger than the pain of the latter path. Saying "RFC-1918 is a bandaid for an obsolete protocol" is using a normative, rather than empirical, definition of "obsolete". In the empirical sense, things are obsolete when people stop using them. Tine will tell when that happens.
> 
> Jim Shankland

For most networks there is almost no pain in enabling IPv6. Its reconfigure the routers to announce IPv6 prefixes and you are done.  We are 20+ years into IPv6 deployment.  Almost everything you buy today works with IPv6.  Even the crappy $50 home router does IPv6.  100s of millions of household networks have had IPv6 enabled without the owners of those networks needing to anything other than perhaps swap out a IPv4-only router to one that supports IPv6.  Hell lots of those home networks are behind IPv6-only uplinks with the CPE router translating the legacy IPv4 to IPv6 for transport over the IPv6-only uplink.  The same happens with mobile phones these days.  If you have a phone that was purchased in the last 10 years, give or take, you will most probably be talking to the world over a IPv6-only link.  Even Telstra here in Australia is transition their network to IPv6-only, the network in South Australia is IPv6-only with the other states to come.  Optus here has been shipping IPv6 capable routers for the last several years with every new install / replacement.  Optus haven’t yet enabled IPv6 to the home but the installed base is becoming IPv6 capable.

The harder part is making sure every piece of kit works with IPv6 when you want to turn off IPv4 internally but even then you can put that equipment behind bi-directional NAT-64 boxes.

You have large parts of the world actively turning off as much IPv4 as they can.  Connections to legacy IPv4-only services are being tunnelled over IPv6 either by encapsulation or bi-directional protocol translation.
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka at isc.org