Search RPD Archives
[rpd] Re: [afnog] What are the major challenges in enabling Services to run on IPv6?
Kofi Ansa Akufo
kofi.ansa at inet.com.gh
Tue Oct 28 20:37:32 UTC 2014
Hi Geert
Thanks very much for sharing insight in your region.
Funny enough most cities and suburban towns in our african region are currently served by high speed broadband connectivity. At least its easy to get access to 20mbps/2mbps shared broadband internet in my home country. We have used technics like 6to4 tunnels to get connected and experiment with the v6 protocol for some time now (over 3 years) especially in areas where tunnel ends can be reached at less than 75ms (unfragmented v4 packet size of about 1492). Rural penetration is still low but it makes sense to enable both protocol stacks as services are rolled out in the rural communities.
It will be great to see service providers transparently enable or turn-on native v6 support in their networks especially with the xdsl service providers. This will help localized v6 traffic.
Ebola epidermic is a global concern and rather unfortunate some arguements unnecessarily sited analogies far fetched. Nevertheless its amazing how the community stood together defend the course. It would be nice to see that same community come out selflessly to charter policies that will exploit our resources for regional development even when it bites their corporate and marketing strategies
Cheers.
K.
From: "Geert Jan de Groot" <GeertJan.deGroot at xs4all.nl>
To: "kofi ansa" <kofi.ansa at gmail.com>
Cc: "rpd" <rpd at afrinic.net>, "afnog" <afnog at afnog.org>
Sent: Tuesday, October 28, 2014 10:00:33 PM
Subject: Re: [afnog] What are the major challenges in enabling Services to run on IPv6?
On Mon, 27 Oct 2014 13:59:59 +0400 Kofi ANSA AKUFO wrote:
What are the major challenges in enabling Services to run on IPv6 in our
region?
Let me try to shed some insight while typing this from a residential,
native IPv4/IPv6 connection in the Netherlands. Not Africa, but I think
there's still some lessons to learn.
Setting up dual-stack webservices is easy, that has been done for 15 years or so.
Techniques required for that are well understood and I won't elaborate here.
The question, however, is how to make the services accessible to the users.
My service provider, XS4all, started providing IPv6 connectivity in 2001 or so,
initially through IPv4 tunnels (I've IPv6-connected the AfNOG network in Kampala
this way, for instance) and since a number of years natively.
IPv6 is enabled by default so if you enroll as customer you automatically
get IPv4 and IPv6.
That road was not easy. Getting the core routers to talk IPv4 and IPv6 is
easy enough (I'm pretty sure that most of the routers of the African ISP
community *can* to IPv6, perhaps a config option, perhaps an image update
but that's it). There were several challenges getting customers connected.
One issue is that XS4all doesn't do local loops to consumer customers themselves,
they depend on DSL loops from the incumbent provider and add their ISP service
on top of it. These days, that service is PPPoE and it's easy to do IPv4 and IPv6
over this DSL pipeline. The old DSL network (which, I'm told, will be switched off
before the end of the year) used PPPoA and could not do this. The old network is
at least 15 years old now and even I have migrated away from it now.
Another issue is the CPE. Many CPE's won't / can't do IPv6, and XS4all had to
work together with one that does. The result is actually cool: XS4all got to
create the specs for the IPv6 functionality (there are RIPE documents about
'IPv6 CPE requirements') and they are now using prefix delegation, the
PPPoE segment runs numberless, and, from what I hear, the helpdesk is pretty
quiet about the whole issue.
One thing that the CPE does, by default, is add a diode (only outgoing connections,
no incoming connections, by default). That does help a lot for poorly patched
domestic windows PC's (we all know them!). Like with IPv4 NAT, is it possible to
make holes in the diodes to allow connections to certain hosts/ports but the
defaults are 'safe'
I do know that XS4all spent a lot of time and effort to make this all 'right',
but it's there now and I, for one, would not notice if IPv4 would shut down
tomorrow as nearly everything I talk to is IPv6 capable now.
The net result is that a. most XS4all residential customers do have IPv6
(unless they manually switched it off or broke it), and b. new customers,
by default, do have IPv6 as well. And there's hardly any additional effort
- anymore - as the hard work was done years ago.
I don't think the situation in Africa neccessary needs to be much different
from here. Yes, you probably have braindead CPE's - we got those too.
There are ill-advised 'reasons' not to do this - we got those too.
But, ping6 works from here. Go figure!
The architecture actually isn't bad. You can add more PPPoE sessions for
closed networks (that's how IPtv apperently works, but I don't use it),
or VoIP (as implemented by other ISP's using the same infrastructure),
so there are other advantages.
The key thing is to Just Do It and select your kit accordingly when you do.
Geert Jan
(and, for the record, I do worry about the current 'health issue'.
My thoughts are with those affected, and I am hoping for more positive news
from the continent!)
_______________________________________________
afnog mailing list
http://afnog.org/mailman/listinfo/afnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/rpd/attachments/20141028/cbe1ef74/attachment.html>
More information about the RPD
mailing list