Re: [ipv6-wg] Have we failed as IPv6 Working Group?
Michel Py <michel@arneill-py.sacramento.ca.us> writes:
Hi Carlos,
Carlos Friaças wrote : We have to acknowledge "IPv6 zealots" are real. Disclaimer: i think i was part of that group some years ago.
Indeed, and so was I. WAS.
As was I. Straws that broke my back finally were not being able to get a static IPv6 address out of comcast, my hurricane tunnel getting blocked by netflix, the still-huge prefix sub-distribution problem. The idea of dynamic 2 week prefixes in part of the world prone to earthquakes doesn't work for me... and my email over ipv6 is perpetually getting blocked. spamhaus blocked multiple attempts to get dave@taht.net (fully ipv6 enabled) to send mail ti this list. And I sat on it for an hour after clearing it, in the hope the block would clear. It didn't. Getting off email blocklists isn't a problem users can handle... and spamhaus has no means of interacting with me. I *really* wanted email right to my servers in my office to just work, over ipv6. Everywhere I've been lately (nicaragua, portugal) has switched to whatsapp. Damn it, I wanted ipv6 to roll out faster than it has. I'm in a half dozen RFCs, worked in IETF homenet, founded the cerowrt project with an explicit goal of making ipv6 more deployable (as we did!), *by actually implementing and distributing* more code based on the standards, and I plan to keep working on making ipv6 better, but that said, we need more running code, still, which only then can get into a deployment, and nobody's funding that. Nobody's implemented much of ietf homenet. there's no code to enable prefix distribution on android. those are my top two ipv6 bullet items. more universal SADR would help. Tunnels of all types "just working" would be good too. Perhaps with the chinese government mandating more ipv6, more open source code, at least, will get funded and written. Maybe not of the freedom and privacy enhancing stuff, though.
But Mr.Rey's reference about IPv6 deployment rates also makes a good point!
Nobody cares about deployment rates. What good does it do, if people don't use it ? This is more realistic : https://www.google.com/intl/en/ipv6/statistics.html During the week, we are below 25%.
One entertaining thing I've been up to is checking the state of multiple kinds of deployment in the coffee shops of the world with a string of simple tests anyone can do (after we package them up better) https://lists.bufferbloat.net/pipermail/bloat/2019-September/009334.html So far thats: Bufferbloat: 95% (starbucks is doing the right thing here, yea!) IPv6: 0% DNSSEC: 0%. "coffee shop testing" offers y'all the opportunity to go "fix it" by leaping over the counter, and/or to get a deeper grip on the real deployment problems we have with middleboxes along the edge. Sometimes leads to free coffee, too! Please have more meetings in coffee shops, not conventions! Does anybody here, know what the heck the 5G people plan to do with IPv6? and new places like starlink and oneweb and the like? I really hope the 5G folk are going to get ipv6 prefix distribution and SADR right, but have no data.
We also have to acknowledge "IPv4 zealots" are real.
And they are the ones with the money. The lobbyists. The connections. The banana peels. The 75% market share. The IPv4 zealots have not always been there; they have been created as a reaction to the nonsense of the IPv6 zealots. IPv6 replacing IPv4 is a delusion.
I should make clear I'm not a zealot of any sort on the ipv4 vs ipv6 front. (I freely confess to being zealous about fq_codel... but if you deployed it and looked at the data, I figure more would become one also! :)) I came to the reluctant conclusion last year that dual stack is going to be ~forever, that ipv6 was platauing in multiple ways and we needed to kick it harder, that the rollout stats vs actual usage were hopelessly overoptimistic... and went poking at what we could do to ALSO make ipv4 better as a third way out and have been plunking away it ever since. One thought was: Since there was demand for more IPv4, perhaps that would also fuel more updates to ipv6, as both require middlebox updates... As for money to make middleboxes better in *any* way, don't make me laugh. During the cerowrt project we approached everybody making money from the internet and multiple non-profits and got nowhere. I spent my own fortune on it, and got a lot of volunteers onboard, especially in the openwrt universe... and made things better, but I got nothing left. We need a new kame-like project to jointly handle the cracks in the ipv6 network architecture, standards and code, at the very least. The costs of "mo ipv4" are trivial in comparison.
3 months ago, I turned DECNET off on my network. It was actually not even an IT/network decision; customer decided they were done with a product, and we de-commissioned the tools with DECNET. Business decision. We run OS/2 Warp, MS-DOS, Windows 95, HPUX, Solaris, Windows 2000, and I probably forget some.
Please note the ipv4 extensions stuff won't work with most that "legacy" ipv4 stuff. It can, however, enable new applications and services to exist. Most of the IOT and SDN stacks already do work. Most don't have decent ipv6 support due to resource constraints. Perversely I kind of like the idea of a portion of the internet immune from legacy windows worms and viruses....
In 20 years, I will still need IPv4.
And it seems possible we can make more.
And I have enough IPv4 on my hands for the foreseeable future. I bought some recently, just in case.
I encourage the WG group to read this : https://www.internetgovernance.org/2019/02/20/report-on-ipv6-get-ready-for-a... And the full text : https://www.internetgovernance.org/wp-content/uploads/IPv6-Migration-Study-f... Serious work, paid by ICANN.
We cited that work in our presos on this subject as that was also key on gilmore, paul wouters and myself to start looking hard at what it would take to make ipv4 better in multiple ways. Please look it over!? The ipv4 unicast extensions project is one outgrowth of that: A string of trivial patches to a couple OSes and routing daemons and we're well on our way to being able to add 420m new addresses to the internet, within a 10 year time horizon. Politically... oh, lawd. I'm focusing on technical feasibility only at the moment. If you want some details about that, see the WIP here: https://github.com/dtaht/unicast-extensions/tree/master/rfcs I'd like lots more folk to review this before we punt it up to iana and the ietf, the RIRs and so on, and more to fiddle with 240/4 and 0/8, at least. Pay special attention to section 7.1. There's more than just this to make ipv4 better, possible. Taking flack on just this much is no fun, but can we get more folk thinking out of this box in general? We certainly aren't proposing that ipv6 wg's *disband* but if more folk would focus on making the code work and implementing more of the standards that exist, AND looking at deployment problems with an open mind and willingness to get in there and fix them, that would be a goodness. -- Dave Täht CTO, TekLibre, LLC http://www.teklibre.com Tel: 1-831-205-9740
Dave Taht wrote : https://github.com/dtaht/unicast-extensions/tree/master/rfcs I'd like lots more folk to review this before we punt it up to iana and the ietf,
IMHO, 240/4 is worth the effort as an extension to RFC1918 but the rest of that (127/8, 0/8) is not worth the effort. One or two more class A blocks does not change the big picture. And I suppose you are aware that there were several attempts before, including the last one submitted by APNIC, and that they all have been torpedoed by the IPv6 zealots. Michel.
Michel Py wrote on 04/10/2019 23:51:
And I suppose you are aware that there were several attempts before, including the last one submitted by APNIC, and that they all have been torpedoed by the IPv6 zealots.
The cost of making 240/4 usable is to update every device on the planet, including legacy ipv4 stacks. 240/4 is 16x/8. Before ARIN reached exhaustion, this would have constituted a little more than 1 year of RIR consumption. Bringing 240/4 into production won't change the principle that ipv4 address exhaustion is going to happen: the only thing it does is to move the date a couple of months down the road. There are plenty of people who are not ipv6 zealots, but who view this this as not worth it. Nothing fundamental is going to change, and the cost is very high. Nick
Nick Hilliard wrote : The cost of making 240/4 usable is to update every device on the planet, including legacy ipv4 stacks.
No it is not. It costs nothing to the Internet, it only costs to those who chose to use it as private address space. More FUD. Michel.
Hi, On Sat, Oct 05, 2019 at 04:13:48PM +0000, Michel Py wrote:
Nick Hilliard wrote : The cost of making 240/4 usable is to update every device on the planet, including legacy ipv4 stacks.
No it is not. It costs nothing to the Internet, it only costs to those who chose to use it as private address space. More FUD.
It's not "private address space" unless designated as such. But yeah, if only used internally, you just need to upgrade all those OS/2, Win95, WinXP systems, old internal routers, ... :-) Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
Nick Hilliard wrote : The cost of making 240/4 usable is to update every device on the planet, including legacy ipv4 stacks.
Michel Py wrote : No it is not. It costs nothing to the Internet, it only costs to those who chose to use it as private address space. More FUD.
Gert Doering wrote : It's not "private address space" unless designated as such.
Wrong again. It's not public unless given to RIRs to allocate it. FUD++ Michel.
On Sat, 5 Oct 2019 at 19:07, Michel Py <michel@arneill-py.sacramento.ca.us> wrote:
Nick Hilliard wrote : The cost of making 240/4 usable is to update every device on the planet, including legacy ipv4 stacks.
Michel Py wrote : No it is not. It costs nothing to the Internet, it only costs to those who chose to use it as private address space. More FUD.
Gert Doering wrote : It's not "private address space" unless designated as such.
Wrong again. It's not public unless given to RIRs to allocate it. FUD++
I think what Gert means is that this space has not been designated by IETF/IANA for *any* purpose yet. One way of looking at it is to acknowledge it is neither private nor public space at this moment in time. See the various columns here https://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-specia... Regards, Job
What is not FUD is that 240/4 is not currently routable through my home router So, "it costs nothing" .. well, it cost at least a configuration update, more likely a firmware update, and most certainly some hardware upgrade to support it. A pretty expensite "costs nothing", do not you think ? Regards, On 10/05/2019 07:06 PM, Michel Py wrote:
Nick Hilliard wrote : The cost of making 240/4 usable is to update every device on the planet, including legacy ipv4 stacks.
Michel Py wrote : No it is not. It costs nothing to the Internet, it only costs to those who chose to use it as private address space. More FUD.
Gert Doering wrote : It's not "private address space" unless designated as such.
Wrong again. It's not public unless given to RIRs to allocate it. FUD++
Michel.
ripe@jack.fr.eu.org wrote : What is not FUD is that 240/4 is not currently routable through my home router
Oh wow, you need 240/4 on your home router ? must be a pretty big home, if you don't have enough with 10/8 Michel.
Well, if someone has to use to to provide some kind of service, someone shall have the possibility to use this service If you are doing a network for yourself, you can use whatever range from 0/0 On 10/05/2019 07:27 PM, Michel Py wrote:
ripe@jack.fr.eu.org wrote : What is not FUD is that 240/4 is not currently routable through my home router
Oh wow, you need 240/4 on your home router ? must be a pretty big home, if you don't have enough with 10/8
Michel.
Hi,
Op 5 okt. 2019, om 19:27 heeft Michel Py <michel@arneill-py.sacramento.ca.us> het volgende geschreven:
ripe@jack.fr.eu.org wrote : What is not FUD is that 240/4 is not currently routable through my home router
Oh wow, you need 240/4 on your home router ? must be a pretty big home, if you don't have enough with 10/8
I must say I have had enough of your snarky remarks. They are very unproductive and do not contribute to this working group in any way. Please refrain from posting unless you have something to contribute please. Cheers, Sander
Sander Steffann wrote : I must say I have had enough of your snarky remarks. They are very unproductive and do not contribute to this working group in any way. Please refrain from posting unless you have something to contribute please.
Then unsubscribe me. What is very unproductive is the last twenty years you have failed to make IPv6 the prevalent protocol. That's half one's career, and you will spend the other half failing again. Great job. An entire career failing. Employers like people who achieve goals. Good luck. Michel.
On Sat, Oct 05, 2019 at 06:31:25PM +0000, Michel Py wrote:
Sander Steffann wrote : I must say I have had enough of your snarky remarks. They are very unproductive and do not contribute to this working group in any way. Please refrain from posting unless you have something to contribute please.
Then unsubscribe me. What is very unproductive is the last twenty years you have failed to make IPv6 the prevalent protocol. That's half one's career, and you will spend the other half failing again. Great job. An entire career failing. Employers like people who achieve goals. Good luck.
Michel, many of us are frustrated with the current state of affairs (for different reasons, however that isn't relevant). This frustration, those rage knots in your stomache, don't mean we should permit ourselves to submit unfiltered bitterness into each other's mailboxes. If the IPv4 vs IPv6 tussle is interpreted as a culture war, I think by now all sides are thoroughly confused and have no idea what is going on. Is this still part of a long game? Are we at a tipping point, just one final barrier, or wasting our breath? It is really hard to tell at times. I say "all sides" because there are more than 2 factions. There are people who like neither IPv4 or IPv6, or just one of the two. In this landscape there are quite some folks have staked their careers on either one of the address families, and even such circumstances we should be careful to avoid rhetoric devices like ad-hominem. Once deployed you immediately lost whatever debate was going on. In such instances it may be time to take a break. There are folks who have genuine belief systems in which they consider spending half of their career an absolute necessity towards some their personal higher goal. A friend recently told me "there's a thin line between passion and madness". In such a situation, the best I hope for, is that all sides at least acknowledge the possiblity that they themselves were the ones spending energy in a counter-productive direction. Before hitting "send" it is always good to consider what other interpretations of the email-being-replied-to are possible, consider what the author may have meant to say, and how your reply will affect them and the other readers. So, either strive to be excellent to each other, or refrain from posting. Kind regards, Job
Hi Job,
Job Snijders wrote : If the IPv4 vs IPv6 tussle is interpreted as a culture war,
It is war, but I don't think it is a matter of culture. After all, 20 years ago we almost all were in the same boat, more or less. Most of us believed that IPv6 could replace IPv4 in a reasonable number of years, and all of us were wrong, because it did not. It have become a war because of money, and the outcome will be decided by money, not by ideals. There are people who have admitted that, and people who have not and keep waging the war as they could still win it. Time to be nice has come, and gone. The IPv6 camp has clearly stated that their goal is to win the war. Battle time. Michel.
On 5 Oct 2019, at 15:44, Michel Py wrote:
Hi Job,
Job Snijders wrote : If the IPv4 vs IPv6 tussle is interpreted as a culture war,
It is war, but I don't think it is a matter of culture. After all, 20 years ago we almost all were in the same boat, more or less. Most of us believed that IPv6 could replace IPv4 in a reasonable number of years, and all of us were wrong, because it did not.
you are right Michel, it hasn’t yet. I did not have any number of years in my mind, but I was sure that it would quite long. The footprint of IPv4 Internet (including OS, devices, software, networks, …) is so so large, that it sure will take a loooooong time. Cobol is still in use… I don’t think IPv4 will be dead in my lifetime. But that does not mean we should not be working on its replacement to sustain the growth. To me IPv6 is the only viable solution. It has gone through pretty hard infancy, but is improving. Many of its great new ideas has been almost abandonned, but the larger address space remains a clear win over IPv4. To me, this whole discussion is moot. IPv6 has not yet took over IPv4 yet. But that does not mean we shall not continue working on improving IPv6 and deploying it and use it. Up to now, I have only see an increase of the number of nodes/trafic over IPv6, by any metric or monitoring system I’ve seen. The increase rate is not as most of us would like to be, but still positive. To me, if we see a decrease of usage of IPv6 over some significant period of time, then we shall discuss about the failing of IPv6. But we are not yet there. Regards, Marc.
It have become a war because of money, and the outcome will be decided by money, not by ideals. There are people who have admitted that, and people who have not and keep waging the war as they could still win it.
Time to be nice has come, and gone. The IPv6 camp has clearly stated that their goal is to win the war. Battle time.
Michel.
On Sat, Oct 05, 2019 at 03:56:18PM -0400, Marc Blanchet wrote:
Up to now, I have only see an increase of the number of nodes/trafic over IPv6, by any metric or monitoring system I’ve seen. The increase rate is not as most of us would like to be, but still positive. To me, if we see a decrease of usage of IPv6 over some significant period of time, then we shall discuss about the failing of IPv6. But we are not yet there.
I've observed IPv6 hitting a plateau (even a slight decrease!) in usage of IPv6 across multiple large networks measured over significant time. A publicly accessible graphs produced from the AMS-IX platform is available here: https://stats.ams-ix.net/sflow/ether_type.html IPv4 vs IPv6 is neatly normalized by presenting the traffic as a percentage rather than some absolute measure. I'm attempting to collect information from other platforms as well because I think this type of graph helps compare apples to apples. Growth of IPv6 traffic in absolute units is expected, if we consider IPv6 traffic usage a function of overall Internet traffic usage. Internet traffic appears to grow steadily. However, if IPv4 and IPv6 grow at the same rate, my interpretation would be that IPv4 use is not declining, thus IPv6 isn't growing, and we should indeed be discussing the current failing of IPv6. Some may argue that IPv6 traffic doesn't replace IPv4 traffic, that IPv6 traffic is new apps or new demand, but in a Happy Eyeballs / dualstack / nat64 world I'd consider that somewhat unlikely. Happy to hear other people's thoughts! Kind regards, Job ps. Before we venture into a tit-for-tat where we trade pictures of decline (e.g. IXP stats) against pictures of growth (google stats), I'd like to learn more why we see what we see in the current decline graphs.
Job Snijders wrote : I've observed IPv6 hitting a plateau (even a slight decrease!) in usage of IPv6 across multiple large networks measured over significant time.
I was expecting more than not even 3% IPv6 at AMSIX. I don't call it "significant time" yet. IMHO, it will take a few more years before we get a clear picture. IPv6 will plateau, I just don't think we know where and when yet. Or do we ?
However, if IPv4 and IPv6 grow at the same rate, my interpretation would be that IPv4 use is not declining, thus IPv6 isn't growing, and we should indeed be discussing the current failing of IPv6.
I did not start this thread, but it is time to acknowledge that talks of 100% IPv6 are not something that should be on the table at this time.
ps. Before we venture into a tit-for-tat where we trade pictures of decline (e.g. IXP stats) against pictures of growth (google stats), I'd like to learn more why we see what we see in the current decline graphs.
Do you measure what is happening on private interconnects ? MMR traffic ? I would guess that a good part of the IPv6 traffic is between large players, and that somehow they may have changed their peering scheme ? Michel.
On Sat, Oct 05, 2019 at 09:02:27PM +0000, Michel Py wrote:
Do you measure what is happening on private interconnects ? MMR traffic ?
Yes, looking at stats at NTT (a network which basically is only private interconnects), I see a similar pattern as we observe at AMS-IX. I'll see what detalis I can share. It would be nice if more players would share a normalised overview of IPv4 vs IPv6 percentages, just like AMS-IX does.
I would guess that a good part of the IPv6 traffic is between large players, and that somehow they may have changed their peering scheme ?
I find it hard to believe that two networks would end up exchanging IPv6 traffic over private connections, and at the same time keep IPv4 traffic on public IXPs or transit. That doesn't seem to align with the usual economic or security drivers behind peering. Ofcourse we can't exclude the possiblity this happens, but I am not aware of anyone who explicitly configured things to be that way. I'm beginning to suspect that the "there is lots of IPv6 traffic!" some folks report on is mostly between handsets (strictly controlled by the mobile provider) and a select few Big Content on-net cache devices. Even if we consider such an intranet IPv6 deployment part of the big-I Internet, it doesn't strike me as healthy. I posit: the further an IP packet has to travel, the less likely it is to be an IPv6 packet. Kind regards, Job
Michel Py wrote: Do you measure what is happening on private interconnects ? MMR traffic ?
Job Snijders wrote : Yes, looking at stats at NTT (a network which basically is only private interconnects), I see a similar pattern as we observe at AMS-IX. I'll see what detalis I can share.
I have to admit that your figures are a bit of a surprise; 2.5% IPv6 average. Thanks for sharing.
It would be nice if more players would share a normalised overview of IPv4 vs IPv6 percentages, just like AMS-IX does.
Indeed.
I find it hard to believe that two networks would end up exchanging IPv6 traffic over private connections, and at the same time keep IPv4 traffic on public IXPs or transit. That doesn't seem to align with the usual economic or security drivers behind peering. Of course we can't exclude the possiblity this happens, but I am not aware of anyone who explicitly configured things to be that way.
I was not aware of any either, I thought in Europe it could have been different. In the US, where would the traffic between Verizon wireless (heavy IPv6) and Google (IPv6 enabled) go ? In multiple MMRs / private interconnects ?
I'm beginning to suspect that the "there is lots of IPv6 traffic!" some folks report on is mostly between handsets (strictly controlled by the mobile provider) and a select few Big Content on-net cache devices.
Indeed. Just take Verizon wireless out and half of the IPv6 traffic disappears. Well, not half but certainly a sizable chunk. Google confirms this : https://www.google.com/intl/en/ipv6/statistics.html If you zoom in, you can see a clear weekly pattern of about 5%, which is clearly that at the office people use their office computer to Google during the week, and during the weekend thy use their mobile or their home ISP, Comcast being IPv6 heavy contributing to that. Same thing happens at new year : everyone is at home, so the IPv6 percentage is higher. Can you zoom your AMS-IX graphs so we can see if you have the same phenomenon ? A monthly IPv6 graph with the top of the graph being 3% ? Just right there, we can see clearly that if Google were to go IPv6-only, they would lose 1/6th of their traffic. (that is, IF the top of the graph was 100% IPv6, which it is not. If Google were to go IPv6-only today, they would lose 70% of their traffic). I suspect that the people in charge have made that analysis and that they are not going to lose that much of a customer base, especially when the base in question is business.
Even if we consider such an intranet IPv6 deployment part of the big-I Internet, it doesn't strike me as healthy.
It's why I call it a niche market. Only on environments that are completely controlled by the provider, where the user has no choice (and does not have a clue, anyway). It's an island. The bar is on the beach, and they keep it well stocked (CDN cache) so the booze flows in abundance, but it does not get out much. Healthy ? depends who you are. For them, I think it is. They have the customer completely locked.
I posit: the further an IP packet has to travel, the less likely it is to be an IPv6 packet.
+1 Michel.
On Sat, 5 Oct 2019, 'Job Snijders' wrote:
I posit: the further an IP packet has to travel, the less likely it is to be an IPv6 packet.
Looking at who has deployed IPv6 and how these people communicate, this is most likely true. IPv6 is most common today on eyeball<->CDN traffic. Looking at what kind of companies have deployed IPv6 to eyeballs, this is mostly larger ISPs. So we have a subset of ISPs and a subset of CDNs that both have deployed IPv6, and both these subsets tend to communicate over direct interconnections so these stats are not public. A lot of the organisations that were eager to deploy IPv6 have done so. Large companies with significant engineering resources that had to fight uphill to get evertthing to work. The organisations deploying IPv6 now might be less eager, but they will also have less struggle. A significant amount of development work to support IPv6 has been done already. It's still non-trivial work, but it should be easier than before. I also note clustering. Lots of companies are "followers". They will not be the first one to do something, but instead will copy someone else. In some countries there is lots of IPv6, and in others there isn't. I see the same way with DNSSEC validation and other technologies. The good thing now is that it's not useless to deploy IPv6. As soon as you turn on IPv6 to eyeballs, you get significant IPv6 traffic. I've heard people mention 50-70%, which is what my household also is at (mostly streaming video from CDNs). I don't think IPv6 has failed, I just think it's going to take a long time, and especially the last 10% is going to take a really really long time. Decades. -- Mikael Abrahamsson email: swmike@swm.pp.se
Thus wrote Mikael Abrahamsson (swmike@swm.pp.se):
I don't think IPv6 has failed, I just think it's going to take a long time, and especially the last 10% is going to take a really really long time. Decades.
At some point in time IPv4 code will rot, and see too little testing to be still useful, and around then v4 will die pretty quickly. Given we'll have enterprise walled gardens with v4 inside for a long time, that indeed will take decades. If you plan projects that span more than one decade, making sure it's IPv6 capable will at least save you money in the long run, because enterprise-only features come at a premium. regards, spz -- spz@serpens.de (S.P.Zeidler)
"S.P.Zeidler" <spz@serpens.de> writes:
Given we'll have enterprise walled gardens with v4 inside for a long time, that indeed will take decades. If you plan projects that span more than one decade, making sure it's IPv6 capable will at least save you money in the long run, because enterprise-only features come at a premium.
A couple of years ago I did an IPv6 workshop for a not so small SAP outsourcing company- I told them "what ever you do make sure your that everything you buy is IPv6 capable." About a year later I was told that they can't implement v6 because they just bought a internal cloud thing that did not support IPv6. Jens -- ---------------------------------------------------------------------------- | Delbrueckstr. 41 | 12051 Berlin, Germany | +49-151-18721264 | | http://blog.quux.de | jabber: jenslink@quux.de | --------------- | ----------------------------------------------------------------------------
100% of internet will happen 100% of all networks will not On 10/05/2019 11:02 PM, Michel Py wrote:
I did not start this thread, but it is time to acknowledge that talks of 100% IPv6 are not something that should be on the table at this time.
Marc, long time no see indeed ;-)
Marc Blanchet wrote : To me IPv6 is the only viable solution.
To me IPv4 is the only viable solution until a replacement for IPv6 is found. You know what I do for a living. Where are the US$ 2B I need to dual-stack ? I just can't afford it.
but the larger address space remains a clear win over IPv4.
Not to everyone.
To me, this whole discussion is moot. IPv6 has not yet took over IPv4 yet.
I saw that one coming a long time ago. Was a bit of a shock.
But that does not mean we shall not continue working on improving IPv6 and deploying it and use it.
You do what you have to do to insure your survival, and so do I. At this point in time, the IPv6 zealots, by doing everything they can to kill IPv4, are a nuisance that has to be eliminated. This 240/4 as an extension of RFC1918 thing is the perfect example of it. What does it cost IPv6 ? nothing. Why do the zealots torpedo it ? because anything that hurts IPv4 is good for them, or so they think. Net result : organizations that need more than 10/8 are now (and they are plenty of examples) squatting un-announced DoD space such as 30/8.
I don’t think IPv4 will be dead in my lifetime.
Then keep your dogs on leash. We can bark and bite, too. I am defending my ecosystem, and I am tired of the rethoric that IPv6 will take the world over. It will not. Michel.
Am 05.10.19 um 22:30 schrieb Michel Py:
This 240/4 as an extension of RFC1918 thing is the perfect example of it.
If 240/4 is to be given a different status than "reserved", the only valid option is "public unicast", spread across the RIRs as recovered space. As has been stated here may times, IPv4 is here to stay, so it's vital that relevant amounts of "new" space are put into the public pool.
Net result : organizations that need more than 10/8 are now (and they are plenty of examples) squatting un-announced DoD space such as 30/8.
Maybe someone should tell them about IPv6 then. -kai
Hi, On Sun, Oct 06, 2019 at 12:38:14AM +0200, Kai 'wusel' Siering wrote:
Net result : organizations that need more than 10/8 are now (and they are plenty of examples) squatting un-announced DoD space such as 30/8.
Maybe someone should tell them about IPv6 then.
or about the rumours that the DoD has been encouraged to make some of its address space available to ARIN ;-) cheers Enno -- Enno Rey @Enno_Insinuator
Michel Py wrote : This 240/4 as an extension of RFC1918 thing is the perfect example of it.
Kai 'wusel' Siering wrote : If 240/4 is to be given a different status than "reserved", the only valid option is "public unicast",
I agree with unicast, but not public.
spread across the RIRs as recovered space.
I have to disagree with that. I would agree if it was an achievable goal, but it is not. The multiple attempts over the years to make this space available have all failed, and there is a reason for it : it would create a second-class address space, that the devices with unpatched kernels would not be able to access. In other words : it would require an update to every device that connects to the Internet, which is too much hassle.
As has been stated here may times, IPv4 is here to stay, so it's vital that relevant amounts of "new" space are put into the public pool.
Maybe so, but that battle can not be won. Besides, a /4 would buy how much time ? a year or two ? it's futile. Focus on things that have a chance.
Enno Rey wrote : or about the rumours that the DoD has been encouraged to make some of its address space available to ARIN ;-)
The smiley was right on ! DoD has a trillion dollar budget, even at $1000 / IP it would not make a difference. They don't know anything that is less than a billion ;-) I had that question once, actually. - 10/8 is too small, which of the un-announced DoD blocks is the best to squat ? - You must be kidding, you want to squat IP space from people who have nukes and have used them on civilians before ? - Oh, they can't nuke us. They have a big base 1/4 mile away. - Oh great, now you are telling me that they have a freaking brigade next to your backyard and you are going to hijack one of their class A? - Squat, not hijack. Yeah, they'll never know about it. 30/8. There are so many orgs using it that the DoD will never release it. Michel.
Hi, On Sun, Oct 06, 2019 at 12:38:14AM +0200, Kai 'wusel' Siering wrote:
Am 05.10.19 um 22:30 schrieb Michel Py:
This 240/4 as an extension of RFC1918 thing is the perfect example of it.
If 240/4 is to be given a different status than "reserved", the only valid option is "public unicast", spread across the RIRs as recovered space. As has been stated here may times, IPv4 is here to stay, so it's vital that relevant amounts of "new" space are put into the public pool.
I'd actually say "private" is a better denomination. To make this useful as "public unicast", you need to upgrade *everything* in the path between a device using 240/4 and "whatever it wants to talk to", because un-upgraded routers or firewalls will just drop your packets otherwise - so, if RIPE were to give out a subnet of 240/4, it would not be very useful for "Internet" usage. OTOH, if you're willing to upgrade your multi-million enterprise network to make sure all devices support 240/4, it's all under your own control and can be done. (Would I do it? No... anything old won't grow support for it, and anything *new* can do IPv6 for new deployments - on islands, with gateways in between, but incidentially that's the only way a 240/4 deployment could succeeed as well. But hey, not my career to bet on 240/4 being useful :-) ) Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
Moin, am 06.10.19 um 10:59 schrieb Gert Doering:
Hi,
On Sun, Oct 06, 2019 at 12:38:14AM +0200, Kai 'wusel' Siering wrote:
If 240/4 is to be given a different status than "reserved", the only valid option is "public unicast", spread across the RIRs as recovered space. As has been stated here may times, IPv4 is here to stay, so it's vital that relevant amounts of "new" space are put into the public pool. I'd actually say "private" is a better denomination.
To make this useful as "public unicast", you need to upgrade *everything* in the path between a device using 240/4 and "whatever it wants to talk to", because un-upgraded routers or firewalls will just drop your packets otherwise - so, if RIPE were to give out a subnet of 240/4, it would not be very useful for "Internet" usage.
I didn't say it would be a quick win; I'm aware of the issues. 240/4 space would remain of limited reachability for the forseeable future. After being declared to become public space via an RFC, devices that still receive updates will learn about 240/4, thus lessening the reachablility issue over time, though. Rationale: an internal network needing more than 16 million IPv4 addresses (10/8) does have the power to solve their addressing needs with IPv6. This isn't true for newcomers that have to deal with old players not enabling v6. Please note: I'm not proposing do touch 240/4, 0/8 or 127/8, but _if_ those are touched, they should be given to the public. Regards, -kai
Kai 'wusel' Siering Rationale: an internal network needing more than 16 million IPv4 addresses (10/8) does have the power to solve their addressing needs with IPv6. This isn't true for newcomers that have to deal with old players not enabling v6.
I do not agree because it does not fit my use-case, but this is the best argument I have heard for many years. Keep in mind though : your idea is great, but it has been tried many times, for more than a decade, including by people who are respected players, big shots, and have serious clout, and it has repeatedly failed. What makes you think that you can make it work ? Everyone has tried, everyone has failed. Multiple times. I must have missed what news you have about it. Michel.
Am 07.10.19 um 06:07 schrieb Michel Py:
Kai 'wusel' Siering Rationale: an internal network needing more than 16 million IPv4 addresses (10/8) does have the power to solve their addressing needs with IPv6. This isn't true for newcomers that have to deal with old players not enabling v6. I do not agree because it does not fit my use-case, but this is the best argument I have heard for many years.
Keep in mind though : your idea is great, but it has been tried many times, for more than a decade, including by people who are respected players, big shots, and have serious clout, and it has repeatedly failed. What makes you think that you can make it work ? Everyone has tried, everyone has failed. Multiple times.
What exactly are you asking about? Un-reserving 240/4 in general, or adding it to the public space instead of wasting just more precious v4 space on intranets? First, and again, I do not aim to 'liberate' 240/4, 0/8 or 127/8. From my perspective IPv4 entered the stage 30+ years ago and is now on it's farewell tour — which will take some more decades, until it finally becomes irrelevant in the DFZ. Any changes to it, like changing 240/4's status, is robbing a dead body. But _if_ people are considering to do this, to me public unicast is the only valid option. Again, if you need more that 16 million IPs for your intranet, IPv6 is your answer. I understand you dislike that, fine by me; so go and grab unannounced public space, just be prepared for renumbering. A quarter of 44/8 is already in active use by AWS, more of that will happen: The Clouds need unprecedented amounts of v4 space. I have no doubt the RIR system will again fail to protect the newcomers, but raising my voice is the only thing I can do. I'm not a LIR, ATM I don't represent a LIR — and even if, as you already said, it's the money that decides. Which means: 240/8 e. g. needs to go to and used by AWS, 241/8 to GCP, 242/8 to CF; that should give lazy eyeball ISPs a reason to fix their v4 gear, and I think 6 months from an IANA announcement of 240/4 becoming public unicast to the first allocating is plenty of time for those involved. Would that fix end-to-end globally? No. Does it matter? Not really. ISP<>Cloud/CDN is what matters today; the rest will follow, taking the scenic route.
I must have missed what news you have about it.
You have missed my point completely – see the "please note" in my post –, presumably as it doesn't fit your point of view. I also have "enough" v4 space for the forseeable future for my use case; I came early to the party, and covered my needs. Unlike you, though, I still do look out of my swampy pool and ponder about how things _should_ be, in that tiny dinosaur brain of mine ;) -kai
Hi, On Mon, Oct 07, 2019 at 12:33:33PM +0200, Kai 'wusel' Siering wrote:
I have no doubt the RIR system will again fail to protect the newcomers,
I take a bit of offense here. We did what we could to "protect the newcomers" with the "last /22" policy, but "gone is gone" - there just is not enough v4, what else could we have done? Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
Gert Doering wrote on 07/10/2019 11:56:
I take a bit of offense here. We did what we could to "protect the newcomers" with the "last /22" policy, but "gone is gone" - there just is not enough v4, what else could we have done?
No need to take offense - it's normal for our species to want to assign blame when we're upset, and even more normal to want to fling poo at other people to show how upset we are. It's not as if ipv4 exhaustion snuck up on everyone unnoticed. If people don't like how things were handled, then why they didn't pipe up with their suggestions while the problem was being discussed any time over the last 25 years? It seems a bit odd to start complaining at the point that the registries were scraping the last bits of address space from the bottom of the barrel. Nick
Perhaps Kai referred to the RIR system as a whole, not RIPE specifically. If a /4 goes to the RIRs that would be a perspective we’d need to consider on a global scale. On Mon, Oct 7, 2019 at 20:19 Nick Hilliard <nick@foobar.org> wrote:
Gert Doering wrote on 07/10/2019 11:56:
I take a bit of offense here. We did what we could to "protect the newcomers" with the "last /22" policy, but "gone is gone" - there just is not enough v4, what else could we have done?
No need to take offense - it's normal for our species to want to assign blame when we're upset, and even more normal to want to fling poo at other people to show how upset we are.
It's not as if ipv4 exhaustion snuck up on everyone unnoticed. If people don't like how things were handled, then why they didn't pipe up with their suggestions while the problem was being discussed any time over the last 25 years? It seems a bit odd to start complaining at the point that the registries were scraping the last bits of address space from the bottom of the barrel.
Nick
On 07.10.19 13:21, Job Snijders wrote:
Perhaps Kai referred to the RIR system as a whole
I did. "the RIR system" does not mean "only RIPE". -kai
Kai 'wusel' Siering wrote on 07/10/2019 12:28:
On 07.10.19 13:21, Job Snijders wrote:
Perhaps Kai referred to the RIR system as a whole
I did. "the RIR system" does not mean "only RIPE".
spreading the blame out doesn't change much. The problem of ipv4 exhaustion has been under discussion since the early 1990s, and that discussion encompassed the role of the RIRs as a whole, 240/4, ipv6, the role of fairness in ip addressing policies and lots more besides. You're welcome to propose that large cdns be assigned 240/4, although I wonder about the optics and wisdom of handing out this address space exclusively to the large players, and politely declining everyone else. Nick
Moin, on 07.10.19 12:56, Gert Doering wrote:
I take a bit of offense here.
That's sad, and unintended; but that topic is totally OT here, as it is v4-only and about 1992-20something. -kai
* Gert Doering (gert@space.net) [191007 12:56]:
I take a bit of offense here. We did what we could to "protect the newcomers" with the "last /22" policy, but "gone is gone" - there just is not enough v4, what else could we have done?
Let me answer this from the newcomer's side: You did good and the policy is fine as it is. Some of us just adapted and implemented IPv6 rightaway, taking those breadcrumbs of v4 as fallback, while the dinosaurs kept whining about missing IPv6 support for their outdated windows 95 machines (which could be funny, if it wasn't so pathetic). We did this despite the fact that the old economy will use it's legacy ressources to keep us out of the business and those who couldn't afford to wait for the dinosaurs to die out are using lots of cash to ease their pain. Most newcomers COULD easily go v6-only and although there would be problems, they would be able to handle that while moving forward. That is ... IF those dinosaurs would move just a tiny bit and at least implemented a minimum of IPv6 on their public services and at least application proxies or nat64 for the rest of their cruft. But it's the same story as with climate change: The next generation doesn't have a voice in this game, but will pay for the greed of those who where lucky enough to be there for a long time when plenty of ressources where available and the same legacy people are now whining about the cost of change. Bjørn
We can surely pack up and go home after scraping up a /4. And we can even give it tactically to critical content delivery so people will be forced to move on it. As we speak the mobile industry is discussing IMSI depletion as it gears up to connect billion(s) of new gadgets to 5G. This is not a v4 vs v6 war, it’s v4 and v6. If anything, v6 should be focusing and doubling down on the new uses coming along and not freting about IT managers of broken intranets.
On 7 Oct 2019, at 11:33, Kai 'wusel' Siering <wusel+ml@uu.org> wrote:
Am 07.10.19 um 06:07 schrieb Michel Py:
Kai 'wusel' Siering Rationale: an internal network needing more than 16 million IPv4 addresses (10/8) does have the power to solve their addressing needs with IPv6. This isn't true for newcomers that have to deal with old players not enabling v6. I do not agree because it does not fit my use-case, but this is the best argument I have heard for many years.
Keep in mind though : your idea is great, but it has been tried many times, for more than a decade, including by people who are respected players, big shots, and have serious clout, and it has repeatedly failed. What makes you think that you can make it work ? Everyone has tried, everyone has failed. Multiple times.
What exactly are you asking about? Un-reserving 240/4 in general, or adding it to the public space instead of wasting just more precious v4 space on intranets? First, and again, I do not aim to 'liberate' 240/4, 0/8 or 127/8. From my perspective IPv4 entered the stage 30+ years ago and is now on it's farewell tour — which will take some more decades, until it finally becomes irrelevant in the DFZ. Any changes to it, like changing 240/4's status, is robbing a dead body. But _if_ people are considering to do this, to me public unicast is the only valid option. Again, if you need more that 16 million IPs for your intranet, IPv6 is your answer. I understand you dislike that, fine by me; so go and grab unannounced public space, just be prepared for renumbering. A quarter of 44/8 is already in active use by AWS, more of that will happen: The Clouds need unprecedented amounts of v4 space.
I have no doubt the RIR system will again fail to protect the newcomers, but raising my voice is the only thing I can do. I'm not a LIR, ATM I don't represent a LIR — and even if, as you already said, it's the money that decides. Which means: 240/8 e. g. needs to go to and used by AWS, 241/8 to GCP, 242/8 to CF; that should give lazy eyeball ISPs a reason to fix their v4 gear, and I think 6 months from an IANA announcement of 240/4 becoming public unicast to the first allocating is plenty of time for those involved. Would that fix end-to-end globally? No. Does it matter? Not really. ISP<>Cloud/CDN is what matters today; the rest will follow, taking the scenic route.
I must have missed what news you have about it.
You have missed my point completely – see the "please note" in my post –, presumably as it doesn't fit your point of view. I also have "enough" v4 space for the forseeable future for my use case; I came early to the party, and covered my needs. Unlike you, though, I still do look out of my swampy pool and ponder about how things _should_ be, in that tiny dinosaur brain of mine ;) -kai
On Sat, Oct 5, 2019 at 10:31 PM Michel Py < michel@arneill-py.sacramento.ca.us> wrote:
Marc, long time no see indeed ;-)
Marc Blanchet wrote : To me IPv6 is the only viable solution.
To me IPv4 is the only viable solution until a replacement for IPv6 is found.
But what other solution do you see, a brand new protocol that takes another x years for adoption, that will in far end still cause dual or better yet triple stack deployment? IPv4 will not be dead any time soon, this I think is clear to anyone dealing in network deployment, but again it (should) also be clear to these same people that to sustain and keep the anywhere-to-everywhere connectivity the IPv6 is the only viable option. To not be mistaken for me being on any of the "sides" for IPv6 or IPv4, currently I depend heavily on IPv4, but in the meantime I also deploy IPv6 in a safe (for my taste and acceptance) fashion, that is testing is key, should I conclude in my tests that a certain deployment doesn't work perfectly I delay it if possible. Again there is no perfect solution, we are just so used to doing things a certain way that we do them subconsciously and don't even think about the needed steps for certain things, where as when we deploy IPv6 for a certain service it usually needs us to think about things to make everything work right. IMHO there should be more work put into replacing/extending SMTP than thinking over IPv6, as most of the complaints I've seen were about IPv6 mail server deployment and problems with blacklists etc. "Fix SMTP" to annihilate SPAM and these problems will disappear too. Uros
Uros Gaber wrote : But what other solution do you see, a brand new protocol that takes another x years for adoption, that will in far end still cause dual or better yet triple stack deployment?
No. It has to be a single-stack protocol fully backwards compatible. Dual-stacking is the fatal flaw. In the old days, the thinking was something like "oh everyone will dual-stack for 2 or 3 years, and then IPv4 will die". The problem is, we are 20 years into it already and possibly another 20 years going forward. Dual-stacking for 40 years is not a solution. Yes, it will take decades, especially since it is not even started. I have all the time in the world.
IPv4 will not be dead any time soon, this I think is clear to anyone dealing in network deployment,
I don't think it is to everyone. I don't know if you read Nanog, do you know what the latest idea an IPv6 crackhead came up with to accelerate deployment ? Taxing IPv4. A $2/mo/per IP tax, worldwide. https://mailman.nanog.org/pipermail/nanog/2019-October/103279.html https://mailman.nanog.org/pipermail/nanog/2019-October/103280.html I'm guessing that what comes next is a constitutional amendment to prohibit IPv4.
but again it (should) also be clear to these same people that to sustain and keep the anywhere-to-everywhere connectivity the IPv6 is the only viable option.
It's not even on the agenda. I don't have to be ready. I am quite happy in my dinosaur swamp with my dinosaur friends, my dinosaur supply chain, my dinosaur customers, and my dinosaur transit providers. My swamp is quite big, too. It's called the Internet. The asteroid that was supposed to extinct us came, 4 years ago in the ARIN region. Did not hit anybody I know. Did not even feel any heat or tremors. The extinction event did not happen. I don't need the anywhere-to-everywhere connectivity. As a matter of fact, if the Internet becomes balkanized and v4 and v6 split, I would not mind a bit. The IPv4 ecosystem is big enough to survive on its own for the next 30 years. There are plenty of dinosaurs left, and a lot of them have pretty big teeth. Who's next on my dinner menu ? Michel.
... I guess this "war" is why some people want to make ipv6 as much like ipv4 as possible? Only . vs : and hex vs pure number as the only difference? ------- Roger Jørgensen rogerj@gmail.com On Sat, Oct 5, 2019, 21:44 Michel Py <michel@arneill-py.sacramento.ca.us> wrote:
Hi Job,
Job Snijders wrote : If the IPv4 vs IPv6 tussle is interpreted as a culture war,
It is war, but I don't think it is a matter of culture. After all, 20 years ago we almost all were in the same boat, more or less. Most of us believed that IPv6 could replace IPv4 in a reasonable number of years, and all of us were wrong, because it did not.
It have become a war because of money, and the outcome will be decided by money, not by ideals. There are people who have admitted that, and people who have not and keep waging the war as they could still win it.
Time to be nice has come, and gone. The IPv6 camp has clearly stated that their goal is to win the war. Battle time.
Michel.
Thus wrote Michel Py (michel@arneill-py.sacramento.ca.us):
Time to be nice has come, and gone. The IPv6 camp has clearly stated that their goal is to win the war. Battle time.
What theatralics. I want a 'net where I can do end-to-end, and where new things can happen. That can't be done with IPv4 (only) because v4 doesn't have sufficient addresses for this world. If some people want to stay IPv4-only forever: sure, if that makes you happy, just don't expect the rest of the world to hobble themselves so you won't miss out. Regarding your "I will blacklist your resume": you greatly overestimate your relevance. When I started networking the money was with OSI. The money did not win. Companies make bad decisions and fail. regards, spz -- spz@serpens.de (S.P.Zeidler)
Hi Michael,
Time to be nice has come, and gone. The IPv6 camp has clearly stated that their goal is to win the war. Battle time.
If you want a war that is your choice, but please go and fight it somewhere else. RIPE mailing lists are a place to be constructive and, as Job said, excellent to each other. Cheers, Sander
Sander Steffann wrote : If you want a war that is your choice, but please go and fight it somewhere else. RIPE mailing lists are a place to be constructive and, as Job said, excellent to each other.
Read the rest of my posts. I did not start the war. I did not start this thread. There are two ways to lose a war : lack of funds, and lack of courage. I have both. The war is global. Who do you think you are to tell me to take it somewhere else ? The chair of a mighty WG that has managed, in 20 years, to capture a whole 2.5% of the Internet traffic right in your own backyard at AMS-IX ? Kick me out of the mailing list, if you have the power to do so. Michel.
Michel Py wrote on 06/10/2019 00:53:
The war is global. Who do you think you are to tell me to take it somewhere else ? The chair of a mighty WG that has managed, in 20 years, to capture a whole 2.5% of the Internet traffic right in your own backyard at AMS-IX ?
Kick me out of the mailing list, if you have the power to do so.
Michel, It's not fully clear what points you're trying to make here. Is it that the RIPE Address Policy working group is responsible for global ipv6 adoption? Or that Sander is personally responsible for AMS-IX member IPv6 adoption policy? Or that Sander has any interest other than constructive discussion on RIPE working group mailing lists? This looks like a personal attack on Sander. This brings down the tone of the WG mailing lists and is terribly unnecessary. Please take this elsewhere. Nick
Dear WG, I apologise for coming late to the party, a long weekend to blame.. On Sun, Oct 6, 2019 at 10:53 AM Michel Py <michel@arneill-py.sacramento.ca.us> wrote:
If you want a war that is your choice, but please go and fight it somewhere else. RIPE mailing lists are a place to be constructive and, as Job said, excellent to each other.
Read the rest of my posts. I did not start the war. I did not start this thread. There are two ways to lose a war : lack of funds, and lack of courage. I have both.
The war is global. Who do you think you are to tell me to take it somewhere else ? The chair of a mighty WG that has managed, in 20 years, to capture a whole 2.5% of the Internet traffic right in your own backyard at AMS-IX ?
Kick me out of the mailing list, if you have the power to do so.
[with my co-chair hat on] Michel, I understand that you might be upset with the current state of affairs. However I believe the whole discussion would be much more productive we we refrain from personal and/or provocative remarks. Please be respectful to the WG participants, it would be highly appreciated. Thank you. -- SY, Jen Linkova aka Furry
On 10/8/19 8:28 AM, Jen Linkova wrote:
Dear WG, I apologise for coming late to the party, a long weekend to blame..
On Sun, Oct 6, 2019 at 10:53 AM Michel Py <michel@arneill-py.sacramento.ca.us> wrote:
If you want a war that is your choice, but please go and fight it somewhere else. RIPE mailing lists are a place to be constructive and, as Job said, excellent to each other.
Read the rest of my posts. I did not start the war. I did not start this thread. There are two ways to lose a war : lack of funds, and lack of courage. I have both.
The war is global. Who do you think you are to tell me to take it somewhere else ? The chair of a mighty WG that has managed, in 20 years, to capture a whole 2.5% of the Internet traffic right in your own backyard at AMS-IX ?
Kick me out of the mailing list, if you have the power to do so.
[with my co-chair hat on]
Michel, I understand that you might be upset with the current state of affairs. However I believe the whole discussion would be much more productive we we refrain from personal and/or provocative remarks.
*especially* provocative remarks. I haven't seen such toxicity in anyone's messages in this list. This rhetoric is alien to this list (and community I believe and hope). Please, take it some place where its tolerated, not here
Please be respectful to the WG participants, it would be highly appreciated.
Thank you.
Hi, On Sat, Oct 05, 2019 at 05:06:57PM +0000, Michel Py wrote:
Gert Doering wrote : It's not "private address space" unless designated as such.
Wrong again. It's not public unless given to RIRs to allocate it. FUD++
Uh, no. The IETF decides what it is, and if they say it's private (like they did with RFC1918), then it is. If they say it's "reserved", it's not up for grabs (neither for the RIRs not for any private deployment either). "Not RIR space" does not make it "private", there are at least 3 different states. Before calling FUD on others, please get your facts straight. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
On Sat, Oct 05, 2019 at 08:10:19PM +0200, Gert Doering wrote:
Uh, no. The IETF decides what it is, and if they say it's private (like they did with RFC1918), then it is.
If they say it's "reserved", it's not up for grabs (neither for the RIRs not for any private deployment either).
"Not RIR space" does not make it "private", there are at least 3 different states.
Best examples are 1.1.1.1 and 5.5.5.5 Anton
Hi, On Sat, Oct 05, 2019 at 09:24:13PM +0200, Anton Rieger wrote:
On Sat, Oct 05, 2019 at 08:10:19PM +0200, Gert Doering wrote:
Uh, no. The IETF decides what it is, and if they say it's private (like they did with RFC1918), then it is.
If they say it's "reserved", it's not up for grabs (neither for the RIRs not for any private deployment either).
"Not RIR space" does not make it "private", there are at least 3 different states.
Best examples are 1.1.1.1 and 5.5.5.5
1.1.1.1 is APNIC space, which was very officially given to CF and documented as such. inetnum: 1.1.1.0 - 1.1.1.255 netname: APNIC-LABS descr: APNIC and Cloudflare DNS Resolver project descr: Routed globally by AS13335/Cloudflare descr: Research prefix for APNIC Labs 5.5.5.5 is part of Telefonica's allocation inetnum: 5.4.0.0 - 5.7.255.255 netname: DE-MEDIAWAYS-20120425 country: DE org: ORG-TDG4-RIPE ... and anyone using it for their private VPN is squatting on address space not belonging to him (and yes, I think this was a fairly bad decision "back when this space was still free" - even then it was not "up for grabs"). Fairly easy this. If it's not yours, or designated as "free for all", you do not use it. Otherwise the ghosts of the Internet will come and haunt you. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
On 10/4/19 4:55 PM, Dave Taht wrote:
not being able to get a static IPv6 address out of comcast, my hurricane tunnel getting blocked by netflix, the still-huge prefix sub-distribution problem. The idea of dynamic 2 week prefixes in part of the world prone to earthquakes doesn't work for me...
I can think of several programmatic ways to deal with that. Or you can just buy Comcast's business service, which I think includes one IPv4 address.
that said, we need more running code, still, which only then can get into a deployment, and nobody's funding that.
Do you mean CeroWRT specifically, or code in general? I was thinking about some Hackathon projects to add IPv6 capability to open source projects. Seems to me the hardest part is making sure there's an adequate test environment.
But Mr.Rey's reference about IPv6 deployment rates also makes a good point! Nobody cares about deployment rates. What good does it do, if people don't use it ? This is more realistic : https://www.google.com/intl/en/ipv6/statistics.html During the week, we are below 25%.
(Replying to an item upthread) APNIC's statistics show that in almost every network that has IPv6, it is almost always used.
One entertaining thing I've been up to is checking the state of multiple kinds of deployment in the coffee shops of the world with a string of simple tests anyone can do (after we package them up better)
Yeah, we need the GoGo and ATTWifi and such of the world to deploy.
Since there was demand for more IPv4, perhaps that would also fuel more updates to ipv6, as both require middlebox updates...
As for money to make middleboxes better in *any* way, don't make me laugh. During the cerowrt project we approached everybody making money from the internet and multiple non-profits and got nowhere. I spent my own fortune on it, and got a lot of volunteers onboard, especially in the openwrt universe... and made things better, but I got nothing left.
We need a new kame-like project to jointly handle the cracks in the ipv6 network architecture, standards and code, at the very least.
The costs of "mo ipv4" are trivial in comparison.
Another thought I've had: One of the reasons small ISPs can't deploy IPv6 is that they don't control the features in the CPE, because they don't buy enough. I know a couple CPE vendors who would be happy to provide a specific feature set for a guaranteed purchase of a couple thousand units a month. This sounds like a good business to me: if a bunch of small ISPs each contract for a specific number of units, but require RIPE-554, RFC7084, and RFC8085, we could both get the needed features, and get a larger volume discount than they get now. Saving $1 per CPE is better than spending $20 for an IPv4 address for every new user. Please confirm my math. :)
3 months ago, I turned DECNET off on my network. It was actually not even an IT/network decision; customer decided they were done with a product, and we de-commissioned the tools with DECNET. Business decision. We run OS/2 Warp, MS-DOS, Windows 95, HPUX, Solaris, Windows 2000, and I probably forget some. Please note the ipv4 extensions stuff won't work with most that "legacy" ipv4 stuff. It can, however, enable new applications and services to exist. Most of the IOT and SDN stacks already do work. Most don't have decent ipv6 support due to resource constraints.
Perversely I kind of like the idea of a portion of the internet immune from legacy windows worms and viruses....
DECNET isn't on the Internet. I don't care if some crusty old boxes in dark corners of data centers whisper IPv4 among themselves. How would I even know?
In 20 years, I will still need IPv4. And it seems possible we can make more.
And I have enough IPv4 on my hands for the foreseeable future. I bought some recently, just in case.
I encourage the WG group to read this : https://www.internetgovernance.org/2019/02/20/report-on-ipv6-get-ready-for-a... And the full text : https://www.internetgovernance.org/wp-content/uploads/IPv6-Migration-Study-f... Serious work, paid by ICANN. We cited that work in our presos on this subject as that was also key on gilmore, paul wouters and myself to start looking hard at what it would take to make ipv4 better in multiple ways. Please look it over!?
The ipv4 unicast extensions project is one outgrowth of that: A string of trivial patches to a couple OSes and routing daemons and we're well on our way to being able to add 420m new addresses to the internet, within a 10 year time horizon.
You just mentioned your un-upgradable "OS/2 Warp, MS-DOS, Windows 95, HPUX, Solaris, Windows 2000," and now you say it's easy to upgrade. Lee
Ironically enough, I waited 24 hrs for the spamhaus block to clear on my ipv6 addr for my main email account, it still hasn't.
Lee Howard <lee@asgard.org> writes:
On 10/4/19 4:55 PM, Dave Taht wrote:
not being able to get a static IPv6 address out of comcast, my hurricane tunnel getting blocked by netflix, the still-huge prefix sub-distribution problem. The idea of dynamic 2 week prefixes in part of the world prone to earthquakes doesn't work for me...
I can think of several programmatic ways to deal with that.
Yeah, in the case of my 10 year + running hurricane tunnel and services running on it, I could have just blackholed netflix's ipv6 addresses. Ask your typical user to do that. In the end I pulled it down and tried to leverage the dynamic ipv6 allocation I get only to give up on that for a variety of reasons. As for the 2 week expiry time - hate it. Anyone that lived through the 1989 quake here and tried to keep a network even sort of running would hate it too. for real use a static ipv6/48 to distribute is needed. Dynamic ipv6 assignments are fine if you are doing trivial stuff but if ipv6 is ever to even start to supplant ipv4 it's got to become more static.
Or you can just buy Comcast's business service, which I think includes one IPv4 address.
I have comcast business service. I still couldn't last I checked, buy a static IPv6 network from them.
that said, we need more running code, still, which only then can get into a deployment, and nobody's funding that.
Do you mean CeroWRT specifically, or code in general?
Well, I was referencing the cerowrt project, which ran for 3 years, fixed about 120 bugs related to ipv6, and helped make openwrt entirely compatible with most ipv6 capable ISPs on the planet. And even with that there were a plethora of problems like too many RA's causing the firewall to reload too often that got fixed in cerowrt but not quite in openwrt, and lots I'm still pretty scarred from that effort. I remember losing hair to so many things. Stuff still dangling - 8 years later - are ipv6 reverse dns and prefix distribution more than one hop into the network. HOMENET's stuff is still too unstable to use and in a couple ways still inadaquate, even in theory.
I was thinking about some Hackathon projects to add IPv6 capability to open source projects. Seems to me the hardest part is making sure there's an adequate test environment.
Hackathons ARE useful tools for getting a short burst of focused work out of people sharing the same space and time, but too many are thinking hackathons alone will solve more detailed design, coding and iteration problems; it's one of those ideas trivializing the costs of "Real Programming(tm)" that really bugs me nowadays. I could share here the detailed project management stuff that went into cerowrt's run (3 years), or the outline of work we did for make-wifi-fast - which we've now been at for over 5 years now - 3+ to get fq_codel to work right on wifi, 2 to rework the API to work for more devices, and a pointer to the latest work which has been going for 3+ months now - and for all that we've only accomplished about 1/10th what we wanted to do, and only on 4 chipsets (most recently intel's ax200 chips) out of the hundreds. Certainly testing is one of the hardest parts, also.
But Mr.Rey's reference about IPv6 deployment rates also makes a good point! Nobody cares about deployment rates. What good does it do, if people don't use it ? This is more realistic : https://www.google.com/intl/en/ipv6/statistics.html During the week, we are below 25%.
(Replying to an item upthread)
APNIC's statistics show that in almost every network that has IPv6, it is almost always used.
I pointed to coffee shops as one counter example. To the lack of DHCPv6-PD on android (and I think, IOS) for tethering as another.
One entertaining thing I've been up to is checking the state of multiple kinds of deployment in the coffee shops of the world with a string of simple tests anyone can do (after we package them up better)
Yeah, we need the GoGo and ATTWifi and such of the world to deploy.
I'm more concerned at the moment that the 5G people aren't planning to do ipv6 right at all, and have no idea what the starlinks of the world, plan.
Since there was demand for more IPv4, perhaps that would also fuel more updates to ipv6, as both require middlebox updates...
As for money to make middleboxes better in *any* way, don't make me laugh. During the cerowrt project we approached everybody making money from the internet and multiple non-profits and got nowhere. I spent my own fortune on it, and got a lot of volunteers onboard, especially in the openwrt universe... and made things better, but I got nothing left.
We need a new kame-like project to jointly handle the cracks in the ipv6 network architecture, standards and code, at the very least.
The costs of "mo ipv4" are trivial in comparison.
Another thought I've had:
One of the reasons small ISPs can't deploy IPv6 is that they don't control the features in the CPE, because they don't buy enough.
I know a couple CPE vendors who would be happy to provide a specific feature set for a guaranteed purchase of a couple thousand units a month. This sounds like a good business to me: if a bunch of small ISPs each contract for a specific number of units, but require RIPE-554, RFC7084, and RFC8085, we could both get the needed features, and get a larger volume discount than they get now.
Yes, the smaller ISPs should join together in a buying club like that. Tried to get that going in NZ once. Failed. tried harder to make the aftermarket do the right thing - the eeros and google wifi's of the world are doing ok, the bottom part of the market just copy/pastes whatever's in openwrt at that moment, slaps a label on it and ships it. So we focused on making the openwrt base as good as possible.
Saving $1 per CPE is better than spending $20 for an IPv4 address for every new user. Please confirm my math. :)
I always thought that ISPs would invest in their CPE far more than they have. Free.fr being a shining example! ISPs get paid for modem rentals and have customer support costs that could be reduced - that should have been a great ongoing funding source and motivation, alone. but I know a few vendors, like evenroute, doing bufferbloat AND ipv6 right, that have totally failed to crack ISP market thus far. and for no reason I can think of, the rental folk don't push out new hardware OR new software to their users - I think charter made an effort to get docsis 3.1 stuff out there and retire all the docsis 2.0 gear in place, but not comcast. Secondly none of those ipv6 standards help when you still really need a real IPv4 address, so yer still out the $20, IF you can buy the /24s you need. And there's more ipv6 RFCs left without running, integrated code, to support them.
3 months ago, I turned DECNET off on my network. It was actually not even an IT/network decision; customer decided they were done with a product, and we de-commissioned the tools with DECNET. Business decision. We run OS/2 Warp, MS-DOS, Windows 95, HPUX, Solaris, Windows 2000, and I probably forget some. Please note the ipv4 extensions stuff won't work with most that "legacy" ipv4 stuff. It can, however, enable new applications and services to exist. Most of the IOT and SDN stacks already do work. Most don't have decent ipv6 support due to resource constraints.
Perversely I kind of like the idea of a portion of the internet immune from legacy windows worms and viruses....
DECNET isn't on the Internet. I don't care if some crusty old boxes in dark corners of data centers whisper IPv4 among themselves. How would I even know?
In 20 years, I will still need IPv4. And it seems possible we can make more.
And I have enough IPv4 on my hands for the foreseeable future. I bought some recently, just in case.
I encourage the WG group to read this : https://www.internetgovernance.org/2019/02/20/report-on-ipv6-get-ready-for-a... And the full text : https://www.internetgovernance.org/wp-content/uploads/IPv6-Migration-Study-f... Serious work, paid by ICANN. We cited that work in our presos on this subject as that was also key on gilmore, paul wouters and myself to start looking hard at what it would take to make ipv4 better in multiple ways. Please look it over!?
The ipv4 unicast extensions project is one outgrowth of that: A string of trivial patches to a couple OSes and routing daemons and we're well on our way to being able to add 420m new addresses to the internet, within a 10 year time horizon.
You just mentioned your un-upgradable "OS/2 Warp, MS-DOS, Windows 95, HPUX, Solaris, Windows 2000," and now you say it's easy to upgrade.
I didn't say it was "easy to upgrade" in the context of this legacy gear, I said it was easy to "add" 420m addresses. 240/4 is almost fully enabled in every OS except windows, for example. Fixed the last bug in it for linux and openwrt last december. Deploying. 0/8 now. Yea, people keep missing on this point. IPv6 is not globally reachable either. To try and clarify: A new IOT device trying to backhaul its data to 240.0.0.1 doesn't need to have a windows OS also trying to get to that same address. Is that clearer? A new application can try to use new IPv4 addresses. backtomymac runs over private ipv6 addrs, doesn't need to be accessible to anything else. Etc. Universal connectivity is dead as a dodo, regardless. On Sat, Oct 5, 2019 at 6:06 AM Lee Howard <lee@asgard.org> wrote:
On 10/4/19 4:55 PM, Dave Taht wrote:
not being able to get a static IPv6 address out of comcast, my hurricane tunnel getting blocked by netflix, the still-huge prefix sub-distribution problem. The idea of dynamic 2 week prefixes in part of the world prone to earthquakes doesn't work for me...
I can think of several programmatic ways to deal with that. Or you can just buy Comcast's business service, which I think includes one IPv4 address.
that said, we need more running code, still, which only then can get into a deployment, and nobody's funding that.
Do you mean CeroWRT specifically, or code in general?
I was thinking about some Hackathon projects to add IPv6 capability to open source projects. Seems to me the hardest part is making sure there's an adequate test environment.
But Mr.Rey's reference about IPv6 deployment rates also makes a good point! Nobody cares about deployment rates. What good does it do, if people don't use it ? This is more realistic : https://www.google.com/intl/en/ipv6/statistics.html During the week, we are below 25%.
(Replying to an item upthread)
APNIC's statistics show that in almost every network that has IPv6, it is almost always used.
One entertaining thing I've been up to is checking the state of multiple kinds of deployment in the coffee shops of the world with a string of simple tests anyone can do (after we package them up better)
Yeah, we need the GoGo and ATTWifi and such of the world to deploy.
Since there was demand for more IPv4, perhaps that would also fuel more updates to ipv6, as both require middlebox updates...
As for money to make middleboxes better in *any* way, don't make me laugh. During the cerowrt project we approached everybody making money from the internet and multiple non-profits and got nowhere. I spent my own fortune on it, and got a lot of volunteers onboard, especially in the openwrt universe... and made things better, but I got nothing left.
We need a new kame-like project to jointly handle the cracks in the ipv6 network architecture, standards and code, at the very least.
The costs of "mo ipv4" are trivial in comparison.
Another thought I've had:
One of the reasons small ISPs can't deploy IPv6 is that they don't control the features in the CPE, because they don't buy enough.
I know a couple CPE vendors who would be happy to provide a specific feature set for a guaranteed purchase of a couple thousand units a month. This sounds like a good business to me: if a bunch of small ISPs each contract for a specific number of units, but require RIPE-554, RFC7084, and RFC8085, we could both get the needed features, and get a larger volume discount than they get now.
Saving $1 per CPE is better than spending $20 for an IPv4 address for every new user. Please confirm my math. :)
3 months ago, I turned DECNET off on my network. It was actually not even an IT/network decision; customer decided they were done with a product, and we de-commissioned the tools with DECNET. Business decision. We run OS/2 Warp, MS-DOS, Windows 95, HPUX, Solaris, Windows 2000, and I probably forget some. Please note the ipv4 extensions stuff won't work with most that "legacy" ipv4 stuff. It can, however, enable new applications and services to exist. Most of the IOT and SDN stacks already do work. Most don't have decent ipv6 support due to resource constraints.
Perversely I kind of like the idea of a portion of the internet immune from legacy windows worms and viruses....
DECNET isn't on the Internet. I don't care if some crusty old boxes in dark corners of data centers whisper IPv4 among themselves. How would I even know?
In 20 years, I will still need IPv4. And it seems possible we can make more.
And I have enough IPv4 on my hands for the foreseeable future. I bought some recently, just in case.
I encourage the WG group to read this : https://www.internetgovernance.org/2019/02/20/report-on-ipv6-get-ready-for-a... And the full text : https://www.internetgovernance.org/wp-content/uploads/IPv6-Migration-Study-f... Serious work, paid by ICANN. We cited that work in our presos on this subject as that was also key on gilmore, paul wouters and myself to start looking hard at what it would take to make ipv4 better in multiple ways. Please look it over!?
The ipv4 unicast extensions project is one outgrowth of that: A string of trivial patches to a couple OSes and routing daemons and we're well on our way to being able to add 420m new addresses to the internet, within a 10 year time horizon.
You just mentioned your un-upgradable "OS/2 Warp, MS-DOS, Windows 95, HPUX, Solaris, Windows 2000," and now you say it's easy to upgrade.
Lee
-- Dave Täht CTO, TekLibre, LLC http://www.teklibre.com Tel: 1-831-205-9740
Hi all, On 05/10/2019 15:05, Lee Howard wrote:
that said, we need more running code, still, which only then can get into a deployment, and nobody's funding that.
Do you mean CeroWRT specifically, or code in general?
I was thinking about some Hackathon projects to add IPv6 capability to open source projects. here are the results of the IPv6-themed hackathon we did 2 years ago:
https://labs.ripe.net/Members/becha/results-hackathon-version-6 One of the projects have added some IPv6 capability to PCAP tools (libpcap) ... (links to code: https://github.com/RIPE-Atlas-Community/ripe-atlas-community-contrib/blob/ma... ) If you are interested in a follow-up event in 2020, please contact me. Regards, Vesna Manojlovic Community Builder RIPE NCC
participants (24)
-
'Job Snijders' -
Anton Rieger -
Bjoern Buerger -
Carlos Morgado -
Dave Taht -
Enno Rey -
Gert Doering -
Jen Linkova -
Jens Link -
Job Snijders
-
Job Snijders -
Kai 'wusel' Siering -
Lee Howard -
Marc Blanchet -
Michel Py -
Mikael Abrahamsson -
Nick Hilliard -
ripe@jack.fr.eu.org -
Roger Jørgensen -
S.P.Zeidler -
Sander Steffann -
Uros Gaber -
Vesna Manojlovic -
Yannis Nikolopoulos