<html><body><div style="font-family: trebuchet ms,sans-serif; font-size: 10pt; color: #5b9bf2"><div>Hi Geert<br></div><div><br data-mce-bogus="1"></div><div>Thanks very much for sharing insight in your region. <br><br>Funny enough most cities and suburban towns in our african region are currently served by high speed broadband connectivity. At least its easy to get access to 20mbps/2mbps shared broadband internet in my home country. We have used technics like 6to4 tunnels to get connected and experiment with the v6 protocol for some time now (over 3 years) especially in areas where tunnel ends can be reached at less than 75ms (unfragmented v4 packet size of about 1492). Rural penetration is still low but it makes sense to enable both protocol stacks as services are rolled out in the rural communities.<br><br>It will be great to see service providers transparently enable or turn-on native v6 support in their networks especially with the xdsl service providers. This will help localized v6 traffic.</div><div><br data-mce-bogus="1"></div><div>Ebola epidermic is a global concern and rather unfortunate some arguements unnecessarily sited analogies far fetched. Nevertheless its amazing how the community stood together defend the course. It would be nice to see that same community come out selflessly to charter policies that will exploit our resources for regional development even when it bites their corporate and marketing strategies</div><div><br data-mce-bogus="1"></div><div>Cheers.</div><div><br data-mce-bogus="1"></div><div>K.<br data-mce-bogus="1"></div><div><br data-mce-bogus="1"></div><hr id="zwchr" data-marker="__DIVIDER__"><div data-marker="__HEADERS__"><b>From: </b>"Geert Jan de Groot" <GeertJan.deGroot@xs4all.nl><br><b>To: </b>"kofi ansa" <kofi.ansa@gmail.com><br><b>Cc: </b>"rpd" <rpd@afrinic.net>, "afnog" <afnog@afnog.org><br><b>Sent: </b>Tuesday, October 28, 2014 10:00:33 PM<br><b>Subject: </b>Re: [afnog] What are the major challenges in enabling Services to run on IPv6?<br></div><div><br>On Mon, 27 Oct 2014 13:59:59 +0400 Kofi ANSA AKUFO wrote:<br></div><div data-marker="__QUOTED_TEXT__"><blockquote style="border-left:2px solid #1010FF;margin-left:5px;padding-left:5px;color:#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;font-size:12pt;"> What are the major challenges in enabling Services to run on IPv6 in our<br> region?<br></blockquote></div><div><br>Let me try to shed some insight while typing this from a residential, <br>native IPv4/IPv6 connection in the Netherlands. Not Africa, but I think<br>there's still some lessons to learn.<br><br>Setting up dual-stack webservices is easy, that has been done for 15 years or so.<br>Techniques required for that are well understood and I won't elaborate here.<br>The question, however, is how to make the services accessible to the users.<br><br>My service provider, XS4all, started providing IPv6 connectivity in 2001 or so,<br>initially through IPv4 tunnels (I've IPv6-connected the AfNOG network in Kampala<br>this way, for instance) and since a number of years natively.<br>IPv6 is enabled by default so if you enroll as customer you automatically<br>get IPv4 and IPv6.<br><br>That road was not easy. Getting the core routers to talk IPv4 and IPv6 is<br>easy enough (I'm pretty sure that most of the routers of the African ISP<br>community *can* to IPv6, perhaps a config option, perhaps an image update<br>but that's it). There were several challenges getting customers connected.<br><br>One issue is that XS4all doesn't do local loops to consumer customers themselves,<br>they depend on DSL loops from the incumbent provider and add their ISP service<br>on top of it. These days, that service is PPPoE and it's easy to do IPv4 and IPv6<br>over this DSL pipeline. The old DSL network (which, I'm told, will be switched off<br>before the end of the year) used PPPoA and could not do this. The old network is<br>at least 15 years old now and even I have migrated away from it now.<br><br>Another issue is the CPE. Many CPE's won't / can't do IPv6, and XS4all had to<br>work together with one that does. The result is actually cool: XS4all got to<br>create the specs for the IPv6 functionality (there are RIPE documents about<br>'IPv6 CPE requirements') and they are now using prefix delegation, the <br>PPPoE segment runs numberless, and, from what I hear, the helpdesk is pretty<br>quiet about the whole issue.<br><br>One thing that the CPE does, by default, is add a diode (only outgoing connections,<br>no incoming connections, by default). That does help a lot for poorly patched<br>domestic windows PC's (we all know them!). Like with IPv4 NAT, is it possible to<br>make holes in the diodes to allow connections to certain hosts/ports but the<br>defaults are 'safe'<br><br>I do know that XS4all spent a lot of time and effort to make this all 'right',<br>but it's there now and I, for one, would not notice if IPv4 would shut down<br>tomorrow as nearly everything I talk to is IPv6 capable now.<br><br>The net result is that a. most XS4all residential customers do have IPv6 <br>(unless they manually switched it off or broke it), and b. new customers,<br>by default, do have IPv6 as well. And there's hardly any additional effort <br>- anymore - as the hard work was done years ago.<br><br>I don't think the situation in Africa neccessary needs to be much different<br>from here. Yes, you probably have braindead CPE's - we got those too.<br>There are ill-advised 'reasons' not to do this - we got those too.<br>But, ping6 works from here. Go figure!<br><br>The architecture actually isn't bad. You can add more PPPoE sessions for <br>closed networks (that's how IPtv apperently works, but I don't use it),<br>or VoIP (as implemented by other ISP's using the same infrastructure),<br>so there are other advantages.<br><br>The key thing is to Just Do It and select your kit accordingly when you do.<br><br>Geert Jan<br><br>(and, for the record, I do worry about the current 'health issue'. <br>My thoughts are with those affected, and I am hoping for more positive news <br>from the continent!)<br> <br>_______________________________________________<br>afnog mailing list<br>http://afnog.org/mailman/listinfo/afnog<br></div></div></body></html>