IETF Logo Mail Archive

[v6ops] Why enterprises aren't adopting IPv6 (Re: Implementation Status of PREF64)

Mark Smith <markzzzsmith@gmail.com> Thu, 30 September 2021 13:28 UTC

Return-Path: <markzzzsmith@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 70D2F3A0BDA for <v6ops@ietfa.amsl.com>; Thu, 30 Sep 2021 06:28:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.597
X-Spam-Level:
X-Spam-Status: No, score=-0.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.999, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D5P2Ft4M8N-i for <v6ops@ietfa.amsl.com>; Thu, 30 Sep 2021 06:28:04 -0700 (PDT)
Received: from mail-io1-xd36.google.com (mail-io1-xd36.google.com [IPv6:2607:f8b0:4864:20::d36]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1AFB03A0A0E for <v6ops@ietf.org>; Thu, 30 Sep 2021 06:28:04 -0700 (PDT)
Received: by mail-io1-xd36.google.com with SMTP id p80so7484176iod.10 for <v6ops@ietf.org>; Thu, 30 Sep 2021 06:28:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=S58unI3qP2BVeNWaNs+ukDEJX6NHR0iXeQzQCjpvoh4=; b=X+NEHfKrO/sPyxhcm0TslPZvmHUFmUjOWwPbz05XAsTIpq3bw36xvU9q+i0eXbkUAi P3myE/CK1xfsPmdGBU5dI3bcmD/BWWngKiD7RWvgb4RMrRJtfPmCIN2yhej6qxdgMTIY tYE1Z598/+8ks5a3y90HntnPWcGuZJPFehGxVVUEZwYmXw+4Gk2B+3yPSugGzLMeO12h szKwtvMqVrdMwqo8BXVWKoMtbeJ099h3kvzMadIF1FcWi3YLi+GoLE9MBpLwlEGpcq2z ygWhVrWaK/3kzvMS7uWpKSRnU/mTeDEG6lw6oMVZkeNsTRn/HfD5aF3fVOPrv6U3QRv9 mcAw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=S58unI3qP2BVeNWaNs+ukDEJX6NHR0iXeQzQCjpvoh4=; b=fIv9JnM9ED1GFA3a3NBQLRl8W0wP+9pofEE3PD1H86/PQ32CG4/QwT8wDidC6F/TQq MY2bmL3Q+WBDHM2vjBsp3s2bG+DliGThSBu5v6XWHnbQv3OJ5NaqA42la2MM1ho+9aBZ LSMDQZFrKi5iBXenlp/YGDfy41zvewa1PO5u9v/Pa8lEEkiOLJJPeRerXfQ6AOzh1RNs nejlhlyWHV2OxPCdh1yz5rslN8EqsyeBiwKtk12vCSLAsFI16XHtBE2fupwq8EMuxc3Q 2GWL+DHOhWL4B6wzoS+x4Foemo8R+J5l0A4XfmdcQn/sd2ENYx0zFBSA4nCnwxUdBrYZ 3jAg==
X-Gm-Message-State: AOAM533FoTakm27xeaE2r9C85L4JcXoGDM2DQNSe+O8wvctxs4zqVE3j J3FLw7hh4w9BiQtXWHpomQ1eXueq5StzbnOOMc3g8KRY
X-Google-Smtp-Source: ABdhPJzk4fsc+iDoMQSYejryuf49VtpnKNz4Ird+zUMKSjsCMLL/JvuOaNRgfTYKkvweRpCBPAQ3xIvjXv4dO4yHDsw=
X-Received: by 2002:a05:6602:1346:: with SMTP id i6mr3880563iov.128.1633008483230; Thu, 30 Sep 2021 06:28:03 -0700 (PDT)
MIME-Version: 1.0
References: <CAN-Dau2in52xSUkqKEXu=2AAiR4O_jLhna7hY-hshYDORfGtcQ@mail.gmail.com> <CAMGpriWFp4JPtqDK5tEj1RkS-SzEfvscfUUnxgK+o6qP2pusRA@mail.gmail.com> <6E95834D-12B3-447B-8326-8EDE9DC6FFB1@delong.com> <CAO42Z2zA-4cK489nxKsWUN8vvU0eAiz-jS0e-_eWPg+OmP8wLw@mail.gmail.com> <DDA36020-90CC-471B-83AD-3D98950F1164@delong.com> <CAO42Z2wdoSdJDOB2Zo0=ZK0ecOARRsdg2nbHZGSDOhryPbLfDw@mail.gmail.com> <F2BD0A42-E9AD-45DD-999A-638E73BE1177@delong.com> <CAKD1Yr2K3Gd3JD=NJFOoH6GYgs-8ACxRQB9-sKJ7cbF4_hxsow@mail.gmail.com> <0B533C71-5DB0-410D-A5A3-7E8FD559F214@delong.com> <CAKD1Yr3NoYfNT7+OVJoCCdgdif6AHHw29tNCPttS=-NuRZKv3w@mail.gmail.com> <DM6PR02MB692426B0EEDDC2C4D78D8EC0C3A89@DM6PR02MB6924.namprd02.prod.outlook.com> <CAKD1Yr25dtinLBeJpAuJ17NfLg7-ewM9QPvnXNuEJ8wiBQV9ig@mail.gmail.com>
In-Reply-To: <CAKD1Yr25dtinLBeJpAuJ17NfLg7-ewM9QPvnXNuEJ8wiBQV9ig@mail.gmail.com>
From: Mark Smith <markzzzsmith@gmail.com>
Date: Thu, 30 Sep 2021 23:27:50 +1000
Message-ID: <CAO42Z2zqf=F6OTDK2e8cMYXdPgMZ=SgFJcn7BTKYGgcYsLT2iw@mail.gmail.com>
To: Lorenzo Colitti <lorenzo=40google.com@dmarc.ietf.org>
Cc: "STARK, BARBARA H" <bs7652@att.com>, Jen Linkova <furry@google.com>, V6 Ops List <v6ops@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000008ee80e05cd366a8e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/QssVzFQ_3lpyP3ABnzAxlINElXE>
Subject: [v6ops] Why enterprises aren't adopting IPv6 (Re: Implementation Status of PREF64)
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Sep 2021 13:28:09 -0000

On Thu, 30 Sep 2021, 15:43 Lorenzo Colitti, <lorenzo=
40google.com@dmarc.ietf.org> wrote:

> On Wed, Sep 29, 2021 at 1:01 AM STARK, BARBARA H <bs7652@att.com> wrote:
>
>> I’m not aware of widely-deployed equipment that supports good RADIUS/RA
>> integration for similar device configuration via RA.
>>
>
> ISTR building a network that did this circa 2011, but it was not
> enterprise hardware, it was a Juniper BNG. It supported dynamic VLAN
> creation based on first-sign-of-life (or maybe RS), and got prefix
> information from RADIUS: Framed-IPv6-Prefix for the PIO in the RA,
> Delegated-IPv6-Prefix for subsequent PD requests.
>
>
>> <bhs> I mostly agree. Unfortunately, some governments are putting
>> pressure on enterprises and government networks (which are just a type of
>> enterprise network) to support IPv6. This is largely due to messaging
>> coming from the IETF. Maybe IETF should produce a Best Practice
>> recommendation that enterprise and government networks not support IPv6
>> until all tools they need to properly secure an IPv6-enabled network are
>> widely available as software updates to legacy equipment.
>>
>
> Do you actually think it's the equipment that's the issue here? Even if
> the equipment isn't capable of logging neighbour table bindings via syslog
> (which most vendors have for a while), scraping ND tables isn't that hard
> to do. I think the issue is more around operational familiarity and the
> idea that because we do things this way in IPv4 we must to do them the same
> way in IPv6 as well.
>

What is the main problem IPv6 was designed to solve?

Lack of IPv4 addresses.

What problem don't many enterprises have since they're using RFC1918s, and
could misuse 100.64/10 if they really need to get more.

Most enterprises don't have the main problem that IPv6 is designed to solve.

For IPv6 to be adopted by many enterprises, there will need to be other
reasons that are of business value.

Regards,
Mark




_______________________________________________
> v6ops mailing list
> v6ops@ietf.org
> https://www.ietf.org/mailman/listinfo/v6ops
>

v2.23.0 | Report a Bug | By Email