Re: Dual stack IPv6 for IPv4 depletion

[Mel Beckman <mel () beckman org>]

That's only an issue if you distribute a public IPv4 address to each customer. If you use private addressing in the 
core, ordinary NAT works if you're not a carrier-grade provider, and even then it can be practical in many cases. CGN 
is a solution for providers not willing to migrate to a private core. 

 -mel beckman

> On Jul 5, 2015, at 7:35 AM, Mike Hammett <nanog () ics-il net> wrote:
>
> I believe he (at least someone) was looking for recommendations to CGN type devices. Many can do NAT, but looking for 
> something a bit more intelligent. Your standard residential user may not understand, but would also be unwilling to 
> pay any difference. 
>
>
>
>
> ----- 
> Mike Hammett 
> Intelligent Computing Solutions 
> http://www.ics-il.com 
>
> ----- Original Message -----
>
> From: "Mel Beckman" <mel () beckman org> 
> To: "Josh Moore" <jmoore () atcnetworks net> 
> Cc: johnl () iecc com, nanog () nanog org 
> Sent: Sunday, July 5, 2015 9:12:37 AM 
> Subject: Re: Dual stack IPv6 for IPv4 depletion 
>
> Josh, 
>
> Your job is simple, then. Deliver dual-stack to your customers and if they want IPv6 they need only get an 
> IPv6-enabled firewall. Unless you're also an IT consultant to your customers, your job is done. If you already supply 
> the CPE firewall, then you need only turn on IPv6 for customers who request it. With the right kind of CPE, you can 
> run MPLS or EoIP and deliver public IPv4 /32s to customers willing to pay for them. Otherwise it's private IPv4 and 
> NAT as usual for IPv4 traffic. 
>
> -mel via cell 
>
> > On Jul 5, 2015, at 6:57 AM, Josh Moore <jmoore () atcnetworks net> wrote: 
> >
> > We are the ISP and I have a /32 :) 
> >
> > I'm simply looking at the best strategy for migrating my subscribers off v4 from the perspective of solving the 
> > address utilization crisis while still providing compatibility for those one-off sites and services that are still 
> > on v4. 
> >
> >
> >
> >
> > Thanks, 
> >
> > Joshua Moore 
> > Network Engineer 
> > ATC Broadband 
> > 912.632.3161 
> >
> > On Jul 5, 2015, at 9:55 AM, Mel Beckman <mel () beckman org> wrote: 
> >
> > > > Josh Moore wrote: 
> > > >
> > > > Tunnels behind a CPE and 4to6 NAT seem like bandaid fixes as they do not give the benefit of true end to end IPv6 
> > > > connectivity in the sense of every device has a one to one global address mapping.
> > >
> > > No, tunnels do give you one to one global IPv6 address mapping for every device. From a testing perspective, a 
> > > tunnelbroker works just as if you had a second IPv6-only ISP. If you're fortunate enough to have a dual-stack ISP 
> > > already, you can forgo tunneling altogether and just use an IPv6-capable border firewall. 
> > >
> > > William Waites wrote: 
> > > > I was helping my 
> > > > friend who likes Apple things connect to the local community 
> > > > network. He wanted to use an Airport as his home gateway rather than 
> > > > the router that we normally use. Turns out these things can *only* do 
> > > > IPv6 with tunnels and cannot do IPv6 on PPPoE. Go figure. So there is 
> > > > not exactly a clear path to native IPv6 for your lab this way.
> > >
> > > Nobody is recommending the Apple router as a border firewall. It's terrible for that. But it's a ready-to-go 
> > > tunnelbroker gateway. If your ISP can't deliver IPv6, tunneling is the clear path to building a lab. If you have a 
> > > dual-stack ISP already, the clear path is to use an IPv6-capable border firewall. 
> > >
> > > So you are in a maze of non-twisty paths, all alike :)