[184494] in North American Network Operators' Group
Re: /27 the new /24
daemon@ATHENA.MIT.EDU (Mel Beckman)
Sun Oct 4 11:57:01 2015
X-Original-To: nanog@nanog.org
From: Mel Beckman <mel@beckman.org>
To: Jon Lewis <jlewis@lewis.org>
Date: Sun, 4 Oct 2015 15:55:01 +0000
In-Reply-To: <Pine.LNX.4.61.1510041115500.10544@soloth.lewis.org>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
What Cisco routers, and what vintage IOS, are you finding have no IPSec sup=
port? I've not run into that problem.=20
-mel beckman
> On Oct 4, 2015, at 8:33 AM, Jon Lewis <jlewis@lewis.org> wrote:
>=20
>> On Sun, 4 Oct 2015, Mel Beckman wrote:
>>=20
>> If it doesn't support IPSec, it's not really IPv6. Just as if it failed =
to support any other mandatory IPv6 specification, such as RA.
>=20
> Go tell cisco that. IIRC, the first network I dual-stacked, I was kind o=
f surprised when I found I could not use authentication in OSPFv3, because =
OSPFv3 assumes IPv6 will supply the IPSec to do auth...but these routers di=
dn't support IPSec. They still managed to route IPv6 and support IPv6 cust=
omers...so it really was IPv6...just not the full suite of everything you'd=
expect from IPv6.
>=20
>> Your observation simply means that users must be informed when buying IP=
v6 devices, just as they must with any product. You can buy either genuine =
IPv6 or half-baked IPv6 products. When I speak of IPv6, I speak only of the=
genuine article.
>=20
> Does anyone buy "IPv6 devices"?
>=20
> The biggest hurdle I've seen with IPv6 adoption (i.e. going dual-stack, w=
ith the idea that we'll gradually transition most things / most traffic fro=
m v4 to v6) is the number of end-user network providers that don't offer v6=
at all. My home cable internet provider still doesn't offer IPv6. When I=
asked one of their support people about it recently, I was told not to wor=
ry, they have plenty of v4 addresses left, but it was implied that they do =
plan to start offering v6 sometime soon. They should have started rolling =
out IPv6 to any customers that wanted it years ago, so that by today, it wo=
uld be standard for all their installations to be dual-stack. But here we =
are, nearly 2016, and they don't have a single IPv6 customer (AFAIK) yet.
>=20
> ----------------------------------------------------------------------
> Jon Lewis, MCP :) | I route
> | therefore you are
> _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
