Re: [v6ops] IPv6-only section [draft-ietf-v6ops-enterprise-incremental-ipv6 WGLC]

It's also likely the case that at least some enterprises control portions
of
their environments well enough that mostly-IPv6 could potentially be much
more viable than a residential environment.  For example, a retail store
chain using
HTTP-based POS terminals and kiosks may have enough control over their
environment
that they could ideally deploy an IPv6-only environment and just use
NAT64/DNS64
to get to some of their supplier websites that still require IPv4.
It might also be attractive to some US Government agencies who control
the devices and clients within their network to use this approach as part
of meeting the OMB September 2014 mandate for IPv6 client support.
That could be simpler for those agencies than rolling out a dual-stack
environment.
(I'm very curious if either of these cases exists in production in the
field today...)

      Erik

On Thu, Aug 8, 2013 at 8:45 AM, cb.list6 <cb.list6@gmail.com> wrote:

>
> On Aug 7, 2013 9:24 PM, "Brian E Carpenter" <brian.e.carpenter@gmail.com>
> wrote:
> >
> > On 08/08/2013 16:08, cb.list6 wrote:
> > > On Aug 5, 2013 9:49 PM, "Brian E Carpenter" <
> brian.e.carpenter@gmail.com>
> > > wrote:
> > >> On a different topic, section 5 covers IPv6-only issues.
> > >> I'm a bit concerned that this might need a health warning:
> > >> deploying NAT64/DNS64 might cause pain and suffering.
> > >> Perhaps after this text:
> > >>
> > >>>    Together, RFCs
> > >>>    6146 and RFC 6147 provide a viable method for an IPv6-only client
> to
> > >>>    initiate communications to an IPv4-only server.
> > >> we should add something like:
> > >>
> > >>    At enterprise level, operating NAT64 and DNS64 services for
> > >>    heavy usage may have significant practical implications.
> > >>
> > >
> > > Can you be more specific? Pratical data?
> >
> > Not really, because I've never operated one in real life. It doesn't
> > strike me as the sort of service that most enterprise network
> > managers will be familiar with, and a v6-only site needing a normal
> > level of access to v4-land would end up sending most of its external
> > traffic via NAT64 and most of its external DNS queries via DNS64.
> > Therefore, these would become an important single point of failure
> > and a potential bottleneck. The text doesn't seem to point this out.
> >
>
> Agree with Joel, nat64 will be parity with common nat44 and firewalls in
> terms of availability
>
> Regarding majority of traffic, i believe the scales have tipped to show v6
> is the majority for campus networks, which is the best proxy in the
> available data
>
> http://www.worldipv6launch.org/measurements/
>
> These numbers also skew low since Apple has a non-deterministic happy
> eyeballs
>
> Given that enterprises and all users of IP are out of ipv4, so they need
> to not use ipv4 yet have access to it, guidance against nat64 will
> frustrate the issue.
>
> Guidance should be given to make as many flow v6 e2e. Full stop.
>
> CB
>
> >    Brian
> >
> > > CB
> > >
> > >> Also, the last paragraph of section 5:
> > >>
> > >>>    It is worth noting that for IPv6-only access networks that use
> > >>>    technologies such as NAT64, the more content providers (and
> > >>>    enterprises) that make their content available over IPv6, the less
> > >>>    the requirement to apply NAT64 to traffic leaving the access
> network.
> > >> A reference to RFC 6883 would fit nicely there.
> > >>
> > >> Regards
> > >>    Brian
> > >> _______________________________________________
> > >> v6ops mailing list
> > >> v6ops@ietf.org
> > >> https://www.ietf.org/mailman/listinfo/v6ops
> > >
>
>
> _______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops
>
>