<html><head><style type="text/css"><!-- DIV {margin:0px;} --></style></head><body><div style="font-family:times new roman,new york,times,serif;font-size:12pt">Am I the only one who remembers when email clients let you respond in-line, <br>preserving context? Not just you--none of my mailers do it either.<br><br><br>> > "Why is it less expensive to buy a big NAT box to translate nearly all of your traffic than to migrate to IPv6?"<br><div style="font-family: times new roman,new york,times,serif; font-size: 12pt;"><div style="font-family: times new roman,new york,times,serif; font-size: 12pt;">> Lee, simply having Legal IDENTIFY (let alone find a way to mitigate) all the <br>> contractual and compliance issues that might be involved with such a switch <br>> would likely exceed the cost of a NAT box significantly....and that's only one <br>> small factor involved in making such a switch.<br><br>Legal issues with NAT:<br>* If you get
a subpeona for records related to an IP address, can you figure <br> out what device used that IP address? <br>* Can the legal requestor provide all of the data required to identify a host?<br> (IP address, timestamp, port number)<br>* The request was based on a server log someplace. Is its timestamp <br> accurate? Is yours?<br>* Does that server log include port numbers?<br>* How long do you have to retain logs, and what kind of logging server do <br> you need?<br><br>What are the legal issues related to IPv6?<br><br>> > "Vendors may not come to your rescue."<br>> This is entirely possible. However, there will be a large cash incentive for <br>> them to do so. Furthermore, it may not be MY rescue that they need to come <br>> to. Who is likely to be more negatively impacted by such a situation... the 1-5% <br>> of internet users who MAY initially be on IPv6 only....or the 95+% of the <br>>
existing IPv4 internet that can communicate with itself just fine???<br><br>Are you sure that none of that 1-5% is important to you?<br>It will increase over time, as nearly 200 million devices per year [1] are<br>added, and as people dual-stack so they can reach all of the Internet.<br><br>> Believe it or not....I'm alot more aware of the IPv6 situation then the <br>> average Enterprise Admin..... and I expect my attitude is not at all atypical. <br>> If there aren't some fairly robust solutions available by the time IPv6 hits.... <br>> then the problem is going to be alot more wide-reaching then you may think.<br><br>Yes, I believe it. The problem is not going to be more wide-reaching<br>than I think. I think we will have a fragmented Internet, where you just<br>can't get from some places to others. Several bad things follow from that.<br><br>> > "In most cases, IPv6 is simpler and cheaper than the
alternatives."<br>> This statement is impossible even as a generalization as the costs and <br>> impacts of IPv6 and it's ramifications vary wildly from Enterprise to <br>> Enterprise. Without understanding the specifics of each individual <br>> situation and the possible alternatives it is simply not possible to make <br>> such statements accurately.<br><br>"most" is accurate. <br><br>> IETF like many institutions (including ARIN) is subject to institutional <br>> biases....just mention NAT66 on an IETF mailing list and you'll see <br>> what I mean. Heck, I've gotten enough grief for mentioning NAT here <br>> on this list....despite the fact that many Administrators find it a valuable tool.<br><br><strong></strong>Drafts: <a class="ext-link" href="http://tools.ietf.org/html/draft-mrw-behave-nat66-02.txt"><span class="icon"> </span>http://tools.ietf.org/html/draft-mrw-behave-nat66-02.txt</a> <br>
Mailing List: <a class="ext-link" href="https://www.ietf.org/mailman/listinfo/nat66"><span class="icon"> </span>https://www.ietf.org/mailman/listinfo/nat66</a> <br>
Responsible AD: Ralph Droms <br><br><br>> Obviously when the time comes when it is necessary to start researching <br>> a solution (I'm assuming for the 2011, 2012 or 2013 budget cycles <br>> depending on how depletion goes)....if adequate solutions do not exist....<br>> then it's time to start considering other options and costs. Right now <br>> switching to IPv6 native is pretty far down on the list of options (possibly <br>> even below not having connectivity to the IPv6 only portion of the internet initially).<br><br>When is "when the time comes"? Is it when IANA runs out, or when ARIN<br>refused your address space request, or when your ISP can only give you <br>IPv6 for your new branch office, or when your users, customers, employees<br>or clients can't reach your servers? <br>My point is that now is the time to write your plan, so you know what it <br>will be. If you do so, the odds are high that a gradual
dual-stacking of<br>public-facing systems will mean you can wrap IPv6 into planned upgrades,<br>and won't have to buy a NAT box and hurriedly put together a whole edge<br>plan.<br><br>> > This is all still cheaper than just learning and using IPv6??<br>> Off the top of my head...by many orders of magnitude, yes. I find that <br>> taking a gradual approach and layering services on top of existing <br>> infrastructure to address specific needs is generally more cost effective <br>> then wholesale replacement of entire infrastructure. <br><br>That's exactly what I'm advocating. You probably don't need to replace<br>any hardware for IPv6 (you may want to replace something for other<br>reasons, and include IPv6 in your replacement decision).<br><br>> There are likely quite a few plans in the works at vendors which <br>> have not been made public yet. <br><br>Probably. But not much about IPv6 is secret. And if it is,
they're<br>doing it wrong.<br><br>> > "to an O/S issued in 2007 or later, which by end of 2011 is pretty <br>> > minimal; would you even allow something older on your network? "<br>> LOL.... you really aren't that familiar with Enterprises are you?? <br><br>Silly question. Yes, I know quite a bit about the enterprise networks<br>on which I consulted, and on the enterprise network I ran until a year<br>ago. They're aware of IPv6, and making sure their procurement <br>includes IPv6 support (in some cases allowing for a 2010 roadmap,<br>but not for infrastructure). <br><br>> I'm writing this from my Win2K Pro box right now. <br><br>Your argument is that in 2011, you will buy an appliance to translate<br>Internet traffic for your 11 year old operating system?<br><br>> It's really not <br>> THAT uncommon for an Enterprise to have some hw/sw that is 10 <br>> years old or more. <br><br>The point was about VPN
clients, which would be home machines.<br>Surely you're not sending your users home with Win2K on laptops?<br>People VPN from whatever laptop you provide them, or from their<br>home machine [shudder]. Your VPN server isn't ten years old?<br><br>> Right now XP is the standard on the Enterprise....it remains to be <br>> seen whether Windows 7 will pickup that mantle or not....and <br>> certainly there will be plenty of XP around in the Enterprise by the <br>> end of 2011. MS's life-cycle support for it extends out to 2014 or <br>> so I understand.<br><br>XP is also the standard in the home, with almost 70% share. But<br>Vista and 7 are 22% and rising fast.<br><span><a target="_blank" href="http://marketshare.hitslink.com/os-market-share.aspx?qprid=11">http://marketshare.hitslink.com/os-market-share.aspx?qprid=11</a></span><br><br><br>> IPv6 is a huge cost for near ZERO gain from my perspective <br>> (other then addressing
IPv4 runout). It's undoubted that we'll need <br>> connectivity to IPv6 address space at some-point. <br><br>That's pretty compelling. If you have to do it anyway, are you sure<br>it's cheaper to do it later than sooner? <br>I'm trying to see your point, but I don't understand what costs <br>
you're talking about.<br>It sounds like your plan is to wait until you have a lack of <br>connectivity to something you need (so one of your users is upset), <br>then quickly buy a translator to fix them problem. But since you <br>have to use IPv6 into your data center (colo, server room, whatever) <br>to get the magic box to work, and you have to run IPv6 eventually <br>anyway, why not skip the magic box and plan the migration?<br><br><br>Lee<br><br><span>[1] <a target="_blank" href="http://www.nro.net/documents/presentations/jointstats-sept09.pdf">http://www.nro.net/documents/presentations/jointstats-sept09.pdf</a></span><br><br><br></div></div>
<!-- cg7.c2.mail.re1.yahoo.com compressed/chunked Mon Dec 14 04:25:35 PST 2009 -->
</div><br>
</body></html>