nanog mailing list archives

Re: Hotels/Airports with IPv6

From: Mel Beckman <mel () beckman org>
Date: Fri, 10 Jul 2015 23:48:46 +0000

You perhaps haven't worked a large government network deployment before. One doesn't activate features not enumerated 
in the design. Ever. Because they won't get and can thus introduce security or reliability covered in acceptance 
testing and could introduce security or reliability problems. These networks have many engineers, months of meetings, 
and rigorous change control. Turning on IPv6 without authorization would result in termination. 

-mel via cell

On Jul 10, 2015, at 3:32 PM, Jared Mauch <jared () puck Nether net> wrote:

On Fri, Jul 10, 2015 at 10:08:15PM +0000, Mel Beckman wrote:
There is most certainly a cost to IPv6, especially in a large, complex deployment, where everything requires 
acceptance testing. And I'm sure you realize that IPv6 only is not an option.  I agree that it would have been worth 
the cost, which would have been just a small fraction of the total. The powers that be chose not to incur it now. 
But we did deploy only IPv6 gear and systems, so it can probably be turned up later for that same incremental cost.


   I had the luxury that as we deployed IPv6 across the network
we rolled it from the 6bone -> core -> edge over a period of a few months.

   As we shut down the 6bone/3ffe stuff and moved people to gre/ip
and native the core was ready.  This doesn't mean the edges have IPv6
turned on, but it's usually the flip of a switch.

   Where possible take your core and IPv6 enable it and then
touch the upstreams at the same time/next time you do work there.

   Assuming you patch devices for the various SIRT/PSIRT type
events, most devices will be rebooted once every 6-12 months.  this
gives you the chance to drop in and enable ipv6 during or after that 
change/maint window.

   Rolling out the core really isn't hard, go ahead and do it.  There
are plenty of people here who will help you with these steps.

   - Jared

-- 
Jared Mauch  | pgp key available via finger from jared () puck nether net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.

Current thread:

Re: Hotels/Airports with IPv6, (continued)
- - Re: Hotels/Airports with IPv6 Ca By (Jul 09)
    - Re: Hotels/Airports with IPv6 Marcin Cieslak (Jul 09)
  - Re: Hotels/Airports with IPv6 Christopher Morrow (Jul 10)
    - Re: Hotels/Airports with IPv6 Mark Andrews (Jul 10)
    - Re: Hotels/Airports with IPv6 Mel Beckman (Jul 10)
    - Re: Hotels/Airports with IPv6 Mark Andrews (Jul 10)
    - Re: Hotels/Airports with IPv6 Mel Beckman (Jul 10)
    - Re: Hotels/Airports with IPv6 Mark Andrews (Jul 10)
    - Re: Hotels/Airports with IPv6 Mel Beckman (Jul 10)
    - Re: Hotels/Airports with IPv6 Jared Mauch (Jul 10)
    - Re: Hotels/Airports with IPv6 Mel Beckman (Jul 10)
    - Re: Hotels/Airports with IPv6 Jared Mauch (Jul 10)
    - Re: Hotels/Airports with IPv6 Mel Beckman (Jul 10)
    - Re: Hotels/Airports with IPv6 Owen DeLong (Jul 10)
    - Re: Hotels/Airports with IPv6 Mel Beckman (Jul 10)
    - Re: Hotels/Airports with IPv6 Owen DeLong (Jul 10)
    - Re: Hotels/Airports with IPv6 Mel Beckman (Jul 10)
    - Re: Hotels/Airports with IPv6 mikea (Jul 13)
    - Re: Hotels/Airports with IPv6 Mel Beckman (Jul 13)
    - Re: Hotels/Airports with IPv6 Jared Mauch (Jul 10)
    - Re: Hotels/Airports with IPv6 Mark Andrews (Jul 10)

(Thread continues...)