[menog] IPv4 March 2011 depletion

Mon Nov 15 14:26:17 GMT 2010

On Mon, Nov 15, 2010 at 04:53:38AM -0800, Owen DeLong wrote:
> As long as you
> have NAT44 services on a segment, why would you put an IPv6-only
> host on the same segment? There's nothing to be gained by such an action
> other than pain and confusion.

It seems to me to be the only way to offer a phased rather than big-bang
approach to migration on a particular subnet, such as the subnet which sits
behind a home user's ADSL router.

As for enterprises, most have already deployed RFC1918 and NAT44 widely.  So
whilst turning on native IPv6 alongside it ought to be moderately easy, it
also doesn't yet offer any particular business reason to do so.

As you say, new subnets could be built as IPv6+NAT64, if they're happy to
take the pain.  A decent NAT64 gateway would be necessary not only to access
The Internet, but to access their own internal IPV4-only services.

> > AFAICS, the types of "forcing" required would be:
> > a. ISPs cease to offer V4 services at all (not even NAT44)
> 
> Which will happen when ISPs don't have any more external IPv4 numbers to
> use for NAT44 services.

If you put each DSLAM behind a single IP address, in theory you gain a 200:1
improvement in your utilisation.  You probably can't do much better than
that because of PAT port limitations, and in any case some of those users
will want (and pay for) their own V4 address, but it's probably enough to
deploy V4+NAT44 indefinitely using your existing address space.

You can also put loopbacks on your servers instead of having service
subnets.  And I know large ISPs who already build each server farm entirely
on private space and expose it as a single IP address to the outside world.

Admittedly, this all comes at a cost, but it's not infeasible. If the market
forces ISPs to deliver this, then they will.

> >> Equipment which does not know about IPv6
> >> should safely ignore it like any other unknown protocol.
> > 
> > I don't think "should" and hope is good enough. Any across-the-board change
> > to the service you provide has potential impact, and there are hundreds of
> > different types of no-name routers with buggy firmware, partial or untested
> > V6 implementations.  If and when those calls hit the callcentre, it would be
> > wise to be able to offer a quick solution to the affected customers, rather
> > than "sorry, your equipment doesn't work with our service, please buy a new
> > one or go somewhere else"
> > 
> Again, can you cite any specific example of equipment which breaks if IPv6
> is turned on, or, is this pure speculation on your part?

You can label it as "pure speculation" if you wish. I do have lots of
experience of specific models of ASDL routers not working with particular
models of DSLAMs, and of bugs in PPP implementations.  Whilst these are
mostly layer 1 problems rather than layer 3, all of this is stuff which
"should" just work, but doesn't.

So I would prefer to call it "risk identification" to suggest that if
tomorrow I turn on IPV6CP to hundreds of different types of cheapo ADSL
CPEs, some may break.  Some of these devices already break when they receive
specific IPV4 packets :-)

Anyway, my own opinion is irrelevant. What I'm trying to say is, it's the
opinion of the customers which is important: in particular the home users
and the enterprises who are primarily consumers of The Internet.

Businesses know what they are doing: they will deploy a new technology when
it can make them money, or save them money, at sufficiently low cost and
risk.

Regards,

Brian.