V6 still not supported

borg at uu3.net borg at uu3.net
Thu Mar 17 13:31:14 UTC 2022


Ohh sorry if I misunderstood orginal message a bit.
I am all on your side about it indeed.

I am el-cheapo dual-homed at home, and this setup is impossible
to do without NAT. I can add/del ISP connections at any time with
minimal reconf. Have static IPs in LAN and overlay network.
Life is good.

When NAT appeard we kinda hated it.
Now it seems life is hard without it ;)


---------- Original message ----------

From: Matthew Huff <mhuff at ox.com>
To: Tom Beecher <beecher at beecher.cc>, "borg at uu3.net" <borg at uu3.net>
Cc: "nanog at nanog.org" <nanog at nanog.org>
Subject: RE: V6 still not supported
Date: Thu, 17 Mar 2022 12:00:59 +0000

Did you read his email? He was saying that what a lot of people wanted was IPv4 + bigger address space, and not any other changes. Speaking for myself, other than the bigger address space, for a corporate/enterprise environment I have yet to see any advantages of IPv6 and many, many issues.

Information hiding, aka NAT is very important in the financial world.

For example, we have a directly peered connection with our clearing partner at our co-location. Both sides use NAT. This way either side can make a network change without having to involve the other partner.

Here is what happens without NAT (circa 2008), and yes, this really happened:


  1.  We needed to separate out process and move to a different server. The existing server IP couldn˙˙t change since other partners had it in their access list.
  2.  It took 9 weeks and:
     *   3 conference calls including one with 30 participants from the clearing company
     *   2 approvals by committees at the clearing company



You can say that this was absurd and should be changed. Yes, but it won˙˙t and we have no control over them.



With NAT we can change internal IP addresses at any time as long as we update the NAT tables.



This is not something important at ISP or hosting providers, but it˙˙s many issues like this in the corporate world that prevent IPv6 adoption. Things like static addressing, consistent behavior of IPv6 across different operating systems including disabling SLAAC,  privacy addressing and others.



Based on my experience and people on tech mailing list that are oriented toward enterprises, I would bet that IPv6 deployment (with global addresses) is significantly less than 10% nor is it on their horizon.



Matthew Huff | Director of Technical Operations | OTA Management LLC

Office: 914-460-4039
mhuff at ox.com<mailto:mhuff at ox.com> | www.ox.com<http://www.ox.com>
...........................................................................................................................................

From: NANOG <nanog-bounces+mhuff=ox.com at nanog.org> On Behalf Of Tom Beecher
Sent: Thursday, March 17, 2022 7:41 AM
To: borg at uu3.net
Cc: nanog at nanog.org
Subject: Re: V6 still not supported

˙˙It seems all the market needed was IPv4 with bigger address space.
Instead of delivering it, some contraption has been created trying to solve
non-existant (or already fixed) problems.˙˙

your argument against IPv6 is that they should have created a new version of IPv4, but bigger?

So˙˙ IPv6?

On Thu, Mar 17, 2022 at 06:32 <borg at uu3.net<mailto:borg at uu3.net>> wrote:
It seems team developing IPv6 had ONE way of doing things,
with is actually recipe for disaster. Why? Because they were building an IP
protocol. Something that will be using globally by ALL networks around.
Not some local IOT (useless) shit used here and there.
Thats why such IP protocol should be follow KISS concept and flexibility.
Some people have different vision how to run network. And because
Inter-net is an AS to AS network they should have right to do so.

In my opinion all that crypto stuff should be put layer upper because
crypto is hard, very hard and can get obsolete quickly.

Its same about other weird things embedded into IPv6 that probably
should go layer up. And now people wonder why IPv6 adoption is crap and
there is high resistance. IPv4 made mistakes too, but hell, it was the first.

It seems all the market needed was IPv4 with bigger address space.
Instead of delivering it, some contraption has been created trying to solve
non-existant (or already fixed) problems.

Just my 2 cents...


---------- Original message ----------

From: William Allen Simpson <william.allen.simpson at gmail.com<mailto:william.allen.simpson at gmail.com>>
To: NANOG <nanog at nanog.org<mailto:nanog at nanog.org>>
Subject: Re: V6 still not supported
Date: Wed, 16 Mar 2022 22:24:14 -0400

I'd wanted to clearly distinguish this from the old methods:

   This is intended to replace ARP, ICMP Router Advertisement, ICMP
   Redirect, ICMP Information, ICMP Mask, and OSPF Hello in the [IPv6]
   environment. There are also elements of the OSI ES-IS and IS-IS Hello.

We were forward looking to deployments of thousands of systems per link, rather
than the 30 maximum under then current ethernet standards.  We needed fewer
announcements, less chatty traffic, and more specific traffic designation.

We also prioritized network security.  Moreover requiring addresses be
ephemeral,
such that applications would not be able to tie authentication/authorization to
an
IPv6 address and would be motivated to use cryptographic security.

Unfortunately, later committees decided that rather than a single simpler
secured
address assignment scheme, we needed unsecured SLAAC and duplicate DHCPv6.
Three ways to do the same thing are always a recipe for disaster.

Reminder: I was an operator and one of the original NANOG members.

We spent a lot of time considering human factors.  I'd pioneered the
"Operational Considerations" section of the original draft RFCs.

IPv6 is a case study of what happens with committee-itis.

The small design team worked well.


More information about the NANOG mailing list