[arin-ppml] Set aside round deux
Ted Mittelstaedt
tedm at ipinc.net
Sun Aug 1 04:47:03 EDT 2010
On 7/31/2010 8:22 PM, Owen DeLong wrote:
>
>>
>> I disagree unless you mean near ubiquity on the provider side. It's going to be many, many years before the end-users start using it even
>> though their provider offers it.
>>
> We shall see. I suspect it will happen a lot faster than you expect due
> to the pressure that will be brought to bear from strong economic
> incentives to deprecate IPv4.
>
I don't believe that because these economic incentives will not exist
for all orgs at the same time. It will be very lumpy, some orgs will
be desperate for the Internet to shift to IPv6 right away, others will
be uninterested for a few years.
>>> I also think that
>>> the post-runout IPv4 world is going to create a great deal of pressure to
>>> deprecate IPv4 much sooner than most people think
>>
>> I hope this is true.
>>
> I see one of two things happening:
>
> 1. The address market is a total flop, nobody wants to sell addresses
> at any price. Result: the need for addresses drives a strong and rapid
> shift towards IPv6.
>
> or
>
> 2. The address market is a wild success, /8s are deaggregated left
> and right and sold off as /24s everywhere. The routing table explodes.
> Creating a strong economic incentive to deprecate IPv4 just to keep
> the internet routable.
How about 3:
The address market is a wild success for about 6 months until all of
the IPv4 speculators and horders are tapped out, then it flops since
nobody who is actually USING IPv4 wants to sell it at any price.
Result is the need for addresses drives a strong self-generation
movement and for another 4-5 years orgs get very creative about
reallocating IPv4 addresses within their networks to squeeze out
unused IPv4.
>
>>> There are far too many organizations running IPv6 for me to believe that
>>> it cannot be deployed.
>>>
>>
>> And how many of those orgs are IPv6 ONLY?
>>
> Who said anything about IPv6 only. Deployment of IPv6 does not depend
> on deprecation of IPv4. Quite the opposite.
>
Nobody said that deployment of IPv6 is dependent on deprecation of IPv4.
However, you cannot base the notion that IPv6 is ready for production
on hundreds of dual-stacked orgs. As long as an org is dual-stacked it
simply has no credibility as an example for IPv6 being ready for
prime time and your wasting your time trying to convince someone who
does not believe IPv6 is ready.
It would be like someone trying to argue the advantages of everybody
riding the bikes to work, pointing out 50 cyclists who are biking to
work that day as evidence. Only the 4 bicyclists in that group of 50
who don't own cars are really walking the talk. And when you come back
the next day and it's raining buckets, sure as shootin your only gonna
see 4 bicyclists out there, not 50.
>>
>> Please keep in mind that people who do not have experience with
>> enterprise networks, who are coming at this from a small company
>> perspective, where everyone is single-homed, simply do not understand
>> the difficulties that NAT introduces to multi-site WANs. NAT
>> is the "poor man's firewall" to the single-homers and it is
>> deployed on millions of residential CPEs and works well on most of
>> them, so continuing to harp on how the lack of NAT is a benefit
>> to IPv6 goes completely over many people's heads.
>
> I have substantial experience with SOHO, small enterprise and
> large enterprise networks as well as service provider networks
> of just about any scale.
>
> The fact that NAT is widespread does not mean we can't deploy
> IPv6 without introducing that damage to IPv6. NAT is not the poor
> man's firewall, just a case of ignorance on the part of the poor
> man. The poor man's firewall is and has long been stateful
> inspection with a default deny inbound policy for all traffic not
> matching an existing state table entry. That works with or
> without the address mangling of NAT. NAT, on the other hand,
> does not work without stateful inspection.
>
> NAT does cause problems even for the single-homed small
> environment, whether those environments are aware of the
> problems or not.
>
Owen, I'm the choir your preaching to here, I'm just telling you
that if you want to have credibility with the unrepentant sinners
in the congregation you better start thinking like they do.
Your running around preaching the evils of NAT and half of these SOHO's
out there likely think your talking about some insect that flies up
their nose when they ride their bicycle. And the ones that know
what it is, they aren't aware of those NAT problems and so they
are going to conclude that NAT works fine. I'm just saying,
when preaching IPv6, you gotta flog a horse that the listener
understands.
Ted
More information about the ARIN-PPML
mailing list