Re: [v6ops] [Int-area] Still need to know what has changed.... Re: IPv10 draft (was Re: FW: v6ops - New Meeting Session Request for IETF 109 - IPv10)
Khaled Omar <eng.khaled.omar@outlook.com> Fri, 25 September 2020 14:03 UTC
Return-Path: <eng.khaled.omar@outlook.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C3513A0E28 for <v6ops@ietfa.amsl.com>; Fri, 25 Sep 2020 07:03:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=outlook.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gp9b2zLmCYKK for <v6ops@ietfa.amsl.com>; Fri, 25 Sep 2020 07:03:04 -0700 (PDT)
Received: from EUR03-DB5-obe.outbound.protection.outlook.com (mail-oln040092071075.outbound.protection.outlook.com [40.92.71.75]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 17A203A0E23 for <v6ops@ietf.org>; Fri, 25 Sep 2020 07:03:03 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=d6hxJqMrsF5V9doDsUvL77wHcgxy85d9w0hWvYwj9GItw60Q5yz7WU+1wjTWIqV/1Mmz7iJolhoCsyEiUmgc0hBtwcyNRx/6pd5YU8IDCHCgp7c+BdOJAS0j1/5BKuGbgbFbC/jFxHUbrd/U+shbJutg8CyQAA2YxDXsZGj82KDRbGF3f+utlAVH1+03uH0JSvbKasPdXuvKC6H/zRsI5a4jOsRN4d5x9fKStxEvxiLWcqtmPc0IyrWCx1l29b+BwkaXm1+oM7Uo1b4bW/97JB0AcI1R3NsSMwmtMT3iUImCLoFS5K0rbrI7T55fWFJ585Vb+twnM/JzJlTw4Ii5nw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dQdYZptWZ5OG3xziMevO3N5ryJOl4w8EkfcPQYhy890=; b=HTFeNDPqFoJNlZ6B9/GE+Fc0O0bTh99ow/8GetS0JuAa2oEMxTElRVg6wMFpgTFNqHmQveQtj3YVb35le1DAI1W8vczyQLmgk/CaR9KN4OKEU4FM2+M/lqYfKwBhvnCAIFoE43P0GZH5gkvXZIMc121NJG8G/asmnUw9poDL1/rhw5ff4vg4jJvNXeq9TWei7yw03gI6MYnwcw4B31iz0oTqSvXlKE/oCm6Q1cDuvEvU3xOu5pt96YOcfRJbuX3qEhn0thwphwwnDAotZNN7OgwUk25iggB5stcrnmDsKh8JNyMMCFMnyU0uCDoe8iWowETkHzbV/JlJKEVmQ6eOkQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dQdYZptWZ5OG3xziMevO3N5ryJOl4w8EkfcPQYhy890=; b=FEuoI7Nt3nWp1fpEdD+Msnc1s0IYhnK6Sftl/gUvthP104NQliqXEH2XrECJFvVzCfXANC7JNDgyo4RcrGVZ8NBbB5GmstRz8D3efBW7ZQpueVOamX28sYZkDtCX1QbC3K8lDG23UnDHIzm/qHot31pl0OmlohTB2/+2U2j94VXEFtX2Kza1PjgKHjpKfP68bgHI1RWMbhpOpySpMNJyraWoVUU13bhTH+u9tWP6tvwBu67WP9RT2L54fcK7jkF7fgefjxBgsH6ZIX6DqCZN0IegGTwcbA4VnxpJbwLXlNzpH/XgYcW+3HJqSc7KyfaoEdwyK4UdXD3MrAS4WRKlYQ==
Received: from VE1EUR03FT019.eop-EUR03.prod.protection.outlook.com (2a01:111:e400:7e09::41) by VE1EUR03HT040.eop-EUR03.prod.protection.outlook.com (2a01:111:e400:7e09::269) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3412.25; Fri, 25 Sep 2020 14:03:01 +0000
Received: from VI1P194MB0285.EURP194.PROD.OUTLOOK.COM (2a01:111:e400:7e09::43) by VE1EUR03FT019.mail.protection.outlook.com (2a01:111:e400:7e09::153) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3412.21 via Frontend Transport; Fri, 25 Sep 2020 14:03:01 +0000
Received: from VI1P194MB0285.EURP194.PROD.OUTLOOK.COM ([fe80::89f6:7540:e834:ffb8]) by VI1P194MB0285.EURP194.PROD.OUTLOOK.COM ([fe80::89f6:7540:e834:ffb8%5]) with mapi id 15.20.3412.024; Fri, 25 Sep 2020 14:03:01 +0000
From: Khaled Omar <eng.khaled.omar@outlook.com>
To: Ola Thoresen <ola@nlogic.no>, "v6ops@ietf.org" <v6ops@ietf.org>
Thread-Topic: [v6ops] [Int-area] Still need to know what has changed.... Re: IPv10 draft (was Re: FW: v6ops - New Meeting Session Request for IETF 109 - IPv10)
Thread-Index: AQHWky0j5DPKSZ6F40OTLMgU9JFvQal5OFwggAAH1wCAAAEWgIAAE7CAgAAA5qCAAAprgIAAAYCw
Date: Fri, 25 Sep 2020 14:03:01 +0000
Message-ID: <VI1P194MB02857F31ACD53EA5D49D3896AE360@VI1P194MB0285.EURP194.PROD.OUTLOOK.COM>
References: <VI1P194MB0285F47132384AC7C0D8A8DCAE3C0@VI1P194MB0285.EURP194.PROD.OUTLOOK.COM> <F2516A37-06B1-44FC-850F-307114B7D6A5@gmail.com> <VI1P194MB0285B8AE9ACE88D1AF051ADAAE3A0@VI1P194MB0285.EURP194.PROD.OUTLOOK.COM> <601FB9F8-DB83-4654-B652-BE07C49F7918@gmail.com> <5ab64d0ebef1402d8bf912b937d7c489@huawei.com> <VI1P194MB02850EAA7D945B9163C84399AE360@VI1P194MB0285.EURP194.PROD.OUTLOOK.COM> <ac5fc80a-ff06-18e2-b8bf-2e5e4c6a1d90@nlogic.no> <VI1P194MB028559BEA400CA9EE6C5B26DAE360@VI1P194MB0285.EURP194.PROD.OUTLOOK.COM> <bc175f41-39b8-49e4-69e5-409ead616062@nlogic.no> <VI1P194MB0285A695A93D630DD779FE24AE360@VI1P194MB0285.EURP194.PROD.OUTLOOK.COM> <6e03701a-457c-f228-fcb2-7aaf10e8ec99@nlogic.no>
In-Reply-To: <6e03701a-457c-f228-fcb2-7aaf10e8ec99@nlogic.no>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-incomingtopheadermarker: OriginalChecksum:22C8BA8181D07201668E747013CB2A2FA0AD5965ACC9C663397A1E1B6458C67E; UpperCasedChecksum:E2F705B14F514F75D938A70CB994CB3204F89133914DD2F1DC8A12B480F7A3E7; SizeAsReceived:7708; Count:43
x-tmn: [R5Xgd7UlCR55o0wvlGkova+BdjL5i0SI]
x-ms-publictraffictype: Email
x-incomingheadercount: 43
x-eopattributedmessage: 0
x-ms-office365-filtering-correlation-id: 3b0e6f7d-05b4-499a-7318-08d8615bb747
x-ms-traffictypediagnostic: VE1EUR03HT040:
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: pWZ8PW+L6UppoU+voCPWVD8tczE3TKr+mgtG4xHfLdQ2TXvQXN5bGD/XmvTYRNyEljoVfEo1lPsFP6SymoEQm+X2Eq8yVsdW0JtigFKA4EjaPiJ98w2h3unxiJWw3Jql/LO5kZHKxTpxbUkhK6SS9fdVKb+avczYPd8JV4/n2XQ1BnPpAeKlSEm9cdyhACwdbtiafW3uCbEbMKHX5IFK+r2lNfCENtayNpzFEN2Rp7gRgGmqc8pxu57Txg5bQbFp
x-ms-exchange-antispam-messagedata: bvVGMi51aQuN9BlBkAp2YHosZMq1mpmL30mMav/Vvp8KT5DngtC3PJwP87TGOjEaIp/cslXaV1wnl2YI9T9K8lUDGJbVcQWu3oKDq2TG3V8yiVfKuVRtwNAIECrZCHqMMRsvSroJTvpdtw1jGj2K0A==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-AuthSource: VE1EUR03FT019.eop-EUR03.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-CrossTenant-Network-Message-Id: 3b0e6f7d-05b4-499a-7318-08d8615bb747
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Sep 2020 14:03:01.6986 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Internet
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VE1EUR03HT040
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/GJ7v5yA8FNAdD5lRHgp9pNfPjXA>
Subject: Re: [v6ops] [Int-area] Still need to know what has changed.... Re: IPv10 draft (was Re: FW: v6ops - New Meeting Session Request for IETF 109 - IPv10)
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Sep 2020 14:03:06 -0000
I agree with most of what you said, but regarding ACLs and firewalls, they will use the same configuration after IPv10 and then they can add more configuration if needed when there are different source or destination addresses. Regarding the path, as mentioned, when ALL are updated (of course there will be a flag day) then everything will work in the best way and we will use both address spaces till full migration is accomplished. Best Regards, Khaled Omar -----Original Message----- From: v6ops <v6ops-bounces@ietf.org> On Behalf Of Ola Thoresen Sent: Friday, September 25, 2020 3:54 PM To: v6ops@ietf.org Subject: Re: [v6ops] [Int-area] Still need to know what has changed.... Re: IPv10 draft (was Re: FW: v6ops - New Meeting Session Request for IETF 109 - IPv10) On 25.09.2020 15:20, Khaled Omar wrote: >>> IPv6 is not held back by lack of support in hardware, software or operating systems. IPv6 is held back by policy and lack of demand. > This is what we call "Migration" which requires user's dependence. For an enterprise _user_, nothing is needed. It is managed by the enterprises IT-department, and is either enabled or disabled by them. For a home user, nothing is needed. Their ISP just needs to support it, and it must be enabled in their CPE with some sane security policies. And trust me. I have done multiple IPv4 -> Dual Stack "migrations" for both enterprises and ISPs. No involvement of the end users is required. But a LOT of work is required both in the enterprise IT department and at the ISPs to ensure that everything works as expected. >>> IPv6 is held back by policy in the big enterprises, that don't want to deal with another protocol. > That’s why IPv10 is needed, they have to do nothing about it, only keep using your IP version and that’s it. No, they don't. They need to enable this IPv10 protocol in their network, just as they need to enable IPv6 today. And they need to be sure that ALL their back office systems support it, that all their firewalls, access lists, applications etc. are up to date with new source and destination addresses (since they can now be both IPv4 and IPv6). And not only that. Today, if you are dual stack enabled. You need one access list for IPv4 -> IPv4 and one for IPv6 -> IPv6. With your suggestion, you would ALSO need to update all policies and firewalls and access lists and whatnot with policies for IPv4 -> IPv6 and IPv6 -> IPv4 as well, because some hosts are suddenly talking to hosts that they should not be allowed to, using another protocol than they would previously do. To me, this sounds like MORE work than to just going for dual stack in the first place. So, no. They can't just keep their IP-version. And they still need to update all other systems, logg-parsers, monitoring applications, you name it, from one protocol (most likely IPv4 only) to two protocols. IPv4 + IPv6. >>> And it would still require a customer demand for the ISPs to add it. If IPv4-only customers are not requesting IPv6 today - why would they start requesting "IPv10" tomorrow? > They will not request IPv10, they will have hosts support IPv10, this will not be accomplished by them but by OS developers. It does not matter if my host has IPv10 activated, if my ISP does not route IPv10 packets. And it does not even matter if my ISP routes IPv10 packets, if somewhere along the path from source to destination, there is a single router that does not support this protocol. So, yes. Even if my OS has IPv10, I would have to request my ISP to enable it to be able to talk to IPv6 hosts. And all their peers would have to enabled it. And in that case, I can just as well ask my ISP to enable IPv6, as that is already a mature protocol that is well implemented in all OSes already. Don't you see this simple thing? The problem is not the address of the source or destination host. The problem is all the hosts in between, which must be able to parse and understand this new protocol. And all the package-mangling that is done in hardware and software along the path of a packet traversing the internet. And _even_ if they all actually had the new protocol implemented in hardware and software (which in itself will take many, many years), you would STILL have the problem of the enterprises not wanting to deal with multiple protocols and of ISPs not wanting to turn in on for their customers because it might lead to more support requests, less security and added complexity, and we would basically be exactly where we are today with IPv6. Rgds, /Ola (T) _______________________________________________ v6ops mailing list v6ops@ietf.org https://www.ietf.org/mailman/listinfo/v6ops
- Re: [v6ops] [Int-area] Still need to know what ha… Fred Baker
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Fred Baker
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- [v6ops] Egyptian service provider issues with IPv6 Fred Baker
- Re: [v6ops] Egyptian service provider issues with… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Gert Doering
- Re: [v6ops] [Int-area] Still need to know what ha… Carsten Strotmann
- Re: [v6ops] [Int-area] Still need to know what ha… Vasilenko Eduard
- [v6ops] 2/3 of DNS traffic is IPv6 -- was: Re: [I… Gabor LENCSE
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Ola Thoresen
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Mikael Abrahamsson
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… otroan
- Re: [v6ops] [Int-area] Still need to know what ha… Nick Hilliard
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Ola Thoresen
- Re: [v6ops] [Int-area] Still need to know what ha… Ola Thoresen
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Ola Thoresen
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Bless, Roland (TM)
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Bless, Roland (TM)
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Bless, Roland (TM)
- Re: [v6ops] [Int-area] Still need to know what ha… Juan Carlos Zuniga
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Fred Baker
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Erik Kline
- Re: [v6ops] [Int-area] Still need to know what ha… Eric Vyncke (evyncke)
- Re: [v6ops] [Int-area] Still need to know what ha… Simon Hobson
- Re: [v6ops] [Int-area] Still need to know what ha… Vasilenko Eduard
- Re: [v6ops] [Int-area] Still need to know what ha… Khaled Omar
- Re: [v6ops] [Int-area] Still need to know what ha… Fernando Gont