Tuesday, October 5, 2010

Oh how things change (My position on IPv6)

Almost exactly 2 years ago I wrote an article where I ranted about how IPv6 is still a long way out from widescale adoption. While I still think that we are at least another 5 years away from a point where IPv6 is the dominant protocol, we have to start getting there now. I have now worked for both Internet Service (ISP) and Managed Service (MSP) Providers and while they both have some things in common, they also both have their own unique challenges. While ISP's obviously need IPv6 to overcome the growing shortage of addresses to be able to assign to end users, MSP's require it to be able to effectively manage customer networks that use overlapping RFC1918 address space with common tools.

My personal opinion is that IPv6 is probably not the best answer that the Networking community could have come up with. I think IPv6 introduces its own set of problems and combats the numbering shortage with a nuclear weapon instead of a fly swatter. I say that because while we may have as many IP Addresses in a single subnet as there are atoms in my body, we will never be able to use them (just like we can't use land mass exposed to nuclear weapons).

With that said, the networking vendors have spoken and IPv6 is going to happen and we need to stop fighting it and adopt it. We have very good transition strategy's available with Dual Stack (DS) for the Enterprise and DS w/LSN or DS Lite for the Service providers so there is no reason not to start thinking about how you are going to get your organization ready. The people who start planning today will be leaps and bounds ahead of those who start in 2012 when IANA runs out of IPv4 addresses (hey, maybe the Mayans had it right after all)

Jeff Doyle has a really good article up about how Carrier Grade NAT (CGN) or Large Scale NAT (LSN) will probably not be as useful as we thought and how we really should just do everything we can to get away from any type of NAT and I whole heartedly agree with him. NAT is an abomination and needs to be a thing of distant memory (like 10BT Half Duplex coaxial networks). And before anyone asks about doing NAT with IPv6, here is my comment from that same article:

I think the biggest problem here is that NAT44 became as prevalent as it did and for the wrong reasons. I think that the idea of security through obscurity was a big reason why NAT is as popular as it is today (which I totally disagree with). I think the proof is in when people who are learning about IPv6 almost always ask about NAT66 because of the security concern of every device being addressable directly from the Internet. The answer is as you point out that NAT is a terrible, terrible thing and we have to get away from it as quickly as possible.

Everyone needs to get on board with IPv6 now, not later.

Everyone chant with me. "NO NAT, NO NAT, NO NAT...."