IETF Logo Mail Archive

Re: [v6ops] Google Alert - IPv6

Lee Howard <lee@asgard.org> Wed, 01 November 2017 14:07 UTC

Return-Path: <lee@asgard.org>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E021B13FAAF for <v6ops@ietfa.amsl.com>; Wed, 1 Nov 2017 07:07:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Vj4lP7H8G3vE for <v6ops@ietfa.amsl.com>; Wed, 1 Nov 2017 07:07:17 -0700 (PDT)
Received: from atl4mhob04.registeredsite.com (atl4mhob04.registeredsite.com [209.17.115.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7AD0113FAEF for <v6ops@ietf.org>; Wed, 1 Nov 2017 07:07:16 -0700 (PDT)
Received: from mailpod.hostingplatform.com ([10.30.71.209]) by atl4mhob04.registeredsite.com (8.14.4/8.14.4) with ESMTP id vA1E7A8R008490 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for <v6ops@ietf.org>; Wed, 1 Nov 2017 10:07:10 -0400
Received: (qmail 16382 invoked by uid 0); 1 Nov 2017 14:07:10 -0000
X-TCPREMOTEIP: 68.100.68.25
X-Authenticated-UID: lee@asgard.org
Received: from unknown (HELO ?192.168.1.160?) (lee@asgard.org@68.100.68.25) by 0 with ESMTPA; 1 Nov 2017 14:07:10 -0000
User-Agent: Microsoft-MacOutlook/14.7.2.170228
Date: Wed, 01 Nov 2017 10:07:04 -0400
From: Lee Howard <lee@asgard.org>
To: Dave O'Reilly <rfc@daveor.com>
CC: Warren Kumari <warren@kumari.net>, "v6ops@ietf.org" <v6ops@ietf.org>, Tore Anderson <tore@fud.no>
Message-ID: <D61F4B20.8AF09%lee@asgard.org>
Thread-Topic: [v6ops] Google Alert - IPv6
References: <f403045ef57ac52962055bd88b84@google.com> <20395E98-DA55-447F-BEFE-CB581A88BB78@gmail.com> <alpine.DEB.2.20.1710190655260.31961@uplift.swm.pp.se> <20171019083506.6627a166@echo.ms.redpill-linpro.com> <alpine.DEB.2.20.1710190856530.31961@uplift.swm.pp.se> <787AE7BB302AE849A7480A190F8B93300A056EB5@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <CAHw9_iLWAMexrfXwsdB8duGa5ueJMofqVRqNck6DeOzA=KChqA@mail.gmail.com> <C4E37677-A2FB-49F8-B362-C29B28DFD570@daveor.com> <D618D79F.8AA1A%lee@asgard.org> <DC812180-D32F-4DA6-A74D-22ACBB0576C8@daveor.com>
In-Reply-To: <DC812180-D32F-4DA6-A74D-22ACBB0576C8@daveor.com>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/xFgqQ4wG2Zi6Co7atHLtMNqBKxg>
Subject: Re: [v6ops] Google Alert - IPv6
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Nov 2017 14:07:19 -0000


On 10/29/17, 8:32 PM, "Dave O'Reilly" <rfc@daveor.com> wrote:
>
>> 
>> 
>>> Can we regulate our way out of this problem?
>>> ——————————————————————————————
>> 
>> Probably not. Countries with the highest IPv6 deployment have had either
>> no government influence, or little more than government talking with
>> industry about their IPv6 deployment plans. Countries with IPv6 mandates
>> on industry seem to have very low actual deployment.
>> 
>
>I completely agree with you that there are too many regulatory models
>around the world for a recommendation of regulatory solutions to this
>problem to be likely to meet with much success. However, Belgium has the
>highest IPv6 adoption rate on the planet according to
>https://www.google.com/intl/en/ipv6/statistics.html#tab=per-country-ipv6-a
>doption&tab=per-country-ipv6-adoption and I understand that the reason
>for this is that the telecoms regulator in Belgium required that a
>maximum of (I think it was) 16 people can be sharing a single IP address
>on a CGNAT at any given time. I forget the exact figures but it was
>definitely a regulatory intervention.


My understanding, which is indirect, is that Belgian law enforcement and
telecom regulators sat down with ISPs and said, “Our reading of EU law
says CGN is illegal.” And ISPs said, “We have to do CGN, or turn off the
Internet, (or maybe increase Internet prices to buy IPv4 addresses).”  So
the regulators agreed to forebear enforcement of the no-CGN law unless
address sharing exceeded 16 users per address.

I have been unable to find this agreement in writing, though. That might
be intentional.

So, yes, I suppose it is regulatory intervention, but it’s not new
regulation, it’s a different inteprpretation than other EU member states
have of EU law. And it’s not a regulation, it’s an unwritten understanding
(or forebearance). 

I would welcome correction if my understanding is inaccurate our outdated.


>
>>> 
>>> 
>>> However, the obvious question to ask is - are the Belgian authorities
>>> catching any more criminals now that they have such a high adoption
>>>rate
>>> of IPv6? Has the problem of crime attribution due to CGNAT gone away
>>>for
>>> them, or does it actually require global adoption of IPv6?
>> 
>> The question is more like, “Are Belgian authorities catching more
>> criminals than other countries in proportion to their IPv6 deployment?”
>> They’re probably not catching more bad guys than they were before CGN,
>> they’re just trying not to lose ground.
>> And the answer is probably not good, because although Belgium has great
>> numbers on eyeballs, their IPv6 deployment on content sites is still
>>weak
>> (https://www.vyncke.org/ipv6status/detailed.php?country=be ).
>> 
>> 
>
>Exactly! So they can attribute domestic IPv6 activity to domestic IPv6
>addresses but the second IPv4 to IPv6 transition takes place they’re no
>better off than anyone else.

Do you mean IPv6 is no better than CGN for attribution, or do you mean
IPv6 is no better than native IPv4?

>
>>> 
>>> The role of the IETF in this
>>> ——————————————————————————————
>>> 
>>> Right from the front page of the IETF website: "The mission of the IETF
>>> is to make the Internet work better by producing high quality, relevant
>>> technical documents that influence the way people design, use, and
>>>manage
>>> the Internet.”
>>> 
>>> Large scale address sharing technologies present a challenge to the
>>> management of the Internet so that seems to fit right within the remit
>>>of
>>> the IETF to me. Correct me if I’m wrong...
>> 
>> Not entirely, but this seems more operational to me, and might be better
>> targeted as a recommendation for how to manage servers.
>> 
>
>Well, the IETF has already published such recommendations (RFC6302). The
>question is what, if anything, else the IETF can/should do.
>
>I wrote this document and I didn’t really know what to do with it, so I
>published it as an internet draft and have been trying to collect input
>on what/where the best places to progress the conversation are…and here
>we are.

I do think it has been a good discussion. You might propose it as a talk
at NANOG, RIPE, or whatever your local NOG is. Even better would be to get
in front of web server operators, but I don’t know whether or where they
meet.

Lee


>
>daveor
>
>

v2.23.0 | Report a Bug | By Email