Re: [v6ops] [Int-area] Still need to know what has changed.... Re: IPv10 draft (was Re: FW: v6ops - New Meeting Session Request for IETF 109 - IPv10)
Ola Thoresen <ola@nlogic.no> Fri, 25 September 2020 13:54 UTC
Return-Path: <ola@nlogic.no>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD5C23A0E7E for <v6ops@ietfa.amsl.com>; Fri, 25 Sep 2020 06:54:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.723
X-Spam-Level:
X-Spam-Status: No, score=-0.723 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, KHOP_HELO_FCRDNS=0.398, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Od0ePlMINm9M for <v6ops@ietfa.amsl.com>; Fri, 25 Sep 2020 06:54:06 -0700 (PDT)
Received: from mail.nytt.no (poseidon.nytt.no [178.62.243.165]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 31B293A0E41 for <v6ops@ietf.org>; Fri, 25 Sep 2020 06:54:05 -0700 (PDT)
Received: from olen-jobb.nlogic.no (host-77-234-50-66.lynet.no [77.234.50.66]) (authenticated bits=0) by mail.nytt.no (8.15.2/8.15.2) with ESMTPSA id 08PDs1Pt015807 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for <v6ops@ietf.org>; Fri, 25 Sep 2020 15:54:02 +0200
To: "v6ops@ietf.org" <v6ops@ietf.org>
References: <VI1P194MB0285F47132384AC7C0D8A8DCAE3C0@VI1P194MB0285.EURP194.PROD.OUTLOOK.COM> <F2516A37-06B1-44FC-850F-307114B7D6A5@gmail.com> <VI1P194MB0285B8AE9ACE88D1AF051ADAAE3A0@VI1P194MB0285.EURP194.PROD.OUTLOOK.COM> <601FB9F8-DB83-4654-B652-BE07C49F7918@gmail.com> <5ab64d0ebef1402d8bf912b937d7c489@huawei.com> <VI1P194MB02850EAA7D945B9163C84399AE360@VI1P194MB0285.EURP194.PROD.OUTLOOK.COM> <ac5fc80a-ff06-18e2-b8bf-2e5e4c6a1d90@nlogic.no> <VI1P194MB028559BEA400CA9EE6C5B26DAE360@VI1P194MB0285.EURP194.PROD.OUTLOOK.COM> <bc175f41-39b8-49e4-69e5-409ead616062@nlogic.no> <VI1P194MB0285A695A93D630DD779FE24AE360@VI1P194MB0285.EURP194.PROD.OUTLOOK.COM>
From: Ola Thoresen <ola@nlogic.no>
Message-ID: <6e03701a-457c-f228-fcb2-7aaf10e8ec99@nlogic.no>
Date: Fri, 25 Sep 2020 15:54:01 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0
MIME-Version: 1.0
In-Reply-To: <VI1P194MB0285A695A93D630DD779FE24AE360@VI1P194MB0285.EURP194.PROD.OUTLOOK.COM>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/QuymfKMTXNv55QZtpWU25j1MNP0>
Subject: Re: [v6ops] [Int-area] Still need to know what has changed.... Re: IPv10 draft (was Re: FW: v6ops - New Meeting Session Request for IETF 109 - IPv10)
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Sep 2020 13:54:11 -0000
On 25.09.2020 15:20, Khaled Omar wrote: >>> IPv6 is not held back by lack of support in hardware, software or operating systems. IPv6 is held back by policy and lack of demand. > This is what we call "Migration" which requires user's dependence. For an enterprise _user_, nothing is needed. It is managed by the enterprises IT-department, and is either enabled or disabled by them. For a home user, nothing is needed. Their ISP just needs to support it, and it must be enabled in their CPE with some sane security policies. And trust me. I have done multiple IPv4 -> Dual Stack "migrations" for both enterprises and ISPs. No involvement of the end users is required. But a LOT of work is required both in the enterprise IT department and at the ISPs to ensure that everything works as expected. >>> IPv6 is held back by policy in the big enterprises, that don't want to deal with another protocol. > That’s why IPv10 is needed, they have to do nothing about it, only keep using your IP version and that’s it. No, they don't. They need to enable this IPv10 protocol in their network, just as they need to enable IPv6 today. And they need to be sure that ALL their back office systems support it, that all their firewalls, access lists, applications etc. are up to date with new source and destination addresses (since they can now be both IPv4 and IPv6). And not only that. Today, if you are dual stack enabled. You need one access list for IPv4 -> IPv4 and one for IPv6 -> IPv6. With your suggestion, you would ALSO need to update all policies and firewalls and access lists and whatnot with policies for IPv4 -> IPv6 and IPv6 -> IPv4 as well, because some hosts are suddenly talking to hosts that they should not be allowed to, using another protocol than they would previously do. To me, this sounds like MORE work than to just going for dual stack in the first place. So, no. They can't just keep their IP-version. And they still need to update all other systems, logg-parsers, monitoring applications, you name it, from one protocol (most likely IPv4 only) to two protocols. IPv4 + IPv6. >>> And it would still require a customer demand for the ISPs to add it. If IPv4-only customers are not requesting IPv6 today - why would they start requesting "IPv10" tomorrow? > They will not request IPv10, they will have hosts support IPv10, this will not be accomplished by them but by OS developers. It does not matter if my host has IPv10 activated, if my ISP does not route IPv10 packets. And it does not even matter if my ISP routes IPv10 packets, if somewhere along the path from source to destination, there is a single router that does not support this protocol. So, yes. Even if my OS has IPv10, I would have to request my ISP to enable it to be able to talk to IPv6 hosts. And all their peers would have to enabled it. And in that case, I can just as well ask my ISP to enable IPv6, as that is already a mature protocol that is well implemented in all OSes already. Don't you see this simple thing? The problem is not the address of the source or destination host. The problem is all the hosts in between, which must be able to parse and understand this new protocol. And all the package-mangling that is done in hardware and software along the path of a packet traversing the internet. And _even_ if they all actually had the new protocol implemented in hardware and software (which in itself will take many, many years), you would STILL have the problem of the enterprises not wanting to deal with multiple protocols and of ISPs not wanting to turn in on for their customers because it might lead to more support requests, less security and added complexity, and we would basically be exactly where we are today with IPv6. Rgds, /Ola (T)
- Re: [v6ops] [Int-area] Still need to know what ha… Fred Baker
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Fred Baker
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- [v6ops] Egyptian service provider issues with IPv6 Fred Baker
- Re: [v6ops] Egyptian service provider issues with… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Gert Doering
- Re: [v6ops] [Int-area] Still need to know what ha… Carsten Strotmann
- Re: [v6ops] [Int-area] Still need to know what ha… Vasilenko Eduard
- [v6ops] 2/3 of DNS traffic is IPv6 -- was: Re: [I… Gabor LENCSE
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Ola Thoresen
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Mikael Abrahamsson
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… otroan
- Re: [v6ops] [Int-area] Still need to know what ha… Nick Hilliard
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Ola Thoresen
- Re: [v6ops] [Int-area] Still need to know what ha… Ola Thoresen
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Ola Thoresen
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Bless, Roland (TM)
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Bless, Roland (TM)
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Bless, Roland (TM)
- Re: [v6ops] [Int-area] Still need to know what ha… Juan Carlos Zuniga
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Fred Baker
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Erik Kline
- Re: [v6ops] [Int-area] Still need to know what ha… Eric Vyncke (evyncke)
- Re: [v6ops] [Int-area] Still need to know what ha… Simon Hobson
- Re: [v6ops] [Int-area] Still need to know what ha… Vasilenko Eduard
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Fernando Gont