Finally, it’s the year of
Linux on the desktop IPv6!
Are you following protocol?
Sysadmin blog One month from now, World IPv6 Launch Day with be upon us. Numerous online services will be enabling IPv6 and leaving it on. AAAA records will be published, and those of us with IPv6 enabled systems will start to use IPv6 preferentially to IPv4. But what does this all mean?
For the short term at least, the truth is "not much". Despite the trebling hype amongst the networking nerd community, World IPv6 Launch Day is set to be yet another day when the internet at large yawns, hits the snooze button and rolls over to go back to sleep. While IPv6 is unquestionably the inescapable future, the world at large isn’t in a particular hurry to get there.
Most of the internet's IP backbone providers will be rocking IPv6 on launch day. But the truth is, they've already been doing so for some time. The world's hardened network handful of end-user ISPs are joining in on the launch; the US is well represented, with a smattering of minor ISPs from the rest of the world throwing the switch.
Consumer and SME network equipment vendors however are functionally unrepresented. Even with the pair who have so far announced their support – Dlink and Cisco – you have to be quite choosy about which devices you buy. IPv6 support isn’t exactly top-notch across their product lines. In addition, most extant, deployed devices aren’t going to be receiving IPv6 firmware updates.
In my experience, this lack of vendor support magnifies other issues with IPv6. The net result is resistance from consumers and businesses of all sizes. My experience however is subjective; the sample size is representative only of those individuals and organisations I have interacted with. And, as you know, anecdotal evidence is not statistically sound.
Fortunately Dirk Paessler – CEO of Paessler AG – was more than happy to help me gain a wider perspective. Paessler AG sells PRTG (Paessler Router Traffic Grapher), a network monitoring tool with a cult following. The selling point is ease of use, and this has seen it deployed worldwide in everything from SMEs to large enterprises.
PRTG does about what you would expect. There’s the standard packet sniffing; additionally it has over 130 different sensors to monitor all common network services (HTTP, FTP and so forth.) It also has the ability to discover and communicate with all your various network devices using SNMP and WMI, NetFlow, jFlow, and sFlow.
Users of PRTG can choose to send usage statistics back to Paessler; anonymised information that helps the company decide where to focus their engineering efforts. What they have discovered is that actual IPv6 usage in the wild is very small.
While Paessler has asked that I not share the number of worldwide installations, I can say that the deployment numbers are quite significant. They have more active PRTG installs in the wild than I have personally met living human beings. Despite this, observed IPv6 deployment is currently below 0.1 per cent.
According to Paessler, "IPv6 has not reached the layer below the tier 1 providers. Really serious networks, where they do backboning and all that...there may be a usage scenario. But organisations between 1 and 10,000 seats ... they are not there yet."
Even among military networks and really large enterprises, usage is highly restricted. When considering both the raw statistics at his disposal as well as the paucity of IPv6 feature requests, Paessler believes "adoption of IPv6 will take years and years. Most users will stay IPv4 in their networks and they won't move to IPv6 without pressure."
His discussions with clients of all sizes mirror my own experience; companies are waiting on vendor support. It is not enough to have the high-end, expensive networking gear work with IPv6. Real adoption will require broad industry support, including consumer level gear.
More importantly, transitioning to IPv6 is a pain. Companies aren’t ready to spend money on something that – in the short term at least – makes network configuration, security and maintenance significantly more complicated. This is especially true when there simply isn’t a real world incentive to do so yet.
For the vast majority of us, World IPv6 Launch Day is set to be another damp squib. Maybe next year... ®
Consumer adoption will take a long time. I know lots of people that only replace kit when it breaks. As long as IP4 is still supported, they will not move. Many companies still have no issues with IP4. They have plenty of address space on their internal networks, so they are not going to be in a rush to move.
It wouldn't surprise me if we are still having this conversation in 2020.
Because people use NAT as an easy way of saying "the computer in question is not publicly routable." Which is an easier way to say "if I screw up the firewall config for any reason, there is still this last layer of security; the system lives in an unroutable space that my ISP will simply NOT ROUTE, even if I do everything else wrong."
Why is it so hard for ivory tower nerds to understand that the milled masses really like having these sorts of emergency fallbacks?
Especially the overworked secretary/office manager/utilities and maintenance tech who is also the sysadmin/scriptdev and a dozen other things as well. But hey, the answer is obvious! Just throw more money/training/etc. at it, right?
What do you mean there is no money? That’s just a failure to talk the management out of it! What, there actually isn’t the physical money available at all to buy Cisco? Then you just fail at business and shouldn’t be allowed on the internet, obviously!
On behalf of startups and SMEs everywhere; [rude gesture] to each and ever self-important asshat whose thought process even remotely mirrors the above. May you one day wish to start your own business and be bankrupted by obscenely high barriers to entry designed to shift the cost burden onto end users and businesses.
Funny how you types are remarkably libertarian when the results of your libertarian policies increase the financial cost of other people, but scream like spoilt children when people exercise their rights to self determination to use things like NAT (which increase the financial burden on you, your network engineers and developers.)
I weep for you from behind my NAT boxen.
The trouble with IP6
Is that the numeric/hex address is just too damn hard to remember or to type manually. And for anyone who starts waffling on about just using DNS - yeah , good luck with that when your DNS is broken but you need to access a machine fast or when your company doesn't even bother entering certain machines into the DNS namespace and you have to use the numeric address.