[167607] in North American Network Operators' Group
Re: turning on comcast v6
daemon@ATHENA.MIT.EDU (Doug Barton)
Fri Dec 20 15:17:33 2013
Date: Fri, 20 Dec 2013 12:16:57 -0800
From: Doug Barton <dougb@dougbarton.us>
To: North American Network Operators' Group <nanog@nanog.org>
In-Reply-To: <CED9ADE4.3D014%Lee@asgard.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 12/20/2013 05:25 AM, Lee Howard wrote:
> So there's an interesting question. You suggest there's a disagreement
> between enterprise network operators and protocol designers. Who should
> change?
Rather obviously the protocol designers, since they are clearly out of
touch with real-world requirements. RA/SLAAC was a clever idea 20 years
ago, and still has value for its original intended purpose, putting dumb
clients on the net. However in the time since IPng DHCP won the day.
Enterprises have their own administrative structures that work with v4,
and see no reason to have to change them to accommodate the lofty goals
of the IPv6 luminati.
Keep in mind that the vast majority of enterprises are happy with their
v4 NATs, aren't affected by address exhaustion issues, and have no
reason to move to v6.
> I used to run an enterprise network. It was very different from an ISP
> network. I didn't say, "You're wrong!" I said, "What's missing?"
Apples and cumquats.
> There are business reasons to run IPv6. The fact that it's different than
> IPv4 is not a reason not to use it.
... except that enterprises have been saying for over a decade that
full-featured DHCP is a requirement before they will even look at v6.
Not to mention the inherent insecurity of RA/SLAAC, which has yet to be
robustly addressed. Yes, rogue DHCP servers are still possible, but the
effects are more manageable and arguably easier to mitigate; not to
mention the better security for this that is built into most modern
networking gear already.
Doug
