ietf
[Top] [All Lists]

Re: US DoD and IPv6

2010-09-29 16:46:29
Earlier, Joel Jaggli wrote:
The fact of the matter as a vendor, is that if you want
to get through network equipment requirements for, for example
the army approved products list (AAPL), ipv6 conformance testing
is now no longer an annnex, it's simply part of the process.


Interesting to know.  Of course, the above was also true 
for OSI CLNP, IS-IS, and ES-IS (under GOSIP) for many many years.


A bit before then, Thomas Narten wrote:
There are DoD networks where IPv6 is running today, 
and there certainly are networks where it is not.

The quote above seems very precisely phrased, 
and as an accidental result seems a bit misleading.

It appears to refer to the Defense Research & Engineering Network 
(DREN), which is widely reported to be dual-stack IPv4 and IPv6.
[e.g. see Ron Broersma's slides from the Google IPv6 Implementer's 
Workshop]  

However, the trade press and other public sources consistently
indicate the DoD considers DREN to be "experimental" or "research",
rather than "operational" (at least for the DoD meaning of the 
word 'operational').  

One also consistently reads that the actual operational DoD backbone 
(i.e. DISA's GIG-BE network) is IPv4 only, in part for security 
reasons and in part for lack of any business case to do otherwise,
and that all other DoD "operational" networks are also IPv4 only.

If someone has contradictory data, it would be very interesting 
to know the name of any "operational" (again, in the DoD meaning 
of that word) DoD networks that have a non-experimental/non-research 
deployment of IPv6 today.  


A bit before that, Brian Carpenter wrote:
On 2010-09-28 16:25, Phillip Hallam-Baker wrote:

 The US DoD is running out of IPv4 space?


Where did I say that?
 
 I very much doubt it.


Maybe, maybe not... how would we know?

One could check the public IANA allocation information, 
and perhaps combine it with other public information.
Published reports indicate the US DoD has very interesting
portion of the IPv4 unicast address space, even after
they gave a few blocks back earlier this decade.

However, in this case, that question is directly answered 
in the article that Noel originally mentioned.  
To quote directly:
        “I don’t forsee a crisis, per se … the big driver, 
        in my mind, excluding DoD, will be the explosion 
        of requirement for IP addresses, given where we are 
        headed from a technology standpoint,” he added.

        Conversely, he said, the Department of Defense networks 
        won’t be under the same strain."

So official DoD sources have said publicly that the DoD
does not have an IPv4 address shortage.  

In any case, we can't rewrite history, and many operators are
well beyond "project" and well into "plan".  Content providers
who aren't into "plan" have a problem coming up if they
still want to grow their audience a few years from now.

One hears reports that for several large ISPs ('operators'),
in different areas of the world, "the plan" involves 
carrier-scale deployment of:

        'Stateful NAT64: Network Address and Protocol Translation 
        from IPv6 Clients to IPv4 Servers'
        <draft-ietf-behave-v6v4-xlate-stateful-12.txt>

which I think is now approved for publication on the IETF
standards-track.

If those reports are true, then might it not be likely that
vendors are busy implementing the above in products, so
ISPs can deploy that capability, in turn so that any residential
users who only have an IPv6 address could still access the
content of the (for the moment much larger) IPv4 Internet ?

If one were a commercial content provider, only having an IPv6
address might seem incredibly limiting.  Might one imagine such
a content provider would refuse to buy for IPv6-only service ?
Might that not create a business case to lease/purchase IPv4 
address space (e.g. using the IPv4 trading provisions that 
some RIRs reportedly are setting up) ? 

BOTTOM LINE:

The mind boggles at the myriad possibilities here.  It seems so
incredibly unlikely that end-to-end connectivity (i.e. without
NAT, NAPT, or other middleboxes) is going to increase in future.

Yours

Ran

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread] Current Thread [Next in Thread>