[afnog] What are the major challenges in enabling Services to run on IPv6?
Andrew Alston
Andrew.Alston at liquidtelecom.com
Tue Oct 28 15:02:06 UTC 2014
Hi Malick,
I to apologise for my reaction to your posts, sometimes I get a little hot
under the collar (I’m known for it haha).
As others have eluded to, v6 migration is not the priority, deployment of
high quality high speed networks is. I have long believed that when you
do something though, you should do it properly, and I argue that there is
no more effort to deploy a dual-stack network than there is deploying a
new v4 only network. I argue that even deploying v6 on the current legacy
v4 networks, is far less work than people make out (and far less expensive
than most people make out). Yes there are challenges with deploying
anything new, but that is the price of progress and progress is something
we should welcome.
The arguments that Africa has loads of v4 space left are also concerning
to me, as we are seeing rapid depletion of the pool due to some pretty
large requests (I won’t enter the debate here as to if these requests and
where the space is going are legitimate or not), but I do not believe that
we have anywhere near enough v4 space left in the AfriNIC pool to cater
for the full needs of the African continent, particularly if we start
eliminating NAT (and I am a very big proponent of NAT elimination, since I
have long believed it is a hack that breaks many key things)
If you take v4 vs v6 deployed in an identical way, functionally it is not
a case of more securely, or one being better than the other, they should
function identically. However, that is not how this really works. Every
day I deal with the problems of heavily NAT’ed v4 networks and the
problems caused by private address space, and they are numerous.
Therefore what we are really looking at is a comparison between a network
with live v6 space vs a network heavily reliant on translation mechanisms.
I’ll take the v6 network any time any day.
I also do not believe, or intend to suggest, that v6 has ever been given a
priority over infrastructure deployment and not do I believe it should be
given such. I believe the two go hand in hand, as you are deploying
infrastructure, deploy v6 on top of it. The resources required to do so
are minimal and will hardly have a significant impact on infrastructure
deployment.
To give you an example, I am currently in the middle of a MAJOR upgrade
project in one particular place, a project that has a price tag of many
millions. That project would go ahead with or without v6, but to do it
with no v6 planning would have been insanity, since the v6 planning
created absolutely zero increase in CAPEX cost and the increase in OPEX to
do the v6 was negligent in the scope of the project. To further expand on
this, being v6 ready to the edge on a project like this leaves me with an
interesting opportunity further down the line, and that is to scrap v4 to
the edge the moment LDPv6 and certain other capabilities become available.
(By way of explanation, there are many devices that are used purely for
MPLS based backhaul (e-line/xconnect style), and the moment the
functionality exists to do this over v6, I can remove the v4 from these
devices and redeploy it elsewhere, which in turn eliminates strain on the
v4 pool and caters for where we do truly need v4. This would not be an
option if I had to go and do the entire network v4 only now, and go back
afterwards to do v6 (not where we are talking about in excess of 1500
devices to be reconfigured later if I don’t do it now).
It is the same as people who ask me why the networks we deploy are
deployed with 10G vs 1G, when the bandwidth utilisations TODAY do not
necessarily necessitate the need for 10G circuits. The answer is simple,
the major cost is in pulling the fiber, and the cost of upgrading segments
of the network later when we hit a bandwidth problem are actually higher
than doing the thing properly from day 1. It’s a very similar argument.
I myself am pleasantly pleased with what I see in terms of development in
terms of the growth in the regions in which I operate, and I think in
coming months many new things will show up that will both please and
excite people on the continent, but most importantly, in deploying this
infrastructure, we are making sure that it is not just the physical that
is deployed correctly, it is the logical and the IP layer that is also
modern and deployed properly.
The other thing to consider that I have given serious thought to, one of
the problems we have struggled with in Africa is our routing and our BGP.
For far to long deaggregation and other nasty hacks have been used for
bandwidth controls and every other reason you could dream of. If we do v6
right, as we move into the v6 era, we can hopefully avoid the mistakes of
the v4 past, and ensure that in the new era, we have this done properly.
Just my thoughts.
Andrew Alstont
Group Head of IP Strategy
Sameer business Park, Block A, Mombasa Road. Nairobi, Kenya
T: +254 205000000 - M: +254 733 2222 04 - E:
andrew.alston at liquidtelecom.com
On 10/28/14, 4:31 PM, "Malick.Sy at swisscom.com" <Malick.Sy at swisscom.com>
wrote:
>Andrew,
>Apologies if my tone may have come across “colonialist” or aloof, (I wont
>proceed to prove my African-ness with a list of achievements or my latest
>itinerary, as I don’t think that is the purpose of this list.) Rest
>assured, I (like all mankind) have African roots.
>
>Back to the earlier point I was trying to address, (on AFNOG, as I believe
>this is meant to be African-centric NOG mailing list), I believe the
>question was what are the major challenges to v6 service enablement? My
>response and subsequent question (in a nutshell) was: Why is V6 a priority
>and why are people rushing to enable it? Surely there are other priorities
>that should and can be address on the global collaborative level (NOG
>level) more pressing and region specific (I believe that was one of the
>guiding principles behind setting up regional NOGs, to decentralise and
>deal with “regional” issues, if I may permit myself to use regional in
>this globalised, region-agnostic domain that we are talking about.)
>
>So my question(s), were simply meant to ask:
>
>1)Why is V6 migration a priority in Africa? I am sure there may be valid
>reasons, like next generation mobile infrastructure deployments and other
>infrastructure that needs public IP addressing and will not be deployed in
>a scalable manner using existing IPV4 addresses. I would love to learn
>about these and how these are currently being enabled with v6 in a “better
>and more secure” manner than on v4.
>2) Is the current urgency of V6 deployments in Africa a real priority or
>has it been given “false” priority over possibly more enabling
>technologies and solutions (this is where I mentioned the current
>healthcare case that is troubling the region and the globe). By more
>enabling technologies I mean greater wifi expansion, 3G/4G expansion, more
>fibre deployments (GPON, EPON, good old single mode to bridge relatively
>small distances), power grid infrastructure support projects, educational
>institute connectivity projects.
>
>Again, apologies if my statements came across a bit “distant” (shall we
>say), my underlying goal was to question and learn (the references to
>Facebook and short sighted label may have rubbed me the wrong way, I was
>hoping more for a holistic view of Africa as a continent and also answers
>to the need for v6 so badly in Africa, today.)
>
>I hope this makes sense.
>..........................................
>Best Regards,
>Malick Sy
>Sr. Network Engineer
>
>Swisscom (Switzerland) Ltd.
>Hospitality Services
>2, chemin du Pavillon
>Case Postale 2200
>CH-1211 Genève 2
>
>
>Desk Phone:+41 227 407 585
>Cellular Phone:+ 41 794 426 765
>Fax Number: +41 227 740 7542
>Internet: www.swisscom.com/hospitality
>............................................
>This message contains confidential or privileged information and is
>intended solely for the use of the individual(s) to whom it is addressed.
>If you are not the intended recipient, you are hereby notified that you
>must not use, copy, disclose, forward or take any action based on this
>message or information herein. If you have received this message by error,
>please advise the sender immediately and delete this message.
>
>
>
>
>
>On 28/10/2014 12:52, "Andrew Alston" <Andrew.Alston at liquidtelecom.com>
>wrote:
>
>>Malick,
>>
>>How about before you start citing things, that you have read on a mailing
>>list, get off your backside and come to Africa and see the situation on
>>the ground for yourself. As for the 7%, I listed a few select examples,
>>I could fill pages of what is going on in Africa if I had the time, or
>>the inclination to do so, but I won't waste my breath with yet another
>>colonialist mindset that believes they know the situation on the ground,
>>know everything there is to know about my continent and spew drivel from
>>an informed perspective based entirely on the reading of one mailing
>>list.
>>
>>I find it insulting that your mails imply that we as Africans have no
>>clue what is best for ourselves, that we as Africans do not have the
>>mentality or the brains to understand how to develop our own region, that
>>you as a European sitting a world away can somehow gaze into a crystal
>>ball and tell us what is best.
>>
>>*THAT* is the very definition of a colonial mindset, and quite frankly,
>>we don't need it
>>
>>Andrew
>>
>>-----Original Message-----
>>From: Malick.Sy at swisscom.com [mailto:Malick.Sy at swisscom.com]
>>Sent: Tuesday, October 28, 2014 2:38 PM
>>To: Andrew Alston; mark.tinka at seacom.mu
>>Cc: rpd at afrinic.net; afnog at afnog.org
>>Subject: Re: [afnog] What are the major challenges in enabling Services
>>to run on IPv6?
>>
>>Andrew,
>>Thanks very much for the facts about what is going on in 4 African
>>countries or 0.07 percent of the continent(Rwanda, Kenya, Uganda and
>>Tanzania.) Hopefully, this level of deployment will eventually reach the
>>remaining 50 countries or the 99 percent of Africa that is not on your
>>current list.
>>
>>I am a member of a number of NOG mailing lists, the AfNOG one is the only
>>one that resonates with self-righteousness and "people blowing their own
>>trumpets".
>>If we could look past the labels, name calling and self importance and
>>stay focused, and maybe address more than 0.7 percent of a customer base,
>>before jumping on a soap box, we will be in a much better posiiton vis a
>>vis technology, economics, finance, farming, every domain that I can
>>think of.
>>
>>My original statement was asking for the compelling use case for
>>prioiritizing v6 deployments "to the access layer" in Africa. I have not
>>yet read one. Thanks for your inputs though. Much appreciated
>>
>>..........................................
>>Best Regards,
>>Malick Sy
>>Sr. Network Engineer
>>
>>Swisscom (Switzerland) Ltd.
>>Hospitality Services
>>2, chemin du Pavillon
>>Case Postale 2200
>>CH-1211 Genève 2
>>
>>
>>Desk Phone:+41 227 407 585
>>Cellular Phone:+ 41 794 426 765
>>Fax Number: +41 227 740 7542
>>Internet: www.swisscom.com/hospitality
>>............................................
>>This message contains confidential or privileged information and is
>>intended solely for the use of the individual(s) to whom it is addressed.
>>If you are not the intended recipient, you are hereby notified that you
>>must not use, copy, disclose, forward or take any action based on this
>>message or information herein. If you have received this message by
>>error, please advise the sender immediately and delete this message.
>>
>>
>>
>>
>>
>>On 28/10/2014 12:29, "Andrew Alston" <Andrew.Alston at liquidtelecom.com>
>>wrote:
>>
>>>Malick,
>>>
>>>Laugh, from what you write here, you patently obviously know little
>>>about me.
>>>
>>>You made a reference to the money being spent to implement v6, I
>>>pointed out that the financial constraints in terms of OPEX to do it as
>>>we deploy are lower than deploying it as a retro-fit, I stand by that
>>>statement.
>>>
>>>Secondly, if you have V6 only, you can't communicate to V4 only
>>>systems, and vice versa. So yes, dual-stack is the answer and it's
>>>what I've been actively doing for years. That does not mean it makes
>>>sense to ignore v6 for now and at some vast future date add v6 as an
>>>afterthought when you are already in problem mode because you've
>>>started to lose access to systems that have gone v6 only.
>>>
>>>Thirdly, as for finding solutions to real world problems, I can say
>>>very confidently that I know something about the infrastructure and the
>>>network deployments going on in Africa (and in particular East and
>>>Southern Africa), and I can say that what is being deployed actively
>>>and heavily is probably far beyond what you imagine. I merely believe
>>>that deploying IPv6 while doing these infrastructure upgrades is a
>>>sensible and sane thing to do.
>>>
>>>You talk about fiber infrastructure investment and other such
>>>investment, so let me enlighten you as to some facts on the African
>>>continent.
>>>
>>>So far this year:
>>>
>>>Rwanda, Tanzania, Uganda and Kenya are now on a fiber ring with full
>>>redundancy.
>>>Capacity into Uganda through Kenya is now running full DWDM systems
>>>with multiple 10G waves Capacity into Rwanda has been drastically
>>>expanded Metro fiber networks are being actively rolled out (or have
>>>been rolled
>>>out) in Nairobi, Mombasa, Kampala, Kigali, Kisumu, Nakuru, Eldoret and
>>>the list continues.
>>>
>>>Undersea capacity is there, we have SEACOM, we have EASSY, we can route
>>>around the west coast via WACS, and if Im correct that totals in excess
>>>of 10 terabit of capacity.
>>>
>>>My employer has publically committed to a further $200 million
>>>investment in the next 24 months in infrastructure as well in the
>>>region.
>>>
>>>Now, considering all of this, as infrastructure is put in place, isn't
>>>it the smart choice to roll up to date infrastructure with up to date
>>>protocols instead of continuing to deploy legacy v4 that the world at
>>>large is being forced to move away from, since it is a dying beast?
>>>
>>>This has nothing to do with "what my formal colonial masters" are doing
>>>or have done, this is about wanting world class networking on the
>>>continent, that is in line with global standards and best practices and
>>>protocols. As far as I'm concerned, if Africa gets the opportunity, we
>>>should SURPASS the former colonial masters, and if we ever hope to do
>>>that, letting ourselves stick with v4 is suicidal.
>>>
>>>I would suggest though before you speak out, you actually show a
>>>modicum of understanding of what is actually going on on this continent.
>>>
>>>Andrew
>>>
>>>
>>>-----Original Message-----
>>>From: Malick.Sy at swisscom.com [mailto:Malick.Sy at swisscom.com]
>>>Sent: Tuesday, October 28, 2014 2:15 PM
>>>To: Andrew Alston; mark.tinka at seacom.mu
>>>Cc: rpd at afrinic.net; afnog at afnog.org
>>>Subject: Re: [afnog] What are the major challenges in enabling Services
>>>to run on IPv6?
>>>
>>>Andrew,
>>>Maybe you have not heard of dual stack systems. This has been a reality
>>>at OS level (at least on Linux and FreeBSD) for years and all decent
>>>network vendors support dual stacks.. RFC 2766 also provides a
>>>transalation mechanism for v6 to v4 packets as well, it is possible to
>>>tunnel one protocol within another. So, I don't agree that "Because my
>>>former colonial master is doing it, I have to do it too" mentality or
>>>outlook. We need to take a deep look at what we prioritise.
>>>
>>>Solutions should be found for real world problems and issues on the
>>>ground, not perceived or imported views of "problems".
>>>
>>>1)http://www.networkworld.com/article/2235990/cisco-subnet/the-dual-sta
>>>ck-
>>>d
>>>ilemma.html
>>>2)http://www.cisco.com/c/dam/en/us/products/collateral/ios-nx-os-softwa
>>>re/
>>>e
>>>nterprise-ipv6-solution/aag_c45-625513.pdf
>>>3)https://www.ietf.org/rfc/rfc2766.txt
>>>4)http://ipv6.com/articles/gateways/IPv6-Tunnelling.htm
>>>
>>>..........................................
>>>Best Regards,
>>>Malick Sy
>>>Sr. Network Engineer
>>>
>>>Swisscom (Switzerland) Ltd.
>>>Hospitality Services
>>>2, chemin du Pavillon
>>>Case Postale 2200
>>>CH-1211 Genève 2
>>>
>>>
>>>Desk Phone:+41 227 407 585
>>>Cellular Phone:+ 41 794 426 765
>>>Fax Number: +41 227 740 7542
>>>Internet: www.swisscom.com/hospitality
>>>............................................
>>>This message contains confidential or privileged information and is
>>>intended solely for the use of the individual(s) to whom it is
>>>addressed.
>>>If you are not the intended recipient, you are hereby notified that you
>>>must not use, copy, disclose, forward or take any action based on this
>>>message or information herein. If you have received this message by
>>>error, please advise the sender immediately and delete this message.
>>>
>>>
>>>
>>>
>>>
>>>On 28/10/2014 11:53, "Andrew Alston" <Andrew.Alston at liquidtelecom.com>
>>>wrote:
>>>
>>>>Hi Malick,
>>>>
>>>>This is kind of a short sighted view in my opinion. Why you ask?
>>>>Because the rest of the world has to go V6 and V6 doesn't talk to V4,
>>>>unless you want to take a huge step backwards and start running
>>>>translation mechanisms and other dodgy kludges which will further
>>>>degrade the African internet experience.
>>>>
>>>>Money is being spent on fiber, wimax and all the other things you
>>>>mention, in vast quantities. Infact I would hazard a guess that the
>>>>investment levels into African infrastructure at the moment are
>>>>probably outstripping what is being spent upgrading systems in other
>>>>more developed parts of the world. That should not stop us trying to
>>>>get to a point where the internet in Africa has parity with the rest
>>>>of the world, and parity means we get the V6 in or risk being left
>>>>behind when the rest of the world goes that way (as they have to do,
>>>>since there is no more v4).
>>>>
>>>>Further to this, it is far cheaper to implement V6 as the
>>>>infrastructure is expanded than have to go back and retrofit, if we
>>>>don't do it now, we'll be facing a HUGE bill later when we're forced
>>>>to do it anyway
>>>>
>>>>Andrew
>>>>
>>>>
>>>>-----Original Message-----
>>>>From: Malick.Sy at swisscom.com [mailto:Malick.Sy at swisscom.com]
>>>>Sent: Tuesday, October 28, 2014 1:21 PM
>>>>To: mark.tinka at seacom.mu; Andrew Alston
>>>>Cc: rpd at afrinic.net; afnog at afnog.org
>>>>Subject: Re: [afnog] What are the major challenges in enabling
>>>>Services to run on IPv6?
>>>>
>>>>Hi,
>>>>I was wondering, what good business need is there to push IPv6 to the
>>>>network edge, specifically in Africa?
>>>>What would be the direct benefit to the customer or the service
>>>>provider, of investing in configuring, deploying and migrating to v6.
>>>>V4 address depletion is a reality, but in the Africa region, is there
>>>>really a shortage of IP addresses to assign or is there more a lack of
>>>>services to run on these IP addresses? Also, wouldn¹t the effort and
>>>>expense to move to v6 In Africa, be better used, if spent on
>>>>harnessing WiMax? rolling out fibre where possible? I creasing Wifi
>>>>coverage?
>>>>rolling out DSL/VDSL/xDSL? Increasing peering points? creating
>>>>alternatives to the current under sea cable transits (and reduce
>>>>reliance on ACE, etc)?
>>>>With the relatively small penetration of broadband in Africa, should
>>>>not efforts be spent addressing broadband penetration rates and access
>>>>to information, rather than ³keeping up with the Jones² and rolling
>>>>out technology for the sake of technology?
>>>>
>>>>In Europe, I am only aware of France¹s Free who have a full native
>>>>IPv6 deployment, all other providers are managing to provide services
>>>>without too big an IPv6 footprint. In the Americas, I believe a number
>>>>of educational institutions have native v6, and most Sps can probably
>>>>provide it. My contention, IPv6 rollouts globally have been quite low
>>>>speed and that is probably because there are other priorities for the
>>>>Service providers.
>>>>
>>>>So major challenges to enabling services on v6, I guess the demand for
>>>>such services, is probably going to be a major factor.If there is no
>>>>demand or minimal demand, and a current working system exists, why
>>>>waste time on it?
>>>>Just my 2 cents.
>>>>
>>>>..........................................
>>>>Best Regards,
>>>>Malick Sy
>>>>Sr. Network Engineer
>>>>
>>>>Swisscom (Switzerland) Ltd.
>>>>Hospitality Services
>>>>2, chemin du Pavillon
>>>>Case Postale 2200
>>>>CH-1211 Genève 2
>>>>
>>>>
>>>>Desk Phone:+41 227 407 585
>>>>Cellular Phone:+ 41 794 426 765
>>>>Fax Number: +41 227 740 7542
>>>>Internet: www.swisscom.com/hospitality
>>>>............................................
>>>>This message contains confidential or privileged information and is
>>>>intended solely for the use of the individual(s) to whom it is
>>>>addressed.
>>>>If you are not the intended recipient, you are hereby notified that
>>>>you must not use, copy, disclose, forward or take any action based on
>>>>this message or information herein. If you have received this message
>>>>by error, please advise the sender immediately and delete this message.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>On 28/10/2014 07:18, "Mark Tinka" <mark.tinka at seacom.mu> wrote:
>>>>
>>>>>On Tuesday, October 28, 2014 07:05:33 AM Andrew Alston
>>>>>wrote:
>>>>>
>>>>>> That challenge also prevents a
>>>>>> lot of providers from actually putting in the effort (and sometimes
>>>>>> expense) of rolling IPv6 all the way to the edge with a lack of
>>>>>> demand. Its kinda a chicken and egg situation for many, no IPv6 at
>>>>>> the edge decreases the number of people running IPv6, we decreases
>>>>>> the demand for IPv6, which decreases the motivation to roll
>>>>>> IPv6 to the edge.
>>>>>
>>>>>I'm still reasonably disappointed in the lack of drive from retail
>>>>>providers to offer IPv6 to their customers, i.e., the
>>>>>broadband/consumer space.
>>>>>
>>>>>Granted, it is a lot more challenging to deliver IPv6 to large scale
>>>>>consumers (more so in Africa, where a lot of consumers are running
>>>>>data off the mobile networks).
>>>>>
>>>>>But I think that deployment of IPv6 toward end customers in a manner
>>>>>where they do not have to directly participate in the process is
>>>>>where we shall see the most gains.
>>>>>
>>>>>The old mantra still holds true - users don't care, as long as it
>>>>>works.
>>>>>
>>>>>Mark.
>>>>
>>>>
>>>>DISCLAIMER: This email contains proprietary information some or all
>>>>of which may be legally privileged. It is for the intended recipient
>>>>only.
>>>>If an addressing or transmission error has misdirected this email,
>>>>please notify the author by replying to this email. If you are not the
>>>>intended recipient, you must not use, disclose, copy, print, or rely
>>>>on this email. We cannot accept liability for any statements made
>>>>which are clearly the sender's own and not expressly made on behalf of
>>>>this company or one of its agents.
>>>>
>>>
>>>
>>>DISCLAIMER: This email contains proprietary information some or all of
>>>which may be legally privileged. It is for the intended recipient only.
>>>If an addressing or transmission error has misdirected this email,
>>>please notify the author by replying to this email. If you are not the
>>>intended recipient, you must not use, disclose, copy, print, or rely on
>>>this email. We cannot accept liability for any statements made which
>>>are clearly the sender's own and not expressly made on behalf of this
>>>company or one of its agents.
>>>
>>
>>
>>DISCLAIMER: This email contains proprietary information some or all of
>>which may be legally privileged. It is for the intended recipient only.
>>If an addressing or transmission error has misdirected this email, please
>>notify the author by replying to this email. If you are not the intended
>>recipient, you must not use, disclose, copy, print, or rely on this
>>email. We cannot accept liability for any statements made which are
>>clearly the sender's own and not expressly made on behalf of this company
>>or one of its agents.
>>
>
DISCLAIMER: This email contains proprietary information some or all of which may be legally privileged. It is for the intended recipient only. If an addressing or transmission error has misdirected this email, please notify the author by replying to this email. If you are not the intended recipient, you must not use, disclose, copy, print, or rely on this email. We cannot accept liability for any statements made which are clearly the sender's own and not expressly made on behalf of this company or one of its agents.
More information about the afnog
mailing list