[AfrIPv6-Discuss] Finding solutions to things that stop people moving to IPv6
JORDI PALET MARTINEZ
jordi.palet at consulintel.es
Thu Dec 6 10:49:26 UTC 2018
I also agree somehow what Mukom said before, but not 100% agreement I guess. Let me explain.
Governments need to setup rules to mandate IPv6 in the public sector. This is easy to say, but believe me, there is not a generic “law” for every country. I’ve worked for several governments on this. Each country is a different case, different way to work, different circumstances, different existing laws. You need to invest several months to make this kind of law, understanding the specific country situation. Copying those laws from another country doesn’t work at all. I’ve seen other countries that tried to do that, and didn’t worked, they make big mistakes.
By mandating the government to make sure that any public acquisition needs to mandatorily support IPv6 (software, hardware, services, links, etc.), means the private sector accommodate to that if they want to participate in public tenders, and usually they will not offer a different kind of service/product for the government vs end-users. I typically invested for doing this around 3-4 months (1-person full time) in other countries. There are tons of existing regulations to read and to understand how the country public sector work and the relations with the providers.
I’m not fan of over-regulation in the private sector. I think market should do that, but the government has the obligation to protect consumers, so for example, if providers are using CGN, just to extend the life of IPv4, this is bad, and should not be allowed. Now if you allow CGN for a certain period of time (for example 2-years), while you actively deploy IPv6, then it may be good. Nevertheless, I don’t think CGN is the solution. It is actually cheaper to buy IPv4 addresses if you can’t get them from AfriNIC, because when you buy CGN, your addresses will become black-listed (example Sony Play Station Network) forever, so at the end you invest twice (CGN first, new addresses later). Of course, this only works if you actively deploy IPv6!
Similar as the previous point. Because the government needs to protect consumers, as we did in many countries for the deployment of Digital Terrestrial TV, there is a need to enforce a limit of period of time for importing any IP product that doesn’t support IPv6, for example, 1 year from now, or so. Then one additional period of 1.5 years for sell the old stocks. After that, you can’t sale anymore those products to consumers. Otherwise consumers will buy IPv4-only products, that most of the time can’t be updated (not because a hardware limitation, but because the vendor doesn’t have interest in providing new firmware, their interests is that you buy a new product). Examples IP cameras, IoT, smartTVs, CPEs, etc.
Those countries that regulate the use of IoT, they must mandate that it is done with IPv6. It doesn’t make sense at all doing IoT and not supporting IPv6 on that network! This is also related to the previous point, of course.
Governments need to define plans for broadband deployment. In some countries they subsidize private operators to do that. If this is the case, need to be done with IPv6 support.
If governments want to save money, when connecting the public administration (at all levels, municipalities, ministries, even schools and health centers), they need to invest in country-wide government networks. This can be done in several ways, own-network (probably not the best idea), tenders to cover the country with several competing operators (each one may bid for different lots), or even with regular Internet connections for the smaller sites that don’t need high-availability (and then using IPv6-only, IPv4 as a Service and SD-WAN or other technologies). I’ve talked about a recent example with a government that just by connecting 2.000 municipalities can save 300.000.000 USD. Just scale that if you have 5.000 schools + health centers + police stations + etc. etc.
IPv6 deployment for governments and enterprises is NOT the same as with IPv4. There is no NAT, you need to rethink your network.
If you want to read more about that, I’ve recently published an article (two parts):
https://teamarin.net/2018/11/28/ipv6-for-governments-and-enterprises-impact-and-implementation-in-12-steps-part-one/
https://teamarin.net/2018/11/29/ipv6-for-governments-and-enterprises-impact-and-implementation-in-12-steps-part-2/
I’ve also sent the article to be published by AfriNIC, but not yet seen links to that. It was right before the meeting, so I guess the communication team was very busy to be able to do that by the meeting.
And by the way, when I talk about IPv6 support it must be clear that the end-goal is IPv6-only, so even if we need to support today dual-stack (so old apps and devices in the LANs still work), they must be able to work also with IPv6-only WAN links and IPv4aaS (IPv4 as a Service). Again a couple of references:
https://datatracker.ietf.org/doc/draft-ietf-v6ops-transition-ipv4aas/
https://datatracker.ietf.org/doc/draft-ietf-v6ops-nat64-deployment/
Regards,
Jordi
De: Pascal ANDRIANISA <pascal at irenala.edu.mg>
Fecha: jueves, 6 de diciembre de 2018, 11:18
Para: JORDI PALET MARTINEZ <jordi.palet at consulintel.es>, IPv6 in Africa Discussions <afripv6-discuss at afrinic.net>
CC: Pascal ANDRIANISA <pascal at irenala.edu.mg>
Asunto: Re: [AfrIPv6-Discuss] Finding solutions to things that stop people moving to IPv6
Thank you Jordi,
I think we need to go in this direction for operators to switch to IPv6 as soon as possible.
Best regards,
Pascal Heriliva ANDRIANISA
Webmaster i RENALA
Research and Education Network for Academic and Learning Activities - http://www.irenala.edu.mg/
Porte 201 - Ministère de l'Enseignement Supérieur et de la Recherche Scientifique - Fiadanana
GSM :+261 (0) 32 46 680 29 | +261 (0) 34 30 680 29
De: "IPv6 in Africa Discussions" <afripv6-discuss at afrinic.net>
À: "IPv6 in Africa Discussions" <afripv6-discuss at afrinic.net>
Envoyé: Jeudi 6 Décembre 2018 12:55:48
Objet: Re: [AfrIPv6-Discuss] Finding solutions to things that stop people moving to IPv6
Operators are informed, if you speak about “engineers”, the problem is to inform the CEOs of operator AND the CEOs of important companies in each country (financial sectors, companies that export or have relevant web sites, etc.).
I recall ARIN did sent a letter to them (in their region) a few years ago.
Regards,
Jordi
De: Pascal ANDRIANISA <pascal at irenala.edu.mg>
Responder a: IPv6 in Africa Discussions <afripv6-discuss at afrinic.net>
Fecha: jueves, 6 de diciembre de 2018, 10:47
Para: IPv6 in Africa Discussions <afripv6-discuss at afrinic.net>
Asunto: Re: [AfrIPv6-Discuss] Finding solutions to things that stop people moving to IPv6
Dear All,
I think there is also another solution which is to inform the operators in each country of the situation because if only the members who will apply IPv6 it will not be possible to use it optimally.
I do not know if a provision to that effect has already been taken but I think that all the members are aware of the situation.
Best regard,
Pascal Heriliva ANDRIANISA
Webmaster i RENALA
Research and Education Network for Academic and Learning Activities - http://www.irenala.edu.mg/
Porte 201 - Ministère de l'Enseignement Supérieur et de la Recherche Scientifique - Fiadanana
GSM :+261 (0) 32 46 680 29 | +261 (0) 34 30 680 29
De: "Mukom Akong T." <mukom.tamon at gmail.com>
À: "IPv6 in Africa" <afripv6-discuss at afrinic.net>
Envoyé: Jeudi 6 Décembre 2018 06:41:29
Objet: Re: [AfrIPv6-Discuss] Finding solutions to things that stop people moving to IPv6
>
> Consumers are unaware of IPv6, so it's not part of their buying decision. If something doesn't make consumer buy boxes, vendors don't do it. I do not think consumer education about IP is a good idea.
Neither do I. Consumers don't DIRECTLY care about IP (whether v4 or v6). But they do care about other features that may be only possible (or easier, or cheaper) with v6.
This is one place where I see the role of governments. In the interest of national development, just ban importation and sale of legacy equipment. Similar to what is already done with type approval in telecommunications today.
> ISPs buying cheap boxes and not paying anything for support, so they can't get upgrades.
> Foreign ISPs dumping volumes of used CPE, which get resold at deep discounts.
I've been screaming about this for years. Even worse, some of it is going to be "sold" as "next generation Internet aid or technical corporation") which further cripples IPv6 deployment.
>
> Something that has worked for some companies is an "ISP Certified" sticker. CPE vendors could apply to an ISP, and pay the costs of testing. If the tests complied with the ISP's requirements, which might include MAP, lw4o6, or 464xlat support, the vendor is allowed to put a sticker on their box saying, "This device certified for use with $ISP." There might be a business opportunity for someone who can set up a really good CPE testing lab, so ISPs could outsource their testing and certification.
In addition, I believe that with two days of training (regulators and customs) and the appropriate infrastructure and a PROCESS, we can help a government implement type approval for IPv6. Any regulator that wishes to do this should reach out and join the waiting list by taking the Government IPv6 Readiness Self Assessment at
ENGLISH → https://vox.afrinic.net/465923?lang=en
FRENCH → https://vox.afrinic.net/465923?lang=fr
> For years I have been an IPv6 advocate – and I still am – and I’ve actively deployed and run IPv6 in production supplying it to the end user, with multiple percentage point changes in country IPv6 penetration statistics as a result, but I am fast realizing that if we want IPv6 to grow and thrive – it’s time we started being a little more open and honest about the challenges and problems with it – instead of sprouting off that everyone should just move to it. Let’s acknowledge that IPv6 is critical, we have no option, but it is also deeply flawed, has major problems, and until start dealing with those – we will see deployment continue to stutter
I agree with the above. The solution is not just another open "discussion" where people who have not even started any kind of deployment, or even have a fair idea of what percentage of equipment might or might not be v6 ready go on an on about problems they've only heard about.
>
> Should we have a round table discussion at AIS? How can we identify and make progress on resolving issues with IPv6?
>
Perhaps we can start with a mailing list thread of SPECIFIC issues people have encountered while attempting a deployment on this mailing list, then build up to a webinar or discussion at AIS.
There are probably about 400million users using IPv6 today and growing, someone somewhere has solved those problems.
> The common theme in my answers above is that more people running IPv6 provides more weight in solving problems. If everyone would take a couple of hours to do three things, we'd have a very broad base of common experience to draw from:
>
> 1. Write an address plan. Don't worry if it takes several revisions, that's normal.
>
> 2. Apply to Afrinic for IPv6 addresses.
>
> 3. Announce the IPv6 addresses and route them on your backbone.
These are things that we've helped operators implement in 1 day at our deployathons (or 6 two hour sessions during helpdesk calls). It's surprising how many operators need help with their address planning. Which is why not only do we teach them how to determine how much space they get, but also how to implement them in an IPAM. For those interested, a video of a highly attended and rated AFRINIC webinar can be found at
https://www.youtube.com/watch?v=CFIVQ_Z9je8&t=542s
Step by step walk-through of address planning best practices and implementation in an IPAM ---- no maths!
>
> AFRINIC's training and IPv6 Helpdesk are great resources.
The premise behind the helpdesk is this: We can find ONE operator a month that's committed to deploying IPv6, we keep providing targeted training and coaching to move them from one deployment milestone to another until we get stuck with incompatible equipment or internal collaboration issues. All it takes is about 4 hours investment per week. If you are interested, make a request at
bit.ly/6deployEN (english)
bit.ly/6deployFR (french)
As we do this, we're also building an tremendous amount of intel on what actually HOLDS IPv6 deployment back from real operators attempting to deploy it and so far with over 45 tickets, the evidence indicates that incompatible equipment is not in the top 5.
We're also realising that that argument from big operators about "customers aren't asking for it" is not true. We know of large operators that within 2 months have received explicitly written requests to enable IPv6 from large corporate customers. You don't want to see their response :(
If you want to host one of our DEPLOYATHON sessions in your country
- 5% teaching, 95% DOing
- using our Prototype → Validate → Develop → Deploy framework
- enables you hit a measurable deployment milestone within 8 hours
you can apply at: https://vox.afrinic.net/189828?lang=en (or https://vox.afrinic.net/189828?lang=fr in french)
And for those who are still wondering how ready or not their organisations are, take our free Organisational IPv6 Readiness Assessment at https://vox.afrinic.net/651525?lang=en (or https://vox.afrinic.net/651525?lang=fr in French)
The results might provide pointers where to start the process.
Until next time ..... be EXCELLENT
--
Mukom Akong T.
LinkedIn:Mukom | twitter: @perfexcellent
------------------------------------------------------------------------------------------------------------------------------------------
“When you work, you are the FLUTE through whose lungs the whispering of the hours turns to MUSIC" - Kahlil Gibran
-------------------------------------------------------------------------------------------------------------------------------------------
_______________________________________________
AfrIPv6-Discuss mailing list
AfrIPv6-Discuss at afrinic.net
https://lists.afrinic.net/mailman/listinfo/afripv6-discuss
_______________________________________________ AfrIPv6-Discuss mailing list AfrIPv6-Discuss at afrinic.net https://lists.afrinic.net/mailman/listinfo/afripv6-discuss
**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company
This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
_______________________________________________
AfrIPv6-Discuss mailing list
AfrIPv6-Discuss at afrinic.net
https://lists.afrinic.net/mailman/listinfo/afripv6-discuss
**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company
This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/afripv6-discuss/attachments/20181206/f8e41a97/attachment-0001.html>
More information about the AfrIPv6-Discuss
mailing list