<div><br></div><div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Nov 26, 2019 at 12:15 AM Sabri Berisha <<a href="mailto:sabri@cluecentral.net">sabri@cluecentral.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">----- On Nov 26, 2019, at 1:36 AM, Doug Barton <a href="mailto:dougb@dougbarton.us" target="_blank">dougb@dougbarton.us</a> wrote:<br>
<br>
> I get that some people still don't like it, but the answer is IPv6. Or,<br>
> folks can keep playing NAT games, etc. But one wonders at what point<br>
> rolling out IPv6 costs less than all the fun you get with [CG]NAT.<br>
<br>
When the MBAs start realizing the risk of not deploying it.<br>
</blockquote><div dir="auto"><br></div><div dir="auto">Hey, i have an mba. That and $5 will get me cup of coffee. </div><div dir="auto"><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
I have some inside knowledge about the IPv6 efforts of a large eyeball network. </blockquote><div dir="auto"><br></div><div dir="auto">Me too. </div><div dir="auto"><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">In that particular case, the cost of deploying IPv6 internally is not simply configuring it on the network gear; that has already been done. The cost of fully supporting IPv6 includes (but is probably not limited to):<br>
<br>
- Support for deploying IPv6 across more than 20 different teams;</blockquote><div dir="auto"> </div><div dir="auto">Wow. I support 80M mobile subscribers, 90% of which are ipv6-only. I think 20 people in the company can spell ipv6, but somehow you need 20 teams.... how many teams speak ipv4 ?</div><div dir="auto"><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
- Modifying old (ancient) internal code;</blockquote><div dir="auto"><br></div><div dir="auto">Ancient in 2019 means what? Is this code not in security compliance ?</div><div dir="auto"><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
- Modifying old (ancient) database structures (think 16 character fields for IP addresses);</blockquote><div dir="auto"><br></div><div dir="auto">Hash 128 bits into 240/4 is how i heard Google handled it early on </div><div dir="auto"><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
- Upgrading/replacing load balancers and other legacy crap that only support IPv4 (yeah, they still exist);</blockquote><div dir="auto"><br></div><div dir="auto">Again, with all the CVEs, this code is always moving in the real world. </div><div dir="auto"><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
- Modifying the countless home-grown tools that automate firewalls etc;</blockquote><div dir="auto"><br></div><div dir="auto">Home grown means it can be fixed instead of replaced. </div><div dir="auto"><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
- Auditing the PCI infrastructure to ensure it is still compliant after deploying IPv6;<br>
</blockquote><div dir="auto"><br></div><div dir="auto">Ah, so you are keeping up with compliance / cve and are upgrading at regular intervals? </div><div dir="auto"><br></div><div dir="auto"><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
If it was as simple as upgrading a few IP stacks here and there, it would be a non-issue.<br>
</blockquote><div dir="auto"><br></div><div dir="auto">Usually is just a few edge stacks to start and scale the edge</div><div dir="auto"><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
Don't get me wrong, I'm not advocating against IPv6 deployment; on the contrary. But it is not that simple in the real corporate world. Execs have bonus targets.</blockquote><div dir="auto"><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> </blockquote><div dir="auto">Why would an exec care? Ipv6 is just normal work like ipv4. </div><div dir="auto"><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">IPv6 is not yet important enough to become part of that bonus target: </blockquote><div dir="auto"><br></div><div dir="auto">The bonus target was normal business continuity planning... in 2008. Sorry you missed that one. Here you go, just put 1 in 2009 to make it 2019 so you dont look so bad</div><div dir="auto"><br></div><div dir="auto"><div><a href="https://www.arin.net/vault/knowledge/about_resources/ceo_letter.pdf">https://www.arin.net/vault/knowledge/about_resources/ceo_letter.pdf</a></div><br></div><div dir="auto"><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">there is no ROI at this point. In this kind of environment there needs to be a strong case to invest the capex to support IPv6.<br>
<br>
IPv6 must be supported on the CxO level in order to be deployed. <br>
<br>
Thanks,<br>
<br>
Sabri, (Badum tsss) MBA</blockquote><div dir="auto"><br></div><div dir="auto">I see....well let me translate it you MBA-eese for you:</div><div dir="auto"><br></div><div dir="auto">FANG deployed ipv6 nearly 10 years ago. Since deploying ipv6, the cohort experienced 300% CAGR. Also, everything is mobile, and all mobile providers in the usa offer ipv6 by default in most cases. Latency! Scale! As your company launches its digital transformation iot 2020 virtualization container initiatives, ipv6 will be an integral part of staying relevant on the blockchain. Also, FANG did it nearly 10 years ago. Big content and big eyeballs are on ipv6, ipv4 is a winnowing longtail of irrelevance and iot botnets. </div><div dir="auto"><br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
</blockquote></div></div>