Re: IPv6 Deployment for the LAN

[Joe Maimon <jmaimon () ttec com>]

Owen DeLong wrote:
> On Oct 22, 2009, at 4:27 PM, Joe Maimon wrote:
> > NAT wasnt a component of IPv4 until it was already had widespread 
> > adoption. I remain completely unconvinced that people will not 
> > continue to perceive value in PAT6 between their private and their 
> > public subnets.
> People may perceive value, but, I truly hope that they won't be able to 
> obtain the "functionality".  It's just a very bad idea that does 
> terrible things to the network. NAT/PAT was a necessary evil in IPv4 to 
> extend the lifetime of the addressing until IPv6 could be almost ready. 
> It should be allowed to die with IPv4.

I have had the privilege of seeing quite a few different organizations 
networks up close and personal, from small to very large, networks and 
organizations.

I can recall two, both in academia, that used global unique to the 
desktop, firewalled of course.

I can think of another two who chose to use public ASN and BGP because 
of input I was part of. Neither obtained PI space. Neither used global 
unique addresses anywhere near an internal server or desktop.

Most of the rest use private space exclusively internal and different 
chunks of public space from different providers, from /24 - /28.

For redundancy and load balancing, the tool of choice is natting load 
balancers or just plain nat with ecmp.

Some even used private ASN (or provider ASN) to get their internet 
service with some degree of redundancy, but still just some chunks of PA 
/25 or so.

I dont think IPv6 has much to offer these companies. I dont think 
encouraging all of them to get an ASN and PI /48 is that great an idea 
for both network operators and these organizations and I highly doubt 
that PA ipv6 has any real attraction to them at all.

Depletion wont have any real affect on them at all. Perhaps it means 
they wont be able to get /25 or /26, but they most likely will have no 
issues lighting up new connectivity with a /28 or /29.

Should they need native access to IPv6 content/endpoints, they would 
probably choose to use another nat functionality at the external points 
in their network. Only if there was no other way to do it would they 
consider lighting up guIPv6 to the desktop. And they would be quite 
unhappy about it.

Many of these companies have explicit security policies concerning this. 
  Many of these network architects have explicit preferences concerning 
this.

Naturally there are probably many other end user organizations who wont 
fit in these lines, but my experience suggests that there are large 
percentages who will.

I truly think it is way too early to decide and predict that IPv6 will 
not ever have widespread use of IPv6 PAT to IPv6

> > And of course, different forms of NAT are almost certainly required to 
> > try to make ipv4 and ipv6 interoperate for as long as people need it to.
> Sort of, but, yeah.  That's OK.  Unfortunate, but, OK.
>
> I actually think that now that we have a transfer market policy, IPv4 
> will probably die much faster than it would have otherwise.
>
> Owen

Depletion wont ring a death knell for any end user with existing 
connectivity. What it will do is cause providers to start harvesting the 
fat in their networks. Some providers who will choose to implement 
private ipv4 along with IPv6 rollouts are likely to have very large 
amounts of that fat. Other companies with large amounts of fat probably 
exist as well, from the companies who had the habit of assigning /26 to 
every leased line customer back in the day to the hosters who handed out 
/24 like candy.

What is a residential cable or DSL company who replaced millions of 
subscribers guIPv4 address with dual stack (lite?) private ipv4 and 
guIPv6 going to do with the all that IPv4?

Will they cutover to new models that arent guIPv4 centric by attrition 
or quicker?

I believe there will be strong pressure to monetize IPv4 addresses, both 
for internal customer use and perhaps to transfer it to other 
organizations.

This is not necessarily a bad thing. People who want it will pay for it 
and those who do not will not. This will likely result in the 
identification of more IPv4 fat to be harvested.

The really nice side effect would hopefully be to provide economic 
incentive to IPv6 as an alternative to pricey IPv4, which could provide 
enough acceleration to ipv6 demands to reach a tipover point sooner, 
rather then later.

So in that sense, you could be right.

Joe