Re: [v6ops] Are we competitive?

[Xipengxiao <xipengxiao@huawei.com>]

Hi Clark,

The book that you are proposing has good value.  I think this can be the book for graduate students and end users.  I think eventually we may need 2-3 IPv6 books:


  1.  “IPv6 Quick Guide”, for network administrators in ISPs or enterprises
     *   Overview of IPv6 technologies (including transition solutions).
     *   Overview of IPv6 deployment status
     *   Considerations for operator deployment, and case studies
     *   Considerations for enterprise deployments, and case studies
  2.  “Master IPv6 in 21 Days for Higher Pay”, for graduate students and end users
     *   Chapter 1: a nice pedestrian introduction focused on the home user and setting up a single stack ssh bastion at the data center.
     *   Chapter 2: Windows ecosystem as dual stack (primarily single stack).
     *   Chapter 3: …
  3.  (Optional & possibly at a later time) “IPv6 Protocol Manual”, for whoever interested in protocol details
     *   Maybe Rick’s book “IPv6 Fundamentals: A Straightforward Approach to Understanding IPv6” already serves this purpose

Nick and Brian suggested that we write the book(s) at Github with Markdown.  I will further suggest that we let Brian be the managing editor for Book 1, and Clark for Book 2.  I volunteer myself for Book 1 if Brian is too busy.  Other people are welcome to volunteer too.  A managing editor has the following responsibilities:


  1.  Form a “design team” to decide the TOC, and designate writers for each chapter/section;
  2.  Approve contribution to the book and be responsible for the quality;
  3.  Coordinate with the other managing editor to minimize duplicate works.  For example, if both books have a “transition solutions” section, we could write a script so that Book 2 can automatically load the content from Book 1 (or vice versa), updated daily.

This is my proposal.  Please feel free to propose otherwise.  Thanks to all the people who have expressed intention to contribute.

XiPeng



From: Clark Gaylord <cgaylord@vt.edu>
Sent: Tuesday, August 9, 2022 2:11 AM
To: buraglio@es.net
Cc: Brian E Carpenter <brian.e.carpenter@gmail.com>; IPv6 Operations <v6ops@ietf.org>; Xipengxiao <xipengxiao@huawei.com>
Subject: Re: [v6ops] Are we competitive?

Similarly, I taught networking in Virginia Tech's Business Information Technology program in Spring 2020, and of course IPv6 was a first class citizen. I did use Kurose & Ross as the textbook, which does include some IPv6, though certainly not at the level we would need, and I had to supplement some material. I believe the final edition of Stevens does include some IPv6 as well.

Kurose & Ross is a good text, but frankly a little too "engineering" for the audience I was reaching then or what we need here; on the other hand it was far superior to Comer, which has not fared well with age and was the default choice for this class. That said, I encourage anyone who isn't familiar with *this* K&R :-) to check it out. One unique decision they made was to work *down* the stack in successive chapters instead of up. With just the IPv6 focus we're considering, this is less radical, perhaps.

I would concur that our target should be this level: MIS/BIT students are far more likely to be employed as operational IT and networking professionals than Computer Science. Focusing on a trade publication that could be a reasonable choice for the self-learner or as an applied textbook (or at least supplemental/second text) in a networking class of this type.

I've been thinking a lot about such a resource, especially (again) recently; of course I thought about this a lot in 2020, but then left VT etc etc. I think practical advice for "this is how you use it in production" should be the focus. As such, mostly dual stack networks and hosts are the norm. I do think it should include single stack: first as specific hosts where you know you do not intend global Internet (e.g. IPv6-only ssh bastion hosts), then how NAT64 could be used. I would personally eschew DHCPv6 except for PD -- RA, SLAAC, and privacy addresses are the reality on the ground, in my experience.

I have recently (literally today) convinced myself this text should first focus on hosts that live in an environment with IPv6 (both enterprise and home) and *then* a section on address planning and configuring the network. This is analogous the Kurose & Ross decision to go down the stack.

Arguably the networking section could be a second volume, but I think it is easy to over do this section and hence that inclination should be discouraged. It does need routing (OSPFv3, BGP) and interface templates (RAs), but this isn't where we need to get into routing protocol weeds. I would recommend a section on polling devices (ie netdisco, others exist too but let's not belabor the matter), because I think it is *the* essential asset required for security and management. But we should stay focused on "this is the config you should use" (and btw here is your Cisco and Juniper config snippet).

Chapter One: a nice pedestrian introduction focused on the home user and setting up a single stack ssh bastion at the data center. Assume data center with ssh bastion on a dual stack network, and your remote network (residential ISP or VPS) has IPv6 available. Go through enabling IPv6 on your residential ISP router, and using this to get to your bastion, binding ssh only to IPv6. Discuss how this remarkably reduces attack surface on bastion.

Chapter Two: Windows ecosystem as dual stack (primarily single stack). Not so popular with the geek crowd, perhaps, but this gets immediately into the "IT professional's head". If you have a dual stack route/switch network and configure your AD correctly, your Windows environment will be nearly 100% IPv6; I have run 100% IPv6 Windows in selected zones, but in the wild you'll still have some legacy IP. This is a good exercise to demonstrate.

I'm still working on the exact outline from here, and these ideas are still obviously a bit rough, but personally I'm drawing on my own experience running dual and single stack systems and networks over the last 20 years. Naturally, my perspective is colored by this experience, but as such, it is colored by what I know works and strong use cases for using IPv6, as well as the few legitimate pitfalls. NAT64 is in (admittedly a stretch goal), NAT66 and ULA are out; I'm disinclined to 464XLAT (again, predicated on what I do and what works today; I'm not TMobile nor is it our audience - sorry I think 464 is out). And, sad to say, I think dual stack by default is still in.

N.B. I would love to consider a dissenting opinion to my strident "don't bother with DHCPv6 unless you need PD(*)" approach, but only from the perspective of someone who actually runs it in comparable environments (and still supports SLAAC and privacy addresses, etc).


(*) And I think *operating* PD is probably out of scope for this effort, but if someone can write a short how-to section for the mom & pop ISP to setup PD then it would be a worthy add. Consuming PD on your residential network is clearly in.


I'm afraid that's a bit more than $0.02 worth, sorry about that. Please apply a few teaspoons of sugar if any of my opinions come off a bit tart.

Regards
Clark

On Fri, Jul 29, 2022, 13:16 Nick Buraglio <buraglio@es.net<mailto:buraglio@es.net>> wrote:
I have a few short chapters written on the process of migrating to IPv6-only. It does not cover fundamentals because I feel that it is well traveled information. It is also meant to be more of a pocket guide (i.e. short). As a potentially useless data point, at the university I was at prior to my current role, there was very little if any attention paid to operational networking in the CS department, and every student we got to do work for us in my entire tenure was largely unaware of IPv6, save for maybe one, who now works with us.
I gave more guest lectures on real world networking in the MIS department than the CS department by an order of magnitude, and even then it was very entry level.

nb


On Thu, Jul 28, 2022 at 21:34 Brian E Carpenter <brian.e.carpenter@gmail.com<mailto:brian.e.carpenter@gmail.com>> wrote:
On 29-Jul-22 10:00, Ed Horley wrote:
> I believe Rick Graziani updated IPv6 Fundamentals, Second Edition from Cisco Press in 2017. Prior to that, Tom Coffeen's IPv6 Address Planning book was published in 2014, and mine was published in Dec 2013 but I would not consider Tom or my book to be one you would necessarily use in a classroom for instruction.

I agree. For example, consider a general introduction to networking that you might find in a Computer Science major, which for the last many years has been based on IPv4 as a given. OK, sometimes you'll find a mention of IPv6. An example text book for such a course is Computer Networking, 8th Edition, James F. Kurose and Keith Ross, Pearson. I haven't seen that exact edition (published 2020) but the relevant bit of the contents says:

4.3    The Internet Protocol (IP): IPv4, Addressing, IPv6, and More
     4.3.1    IPv4 Datagram Format
     4.3.2    IPv4 Addressing
     4.3.3    Network Address Translation (NAT)
     4.3.4    IPv6

In other words, IPv6 is an afterthought.

(In the 7th edition, published 2016, but still widely in use, there are 5 pages on IPv6 following 20 pages on IPv4+NAT. Of course they look very out of date today.)

We want to see this:

4.3    The Internet Protocol (IP): IPv6, Addressing, Legacy IPv4
     4.3.1    IPv6 Datagram Format
     4.3.2    IPv6 Addressing
     4.3.3    Legacy: IPv4 and Network Address Translation (NAT)

Get students past that stage and then the dedicated IPv6 books can come into play.

    Brian

> My question would be, are you looking for a book to teach the fundamentals of the protocol? If so, Rick's book is more than sufficient and I would not be surprised if he will be updating it for a Third Edition. If you are not looking for a fundamentals book but something else, what is it you are looking for?
>
> On Thu, Jul 28, 2022 at 2:52 PM Xipengxiao <xipengxiao=40huawei.com@dmarc.ietf.org<mailto:40huawei.com@dmarc.ietf.org> <mailto:40huawei.com@dmarc.ietf.org<mailto:40huawei.com@dmarc.ietf.org>>> wrote:
>
>     Hi Brian,

>     Writing an IPv6 text book is a great idea!  I googled and the newest IPv6 book was from 2014.  At that time, IPv6 deployment has just started.  Many progresses have been made since then.  I think it’s warranted to write a new book.   Plus, the covers of those books associated IPv6 with snails and turtles.  It’s time to associate IPv6 with something faster like dinosaurs J
>

>
>     Who can better lead this effort than you, Fred, Eric Vyncke, Fernando et al?  I am willing to contribute a fair amount of time to this effort.  I hope other experts can contribute too.  Thanks. XiPeng
>
>     -----Original Message-----
>     From: Brian E Carpenter [mailto:brian.e.carpenter@gmail.com<mailto:brian.e.carpenter@gmail.com> <mailto:brian.e.carpenter@gmail.com<mailto:brian.e.carpenter@gmail.com>>]
>     Sent: Thursday, July 28, 2022 5:05 PM
>     To: Xipengxiao <xipengxiao@huawei.com<mailto:xipengxiao@huawei.com> <mailto:xipengxiao@huawei.com<mailto:xipengxiao@huawei.com>>>; Gert Doering <gert@space.net<mailto:gert@space.net> <mailto:gert@space.net<mailto:gert@space.net>>>
>     Cc: IPv6 Operations <v6ops@ietf.org<mailto:v6ops@ietf.org> <mailto:v6ops@ietf.org<mailto:v6ops@ietf.org>>>
>     Subject: Re: [v6ops] Are we competitive?
>
>     Hi XiPeng,
>
>     Mainly I agree and this is a very useful summary.
>
>     However, we should question whether RFCs are the correct way forward, rather than some kind of collaboration to produce an ideal text book.
>
>     For example, consider the 3 volumes of "TCP/IP Illustrated" by Stevens & Wright. I believe that had tremendous impact (published 1994, so no IPv6).
>
>     If we go the RFC route, won't we just end up with 520 IPv6 RFCs?
>
>     Regards
>
>          Brian Carpenter
>
>
>     On 29-Jul-22 06:59, Xipengxiao wrote:
>
>      > On Thu, Jul 28, 2022 at 02:51:43PM +1200, Brian E Carpenter wrote:
>

>
>      >  >> Following the ongoing discussion about "IPv6-only" and why sites are still IPv4-only, I have a question: Are we competitive?
>

>
>      >  > [Gert] This is a valid question, which I feel hard to answer for the general case.
>

>
>      > Let me be blunt and say that IPv6 is not as competitive as we want/think.  If we are to improve, we need to have a common understanding of the current IPv6 situation, the issues and the possible solutions. Here is my 2c for starting the discussion:
>

>
>      > IPv6 is currently like a messy forest:
>

>
>      > ·littered with dead trees (obsolete features/solutions),
>

>
>      > ·smell bad (many operations & performance issues),
>

>
>      > ·too many roads inside the forest (too many transition solutions, too many address types), not well marked (without clear solution guidelines), and fairly confusing
>

>
>      > ·the roads are difficult to walk (complex address architecture, debatable header design, many complex solutions like source/destination address selection, ND).
>

>
>      > This forest has 1 big advantage: plenty of O2 (addresses).  Consequently, many people avoid this forest but those really need O2 come. A small number of “grey/white wizards” (the experts) live in the forest. They know every tree (feature/solution) well.  But they tend to focus on fixing individual trees than fixing the forest.
>

>
>      > If we want to attract more residents to the forest (IPv6 adopters), it’s more important to fix the forest than to fix the trees.  Some ideas:
>

>
>      > ·Provide better tour guide book (i.e. IPv6 solution overviews): There are about 500 IPv6-related RFCs.  Some are obsoleted and some are conflicting.  I think we should summarizing them and providing guidelines, so that people can read fewer RFCs to master IPv6.  (e.g. the ND deployment guideline draft summarizing 30+ RFCs into 1 draft)
>

>
>      > ·Among the many possible routes (e.g. solutions), recommend only the most popular ones (e.g. recommend only Dual-Stack, 464XLAT and MAP-T among the 10+ transition solutions).
>

>
>      > ·Provide better road signs in the forest (i.e. solution guidelines): IPv6 solutions are almost complete.  Now it’s more important to write guidelines to simplify operations than to develop more solutions.
>

>
>      > ·Identify haphazard places in the forest, and post clear “caution” signs (i.e. identify IPv6 operations/performance issues, and provide guidelines/BCPs)
>

>
>      > ·Enlist existing residents to share experience on how to settle into this forest (i.e. case sharing from Cisco, Alibaba etc).
>

>
>      > BTW, upon the request of an enterprise, a few on-site attendees had a small side meeting on Monday.  Their **anonymous** opinions and future actions are summarized in the attachment for your info.  If you are interested to join the discussion and contribute, please voice up.  Thank you.  XiPeng
>

>
>     ___
>     v6ops mailing list
>     v6ops@ietf.org<mailto:v6ops@ietf.org> <mailto:v6ops@ietf.org<mailto:v6ops@ietf.org>>
>     https://www.ietf.org/mailman/listinfo/v6ops <https://www.ietf.org/mailman/listinfo/v6ops>
>
>
>
> --
> Ed Horley
> ed@hexabuild.io<mailto:ed@hexabuild.io> <mailto:ed@hexabuild.io<mailto:ed@hexabuild.io>>| (925) 876-6604
> Advancing Cloud, IoT, and Security with IPv6
> https://hexabuild.io <https://hexabuild.io/>
> And check out the IPv6 Buzz Podcast at https://packetpushers.net/series/ipv6-buzz/ <https://packetpushers.net/series/ipv6-buzz/>
_______________________________________________
v6ops mailing list
v6ops@ietf.org<mailto:v6ops@ietf.org>
https://www.ietf.org/mailman/listinfo/v6ops
[https://mailfoogae.appspot.com/t?sender=aYnVyYWdsaW9AZXMubmV0&type=zerocontent&guid=a660b06a-492d-4811-b561-8a65bf7ceb09]ᐧ
_______________________________________________
v6ops mailing list
v6ops@ietf.org<mailto:v6ops@ietf.org>
https://www.ietf.org/mailman/listinfo/v6ops