North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Comment - Re: OMB: IPv6 by June 2008

  • From: Todd Vierling
  • Date: Wed Jul 13 11:13:05 2005 
On Wed, 13 Jul 2005, Joseph T. Klein wrote:

> For any who use IPv6, I am interested in NAT/PT, 6to4, faith and
> DSTM experiences. Drop me a line if your willing to share your data.

I have not touched NAT-PT, faith, or DSTM, as my personal network runs fully
dual-stack, and my personal network's upstream is v4-only.

(This response is on-list due to the comments I have about 6to4, below.)

I have used 6to4 in the past.  However, it seems that there is a lack of
reachable 2002::/16 routes in the v6 backbone, as much of the world seems
currently unreachable to a 6to4 client.  So I now use an explicit tunnel
network from Hurricane Electric's www.tunnelbroker.net.

HOWEVER, I still use 6to4 -- sort of.

My edge router has a 6to4 interface and 2002 address solely for the purpose
of routing packets to 6to4 clients directly via 6to4 encapsulation, rather
than backfeeding through tunnelbroker.net.  This way, even though all my v6
addresses are "native", my outbound packet traffic to 6to4 remote hosts is
typically more direct (and reliable).

I've recommended this type of 6to4 setup (edge router only, just for
outbound packets) to other v6 networks, and it's been implemented in a few
places where I've recommended it.  IMHO, though, it really should be
implemented as widely as possible to help v6 gather traction.  Relying on
2002::/16 backbone routes is not only [apparently] unreliable, but a huge
latency and v6 backbone transit waste.

(And to those who are curious, this setup still conforms to RFC3964,
sections 5.1 and 5.2, with the condition that src_v6 is not in 2002::/16,
but the rest of the security checks are still testable and valid.  Though
this scheme adds a little setup overhead to v6 networks, it should be a "one
shot deal", and can go away if and when v6 becomes nearly ubiquitous.)

> Yeah I know deploying IPv6 on a large scale is an annoying thought,
> but I think some of the resistance to IPv6 is more from "don't
> bother me, I'm busy" than any hard fast technological reason.

I tend to agree.  At the $orkplace I've been slowly working v6 provisions
into a legacy network management tool that covers the whole business
operation, such that we can at some point flip the switch and handle v6 just
the same as we handle v4.

-- 
-- Todd Vierling <[email protected]> <[email protected]> <[email protected]>