Follow up on RIPE67 IPv6 Only experiment
Dear colleagues, Just to let you know that, based on experience in Athens, I put up a blogpost on Circle-ID about running IPv6 only. http://www.circleid.com/posts/20131212_are_we_ready_to_switch_off_ipv4/ Would also love to hear from you wether we should aim to repeat this experiment in Warsaw. Or maybe you have an idea of something else that you think is worth trying, please let us know. Best, MarcoH -- "Life is like riding a bicycle. To keep your balance you must keep moving" -- Albert Einstein
Hello, And of course this article is also on RIPE Labs: https://labs.ripe.net/Members/marco_hogewoning/are-we-ready-to-switch-off-ip... If you have any suggestions or comments, please don't hesitate to leave a comment under the article. Kind regards, Mirjam Kuehne RIPE NCC On 13/12/13 10:32 AM, Marco Hogewoning wrote:
Dear colleagues,
Just to let you know that, based on experience in Athens, I put up a blogpost on Circle-ID about running IPv6 only.
http://www.circleid.com/posts/20131212_are_we_ready_to_switch_off_ipv4/
Would also love to hear from you wether we should aim to repeat this experiment in Warsaw. Or maybe you have an idea of something else that you think is worth trying, please let us know.
Best,
MarcoH
Hi, On Fri, Dec 13, 2013 at 10:32:59AM +0100, Marco Hogewoning wrote:
Just to let you know that, based on experience in Athens, I put up a blogpost on Circle-ID about running IPv6 only.
http://www.circleid.com/posts/20131212_are_we_ready_to_switch_off_ipv4/
Would also love to hear from you wether we should aim to repeat this experiment in Warsaw.
I expected this to become part of the standard setup after the RIPE meeting in Berlin :-) - so: yes, please. (For Warsaw, we should have fixed the OpenVPN warts people have seen as well ;-) ) Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
I expected this to become part of the standard setup after the RIPE meeting in Berlin :-) - so: yes, please.
If I recall correctly the Berlin Experiment resulted in me not having any connectivity. Now I know that a lot of speakers would appreciate the fact that usually it means people pay more attention to the talk, I would like to keep us online :) Joking aside, thanks for your support and we'll of course have a chat with our colleagues from the IT department to see if we can continue this as a standard feature of the meeting network. Marco
On Fri, 13 Dec 2013 10:32:59 +0100, Marco Hogewoning wrote:
Dear colleagues,
Just to let you know that, based on experience in Athens, I put up a blogpost on Circle-ID about running IPv6 only.
http://www.circleid.com/posts/20131212_are_we_ready_to_switch_off_ipv4/
Would also love to hear from you wether we should aim to repeat this experiment in Warsaw. Or maybe you have an idea of something else that you think is worth trying, please let us know.
oh, I thought it was part of the default setup for all events from now and into the future? ... or go read Gert's mail, he said it better:-) --- ------------------------------ Roger Jorgensen | - ROJO9-RIPE roger@jorgensen.no | - The Future is IPv6 ------------------------------------------------------- A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail?
Hi Marco,
Just to let you know that, based on experience in Athens, I put up a blogpost on Circle-ID about running IPv6 only.
and a nice one, too...
Would also love to hear from you wether we should aim to repeat this experiment in Warsaw.
Yes, please do.
Or maybe you have an idea of something else that you think is worth trying, please let us know.
If I may offer one more suggestion, what about a "real" IPv6-only network without 464XLAT or anything, preferably as yet another SSID? I don't have the details of the WiFi setup at the RIPE meetings, so I have no idea how much effort it is, but if it isn't any serious extra effort, I'd consider that quite useful. This *will* break things, but that way we can see *what* breaks, so we can figure out what things need to be fixed. Cheers, Benedikt -- Business Grade IPv6 Consulting, Training, Projects Benedikt Stockebrand, Dipl.-Inform. http://www.stepladder-it.com/
Hi all, On Mon, Dec 16, 2013 at 3:56 PM, Benedikt Stockebrand <bs@stepladder-it.com> wrote:
If I may offer one more suggestion, what about a "real" IPv6-only network without 464XLAT or anything, preferably as yet another SSID? I NAT64/DNS64 works fine (until someone decides to validate DNS records)
This *will* break things, but that way we can see *what* breaks, so we can figure out what things need to be fixed. From my experience with NAT64 you only break protocols that are already fundamentally broken :)
Best regards, Dan -- Dan Luedtke http://www.danrl.de
On Jan 9, 2014, at 12:18 PM, Dan Luedtke <maildanrl@gmail.com> wrote:
Hi all,
On Mon, Dec 16, 2013 at 3:56 PM, Benedikt Stockebrand <bs@stepladder-it.com> wrote:
If I may offer one more suggestion, what about a "real" IPv6-only network without 464XLAT or anything, preferably as yet another SSID? I NAT64/DNS64 works fine (until someone decides to validate DNS records)
NAT64 works with host DNSSEC validation, provided that DNSSEC-validating host also does its own DNS64 function. The interaction of NAT64 with host DNSSEC validation is described in RFC6147. -d
This *will* break things, but that way we can see *what* breaks, so we can figure out what things need to be fixed. From my experience with NAT64 you only break protocols that are already fundamentally broken :)
Best regards,
Dan
-- Dan Luedtke http://www.danrl.de
Dne 10.1.2014 10:05, Dan Wing napsal(a):
NAT64 works with host DNSSEC validation, provided that DNSSEC-validating host also does its own DNS64 function. The interaction of NAT64 with host DNSSEC validation is described in RFC6147.
And it's worth noting that RFC 7050 finally adds ability for end host to discover whether NAT64 is used in the network and what prefix is used. This is quite handy information for endpoint to do the DNS64 on its own. -- Ondřej Caletka
Hi Dan and list, Dan Luedtke <maildanrl@gmail.com> writes:
On Mon, Dec 16, 2013 at 3:56 PM, Benedikt Stockebrand <bs@stepladder-it.com> wrote:
If I may offer one more suggestion, what about a "real" IPv6-only network without 464XLAT or anything, preferably as yet another SSID? I NAT64/DNS64 works fine (until someone decides to validate DNS records)
Now I assume that there may be some people who are willing to keep NAT64/DNS64 and/or 464XLAT and/or NAT-PT and/or TRT and/or SIIT and/or whatever else they've already set up alive and available all the time, but I know that there are people who intend to get rid of them---and IPv4 in general---and the additional workload they generate as soon as possible. The point of my suggestion is to see how dependent we still are on IPv4 and identify the things we still need to work on. As far as "works fine" is concerned: It adds work to the admins, depending on your enterprises's size it adds extra hardware, it makes troubleshooting more complex and as such it increases cost while lowering reliability/availability.
This *will* break things, but that way we can see *what* breaks, so we can figure out what things need to be fixed. From my experience with NAT64 you only break protocols that are already fundamentally broken :)
Nonsense. If you add ever more restrictions to what protocols are allowed to do and what not, then all you achieve is that coders will add more and more violations to your restrictions, either because they can't really keep track of your restrictions or because your restrictions break their perfectly valid application requirements. RFC 3439, section 2, has more on this in a general way. Cheers, Benedikt -- Business Grade IPv6 Consulting, Training, Projects Benedikt Stockebrand, Dipl.-Inform. http://www.stepladder-it.com/
participants (8)
-
Benedikt Stockebrand -
Dan Luedtke -
Dan Wing -
Gert Doering -
Marco Hogewoning -
Mirjam Kuehne -
Ondřej Caletka -
Roger Jørgensen