Is it time to bring back the IPv6-only hour (well, half hour)?

[Matthew Petach via NANOG]

On Thu, Mar 31, 2022 at 2:01 PM Mark Andrews  wrote:

> You have to try running IPv6 only occasionally to weed out the
> dependencies.  You can do this on a per node basis.  Just turn off the IPv4
> interface and see how you run. I do this periodically on my Mac and disable
> IPv4.  This also makes my recursive nameserver IPv6 only as well.  You then
> see what breaks like sites where one of the cdn’s is IPv4 only despite the
> page itself being reachable over IPv6. Or the nameservers are not reachable
> over IPv6.
>
> Write down what you find is broken and report it.
>
> --
> Mark Andrews
>


This reminds me of days gone by, when NANOG used to have an IPv6-only hour
in the agenda, where IPv4 connectivity would be turned off, so people could
identify problem areas.

Unfortunately, it tended to mostly be an excuse to head to the coffee bar,
or enable "offline" mode in your mail client before it started, with little
active engagement in the room.

It might be interesting for NANOG86 in Hollywood to make it a formal part
of the agenda; not just an hour with no IPv4, but a focused half-an-hour in
which the focus of the room is on identifying problem areas; display an
anonymized "word cloud" on the screens in the room and remotely that people
can list sites, vendors, protocols, anything that they observe failing to
function from the point of view of an IPv6-only client.

We've talked about the need for people to "name-and-shame" in order to get
movement from some software and hardware vendors, but people are often
understandably reluctant to put their name on a 'name-and-shame' post that
could jeopardize their job.  Would doing it through an anonymized word
cloud give people more air coverage to list items they see that don't work
in an IPv6-only world?  (Clearly, there's limits; if you're the only
employee of a company, and you discover your employer's VPN endpoints don't
work from a v6-only network, you might think twice about listing it in the
word cloud--anonymization can only do so much to protect you!)

A forum leader at the microphone, making suggestions for services people
should test, functions they could try to exercise, sites they could try to
reach to start the ball rolling; and then as the word cloud starts to fill
in, solicit people's input on similar services to see if they fare any
better.  In fact, having two word clouds, red (doesn't work) and green
(does work) might be an even better idea, so that it's not just a
name-and-shame, but also a name-and-praise session, thanking those who have
done the work to make v6-only connectivity work, and calling out those who
still have work to do.

Or is this a ship that has already sailed, and attempting to resurrect it
will do nothing more than goose coffee sales for a brief interval?

Thoughts and feedback welcome!

Matt

Re: Let's Focus on Moving Forward Re: V6 still not supported re: 202203261833.AYC

[Matthew Petach via NANOG]

On Mon, Apr 4, 2022 at 10:41 AM Vasilenko Eduard via NANOG 
wrote:

> 240.0.01.1 address is appointed not to the router. It is appointed to
> Realm.
> It is up to the realm owner (ISP to Enterprise) what particular router (or
> routers) would do translation between realms.
>

Please forgive me as I work this out in my head for a moment.

If I'm a global network with a single ASN on every populated continent
on the planet, this means I would have a single Realm address; for
the sake of the example, let's suppose I'm ASN 42, so my Realm
address is 240.0.0.42.  I have 200+ BGP speaking routers at
exchange points all over the planet where I exchange traffic with
other networks.

In this new model, every border router I have would all use the
same 240.0.0.42 address in the Shaft, and other Realms would
simply hand traffic to the nearest border router of mine, essentially
following a simple Anycast model where the nearest instance of the
Realm address is the one that traffic is handed to, with no way to do
traffic engineering from continent to continent?

Or is there some mechanism whereby different instances of 240.0.0.42
can announce different policies into the Shaft to direct traffic more
appropriately that I'm not understanding from the discussion?

Because if it's one big exercise in enforced Hot Potato Routing with
a single global announcement of your reachability...

...that's gonna fail big-time the first time there's a major undersea
quake in the Strait of Taiwan, which cuts 7/8ths of the trans-pacific
connectivity off, and suddenly you've got the same Realm address
being advertised in the US as in Asia, but with no underlying connectivity
between them.

https://www.submarinenetworks.com/news/cables-cut-after-taiwan-earthquake-2006

We who do not learn from history are doomed to repeat it...badly.   :(

Matt