Re: ipv6 transit over tunneled connection
I have both Level3 and NTT v6 connections and there are no additional charges for the service. I recall NTT had one a few years ago, but I think that's fallen by the wayside. Mike -- Michael K. Smith - CISSP, GSEC, GISP Chief Technical Officer - Adhost Internet LLC mksm...@adhost.com w: +1 (206) 404-9500 f: +1 (206) 404-9050 PGP: B49A DDF5 8611 27F3 08B9 84BB E61E 38C0 (Key ID: 0x9A96777D) On 2/17/11 7:01 PM, Jack Carrozzo j...@crepinc.com wrote: We pick up v6 from HE currently (like the rest of the world). L3 offered us dual stack also, but they wanted money to set it up plus MRC. None of our Bits That Matter (tm) go over v6 anyhow. (I guess the right phrase would be revenue producing bits). -Jack Carrozzo On Mon, May 17, 2010 at 9:51 AM, Eric Van Tol e...@atlantech.net wrote: -Original Message- From: Jared Mauch [mailto:ja...@puck.nether.net] Sent: Friday, May 14, 2010 2:49 PM To: Jack Carrozzo Cc: nanog@nanog.org Subject: Re: ipv6 transit over tunneled connection I'm curious what providers have not gotten their IPv6 plans/networks/customer ports enabled. I know that Comcast is doing their trials now (Thanks John!) and will be presenting at the upcoming NANOG about their experiences. What parts of the big I Internet are not enabled or ready? We don't see Savvis, Level3, or AboveNet with IPv6 capabilities in our region (DC). Two years ago, neither Verizon or ATT had IPv6, either. Not sure about them now, as we no longer use them for transit. One would think everyone would have v6 capabilities in the heart of government territory, but okay. For whatever reason, Verio actually charges (or used to) for their IPv6 separately from IPv4 and to top it all off, it wasn't significantly discounted. -evt
Re: ipv6 transit over tunneled connection
We pick up v6 from HE currently (like the rest of the world). L3 offered us dual stack also, but they wanted money to set it up plus MRC. None of our Bits That Matter (tm) go over v6 anyhow. (I guess the right phrase would be revenue producing bits). -Jack Carrozzo On Mon, May 17, 2010 at 9:51 AM, Eric Van Tol e...@atlantech.net wrote: -Original Message- From: Jared Mauch [mailto:ja...@puck.nether.net] Sent: Friday, May 14, 2010 2:49 PM To: Jack Carrozzo Cc: nanog@nanog.org Subject: Re: ipv6 transit over tunneled connection I'm curious what providers have not gotten their IPv6 plans/networks/customer ports enabled. I know that Comcast is doing their trials now (Thanks John!) and will be presenting at the upcoming NANOG about their experiences. What parts of the big I Internet are not enabled or ready? We don't see Savvis, Level3, or AboveNet with IPv6 capabilities in our region (DC). Two years ago, neither Verizon or ATT had IPv6, either. Not sure about them now, as we no longer use them for transit. One would think everyone would have v6 capabilities in the heart of government territory, but okay. For whatever reason, Verio actually charges (or used to) for their IPv6 separately from IPv4 and to top it all off, it wasn't significantly discounted. -evt
RE: ipv6 transit over tunneled connection
ATT has told us that they will have IPv6 on their MIS circuits Q2 2011. Deltacom has told us the same. We will be testing native IPv6 with both these carriers on GE Internet circuits sometime around Q3. -Hammer- I was a normal American nerd. -Jack Herer -Original Message- From: Jack Carrozzo [mailto:j...@crepinc.com] Sent: Thursday, February 17, 2011 9:01 PM To: Eric Van Tol Cc: nanog@nanog.org Subject: Re: ipv6 transit over tunneled connection We pick up v6 from HE currently (like the rest of the world). L3 offered us dual stack also, but they wanted money to set it up plus MRC. None of our Bits That Matter (tm) go over v6 anyhow. (I guess the right phrase would be revenue producing bits). -Jack Carrozzo On Mon, May 17, 2010 at 9:51 AM, Eric Van Tol e...@atlantech.net wrote: -Original Message- From: Jared Mauch [mailto:ja...@puck.nether.net] Sent: Friday, May 14, 2010 2:49 PM To: Jack Carrozzo Cc: nanog@nanog.org Subject: Re: ipv6 transit over tunneled connection I'm curious what providers have not gotten their IPv6 plans/networks/customer ports enabled. I know that Comcast is doing their trials now (Thanks John!) and will be presenting at the upcoming NANOG about their experiences. What parts of the big I Internet are not enabled or ready? We don't see Savvis, Level3, or AboveNet with IPv6 capabilities in our region (DC). Two years ago, neither Verizon or ATT had IPv6, either. Not sure about them now, as we no longer use them for transit. One would think everyone would have v6 capabilities in the heart of government territory, but okay. For whatever reason, Verio actually charges (or used to) for their IPv6 separately from IPv4 and to top it all off, it wasn't significantly discounted. -evt
RE: ipv6 transit over tunneled connection
-Original Message- From: Jared Mauch [mailto:ja...@puck.nether.net] Sent: Friday, May 14, 2010 2:49 PM To: Jack Carrozzo Cc: nanog@nanog.org Subject: Re: ipv6 transit over tunneled connection I'm curious what providers have not gotten their IPv6 plans/networks/customer ports enabled. I know that Comcast is doing their trials now (Thanks John!) and will be presenting at the upcoming NANOG about their experiences. What parts of the big I Internet are not enabled or ready? We don't see Savvis, Level3, or AboveNet with IPv6 capabilities in our region (DC). Two years ago, neither Verizon or ATT had IPv6, either. Not sure about them now, as we no longer use them for transit. One would think everyone would have v6 capabilities in the heart of government territory, but okay. For whatever reason, Verio actually charges (or used to) for their IPv6 separately from IPv4 and to top it all off, it wasn't significantly discounted. -evt
Re: ipv6 transit over tunneled connection
Hello, Just wanted to say thanks to everybody who replied and/or offered help. I've got a few private peering offers, so I guess I'm ok now. Thanks a lot, Michael On Friday 14 May 2010 11:25:10 pm Michael Ulitskiy wrote: Guys, I've started this thread looking for advice on available options. There's no doubt in my mind that native connectivity is better than tunnels, but unfortunately tunnel is the only way to get me started, 'cause my upstream does not support ipv6 (hopefully just yet) and I have no budget for additional circuits to ipv6-enabled carrier. So my question still stands: is anyone aware of a reasonable tunneled ipv6 transit service (I mean aside from HE tunnel broker)? The load will be really light. I don't expect we'll break a few Mbit/s in the nearest future and when we do then I guess it'll be the time to look for the native transit. Thanks, Michael On Thursday 13 May 2010 18:18:12 Michael Ulitskiy wrote: Hello, We're in the early stage of planning ipv6 deployment - learning/labbing/experimenting/etc. We've got to the point when we're also planning to request initial ipv6 allocation from ARIN. So I wonder what ipv6 transit options I have if my upstreams do not support native ipv6 connectivity? I see Hurricane Electric tunnel broker BGP tunnel. Is there anything else? Either free or commercial? Thanks, Michael
Re: ipv6 transit over tunneled connection
On 2010/05/14 03:39 AM, Christopher Morrow wrote: 3) don't tunnel beyond your borders, really just don't We have managed to achieve that fairly well. We have colocated a single router in a provider in London with native IPv6 where we have our primary break out. We then tunnel over IPv4 between this router and our core. The tunneling protocol provides transparent L2 frame reassembly so we have MTU 1500 all the way to the edge of the network. -- Graham Beneke gra...@apolix.co.za | Apolix Internet Services Tel : +27-87-550-1010 | http://www.apolix.co.za/ Cell: +27-82-432-1873 | PO Box 1120 Skype: grbeneke | Melville, 2109
Re: ipv6 transit over tunneled connection
On 2010-05-15 05:32, Christopher Morrow wrote: On Fri, May 14, 2010 at 11:25 PM, Michael Ulitskiymulits...@acedsl.com wrote: So my question still stands: is anyone aware of a reasonable tunneled ipv6 transit service (I mean aside from HE tunnel broker)? The load will be really light. I don't expect we'll break a few Mbit/s in the nearest future and when we do then I guess it'll be the time to look for the native transit. beware the uTorrent ... (see johnb's notes about this) sixxs i think also had NYC based tunnel boxes, no? usewr01 is Newark, thus quite close. uschi02 is Chicago (UN/LOCODE++) thus not really around the corner unless you compare it to Tokio... SixXS never does transit/BGP though*. We only provide IPv6 connectivity to end-sites, thus to solve the problem where the last-mile cannot be IPv6 enabled, which is the general case for businesses and home users where their ISP didn't come around to enabling IPv6 (CPE's, DSLAM's, DOCSIS, it is getting there, but still generally a b ;) (* = http://www.sixxs.net/faq/connectivity/?faq=bgppeering) Core networks should be non-tunneled. It is silly to have to need a tunnel to another network to get IPv6 uplink connectivity. If you really are in a position that nobody else in the IXs you are present at can provide native IPv6 connectivity, then well, you should have started yelling about this years ago. See http://www.sixxs.net/faq/connectivity/?faq=ipv6transit with relevant links to the awesome peeringdb to figure out from whom you could be directly Yes, a tunnel is a good last-resort, but one is better off pushing for native IPv6. As for doing tunneled-BGP, come kids, the 6bone got shut down 4 years ago, for a reason... As for the places that you can't get native IPv6 transit, two words: business opportunity. That should light up the eyes of the folks who didn't realize what IPv6 is for some companies... there is an obvious example of a certain company which is playing their cards pretty well there, the question for them is though how long they can survive when the real big boys turn on their marketing engines, time will tell. [..] and I think kloch @carpathia was doing some of this for a time, though perhaps only ASH/PHX ? He is the one providing usqas01 (the IPv4/hosting part). Ping him directly though for other things. Greets, Jeroen
Re: ipv6 transit over tunneled connection
On 15 May 2010, at 04:30, Christopher Morrow morrowc.li...@gmail.com wrote: See, done for 300$/month... $300/month + the cost of building fossils into your network on day 1. This cost is a whole pile more difficult to quantify than basic PoP service capex/opex, but it's recurrent and non zero. Nick
Re: ipv6 transit over tunneled connection
- Original Message - From: Christopher Morrow morrowc.li...@gmail.com To: Michael Ulitskiy mulits...@acedsl.com Cc: nanog@nanog.org Sent: Thursday, 13 May, 2010 6:39:28 PM Subject: Re: ipv6 transit over tunneled connection On Thu, May 13, 2010 at 6:18 PM, Michael Ulitskiy mulits...@acedsl.com wrote: Hello, We're in the early stage of planning ipv6 deployment - learning/labbing/experimenting/etc. We've got to the point when we're also planning to request initial ipv6 allocation from ARIN. So I wonder what ipv6 transit options I have if my upstreams do not support native ipv6 connectivity? I see Hurricane Electric tunnel broker BGP tunnel. Is there anything else? Either free or commercial? 1) see gblx/ntt/sprint/twt/vzb for transit-v6 2) tunnel inside your domain (your control, your MTU issues, your alternate pathing of tunnels vs pipe) 3) don't tunnel beyond your borders, really just don't tunnels are bad, always. -chris I see so many times, that tunnels are bad for IPv6, but this is the way IPv6 has been designed to work when you cannot get direct IPv6. So I would not say tunnels are bad, but direct IPv6 is better (OECD document on IPv6 states the use of tunnels). If the issue with tunnel is MTU, then a non-negligible part of IPv4 does not work well with MTU different of 1500. With IPv6 we bring the concept of jumbo packets, with large MTU. If we cannot work with non standard MTUs in IPv6 tunnels, how will we work with jumbo packets?
Re: ipv6 transit over tunneled connection
I agree - if you can get native v6 transit then more power to you. But tunnels are sure better than no IPv6 connectivity in my mind. Aside from slight performance/efficiency issues, I've never had an issue. -Jack Carrozzo On Fri, May 14, 2010 at 2:29 PM, Franck Martin fra...@genius.com wrote: - Original Message - From: Christopher Morrow morrowc.li...@gmail.com To: Michael Ulitskiy mulits...@acedsl.com Cc: nanog@nanog.org Sent: Thursday, 13 May, 2010 6:39:28 PM Subject: Re: ipv6 transit over tunneled connection On Thu, May 13, 2010 at 6:18 PM, Michael Ulitskiy mulits...@acedsl.com wrote: Hello, We're in the early stage of planning ipv6 deployment - learning/labbing/experimenting/etc. We've got to the point when we're also planning to request initial ipv6 allocation from ARIN. So I wonder what ipv6 transit options I have if my upstreams do not support native ipv6 connectivity? I see Hurricane Electric tunnel broker BGP tunnel. Is there anything else? Either free or commercial? 1) see gblx/ntt/sprint/twt/vzb for transit-v6 2) tunnel inside your domain (your control, your MTU issues, your alternate pathing of tunnels vs pipe) 3) don't tunnel beyond your borders, really just don't tunnels are bad, always. -chris I see so many times, that tunnels are bad for IPv6, but this is the way IPv6 has been designed to work when you cannot get direct IPv6. So I would not say tunnels are bad, but direct IPv6 is better (OECD document on IPv6 states the use of tunnels). If the issue with tunnel is MTU, then a non-negligible part of IPv4 does not work well with MTU different of 1500. With IPv6 we bring the concept of jumbo packets, with large MTU. If we cannot work with non standard MTUs in IPv6 tunnels, how will we work with jumbo packets?
Re: ipv6 transit over tunneled connection
I'm curious what providers have not gotten their IPv6 plans/networks/customer ports enabled. I know that Comcast is doing their trials now (Thanks John!) and will be presenting at the upcoming NANOG about their experiences. What parts of the big I Internet are not enabled or ready? - Jared On May 14, 2010, at 2:43 PM, Jack Carrozzo wrote: I agree - if you can get native v6 transit then more power to you. But tunnels are sure better than no IPv6 connectivity in my mind. Aside from slight performance/efficiency issues, I've never had an issue. -Jack Carrozzo
Re: ipv6 transit over tunneled connection
On Fri, May 14, 2010 at 2:29 PM, Franck Martin fra...@genius.com wrote: I said somewhere in here... wierd quoting happened. On Thu, May 13, 2010 at 6:18 PM, Michael Ulitskiy mulits...@acedsl.com wrote: Hello, We're in the early stage of planning ipv6 deployment - learning/labbing/experimenting/etc. We've got to the point when we're also planning to request initial ipv6 allocation from ARIN. So I wonder what ipv6 transit options I have if my upstreams do not support native ipv6 connectivity? I see Hurricane Electric tunnel broker BGP tunnel. Is there anything else? Either free or commercial? 1) see gblx/ntt/sprint/twt/vzb for transit-v6 2) tunnel inside your domain (your control, your MTU issues, your alternate pathing of tunnels vs pipe) 3) don't tunnel beyond your borders, really just don't tunnels are bad, always. -chris I see so many times, that tunnels are bad for IPv6, but this is the way IPv6 has been designed to work when you cannot get direct IPv6. So I would not say tunnels are bad, but direct IPv6 is better (OECD document on IPv6 states the use of tunnels). Tunnels promote poor paths, they bring along LOTS of issues wrt PMTUD, asymmetry of paths, improper/inefficient paths (see example paths from several ripe preso's by jereon/others), longer latency. If the tunnel exits your border you can't control what happens and you can't affect that tunnels performance characteristics. it's 2010, get native v6. If the issue with tunnel is MTU, then a non-negligible part of IPv4 does not work well with MTU different of 1500. With IPv6 we bring the concept of jumbo packets, with large MTU. If we cannot work with non standard MTUs in IPv6 tunnels, how will we work with jumbo packets? a non-negligible part of the ipv6 internet doesn't work at all with 1280 mtu... due to tunnels and some other hackery :( jumbo packets are a fiction, everyone should stop 10 years ago believing they will ever work end-to-end between random sites. -Chris
Re: ipv6 transit over tunneled connection
On 5/14/2010 11:49, Jared Mauch wrote: I'm curious what providers have not gotten their IPv6 plans/networks/customer ports enabled. I know that Comcast is doing their trials now (Thanks John!) and will be presenting at the upcoming NANOG about their experiences. What parts of the big I Internet are not enabled or ready? Verizon has POPs that aren't IPv6 enabled making it a pain in the ass if you're closer to one of those (currently on month 11 of waiting, I'm just letting it go because I'm curious how long it'll take), Sprint isn't doing native IPv6 with their GSR's yet, Cogent's IPv6 visibility is poor, Level3 isn't accepting new IPv6 beta connections, and ATT simply told me not available yet. Tunnels are still a necessity. ~Seth
Re: ipv6 transit over tunneled connection
On Fri, May 14, 2010 at 3:00 PM, Seth Mattinen se...@rollernet.us wrote: On 5/14/2010 11:49, Jared Mauch wrote: I'm curious what providers have not gotten their IPv6 plans/networks/customer ports enabled. I know that Comcast is doing their trials now (Thanks John!) and will be presenting at the upcoming NANOG about their experiences. What parts of the big I Internet are not enabled or ready? Verizon has POPs that aren't IPv6 enabled making it a pain in the ass if you're closer to one of those (currently on month 11 of waiting, I'm just letting it go because I'm curious how long it'll take), Sprint isn't doing native IPv6 with their GSR's yet, Cogent's IPv6 visibility is poor, Level3 isn't accepting new IPv6 beta connections, and ATT simply told me not available yet. Tunnels are still a necessity. twt, ntt, gblx, telia all have presence in the US, and all do v6 to customer links. vote with wallet.
Re: ipv6 transit over tunneled connection
(Sent from my Blackberry, please avoid the flames as I can't do inline quoting) Native IPv6 is a crapshoot. About the only people in the US that I've seen that are no-bullshit IPv6 native ready is Hurricane Electric. NTT is supposedly as well but I can't speak as to where they have connectivity. Being that there's issues that leave us unable to get native connectivity, we have a BGP tunnel thanks to HE (with a 20ms latency from Seattle to Freemont). Tunnels suck if not done correctly. We sometimes have faster and more reliable connections through IPv6, so ymmv. Brielle --Original Message-- From: Jared Mauch To: Jack Carrozzo Cc: nanog@nanog.org Subject: Re: ipv6 transit over tunneled connection Sent: May 14, 2010 12:49 PM I'm curious what providers have not gotten their IPv6 plans/networks/customer ports enabled. I know that Comcast is doing their trials now (Thanks John!) and will be presenting at the upcoming NANOG about their experiences. What parts of the big I Internet are not enabled or ready? - Jared On May 14, 2010, at 2:43 PM, Jack Carrozzo wrote: I agree - if you can get native v6 transit then more power to you. But tunnels are sure better than no IPv6 connectivity in my mind. Aside from slight performance/efficiency issues, I've never had an issue. -Jack Carrozzo -- Brielle Bruns http://www.sosdg.org / http://www.ahbl.org
Re: ipv6 transit over tunneled connection
3) don't tunnel beyond your borders, really just don't tunnels are bad, always. you are understaing your case. randy
Re: ipv6 transit over tunneled connection
GBLX was great with native IPv6 setup. VZB was nearly impossible to get them to set it up, and I'm tunneled to a router halfway across the country. The router I was going to had serious PMTU issues that they recently cleared up, so now it's working satisfactorily. -Paul Brielle Bruns wrote: (Sent from my Blackberry, please avoid the flames as I can't do inline quoting) Native IPv6 is a crapshoot. About the only people in the US that I've seen that are no-bullshit IPv6 native ready is Hurricane Electric. NTT is supposedly as well but I can't speak as to where they have connectivity. Being that there's issues that leave us unable to get native connectivity, we have a BGP tunnel thanks to HE (with a 20ms latency from Seattle to Freemont). Tunnels suck if not done correctly. We sometimes have faster and more reliable connections through IPv6, so ymmv. Brielle --Original Message-- From: Jared Mauch To: Jack Carrozzo Cc: nanog@nanog.org Subject: Re: ipv6 transit over tunneled connection Sent: May 14, 2010 12:49 PM I'm curious what providers have not gotten their IPv6 plans/networks/customer ports enabled. I know that Comcast is doing their trials now (Thanks John!) and will be presenting at the upcoming NANOG about their experiences. What parts of the big I Internet are not enabled or ready? - Jared On May 14, 2010, at 2:43 PM, Jack Carrozzo wrote: I agree - if you can get native v6 transit then more power to you. But tunnels are sure better than no IPv6 connectivity in my mind. Aside from slight performance/efficiency issues, I've never had an issue. -Jack Carrozzo
Re: ipv6 transit over tunneled connection
On May 14, 2010, at 1:36 PM, Jared Mauch wrote: On May 14, 2010, at 3:43 PM, Brielle Bruns wrote: (Sent from my Blackberry, please avoid the flames as I can't do inline quoting) Native IPv6 is a crapshoot. About the only people in the US that I've seen that are no-bullshit IPv6 native ready is Hurricane Electric. NTT is supposedly as well but I can't speak as to where they have connectivity. I can say that we (NTT) have been IPv6 enabled or ready at all customer ports since ~2003. Anyone else who has not gotten there in the intervening years may have problems supporting you for your IPv4 as well :) I had native eBGP with NTT in Dec 2005..this is when I was working with Connection By Boeing in Seattle. Worked like a charm. And yes, since I now live in Seattle, I have heard of some others doing native although haven't validated. Being that there's issues that leave us unable to get native connectivity, we have a BGP tunnel thanks to HE (with a 20ms latency from Seattle to Freemont). You should be able to get native IPv6 in Seattle from a variety of providers. If you're not finding it, you're not really looking (IMHO). I'd 2nd that Tunnels suck if not done correctly. We sometimes have faster and more reliable connections through IPv6, so ymmv. The tunneled part of the IPv6 internet fell to the wayside a long time ago, there are stragglers and I have even seen people try to peer over tunnels in 2010, but anyone still adding that level of overlay (v6-over-v4) may find themselves in a world of hurt soon enough. - Jared (Curious about what incumbent carrier plans are for end- user - eg qwest, att, vz resi)
Re: ipv6 transit over tunneled connection
On Fri, 2010-05-14 at 14:57 -0400, Christopher Morrow wrote: Tunnels promote poor paths promote? Tunnel topology does not (necessarily) match the underlying topology, especially if you choose (or are forced to accept) a distant broker. But promote? , they bring along LOTS of issues wrt PMTUD, PMTUD that doesn't work on v6 probably doesn't work on v4. I agree that a bad PMTU can wreak more havoc on v6 than v4, but most of the issues are workaroundable. asymmetry of paths, improper/inefficient paths (see example paths from several ripe preso's by jereon/others), longer latency. All relating to the above. I suspect you really mean paths in the underlying topology, which is a by definition issue. None of these are necessary features of tunnels. Given the relatively low number of tunnel terminating services, and the fairly low level of choice available to people who want tunnels, these are bigger problems than they need to be. More demand will see these problems (as with so many transitional issues) lessen substantially. If the tunnel exits your border you can't control what happens and you can't affect that tunnels performance characteristics. Whereas with IPv4 you have complete control over everything that happens once packets exit your border? This is no different with IPv6 than with IPv4, except that you have fewer choices at present, so must make more drastic compromises. it's 2010, get native v6. Easily said :-( If you can't get native IPv6, then using a tunnel lets you get started; it lets you begin educating, testing and even delivering IPv6-based services. If, on the other hand, you wait until everything is perfect, you will be wy behind the eight-ball. Oh - and tunnels are usually way cheaper than native connectivity, so it's easier to get the idea of going v6 past the bean-counters. So: Yep, native IPv6 if you can get it. Otherwise, take tunnels. But whichever you do, do it now. Regards, K. -- ~~~ Karl Auer (ka...@biplane.com.au) +61-2-64957160 (h) http://www.biplane.com.au/~kauer/ +61-428-957160 (mob) GPG fingerprint: B386 7819 B227 2961 8301 C5A9 2EBC 754B CD97 0156 Old fingerprint: 07F3 1DF9 9D45 8BCD 7DD5 00CE 4A44 6A03 F43A 7DEF signature.asc Description: This is a digitally signed message part
Re: ipv6 transit over tunneled connection
On 5/14/2010 12:44, Christopher Morrow wrote: On Fri, May 14, 2010 at 3:00 PM, Seth Mattinen se...@rollernet.us wrote: On 5/14/2010 11:49, Jared Mauch wrote: I'm curious what providers have not gotten their IPv6 plans/networks/customer ports enabled. I know that Comcast is doing their trials now (Thanks John!) and will be presenting at the upcoming NANOG about their experiences. What parts of the big I Internet are not enabled or ready? Verizon has POPs that aren't IPv6 enabled making it a pain in the ass if you're closer to one of those (currently on month 11 of waiting, I'm just letting it go because I'm curious how long it'll take), Sprint isn't doing native IPv6 with their GSR's yet, Cogent's IPv6 visibility is poor, Level3 isn't accepting new IPv6 beta connections, and ATT simply told me not available yet. Tunnels are still a necessity. twt, ntt, gblx, telia all have presence in the US, and all do v6 to customer links. vote with wallet. Yeah I hear that a lot, but out of those four the only one that will serve my area is global crossing. ~Seth
Re: ipv6 transit over tunneled connection
On May 14, 2010, at 11:57 AM, Christopher Morrow wrote: On Fri, May 14, 2010 at 2:29 PM, Franck Martin fra...@genius.com wrote: I said somewhere in here... wierd quoting happened. On Thu, May 13, 2010 at 6:18 PM, Michael Ulitskiy mulits...@acedsl.com wrote: Hello, We're in the early stage of planning ipv6 deployment - learning/labbing/experimenting/etc. We've got to the point when we're also planning to request initial ipv6 allocation from ARIN. So I wonder what ipv6 transit options I have if my upstreams do not support native ipv6 connectivity? I see Hurricane Electric tunnel broker BGP tunnel. Is there anything else? Either free or commercial? 1) see gblx/ntt/sprint/twt/vzb for transit-v6 2) tunnel inside your domain (your control, your MTU issues, your alternate pathing of tunnels vs pipe) 3) don't tunnel beyond your borders, really just don't tunnels are bad, always. -chris I see so many times, that tunnels are bad for IPv6, but this is the way IPv6 has been designed to work when you cannot get direct IPv6. So I would not say tunnels are bad, but direct IPv6 is better (OECD document on IPv6 states the use of tunnels). Tunnels promote poor paths, they bring along LOTS of issues wrt PMTUD, asymmetry of paths, improper/inefficient paths (see example paths from several ripe preso's by jereon/others), longer latency. If the tunnel exits your border you can't control what happens and you can't affect that tunnels performance characteristics. it's 2010, get native v6. I will point out that most of these issues apply to 6to4 and Teredo auto- tunnels and not as much to GRE or 6in4 statically configured tunnels. There is a juniper bug which makes PMTU-D a problem if your tunnel is Juniper-Juniper. If the issue with tunnel is MTU, then a non-negligible part of IPv4 does not work well with MTU different of 1500. With IPv6 we bring the concept of jumbo packets, with large MTU. If we cannot work with non standard MTUs in IPv6 tunnels, how will we work with jumbo packets? a non-negligible part of the ipv6 internet doesn't work at all with 1280 mtu... due to tunnels and some other hackery :( jumbo packets are a fiction, everyone should stop 10 years ago believing they will ever work end-to-end between random sites. Jumbo packets do work end to end in some random cases and PMTU-D works in most others. All of the tunnels I am using have at least a 1280 MTU, so, I'm not sure why you would think a tunnel wouldn't support 1280. Owen
Re: ipv6 transit over tunneled connection
On May 14, 2010, at 1:36 PM, Jared Mauch wrote: On May 14, 2010, at 3:43 PM, Brielle Bruns wrote: (Sent from my Blackberry, please avoid the flames as I can't do inline quoting) Native IPv6 is a crapshoot. About the only people in the US that I've seen that are no-bullshit IPv6 native ready is Hurricane Electric. NTT is supposedly as well but I can't speak as to where they have connectivity. I can say that we (NTT) have been IPv6 enabled or ready at all customer ports since ~2003. Anyone else who has not gotten there in the intervening years may have problems supporting you for your IPv4 as well :) True. Being that there's issues that leave us unable to get native connectivity, we have a BGP tunnel thanks to HE (with a 20ms latency from Seattle to Freemont). You should be able to get native IPv6 in Seattle from a variety of providers. If you're not finding it, you're not really looking (IMHO). Depends. If he's in the Westin or some other colo, sure. If not, he may have last-mile expenses that exceed sanity for his situation leading to a tunneled solution. Tunnels suck if not done correctly. We sometimes have faster and more reliable connections through IPv6, so ymmv. The tunneled part of the IPv6 internet fell to the wayside a long time ago, there are stragglers and I have even seen people try to peer over tunnels in 2010, but anyone still adding that level of overlay (v6-over-v4) may find themselves in a world of hurt soon enough. I have to disagree with you here. Given the proportion of the IPv6 internet that is still connected via tunnels, your statement simply doesn't really hold. I will readily agree that where possible, native connections beat tunnels. However, tunnels can be a cost effective alternative where native connectivity is not yet readily available and they still work quite well if properly configured and structured. Owen
Re: ipv6 transit over tunneled connection
er... if I may - this whining about the evils of tunnels rings a bit hollow, esp for those who think that a VPN is the right thing to do. --bill On Sat, May 15, 2010 at 08:44:53AM +1000, Karl Auer wrote: On Fri, 2010-05-14 at 14:57 -0400, Christopher Morrow wrote: Tunnels promote poor paths promote? Tunnel topology does not (necessarily) match the underlying topology, especially if you choose (or are forced to accept) a distant broker. But promote? , they bring along LOTS of issues wrt PMTUD, PMTUD that doesn't work on v6 probably doesn't work on v4. I agree that a bad PMTU can wreak more havoc on v6 than v4, but most of the issues are workaroundable. asymmetry of paths, improper/inefficient paths (see example paths from several ripe preso's by jereon/others), longer latency. All relating to the above. I suspect you really mean paths in the underlying topology, which is a by definition issue. None of these are necessary features of tunnels. Given the relatively low number of tunnel terminating services, and the fairly low level of choice available to people who want tunnels, these are bigger problems than they need to be. More demand will see these problems (as with so many transitional issues) lessen substantially. If the tunnel exits your border you can't control what happens and you can't affect that tunnels performance characteristics. Whereas with IPv4 you have complete control over everything that happens once packets exit your border? This is no different with IPv6 than with IPv4, except that you have fewer choices at present, so must make more drastic compromises. it's 2010, get native v6. Easily said :-( If you can't get native IPv6, then using a tunnel lets you get started; it lets you begin educating, testing and even delivering IPv6-based services. If, on the other hand, you wait until everything is perfect, you will be wy behind the eight-ball. Oh - and tunnels are usually way cheaper than native connectivity, so it's easier to get the idea of going v6 past the bean-counters. So: Yep, native IPv6 if you can get it. Otherwise, take tunnels. But whichever you do, do it now. Regards, K. -- ~~~ Karl Auer (ka...@biplane.com.au) +61-2-64957160 (h) http://www.biplane.com.au/~kauer/ +61-428-957160 (mob) GPG fingerprint: B386 7819 B227 2961 8301 C5A9 2EBC 754B CD97 0156 Old fingerprint: 07F3 1DF9 9D45 8BCD 7DD5 00CE 4A44 6A03 F43A 7DEF
Re: ipv6 transit over tunneled connection
On 5/14/10 2:36 PM, Jared Mauch wrote: Being that there's issues that leave us unable to get native connectivity, we have a BGP tunnel thanks to HE (with a 20ms latency from Seattle to Freemont). You should be able to get native IPv6 in Seattle from a variety of providers. If you're not finding it, you're not really looking (IMHO). I can almost guarantee that noone can give us the level of service we get for the price we do - did an awful lot of research back in 2008 to find a new co-loc. We've also had nearly perfect uptime with the only downtime being caused by our own growing pains with equipment that has obsecure bugs relating to ipv4 and ipv6 BGP interactions. Changing providers isn't really an option for us as alternatives are guaranteed to push us over budget. is a limiting factor for us since we're not a business focused on profit. Tunneling is our only option at this point. Tunnels suck if not done correctly. We sometimes have faster and more reliable connections through IPv6, so ymmv. The tunneled part of the IPv6 internet fell to the wayside a long time ago, there are stragglers and I have even seen people try to peer over tunnels in 2010, but anyone still adding that level of overlay (v6-over-v4) may find themselves in a world of hurt soon enough. I'm willing to run the risk that my tunneled connection may have problems - its part of the game of being on the leading edge. rant This is not directed at anyone in particular, but people forget that not everyone has thousands, tens of thousands, hundreds of thousands, etc of money in their budget to accomplish their goals. There are people out there, such as ourselves, that have a very limited budget to work within each month/year. Some of us do what we do out of our own pockets because we like doing it. For example, people have called me crazy for running P3 and P4 era HP DL360/380s instead of the new generation stuff, but those nice new servers cost serious coin, and I don't see people stepping up to fund these upgrades. Just an observation, but I'm fairly sure that I'm not the only one who feels that those with rather high budgets tend to forget that not everyone has the luxury of a virtual blank check. /rant -- Brielle Bruns The Summit Open Source Development Group http://www.sosdg.org/ http://www.ahbl.org
Re: ipv6 transit over tunneled connection
Guys, I've started this thread looking for advice on available options. There's no doubt in my mind that native connectivity is better than tunnels, but unfortunately tunnel is the only way to get me started, 'cause my upstream does not support ipv6 (hopefully just yet) and I have no budget for additional circuits to ipv6-enabled carrier. So my question still stands: is anyone aware of a reasonable tunneled ipv6 transit service (I mean aside from HE tunnel broker)? The load will be really light. I don't expect we'll break a few Mbit/s in the nearest future and when we do then I guess it'll be the time to look for the native transit. Thanks, Michael On Thursday 13 May 2010 18:18:12 Michael Ulitskiy wrote: Hello, We're in the early stage of planning ipv6 deployment - learning/labbing/experimenting/etc. We've got to the point when we're also planning to request initial ipv6 allocation from ARIN. So I wonder what ipv6 transit options I have if my upstreams do not support native ipv6 connectivity? I see Hurricane Electric tunnel broker BGP tunnel. Is there anything else? Either free or commercial? Thanks, Michael
Re: ipv6 transit over tunneled connection
On Fri, May 14, 2010 at 9:58 PM, Brielle Bruns br...@2mbit.com wrote: rant Just an observation, but I'm fairly sure that I'm not the only one who feels that those with rather high budgets tend to forget that not everyone has the luxury of a virtual blank check. /rant awesome, take an old 2800 or 2500, plug in a t1 to one of the providers listed (twt seems like a great choice, or atlantech, who I think also does v6 and seems to offer 300$/mon t1's regularly), run v6 ONLY on that, take the 10/100m ether out the back and v6-up the rest of your network. See, done for 300$/month... the reason I said 'find a provider that does do native v6, terminate there and tunnel or spread-out internally from there' was exactly because spending 'tens of thousands of dollars' right off the bat was probably hard to justify. thanks though. -chris
Re: ipv6 transit over tunneled connection
On Fri, May 14, 2010 at 11:25 PM, Michael Ulitskiy mulits...@acedsl.com wrote: So my question still stands: is anyone aware of a reasonable tunneled ipv6 transit service (I mean aside from HE tunnel broker)? The load will be really light. I don't expect we'll break a few Mbit/s in the nearest future and when we do then I guess it'll be the time to look for the native transit. beware the uTorrent ... (see johnb's notes about this) sixxs i think also had NYC based tunnel boxes, no? http://www.sixxs.net/pops/ usewr01 OCCAID Inc. uschi02 Your.Org, Inc. and I think kloch @carpathia was doing some of this for a time, though perhaps only ASH/PHX ? -chris
ipv6 transit over tunneled connection
Hello, We're in the early stage of planning ipv6 deployment - learning/labbing/experimenting/etc. We've got to the point when we're also planning to request initial ipv6 allocation from ARIN. So I wonder what ipv6 transit options I have if my upstreams do not support native ipv6 connectivity? I see Hurricane Electric tunnel broker BGP tunnel. Is there anything else? Either free or commercial? Thanks, Michael
Re: ipv6 transit over tunneled connection
Occaid will generally transit you via two tunnels to their endpoints. I used them for a year with zero issues in addition to an HE tunnel. -Jack Carrozzo On Thu, May 13, 2010 at 6:18 PM, Michael Ulitskiy mulits...@acedsl.comwrote: Hello, We're in the early stage of planning ipv6 deployment - learning/labbing/experimenting/etc. We've got to the point when we're also planning to request initial ipv6 allocation from ARIN. So I wonder what ipv6 transit options I have if my upstreams do not support native ipv6 connectivity? I see Hurricane Electric tunnel broker BGP tunnel. Is there anything else? Either free or commercial? Thanks, Michael
Re: ipv6 transit over tunneled connection
On Thu, May 13, 2010 at 6:18 PM, Michael Ulitskiy mulits...@acedsl.com wrote: Hello, We're in the early stage of planning ipv6 deployment - learning/labbing/experimenting/etc. We've got to the point when we're also planning to request initial ipv6 allocation from ARIN. So I wonder what ipv6 transit options I have if my upstreams do not support native ipv6 connectivity? I see Hurricane Electric tunnel broker BGP tunnel. Is there anything else? Either free or commercial? 1) see gblx/ntt/sprint/twt/vzb for transit-v6 2) tunnel inside your domain (your control, your MTU issues, your alternate pathing of tunnels vs pipe) 3) don't tunnel beyond your borders, really just don't tunnels are bad, always. -chris Thanks, Michael