460 likes | 629 Views
IPv6: a solution looking for a problem. The timeline: late 80s and early 90s. Late 80s and early 90s: networking means Novell Netware. Netware is estimated to have 70% of the corporate market in the early 90s. Netware uses IPX 80 bit address: 32 bits network, 48 bits host (MAC).
E N D
The timeline: late 80s and early 90s • Late 80s and early 90s: networking means Novell Netware. • Netware is estimated to have 70% of the corporate market in the early 90s. • Netware uses IPX • 80 bit address: 32 bits network, 48 bits host (MAC).
The timeline:late 80s and early 90s • Part of the popularity of IPX is due to the fact that it is easy to configure: • On server: bind network address to NIC • On workstation: nothing to do.
The timeline: late 80s and early 90s • The commercial Internet starts in the early 90s. • In 1993, I have Compuserve dial-up. A 14.k modem is fast. • In 1994 Yahoo! is founded ;-)
The timeline: late 80s and early 90s • Recognizing the opportunity, Novell implements IP tunnel, to transport IPX over IP. • My first industry IP certification: Netware TCP/IP exam, in 1993. 20+ years into it.
The timeline: late 80s and early 90s • Novell also starts an IPX registry and assigns unique IPX numbers. • In the early 90s, IPX is by far the most widely used L3 protocol in the corporate world.
The timeline: mid 90s • Mid 90s: • The Internet becomes ubiquitous. • The typical corporate setup is IP + IPX. • Microsoft releases Windows NT. • Novell basically shoots itself in the foot and Windows gains traction as a server platform.
The timeline: mid 90s • IP proves to be more complicated than IPX. The subnet mask is not intuitive, among other things. • Two protocols = twice the work for the network administrator. • Fortunately, the two protocols do not overlap. IPX is to access the Netware server, IP for the Internet.
The timeline: late 90s • Late 90s: • NOVL tanks from $40 to $7 a share under Eric Schmidt’s tenure. • Y2K forklift upgrades are going full speed.
The timeline: early 00s • Early 00s: • The world does not end. • Windows 2000 becomes the corporate standard for servers. • The GRT passes 100k prefixes. • IPv6 gains traction as a potential replacement for IPv4. • Deployment plans are made.
The timeline: early 00s • The dot-com bubble bursts. • IPv6 is not anywhere ready. The protocol changes too fast. • There is not enough pressure about address shortage. • The world goes into the comfortable routine of IPv4 + NAT.
The timeline: mid and late 00s • Mid and late 00s: • “IPv6 will be deployed next year”. • In reality, nothing changes much and IPv6 falls back from the next hot thing to something to keep an eye on, just in case.
The timeline: Early 10s • 2011: IANA runs out of addresses and allocates the last five /8s to the RIRs, one each. • 2012: the world does not end. • 2013: the world does not end. • December 2013: ARIN passes below 1.5 /8s remaining. • 2014: I predict it won’t end this year either.
IPv6: The solution • Easy to configure (stateless autoconfig). • No NAT. Absolutely positively no NAT. NAT is a blasphemy. • Secure (IPSEC). • Mobile IPv6. • Small DMZ, no PI. • Large address space.
IPv6: The solution: Easy • Problem solved by time. • DHCP and PPPOE among other things have been tried and tested by time. You can walk into McDonalds or Starbucks and get connected. • Stateless autoconfig was not the solution anyway, the same configuration mechanisms exist for IPv6 (DHCP).
IPv6: The solution: Easy • Today, IPv6 is more complicated than IPv4: • Address format difficult. • More than one IPv6 address per host • Multiple deployment paths. • Since there are plenty of tunnel solution, firewalling is complex. • Forget about easy. IPv6 is not easy.
IPv6: The solution: No NAT • Yes NAT does break things, but here again problem solved by time; NAT traversal is well understood. • NAT has been immensely popular not because of the address shortage but because it provides a basic firewall impossible to remove, and easy renumbering.
IPv6: The solution: No NAT • There are nowadays a multitude of IPv6 NAT mechanisms ( NAT64 / DNS64 and/or 464XLAT and/or NAT-PT and/or TRT and/or SIIT , etc). • The IPv6 NAT situation is worse than the IPv4 one. • Forget about that one too. If there has to be NAT, might as well stick to the one that works: IPv4.
IPv6: The solution: Secure • That selling point has been dropped for a while, as it has become clear that encryption can be done with IPv4 just the same. • Today’s security concerns are not closely associated with L3 encryption.
IPv6: The solution: Mobile • This has never been a real issue. • The smart phone market has seen a very large expansion. • It’s all IPv4 behind NAT (CGN). • There are tons of apps. • Where’s the problem, again?
IPv6: The solution: Small DMZ • Total failure to deliver the solution. The fact of the matter is that everyone has tried for years (I was very involved in that part), and the way we do multi-homing in IPv6 is exactly the same as IPv4. • The problem is aggravated by the fact that routers have to maintain a separate table for IPv4 and IPv6.
IPv6: The solution: Small DMZ • The reason we have multi-homing in IPv6 is because the RIRs, not the IETF, made IPv6 PI address space possible. • This effort was led by our very own Owen DeLong who, ignoring the nay-sayers such as myself, got it done. • Personal recollection.
IPv6: The solution: Small DMZ • Fortunately, this issue was solved by time and Moore’s law. • The concerns that the BGP table with 300k routes would be unstable have mostly vanished. • Same as NAT: the problem has more than doubled with IPv6: not only 2 tables have to be maintained, IPv6 entries take twice as much TCAM.
IPv6: The solution: Larger Space • This leaves us with the only thing that IPv6 has over IPv4: larger address space. • And that’s where the last myth falls: there is no such thing as a real shortage. • Companies have been hoarding for years.
IPv6: The solution: Larger Space • What looks like a shortage is actually a blessing for large, powerful, established players. • IPv4 addresses are now for sale. 10 bucks a pop in large quantities. • The Microsoft / Nortel deal made it possible. • That game has not started yet, but there is a picture of it on the next slide.
IPv6: The solution: Larger Space • Can you name that game? • Anyone in here who has never played it? • Would you give up the hotels just because you want to be nice to the rest of the world? • Would you even give them to your brother, sister, mom or kids (who happen to be the other ones playing)?
IPv6: The solution: Larger Space • The Internet is very competitive, so using any advantage out there is the norm. • So yes there is a shortage of addresses, but it’s not a problem for some.
Current status • It is clear by now that IPv6 will not see significant deployment before the last RIR reserves are exhausted. • The smart phone industry has successfully demonstrated that CGN works on a large scale. • There is no speculation on IPv4 addresses for sale, meaning there is no strong demand.
Current status • Need IP addresses? Buy them. • Compare to the cost of infrastructure, it’s not that bad.
Current status • IPv6 does not currently solve any issue not already resolved. • The end user does not even know about IPv6. • For the corporate IT world, IPv6 is nothing but more trouble that they don’t want or need. • It’s a waiting game.
Current status • We have missed the launch window by 7 or 8 years. • If you are 2 years later than your competition do deploy it, what happens ? Nothing. • If you deployed 2 years ago, what happened? nothing, and you could have used that money for something else.
What’s wrong with IPv6 • It’s complex. • Dual stack. Double administration, triple router TCAM, quadruple troubleshooting. • It’s not available, and when it is it’s clumsy and still using tunnel tricks. • IPv6 to IPv4 mechanisms are worse than NAT and CGN.
What’s wrong with IPv6 • We have eliminated NetBeui, Decnet, Appletalk and IPX. • Why? Because they were competing for resources with IPv4. • Now, IPv6 is directly competing for resources with IPv4. • IPv4 is not going anywhere. Next on the elimination list: IPv6.
Real world check up • The geek syndrome and the real world: • How many primarily use a Mac? • How many primarily use a PC? • This audience is not representative of the real world.
Real world check up • How many use IPv6 at home? • How many get IPv6 from their home ISP? • How many get native IPv6 from their home ISP?
Real world check up • Can you use IPv6 if you’re not a geek? • NO. You can’t use it at Starbucks. You can’t use it at McDonalds. You can’t use it at your car dealership. You can’t use it at your mother-in law. • We are 14 years in this thing.
Real world check up Adapted from Source: IPv6 Timeline A pragmatic projection http://www.nanog.org/mtg-0302/ppt/hain.pdf
Protocol evolution • Evolution mechanism: protocols evolve, or they die. It’s no different than nature: survival of the fittest. • The market decides who the fittest is. • IPv4 has withstood the test of time and market; we know what the desirable features are. • What we need is more bits, not more / new features.
Protocol evolution • A cataclysmic event led to the end of dinosaurs. • IPv4 is a dinosaur but.. • The predicted cataclysmic event did not happen. • It’s a T-Rex. • The rest is food, including IPv6.
A deployable protocol • An evolution, not a radical change. • No migration process. Incorporate the changes in the natural life cycle. • An integrated stack, not two stacks. • An address scheme backwards compatible. • Acknowledge the reasons NAT has been successful and work with it, instead of against.