<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=text/html;charset=iso-8859-1 http-equiv=Content-Type>
<META name=GENERATOR content="MSHTML 8.00.7600.16766"></HEAD>
<BODY style="PADDING-LEFT: 10px; PADDING-RIGHT: 10px; PADDING-TOP: 15px"
id=MailContainerBody leftMargin=0 topMargin=0 CanvasTabStop="true"
name="Compose message area">
<DIV><FONT face=Calibri>My comments below with a minor correction in the 1st
comment.</FONT></DIV>
<DIV><FONT face=Calibri></FONT> </DIV>
<DIV><FONT face=Calibri>-Ahmed</FONT></DIV>
<DIV><FONT face=Calibri></FONT> </DIV>
<DIV style="FONT: 10pt Tahoma">
<DIV><FONT size=3 face=Calibri></FONT><FONT size=3 face=Calibri></FONT><FONT
size=3 face=Calibri></FONT><FONT size=3 face=Calibri></FONT><FONT size=3
face=Calibri></FONT><BR></DIV>
<DIV style="BACKGROUND: #f5f5f5">
<DIV style="font-color: black"><B>From:</B> <A title=B.Candler@pobox.com
href="mailto:B.Candler@pobox.com">Brian Candler</A> </DIV>
<DIV><B>Sent:</B> Thursday, June 09, 2011 12:54 PM</DIV>
<DIV><B>To:</B> <A title=ahmed@tamkien.com href="mailto:ahmed@tamkien.com">Ahmed
Abu-Abed</A> </DIV>
<DIV><B>Cc:</B> <A title=menog@menog.net
href="mailto:'menog@menog. net'">'menog@menog. net'</A> </DIV>
<DIV><B>Subject:</B> Re: [menog] Rapid IPv6 deployment for World IPv6
Day</DIV></DIV></DIV>
<DIV><FONT face=Calibri></FONT><FONT face=Calibri></FONT><FONT
face=Calibri></FONT><FONT face=Calibri></FONT><FONT
face=Calibri></FONT><BR></DIV>
<DIV>On Thu, Jun 09, 2011 at 10:51:26AM +0300, Ahmed Abu-Abed
wrote:<BR>> >> Until the whole internet AND web
content AND networks AND<BR>> applications move to IPv6
ONLY then there will be a need for tunneling.<BR>>
Dual-stacking is needed but it doesn't solve the IPv4 depletion
issue,<BR><BR>But client-side tunnelling relies on having an IPv4 address too,
so it<BR>doesn't solve depletion.<BR></DIV>
<DIV><EM><FONT face=Calibri>>> It may not solve depletion but tunneling
accelerates IPv6 adoption, while "carrier grade" tunnels present a
more stable approach than multi-level NATs. Future networks will likely be
IPv6-only except for the dual-stack hosts that tunnel IPv4-in-IPv6 , a reverse
of today's tunnels. Refer to the DS-Lite standards among others, and this
approach is part of the 3GPP/LTE standards for mobile networks migration to
IPv6.</FONT></EM></DIV>
<DIV><EM><FONT face=Calibri></FONT></EM><FONT face=Calibri></FONT><FONT
face=Calibri></FONT><FONT face=Calibri></FONT><FONT face=Calibri></FONT><FONT
face=Calibri></FONT><FONT face=Calibri></FONT><FONT
face=Calibri></FONT><BR>Estimates I've seen so far from IPv6 day suggest that
although traffic was<BR>up, V6 accounted for between 0.02% and 0.3% of total
traffic. Of that, 90%<BR>was tunnelled (i.e. only 10% native). So
basically: (1) there is no<BR>signficiant IPv6 Internet today, and (2) if you
want to join what there is,<BR>you do indeed probably have to tunnel.<BR></DIV>
<DIV><FONT face=Calibri><EM>>> Tunnels solve the chicken and egg problem,
it allows IPv6 content to be accessible until IPv6 gains a wider installed base
which may take years. During the same time the burden of running IPv4
with no public addresses will grow. Both RIPE NCC and ARIN have publicly
endorsed tunneling to speed up IPv6 deployment.</EM></FONT></DIV>
<DIV><FONT face=Calibri></FONT> </DIV>
<DIV>That doesn't mean that installing a tunnel client is a good idea for
anyone<BR>except network specialists who know what they're doing.<BR></DIV>
<DIV><FONT face=Calibri><EM>>> Protocols that automate the setup of
carrier grade tunnels, such as TSP, make installing tunnels a plug and play
affair. Refer to my original email and try it to see for yourself. For zero user
intervention needs, there are CPE IPv6 Adapters that plug in an ethernet port on
an IPv4 home router and automatically setup IPv6-in-IPv4 tunnels (see
the ARIN Wiki on IPv6 CPEs). All these are carrier grade solutions and have been
deployed by tier-1 carriers.</EM></FONT></DIV><FONT face=Calibri></FONT><FONT
face=Calibri></FONT><FONT face=Calibri></FONT><FONT face=Calibri></FONT><FONT
face=Calibri></FONT>
<DIV><FONT face=Calibri></FONT><FONT face=Calibri></FONT><FONT
face=Calibri></FONT><FONT face=Calibri></FONT><FONT face=Calibri></FONT><FONT
face=Calibri></FONT><FONT face=Calibri></FONT><FONT face=Calibri></FONT><FONT
face=Calibri></FONT><FONT face=Calibri></FONT><BR>If random end-users start
installing this stuff without understanding it,<BR>then (a) they are probably
opening up security holes into their network, and<BR>(b) they may impede a later
smooth rollout of native v6.<BR></DIV>
<DIV><FONT face=Calibri><EM>>> Whether users dual-stack or tunnel to IPv6
the security requirements are mostly the same. Waiting for end-to-end
dual-stack to be deployed all the way to the home CPE to complete is a multi
year project. And I don't see IPv6-in-IPv4 tunnels impeding rollout of native
IPv6 if the tunnels clients AND servers are fully under control of the ISP and
part of their network. The rule here is for ISPs to avoid using Teredo, 6to4 and
ISATAP tunnels which, unfortunately, are everywhere.</EM></FONT></DIV>
<DIV><FONT face=Calibri></FONT> </DIV></BODY></HTML>