Re: One Year On: IPv4 Exhaust

["Radu-Adrian Feurdean" <nanog () radu-adrian feurdean net>]

On Mon, Sep 26, 2016, at 01:01, Mark Andrews wrote:
> In message
> <1474840690.4107784.736591409.28E807DF () webmail messagingengine com>,
> "Radu-Adrian Feurdean" writes:
> > I know, but for the "server guys" turning on IPv6 it's pretty low on
> > priority list.
>
> Are those server guys interested in stopping attacks without
> collateral damage?  You can't say that a IPv4 address == 1 customer
> today.  Any protection measures you put in place based on IPv4
> addresses are likely to affect more than one customer.

To put in context, I live and work in France, where NO mobile operator
provides IPv6, but they do use CGN. Wired-line operators (some, not all)
barely start deploying CGNAT on some of the new customers. Pro/business
access operators MUST provide IPv4 in order to be able to survive.
Things will probably change, but this is the situation today. So "1 IPv4
= several customers" it's either mobile (with no alternative and
separate abuse handling process) or negligible.

> > My customers are eyeballs. Residential ones have dual-stack by default,
> > business - some have, some don't and some explicitly refuse (or ask for
> > v6 to be disabled).
>
> Lots of residentual customers don't have a unshared IPv4 address.
> The only reason you are seeing IPv4 from them is that the ISP has
> had to spend money working around the sheer lazyness of content
> providers in not providing IPv6.

Lots of residential customers still do here.

> > > Is somewhere between 11-14% worldwide enough for you to invest the
> > > time to turn on IPv6 enough?  It should be.
> >
> > Since they (the 11-14% worldwide) do have IPv4 anyway, some consider
> > it's not worth; at least not yet.
>
> Actually almost all of the world does not have complete IPv4, they
> have a subset of IPv4.  You have just got used to not having complete
> IPv4.
>
> > The issue with IPv6 deployment it's not as simple as some people
> > suggest. It's not a technical problem either, but it's a big one.
>
> In most cases it is just a matter of turning it on.

... and in some of those cases turning it on is subject to a "change
request" that requires validation from some level of management that
requests the answers to questions similar to following : "What do we
gain from this ? What does it cost to turn on ? What does it cost to
support the new feature ?". Giving acceptable answers to people that
don't necessarily understand IPv6 (some of them having spent their
entire life in "IPv4-only, behind NAT" environments) is not that
obvious, and this is the core of the "non-technical problem".

You probably don't have to deal a lot with this kind of people....