The reason I am proposing deployment cases is that while I
beleive that #1 is the ultimate end state I also believe the
same of PKI and cryptographic security systems. There is no
technology developed in computer science that provides a more
compelling intellectual case
...to computer scientists...
than Public Key Cryptography.
Yet after three decades our use of PKI barely scratches the
surface of what is possible. We need to ask why.
Human psychology.
Recently I spoke to a senior
executve at a very large manufacturing company that is 100%
certain that their principal product line will be completely
obsolete within five years, most of you would say it is
obsolete today. Their idea of forward planning for the change
is not investing in any new equipment that is unlikely to see
a return before that time.
How many senior executives in Internet operators are consciously
not investing in any IPv4 products that will not provide a
return before the global IPv4 space is exhausted. I believe that
very few such executives have even made this fundamental decision.
As a result, there is not yet enough pressure on vendors to get
their products IPv6 ready before 2010. Where are the Internet
gateways that seamlessly work with IPv4 or IPv6 on either side
of the box? Where are the OSS systems? Where are the firewalls,
load balancers, and other linchpins of the data center? Given the
fact that network operators need a fair amount of lead time to test
and certify new equipment (or software) before easing it into
production in stages, I don't believe that we are as advanced as
we need to be by this point in time.
Mere exhaustion of the IPv4 address space is not going to be
a sufficient incentive unless (1) it is certain to happen in
the next two quarters and (2) the impact is certain to be
negative on the specific stakeholder in question.
Even this is problematic because the fund managers and
investment analysts are not yet asking senior executives
how they plan to mitigate IPv4 exhaustion. If senior executives
don't consider the issue, then they won't take action even if
it is certain to happen in the next two quarters.
If we are to turn the stakeholders around we have to offer
them a compelling proposition. Merely preventing the
exhaustion of the unallocated IPv4 pool is not a sufficient
incentive for a stakeholder executive sitting on a large pool
of unused addresses.
It is not the exhaustion of the free pool that should be feared.
It is the fact that your IPv4 network will lose the ability to
grow (and therefore drive growth in revenue) when there are no
free addresses. You will be forced to spend a lot of money on
either implementing IPv6 in a last minute panic, or spend a lot
of money on "strings and sealing wax" to make IPv4 services more
or less feasible.
The sooner that companies take action, the sooner they can navigate
an optimal path through these waters. In some case, spending on
things like double NAT for IPv4 may well provide a return on
investment, but that has to be balanced against a scenario in
which more investment dollars go towards making an IPv6 Internet
service functionable earlier.
Unless I've missed something recent, the IETF did not do a lot of
work on the scenario where IPv4 islands need to communicate over
an IPv6 Internet, talking to both IPv4 and IPv6 services. Yet this
core-outwards scenario seems to be the primary transition scenario
that we are driving towards. The first companies to be impacted
by lack of IPv4 addresses are the core network operators, so they
must transition to IPv6 before the end user islands.
--Michael Dillon
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf