IPv6 and the Business-Case Skeptics 297
Julie188 writes "Experts keep screaming that the IPv4 sky is falling. Three such experts were recently asked point-blank to state an irrefutable business case for moving to IPv6 now, and their answer was more plausible than the old refrain (the lack of addresses and a yet-to-be-seen killer IPv6 app). They said that there isn't a business case. No company that is satisfied with all of its Internet services will need to move, even in the next few years. They also pointed out that Microsoft is a unique position in the industry both causing and hindering IPv6 adoption — causing through its IPv6 support in its OSes, and hindering by not extending IPv6 support into very many of its apps."
You want a business case? (Score:5, Insightful)
There are plenty of business cases for IPv6, you just have to ask business experts, not technology experts...
There is no business case *in the US* (Score:5, Insightful)
Countries like China and India, that have lots of people that might one day want to connect, but not a lot of existing infrastructure yet, and certainly not a lot of IP4 addresses, will have a far better motivation than countries that have an abundance of unused addresses.
The killer app will come, alright - just not from the US.
IPv6 will happen when China demands it (Score:5, Insightful)
IPv6 will happen when China demands it. China's growing need for IP address space will drive the issue. China needs at least a billion IP addresses. Especially since the Chinese government would like a system where each device has a permanent IP address.
Re:You want a business case? (Score:4, Insightful)
Yeah, because cutting yourself out of 99%+ of the market by going IPv6 only is a smart business decision. Face it, if you want an online service you're on IPv4 and the service won't really be any different on IPv6. Between HTTPS, VPN and SSL noone is excited about IPSec because it's already solved if less elegantly, nor has the "online home" happened. Neither my fridge, dishwasher, washing machine or toaster is online even in the local LAN so I got no use for my own /64. IPv6 is about as sexy as computers in a new shade of beige.
Re:IP4 - elegant IP6 - Rube Goldberg (Score:3, Insightful)
192.168.1.87 -vs- fe80::e1c0:5620:bc95:3c71%9
I see your unwieldly addressing and raise you a DNS.
Besides, if you want to talk Rube Goldberg, check out IPv4's variable-length headers and the processing required to sort them out at line speed.
Microsoft and IPv6 (Score:4, Insightful)
Re:Consumer rollout (Score:1, Insightful)
Moving to IPv6 means that I can't use NAT anymore for my home network.
Why not?
That means I need a block of IP addresses assigned to me. So does my telco/cable company have this set up and will it cost me a huge amount to get a block of IPs?
IPv6 addresses are cheap, and I bet your provider has a fairly easy way to allocate a block to their clients (or could set one up pretty easily if people ask).
Remember supply and demand? IPv4 addresses are low in supply and high in demand, so they're expensive. IPv6 addresses are very high in supply and relatively low in demand.
port forwarding != nat (Score:3, Insightful)
You can do port forwarding without NAT.
And he's wrong, nothing's preventing you from doing NAT on IPv6, except that it's probably never been implemented since it's kinda pointless.
Re:Here's mine: (Score:3, Insightful)
It sounds like you work for an awful boss. Have you considered taking night classes to help land a job that rewards intelligence?
Re:Not exactly true (Score:5, Insightful)
NATing between the internal LAN and the internet they can get up to ~250,000 entries (provided their hardware can support that), allowing each of their 2,000 users to be using, on average, 125 internet applications (or open connections) at once.
What's going to be more expensive: A massive NAT box or an IPv6-enabled router (as many already are)?
What's going to be more expensive: Adding NAT buster support into many apps, or using IPv6 (many apps are already IPv6-aware)?
At the APNIC 26 conference [apnic.net] last month, NTT presented some ballpack numbers [apnic.net] for how many people can be comfortably put behind NAT. They're not encouraging. Basically, the common "Web 2.0"-type apps open a lot of background connections, which chews through your ephemeral port space quickly, limiting the number of people that can be NATted. Google echoed those claims loud and clear [apnic.net]: "AJAX applications break behind excessive NAT."
Also, consider that by 2012 we'll have run out of public IPv4 addresses. But only 25% of Earth's population will be online [itnews.com.au]. Do you propose to put another 3.5 billion people behind NAT? I'm pretty skeptical that NAT can handle that load.
While NAT will likely be needed in the short term to deal with IPv4 address exhaution, I'm highly skeptical of its long-term scalability.
Re:You want a business case? (Score:5, Insightful)
If you like things the way they are, where the restricted number of static IPs makes it impossible for the great unwashed to have a voice and the web is coming to resemble a television set more each day, well, you're not going to be supportive of IPv6. Plenty for everyone means no leverage, which means no profit. Which means IPv6 isn't going to get business support from the IT sector any time soon.
Re:Excuse me, Why are they not interoperable! (Score:3, Insightful)
Have you ever actually looked at what's required to parse an IPv4 header vs. an IPv6 header? There are plenty of good reasons that IPv6 decided the IPv4 structure was not a good plan.
Beside that, there's no practical way to add address length to IPv4 headers that wouldn't break old equipment. Moreover the kind of breakage caused would be harder to detect and repair -- old equipment would see the IPv4 header, not know about the new extensions, and likely do the wrong thing (like forward traffic to the address corresponding to the first 32-bits of the longer address). At least if you change the protocol number old equipment won't start randomly sending traffic it doesn't understand around the Internet.
Re:IP4 - elegant IP6 - Rube Goldberg (Score:2, Insightful)
Correction: they're a tech on a tiny network where they're used to memorizing the DNS zones. At this very moment, I'm not sure I can tell you the IP of the webserver I work on most often - not because I never access it, but because I've been accessing it via DNS for the last five years and have never once in that time needed to connect via IP.
So you've never needed to troubleshoot a network problem. Good for you.
Your assumption that anyone who needs to know an IP address must be working with a tiny, memorizable DNS zone is completely false. Like I said, DNS is something that can break. For example, where I work, our dynamic DNS is broken, and the server team refuses to work on the problem (or delete bad entries...). So, when I want to work on one of my user's machines remotely, I sometimes need to find out from the user what their IP address is. Now, I don't know about you, but I'd much rather deal with repeating "192.168.1.87" over the phone than "fe80::e1c0:5620:bc95:3c71%9" (to use the previous example).
And what if you suspect the name servers are down, but want to be sure that they are, indeed, the problem? Boy, it would sure be nice to have a nice, easy IPv4 address memorized for testing, than a long, unwieldy IPv6 address.
Your lack of ability to imagine situations where knowing IP addresses is useful does not mean that they don't exist.
Re:You want a business case? (Score:2, Insightful)
The problem for ISPs is that the costs are quite high, but these alleged features and advantages have almost no value because they bring almost no revenue.
The problem for users is that the costs are high (in terms of time and effort) but the advantages are, heretofore, nil. There's nothing I could do with IPv6 that I actually want to do that I can't do with IPv4.
Re:Not exactly true (Score:3, Insightful)
If you agree with that assumption then you can say your business class router/firewall that can handle both the NAT load and that can also handle IPv6 if you enable it. So you have the same device that can do either. You are currently running the NAT "solution", so you pay nothing for hardware to make the transition. However, there is still an administrative cost associated with a network wide infrastructure shift like that. So your networking team takes the time to transition the whole system and you may even have intermittent downtime while certain parts of the network are upgraded. That cost of the time spend and the possible downtime is what needs to be justified to be able to make this upgrade.
You may already have the equipment to be able to do it, and your ISP may already provide you with IPv6, but it comes back to the original question... "why send the time and money to move if our current 'solution' works?"
Remember that internally your organization can stay at IPv4 forever (or until some killer IPv6 app comes out) and just NAT itself off to the IPv6 world (NAT dual stack or NAT 4to6 transition methods). The best thing I can think of off the top of my head is to try to spin a 'future proofing' angle to management -- we make the investment now and it will pay off in the long run. But management has a way of crossing bridges when they get to them.. at least that's how it seems to be where I work.
Stages of Grief (Score:5, Insightful)
Network architects and admins with clue are currently at the "Depression" stage (4th stage).
Why Slashdot feels that putting up a commentary authored by someone who's still in the first stage ("Denial") is useful to anyone is beyond me.
IPv4 exhaustion is coming. CIDR got us from the mid-90s until now. But it's coming now. Please stop denying, being angry, trying to bargain it away. Hopefully we'll all move past depression into acceptance (as vendors and infrastructure gets ready) before it hits. But I know a lot of smart people who would prefer to retire in the next 2 years instead of be there when it hits.
They probably won't, but would like to...
Some companies dont' even WANT to use public IPs (Score:3, Insightful)
Even if you said "Here, have a /8 completely free, use whatever you like," they'd still want to do NAT. Why? Privacy and security. NAT automatically gives a good measure of security. You have an inbound firewall by default, simply because of how it works. You have to explicitly set up any inbound ports to be forwarded. Also this means that to get to any system that doesn't have a forwarded port, you'll have to get access to a system that does. With public IPs, there is always the possibility that the firewall fails or is shut off and you can get at a system. With NAT, you have to get inside to be able to get at anything.
Privacy you also get just by the way NAT works. Since you have many people using a few (or one) IP addresses, it is much harder to track what any given computer is doing. Web browsing can be tracked with things like cookies (if the client accepts them) but over all you really can't tell what is going on for a given system inside the network.
So NAT is something companies may well want to keep doing, even if they don't have to.
Re:You want a business case? (Score:2, Insightful)
- IPv6 is not IPv4 compatible
- IPv6 is not IPv4 compatible WTF ?
- IPv6 is not IPv4 compatible and this is stupid
We need a new Godwin's Law for Global Warming (Score:3, Insightful)
This is a bit like saying there is no business case for doing something about climate change. ...
Oh, no! Now we have a Global Warming take on IPv6 adoption!
I think it's time for a new version of Godwin's law with Global Warming / Climate Change substituted for NAZIs:
As a scientific, technological, or political discussion or grant proposal grows longer, the probability of an assertion of a tie-in to climate change approaches one.
= = =
I realize you may have had a serious point. But (like NAZI analogies) the global warming tie-in has been used so often, and so inappropriately, that it's painful to read past it to search for any real meat in such a posting.
Re:Consumer rollout (Score:3, Insightful)
The cost of having (probably) Cisco write custom firmware for all their equipment, and the cost of maintaining that custom firmware. It's possible to get the routers to handle a /128 assignment, but you're fighting the equipment the whole way. And it fails to work with Windows, whose IPv6 stack assumes that IPv6 stateless autoconfig works properly and doesn't play well with routers that refuse to accept the stack's use of it's own MAC-address-based value in the lower 64 bits. Again this can be worked around, but it takes a lot of heavy messing-about in low-level configuration to make it all work right. And how many ISPs are going to tell their customers that the ISP doesn't support Windows?
Re:IP4 - elegant IP6 - Rube Goldberg (Score:3, Insightful)
Lucky you. There's not a system on my home network that can be reliably accessed through anything but the IP address. I've experienced the same reliability on every network I've ever touched.
Now internet-wide DNS is pretty damn solid, but that tends to happen when there are about seven levels of fall-back. LANs tend not to be nearly that robust.
Having said that, IPv6 addresses are stupidly over-complicated. Adding two groups onto IPv4 would probably have been more than enough for quite a number of years to come (281,474,976,710,656 IPs should be plenty for a while), even if it's not quite as futureproof as IPv6 which is something like 1 IP for every four atoms in the universe.
Re:Not exactly true (Score:3, Insightful)
Also, consider that by 2012 we'll have run out of public IPv4 addresses.
That is not the hard fact it sounds like, but depends on a number of assumptions that may or may not pan out. This has been proclaimed for quite a while now, and the date keeps getting pushed back. Why? Because assumptions keep getting broken by things like NAT and CIDR. The next big thing I imagine will be the reallocation of class A addresses: why should the likes of HP get multiple class A's?
I predict that the allocation of IPv4 addresses will not have a hard stop, but rather will trail off over time as IPv4 addresses slowly become harder and harder to come by. That is what has happened so far: addresses were thrown out like candy originally, then the aforementioned class A's were stopped, and then class B's were largely stopped too. It is hard to get a large chunk any more, and the trend will continue, but the change will be gradual.
Re:You want a business case? (Score:3, Insightful)
I don't really agree, there isn't any reason why businesses have to ever go ipv6 on their local network, more likely than not ipv4 will be used like that for some time with the conversion being done at the router level.
You also don't make these sorts of changes 100% before pretty much everybody has partial support. It wouldn't make sense, the amount of effort it would take to get damn near everybody using ipv6 would make it prohibitively difficult to do.
As of right now there is absolutely no excuse for organizations of any size to not be preparing for the transition. If the options really are insufficient, the best way to know that and to find a fix is to start testing as well as limited use. Waiting until the last minute has a pretty huge cost if for whatever reason it doesn't work.
Re:Consumer rollout (Score:3, Insightful)
So what do I do if I've only got a /64 from my ISP but I want to segregate unsecured wireless, secured wireless, and wired? I think it would be in Cisco's (and Microsoft's) best interest to have a solution for that use case, which would naturally translate into a solution for the ISPs. What's more, if some big ISP like AT&T or Verizon is pushing for it, I have little doubt that Cisco would comply.
Re:Some companies dont' even WANT to use public IP (Score:3, Insightful)
With public IPs, there is always the possibility that the firewall fails or is shut off and you can get at a system. With NAT, you have to get inside to be able to get at anything.
In that sense, it's also always possible that the NAT gets shut off -- thus implying that a handful of computers on your network have live Internet IP addresses, and the rest are denied DHCP access -- or it's possible that it fails, as is the case with things like NAT hole punching.
Privacy you also get just by the way NAT works. Since you have many people using a few (or one) IP addresses, it is much harder to track what any given computer is doing.
An anonymizer may make sense for an individual behind the NAT, but I doubt it helps the corporation at all. In fact, if I get a ton of spam, and I send mail to your domain saying "It's from <IP>", wouldn't you rather know exactly which computer that IP corresponds to, so you can shut it down?
Since the corporation has no real reason to provide that privacy, why should it be their obligation?
Re:You want a business case? (Score:5, Insightful)
If you want to host a server, call a hosting company. Your home internet connection is not sold for hosting servers.
That's a BS argument. What if I want to stream my music collection, that's stored on my media server, to work? Or access MythWeb so I can alter my recording schedule during the day? Or simply SSH to my home machine so I can retrieve something I was working on? None of these cases are served by using a hosting company, yet all qualify as "[hosting] a server".
Re:You want a business case? (Score:5, Insightful)
The real business case is very simple:
* IPv4 addresses will run out in around 2010 to 2011
* Businesses that need new addresses (mostly ISPs and telecom operators) will need to go IPv6 just to keep operating in longer term (even if there are short term workarounds, they don't work forever - this is why Comcast already has IPv6 live in its core network)
* Planning ahead will be important to avoid an interruption in business (can't get new IPv4 addreses so can't activate customers)
* Around 2009/2010, the stock market will start to assess public companies as to whether they have an IPv6 transition plan, and the press will start to hype "IPv4 is running out - another Y2K is on the way" - companies that don't have an IPv6 transition plan will find their ratings and stock prices fall
If you want to continue expanding as a telco/ISP, and to have a healthy stock price (after the current dip), you will need a serious plan to move to IPv6. It's that simple.
This article was generally quite pro IPv6, the summary was atrociously slanted against v6. But that's Slashdot for you...