nanog mailing list archives
Re: IPv6 Security [Was: Re: misunderstanding scale]
From: Lamar Owen <lowen () pari edu>
Date: Tue, 25 Mar 2014 10:46:17 -0400
On 03/24/2014 09:39 PM, Paul Ferguson wrote:
I'm sure there are numerous enterprises in the same shape I am in, with significant equipment investment in non-quite-ipv6-ready gear, and insufficient technology refresh capex monies to get ipv6-ready capacity-equivalent replacements. Cisco 6500/7600 even with Sup720 has issues, and I know of a number of networks still running Sup2 on 6500/7600 or even older (including some gear in my own network, where I still have old gear, older even than I'm willing to admit publicly, serving in core roles; I just decommissioned a failing Extreme Summit 1i this past Saturday, and still have two more in core roles, doing Layer 3 IPv4 in one case). I know I'm not alone.I'll leave it as an exercise for the remainder of... everywhere to figure out why there is resistance to v6 migration, and it isn't "just because" people can't be bothered.
While much of this gear may be fully depreciated, the cost of the forklift upgrade is major, and the gear is not the biggest part of the cost. Repairs are not anywhere near as draining on the capex budget as complete chassis upgrades are, and so we keep old gear running because it's what we can afford to do.
So capex is a big part of it; but then there's training costs and the opex of dealing with a new-to-us technology.
Just my very-late-to-the-party opinion, and not likely to change anything at all, but in hindsight it seems we might have been better off with ipv4.1 instead of ipv6, which, IMO, just simply bit off too much in one bite. Much like how the Fountainhead project at DG got eclipsed by the much less ambitious Eagle, and never really went anywhere due to its pie-in-the-sky goals, when all the customers really wanted was a 32-bit Eclipse, which Eagle provided. (Tracy Kidder, "The Soul of a New Machine" which should be on every tech's must-read list). Yeah, I know, too late to matter, as ipv6 is here and here to stay. But the transition could have been smoother and less traumatic to equipment vendors' customers. At least that's my opinion and experience, your mileage may vary.
Current thread:
- IPv6 Security [Was: Re: misunderstanding scale], (continued)
- IPv6 Security [Was: Re: misunderstanding scale] Paul Ferguson (Mar 23)
- Re: IPv6 Security [Was: Re: misunderstanding scale] Timothy Morizot (Mar 23)
- Re: IPv6 Security [Was: Re: misunderstanding scale] Dobbins, Roland (Mar 23)
- Re: IPv6 Security [Was: Re: misunderstanding scale] Mark Tinka (Mar 23)
- Re: IPv6 Security [Was: Re: misunderstanding scale] Timothy Morizot (Mar 24)
- Re: IPv6 Security [Was: Re: misunderstanding scale] Mark Tinka (Mar 24)
- Re: IPv6 Security [Was: Re: misunderstanding scale] Owen DeLong (Mar 24)
- Re: IPv6 Security [Was: Re: misunderstanding scale] Paul Ferguson (Mar 24)
- RE: IPv6 Security [Was: Re: misunderstanding scale] Naslund, Steve (Mar 24)
- Re: IPv6 Security [Was: Re: misunderstanding scale] Lee Howard (Mar 25)
- Re: IPv6 Security [Was: Re: misunderstanding scale] Lamar Owen (Mar 25)
- Re: IPv6 Security [Was: Re: misunderstanding scale] Luke S. Crawford (Mar 26)
- Re: IPv6 Security [Was: Re: misunderstanding scale] Jack Bates (Mar 26)
- Re: IPv6 Security [Was: Re: misunderstanding scale] Mohacsi Janos (Mar 26)
- Re: IPv6 Security [Was: Re: misunderstanding scale] Matt Palmer (Mar 26)
- Re: IPv6 Security [Was: Re: misunderstanding scale] Luke S. Crawford (Mar 26)
- Re: IPv6 Security [Was: Re: misunderstanding scale] Timothy Morizot (Mar 26)
- Re: IPv6 Security [Was: Re: misunderstanding scale] Chuck Anderson (Mar 26)
- Re: IPv6 Security [Was: Re: misunderstanding scale] Owen DeLong (Mar 26)
- Re: IPv6 Security sthaug (Mar 27)
- Re: IPv6 Security Henri Wahl (Mar 27)