Talk:IPv6/Archives/2015
This is an archive of past discussions about IPv6. Do not edit the contents of this page. If you wish to start a new discussion or revive an old one, please do so on the current talk page. |
Separate physical resources?
Why use a separate heading when you try to discuss about the impact of the dual-stack on the network infrastructure???Internet2Guru (talk) 19:41, 4 February 2015 (UTC)
Holy huge sentence, Batman!
However, it has some major drawbacks and consequences: it will not only more than double the security threats and attacks from IPv4 and IPv6, both individually and collectively, for the existing network infrastructure, but also ultimately overburden the global networking infrastructure with dramatically increased Internet traffic from both IPv4 and the increasingly new IPv6 only traffic as the existing global networking infrastructure, such as the Internet routers and various security devices, will have to allocate and/or reserve additional and separate physical resources in order to handle both IPv4 and IPv6 traffic simultaneously in the IPv4 and IPv6 dual-stack mode.
It may be arguable whether or not it is separate physical resources, nonetheless, it requires separate resources to handle the additional IPv6 stack, being physical or virtual - depending on the definition of both. If the current network devices, such as Internet router, does not have the IPv6 feature set or cannot be upgraded to have the required IPv6 feature set, it must be upgraded to either a newer model with more physical capabilities or with additional physical resources such as DRAM, NVRAM, FLASH Memory, etc.Internet2Guru (talk) 18:41, 4 February 2015 (UTC)
I disagree with the unreferenced "ultimately overburden" part anyway, and I'd like to see that removed. One question on "separate physical resources"... I don't see that routers, or DNS servers, or firewalls running dual stack have separate physical resources. For example, each 10Gbps or 100Gbps interface carries a mixture of IPv4 and IPv6 packets. There are separate logical resources (routing tables, etc.) but these share the same physical resource (RAM in the routing table case). - Ttwaring (talk) 21:24, 3 February 2015 (UTC)
- What do you mean by the "RAM in the routing table" and which vendor’s router or L3 switch are you talking about when you are referring to "RAM in the routing table "? RAM is too vague to be correct in this case. For instance, in the Cisco’s terminology, as far as the memory types are concerned, there are DRAM, NVRAM, EPROM, and Flash Memory; and there is no such thing simply referred as just the RAM! Moreover, it is the DRAM that is holding the routing tables and running configurations so far as the Cisco’s routers and switches are concerned. If by chance, you see Juniper or Brocade or any other networking vendors just use the word "RAM" or “SRAM” when referring to type of memory in its device holding the routing tables, I would like you to share that information with the rest of the world. Otherwise, use the appropriate and correct terminologies if you want to refer to anything specific in a more technical discussion.Internet2Guru (talk) 18:41, 4 February 2015 (UTC)
- If you want to discuss any technical specifics, I suggest you using the correct vocabulary in your discussions. I hope we all agree that this is not a place for amateurs trying to learn the basics as it goes in the process. If that is the case, I will not continue to waste my time here.Internet2Guru (talk) 18:41, 4 February 2015 (UTC)
- FWIW, I'd consider two routing tables in RAM to be (approximately) separate physical resources (or perhaps better "additional physical resources"), even if they live in the same physical RAM chips. Although as I mentioned elsewhere, that's more a binary enough/not-enough thing. Rwessel (talk) 23:21, 3 February 2015 (UTC)
- Discourse as offered in the dual-stack section simply does not belong in a general overview article. The sources are not reliable, they are clearly single writer opinions that were proliferated in multiple opinion columns, which don't even support the statements made, at least not in the section publicly available. Kbrose (talk) 20:27, 4 February 2015 (UTC)
- Please stop screaming vandalism when you clearly don't know what that is. This material is of poor quality and any self-proclaimed 'guru' ought to recognize that. Please practice your writing skills elsewhere. Kbrose (talk) 20:33, 4 February 2015 (UTC)
- To Kbrose: STOP CONTINUED VANDALISM!!! What you have done so far is called vandalism if you have not yet figured it out! If you can not contribute a single word of any meaning to this discussion, get out of this discussion here and DON'T COME BACK as you are not welcomed here!!!Internet2Guru (talk) 20:47, 4 February 2015 (UTC)
- You have no say of the matter, and your edits and loud behavior don't bestow any credibility to your claims. Perhaps you need to read about editing on WP, as you are clearly inexperienced. Kbrose (talk) 21:17, 4 February 2015 (UTC)
- To Kbrose: STOP CONTINUED VANDALISM!!! What you have done so far is called vandalism if you have not yet figured it out! If you can not contribute a single word of any meaning to this discussion, get out of this discussion here and DON'T COME BACK as you are not welcomed here!!!Internet2Guru (talk) 20:47, 4 February 2015 (UTC)
- On the contrary, it is you who are clueless on this subject and tried ignorantly and recklessly to make changes to the content of the article without any technical understanding of the subject matter and/or demonstrated qualifications to do so, other than a sense of shamelessness. Robots can make grammatical and cosmetic changes for the wording and spellings, but it is only the SMEs who are qualified to contribute to the content of the article and make the changes as needed; and you are no SMEs on this subject based on what you have demonstrated so far. Thus, stop doing something you are clueless about and stop wasting my time on correcting your injudicious mistakes again and again! Internet2Guru (talk) 01:13, 5 February 2015 (UTC)
It really is not useful to throw around words like "clueless", "ignorant", or "vandal". I think we should take the example of Charles Sun, who writes technical statements in an understandable way. For example, in this paper he says "Moreover, a dual-stack deployment methodology will ultimately overburden the global networking infrastructure, affecting the routing of Internet traffic, as backbone routers struggle to hold and process both IPv4 and IPv6 routing tables simultaneously." Now I don't 100% agree with this, but it focuses on a real problem (two routing tables), and it certainly doesn't have the confusing aspects of extra traffic, shared or separate physical resources, etc. that are causing some of us (SMEs with NDAs!) to ask questions. So please tone down the anger and work towards agreed and referenced statements. - Ttwaring (talk) 01:29, 5 February 2015 (UTC)
- Ttwaring, I agree with you on your thoughtful comments on this one. Well, at least so far, we have some agreements on the topic that many of us are very passionate about judging from the responses so far. I also agree that we should cool down a little bit for now. ;-)Internet2Guru (talk) 01:56, 5 February 2015 (UTC)
Dual Stack Mode of Operation and Its Impact on Network Infrastructure
If the content of the Wikipedia articles are not contributed, maintained, and protected by the SMEs who are technically qualified, intellectually capable, and generously willing to make the contributions to the content creation and integrity of the relevant articles, but rather only by a bunch of ignorant, clueless, lazy, injudicious, and ludicrous self-proclaimed “editors” who are pitifully unqualified technically, and intellectually incapable to contribute a single word of meaning to the discussion on the subject matter or to the content of the technical articles in the Wikipedia, other than simply trying to constantly bully and harass those SMEs and other interested parties who are actively engaging in the intelligent, technical discussions regarding the subjet matter and the integrity of the content of the articles involved, I will not continue to waste my time and resources to deal with those cyber bullies, neither will I be interested in any further discussions on the subject matter in this forum. Moreover, I will no longer be associated with and/or interested in protecting the integrity of the content of the articles in the Wikipedia to which I have contributed moving forward. It would be a SHAME, DISGRACE, and TRAGEDY if rest of the world will allow such kind of bully and harassing behaviors of the few “editors” to continue in the days to come. Internet2Guru (talk) 00:01, 9 February 2015 (UTC)
To Kbrose: (1) If you cannot read or are simply too lazy to read and understand the subject matter or the original content of the article cited, you are unqualified to make any changes regarding this technical subject matter! See the quoted content of the article below; (2)If you cannot understand or be able to contribute to any meaningful discussion here regarding the subject matter, as what you have so far demonstrated complete ignorance on this subject, you have no place here to make any deletions of the content for this subject; (3) Your continued vandalism behavior cannot be tolerated and will continually be reported; (4) Until the above conducts and behaviors have been corrected, you are not welcomed to write anything here as you can hardly write, let alone anything meaningful to the discussion here! Internet2Guru (talk) 00:19, 5 February 2015 (UTC)
- The original content of the article cited in regard to the deleted content by Kbrose for the section titled Deployment:
- Even if the supply of IPv4 addresses were not to be exhausted soon, the size of IPv4 itself is not large enough to support the Internet of Things. To a large extent, the Internet of Things will be the ultimate driver of global adoption of IPv6 in the coming years.[1]Internet2Guru (talk) 00:19, 5 February 2015 (UTC)
- It does look like Kbrose has been too quick and hasty to delete the original contents without even having read the article quoted by Internet2Guru. This type of “editing” can be easily considered reckless by some users, which may be the reason why kbrose has been reported as a “cyber vandal”, --not sure that should be the exact label to be used here, but at least it does not seem Kbrose has done it in good faith given the fact that he/she had been warned by the original contributor of the content multiple times already.InternetMonitors (talk)
I don't understand the criticism of dual stack that it will "ultimately overburden the global networking infrastructure with both dramatically increased Internet traffic". This seems like it could be a misunderstanding of how dual stack works. For every web connection the host uses either IPv6 or IPv4, and not both. The total traffic is pretty much the same whatever the proportion of IPv6-enabled sites and IPv4-only sites.
I think this was added by User:Internet2Guru here.
Is it OK if I remove this? Ttwaring (talk) 20:50, 14 January 2015 (UTC)
- I'm thinking this may have been a somewhat mangled presentation of a (real) problem with dual-stack devices - namely that every dual stack device still needs an IPv4 address (and, we rather have a shortage of those). Certainly in terms of actual traffic a dual stack device adds nothing significant. Rwessel (talk) 21:40, 14 January 2015 (UTC)
- I've updated that section to remove the "traffic" confusion, and I've also removed some low quality references (two behind a paywall and one that is no longer on the site). Ttwaring (talk) 15:36, 21 January 2015 (UTC)
To Ttwaring:
It is NOT a misunderstanding of the dual-stack concept.
The statement of "ultimately overburden the global networking infrastructure with both dramatically increased Internet traffic" refers to the additional burdens on the current global networking infrastructure, naming all of the major network devices, such as routers, L3 switches, server load balancers, and security devices and appliances such as firewalls, IDS/IPS, proxy servers/appliances, as well as relevant servers, i.e. DNS, DHCP, email servers, etc., will have to handle (routing) both IPv4 and IPv6 traffic simultaneously in the dual-stack mode of operations, thus inevitably increase the CPU cycles and memory allocation and utilization of all of the devices involved, regardless whether or not the end hosts are using only a single stack of IPv4 or IPv6 at any given moment.
In addition, with increasing IPv6 only traffic currently from many smartphones as well as the projected increase of additional new IPv6 only traffic from all type of computing devices worldwide in the coming years, especially from those countries and regions that the IPv4 addresses are no longer available, the Internet traffic will dramatically increase with IPv6 only traffic in addition to the IPv4 traffic reaching its maximum limit. Internet2Guru (talk) 08:11, 31 January 2015 (UTC)
- Those are mostly marginal issues. Most of the load on routers, and what not, is per-packet, so it really doesn't matter if the traffic is IPv4, IPv6, or a mix, so long as the total amount of traffic is the same. To the extent that having IPv6 in the world increases the total amount of Internet traffic, I guess that's correct, but is a somewhat trivial observation. Now there is some additional load on the infrastructure for dual stack support (for example, routers have to maintain two sets of routing tables DNS servers two sets of A records, etc.), but most of those are pretty low costs compared to the per-packet/request processing. And other things, like DHCP and email servers, will see almost no increases in load dual to dual stacks. Rwessel (talk) 06:50, 1 February 2015 (UTC)
- The global network infrastructure is not just limited to some of the Internet routers. Is MTIPS considered part of the global network infrastructure? Has anyone checked the throughput of the security devices such as Cisco's ASA in dual-stack mode? If the security devices are also included as part of the global Internet networking infrastructure, you cannot just look at the performance of a few Internet routers that may or may not have the same throughput when running in dual-stack vs single stack. If the answer to any of the above questions is yes, then your previous discussions on this subject are incomplete. See my additional comments below resonding to Ttwaring's questions.Internet2Guru (talk) 04:48, 2 February 2015 (UTC)
- I've gone and reverted this again. The cite does not support the statement in the article. Some routers may have trouble holding two sets of routing tables, but that's not a traffic issue. And that's a perpetual issue with backbone routers anyway: the size of the routing tables keeps growing, and the routers need to be upgraded to handle that. The (effectively) duplicate routes for IPv4 and v6 just adds a bit of extra growth over the near term.
- Also, citing the exact same article (as printed in four different, but related, publications), four times looks a bit unseemly. Rwessel (talk) 07:35, 1 February 2015 (UTC)
- As previously stated, more than four different verifiable references from various well-known publishers are not insignificant, even if they may refer to the same or similar publication, especially when considering it was published and/or republished and widely cited in different languages (English, Russian, German, Chinese) and from different part of the world (North America, South America-even cited by a magazine in Cuba, Europe, Asia, and Africa), which is in compliance with the Wikipedia guidelines regarding the source of the reference as the key concept here is “verifiable”, “published”, information from reputable sources and/or publishers, such as, in this case, Computerworld, InfoWorld, CIO Magazine’s CIO.com, and IDG News in India, etc. and twitted and promoted by ARIN, CIO.com, etc… [1], [2]Internet2Guru (talk) 04:48, 2 February 2015 (UTC)
Repost here additional discussions regarding dual-stak with Ttwaring in my Talk User:Internet2Guru here:
- Could you go into more detail on what the blunder is? Is the blunder thinking that adding IPv6 is simple, when it isn't simple? I'm a little confused by this last paragraph and I'd like to understand what you are saying before I add to the discussion on Talk:IPv6 - Ttwaring (talk) 13:54, 31 January 2015 (UTC)
- One nice thing - Comcast and Wikipedia are both now dual stack, so my Wikipedia edits now go over IPv6 without any intervention on my (or anyone's) part, thanks to Happy Eyeballs. My traceroute6 goes via Comcast and NTT. For example, one of the NTT router hops is 2001:418:0:2000::16e. - Ttwaring (talk) 14:07, 31 January 2015 (UTC)
- By major blunder I meant that enabling the IPv6 stack in the current IPv4 environment does not equal to the completion of IPv6 deployment as many people may think. The very action of "enabling" IPv6 - basically making a configuration change by adding a few commond lines to the network devices, for instance, can be very simple or complicated depending on who you are talking to and what kind of existing networking infrastructure in the production environment it has, i.e. the current state of the hardware and software involved. The IPv6 transition should not just stop in the dual-stack mode. The ultimate goal for the IPv6 transition should be the global adoption and deployment of a single stack of IPv6. Hope this has clarified any confusions.Internet2Guru (talk) 17:06, 31 January 2015 (UTC)
- I don't think anyone is arguing that dual stack is the end of the story. It's a stage in the transition. For example, the paragraph in IPv6 we are discussing is part of the "Transition mechanisms" section. However, the next step after dual stack is a long period of running in parallel while the proportion of server networks with IPv6 enabled increases (already we have Google, Facebook, Wikipedia, etc.) and the proportion of eyeball networks with IPv6 available also increases (Comcast, some mobile providers, Free in France, etc. have it already). So I don't think anyone significant in those companies believes that enabling IPv6 equals completion. It is just that the second part (getting rid of IPv4) depends the rate at which the rest of the world moves across to IPv6.
- I think that one of the confusions I had with your paragraph in IPv6 is that I (and maybe other people) interpret "traffic" as the total rate of bytes through internet routers, whereas I think you are referring to what I would call "protocol traffic" or "control traffic" - BGP updates, DNS queries, etc. It's 0.001% of the traffic, but it's pretty important, of course. Even there, I don't think things are as apocalyptic as you make out. There's a one-off hit of a factor of two in security vulnerabilities, etc. but a lot of the other stuff doesn't scale up as fast as the actual traffic. For example, I have not heard of any capacity problems in DNS due to the extra requirement of AAAA records. And the total router traffic - cat videos, Netflix, video calls, etc. - is going to keep doubling every X months (and keeping people like me in a job) whatever version of IP is in the packet headers. - Ttwaring (talk) 17:38, 31 January 2015 (UTC)
- As for the first part of your comment, again depending on who you are talking to, not even everyone in ICT will understand that enabling a separate IPv6 stack will not impact the function of the current IPv4 stack if the IPv4 stack is currently fully functional in the first place. This is especially the case for the end users' computers. Even among many of the network engineers, not everyone will agree that transitioning to the single stack of IPv6 is the ultimate goal for the global deployment of the IPv6.Internet2Guru (talk) 08:58, 1 February 2015 (UTC)
- In terms of the increased Internet traffic – both IPv4 and IPv6 packets traverse the global network infrastructure, there will be additional net increase of IPv6 traffic (bits and bytes) from newly enabled devices connected to the Internet. With the ever-increasing bandwidth demanded by the consumers for their mobile devices and broadband services at homes worldwide as well as with continued growth of IoT deployment in the near future, the IPv6 only traffic will continue to increase globally. These will be the net increases in the worldwide Internet traffic in addition to the current IPv4 traffic, regardless whether the bits and bytes are routing protocols or datagrams. Whether or not the current network infrastructure can handle those dramatically increased bits and bytes (both IPv6 and IPv4) will depend on the current utilization of the existing circuits and future provisioning capacities.
- However, regardless whether or not the current or future circuits provisioned for the Internet are fully utilized, all of the network elements supporting the global networking infrastructure have to be configured to handle both IPv4 and IPv6 traffic simultaneously if we are to continue to deploy and use both IPv4 and IPv6 in dual-stack mode. Thus, increase the demands for those network devices in terms of their physical capabilities.
- Furthermore, as the physical capacities and the functionalities of any given network device are limited to a certain degree, and those devices often have to be preconfigured, not dynamically configured on the fly, to allocate and/or reserve separate physical resources, such as memory, to handle the bits and bytes of each of the IPv4 and IPv6 stack separately, regardless whether there are actual IPv6 or IPv4 packets traversing those devices, consequently, decreasing the overall throughput for either IPv4 stack or IPv6 stack of any given device involved. This is especially true for many of the network security devices. Internet2Guru (talk) 10:23, 1 February 2015 (UTC)
- There's no real connection between dual stack and traffic growth. The internet infrastructure will deal with the upward march of Comcast's traffic (a mixture of IPv4 and IPv6) and the upward march of Verizon's traffic (just IPv4). As they have similar markets in residential broadband, total traffic levels for both Comcast and Verizon are probably increasing at similar rates. The 'net increases in worldwide internet traffic' have been part of every network engineer's life for two decades, and dual stack makes no difference to that. IPv6 has other consequences, like the effect on routing tables, but it really does not affect the rate at which total traffic increases. - Ttwaring (talk) 14:40, 1 February 2015 (UTC)
- I cannot agree with that statement. Yes, we will be able to deal with the increased Internet traffic from both IPv6 and IPv4, one way or another, eventually. But what matters here are the details about how we are dealing with this matter. In order to understand the connections between the impact of dual-stack on the existing network infrastructure and the current and/or future growth of the Internet traffic, one needs to understand what were explained previously and what are stated herein in the following:
- 1. As previously stated, no one will argue that the increased Internet traffic (including both IPv4 and IPv6) will have to impact the existing global networking infrastructure by creating additional congestions and/or increasing the bandwidth utilizations of the existing circuits;
- 2. For a given network device, such as the firewalls or L1-7 proxy security appliances, the choice to run in single stack or dual-stack mode will impact its overall throughput for each of the IPv4 and IPv6 stack, depending on how the device is handling the physical resources including the CPUs and memories specifically required to deal with the packets for each of the stacks. The total throughput of a single stack, either IPv6 or IPv4, from the same device does not automatically equal to the sum of the total throughput of both stacks combined, if the device can fully handle the same functionalities at all for both IPv4 and IPv6 in the dual-stack mode, which is still not very common nowadays despite more than two decades of global effort in adopting IPv6. Similarly, the total throughput for an Internet router or L3 switch will be different in a dual-stack mode of operation from a single stack mode. In order to provide the same throughput in the dual-stack mode as in the single stack mode, currently one has either to increase the physical capabilities of the devices involved, or tolerate the decreased throughput for each of the stacks traversing the devices, especially when the IPSec is enabled.
- 3. If the dual-stack mode will impact negatively the throughput of any given network device handling the Internet traffic, compared that with the single stack mode of operation, it will increase the cost for everyone, including the ISPs, to deal with the continued increase of the Internet traffic from both IPv6 and IPv4. Since the resources for any given individuals and organizations are not unlimited, deciding on how to deal with the increased cost to support the dual-stack mode of operation will ultimately impact the Internet traffic in terms of the throughput, among others.
- 4.Thus, there is a strong connection between the dual-stack mode of operation and its ultimate impact on the Internet traffic, just based on this narrow analysis. Obviously, it is not just the increased cost for the hardware involved here in order to support the dual-stack mode of operation. In a much broader sense, with the increased Internet traffic from both IPv6 and IPv4 will automatically equal to the increased security threats and attacks from both stacks, which will undoubtedly create the extra burdens on the existing global networking infrastructure, and that is the main reason for the statement of "ultimately overburden the global networking infrastructure with dramatically increased Internet traffic from both IPv4 and the increasingly new IPv6 only traffic", which is supported by the opinions expressed in the original sources cited in the section.
- If one still thinks otherwise on this matter, I will suggest getting some opinions from the top tier network carriers and trying to argue and convince them to continue to support and route both IPv4 and IPv6 Internet traffic in their backbones indefinitely.Internet2Guru (talk) 17:04, 1 February 2015 (UTC)
Clearly big companies are making the commitment to dual-stack their backbones already. For example, this article claims that Google are 40% of the Internet, and you can throw in Facebook (not a small company) and Comcast (largest internet service provider in the US) in there as well. Comcast are routing 1 Tb/s of IPv6 traffic on their network. I noticed there was an edit from this page from 96.231.48.153, which is Verizon FiOS (pool-96-231-48-153.washdc.fios.verizon.net). They are not dual stack. I don't think any dual stack network will support IPv4 traffic indefinitely. They will support it until it becomes uneconomic, at which point we will have some version of NAT for the remaining traffic. But we are an early stage of moving to IPv6. If "indefinitely" = "10 years", then these big companies have implicitly signed up for that already.
- Big companies do not necessarily equal to top tier carriers and the commitment by the enterprise networks to dual-stack does not mean that the top tier carriers will agree to run dual-stack for the backbones for another 10 years. If they do, it only means that there is not enough commitment by the network equipment companies to fully support the IPv6 transition right now in all of the products they sell. In either case, it does not change the fact that dual-stack mode of operation will introduce additional burdens to the existing global networking infrastructure as originally state, including additional security attacks from both IPv4 and IPv6 stacks, which is the original point of view. Internet2Guru (talk) 03:24, 2 February 2015 (UTC)
- At this point, I do not know what is your original point of argument here? Have your original questions been answered? If that is the case, please feel free to state so; otherwise let's continue to discuss about it.Internet2Guru (talk) 03:24, 2 February 2015 (UTC)
I disagree that "the total throughput for an Internet router or L3 switch will be different in a dual-stack mode of operation from a single stack mode". I think this is based on either old data, or on lower end routers. For the kind of routers in big company backbones (Juniper PTX, Cisco ASR9k) there is no throughput compromise in going to dual stack. The 10G and 100G interfaces can do line rate for the typical internet packet size distribution and the worst-case IPv6 percentage over the lifetime of the equipment. Clearly you can't do any better than the line speed of the interface. Another thing to consider is that the huge growth of backbones means that equipment tends to be very new on average, so that old stuff that couldn't forward IPv6 quite as well will be long gone or banished to some network backwater.
- One have to understand that when we say the global networking infrastructure, it does not necessarily only refer to a few big companies in the United States, even though many of the big U.S. companies are part of that infrastructure. Similarly, not every Internet routers (the definition of which still needs to be defined here for this discussion) connected to the Internet are Juniper PTX or Cisco ASR9K. Even if many of the major Internet routers might be all newly upgraded to run IPv4 and IPv6 in dual-stack mode without any throughput problems, which is still unknown to many people including this author without seeing the verified independent test results to back up the "line rate" throughput claims in the dual-stack mode (if you do happen to have access to or seen such kind of published information that have been independently verified, please feel free to share with everyone here), it still does not mean that the dual-stack mode of operation will not impact the global Internet networking infrastructure and the throughput of all of the Internet routers running in dual-stack mode is the same as the single stack mode, unless everyone somehow all agrees that the global Internet networking infrastructure only means those two type of routers or other similar L3 switches that may have deployed, excluding all other network and security devices and servers, such as the firewalls, IDS/IPS, encryption devices, cache engines, proxy appliances, server load balancers, DNS servers, mail servers, etc. Otherwise, the basic fact will not change that the dual-stack deployment will introduce more security threats and attacks to the current network infrastructure and it will negatively impact the global network infrastructure more so than running the single stack of IPv6.Internet2Guru (talk) 03:24, 2 February 2015 (UTC)
- If you only disagree with the comments regarding the throughput of the routers or L3 switches in dual-stack mode, do you agree with the rest of the responses? Again, if the answer is yes, there is no point to continue to debate the general statement regarding the negative impact and disadvantages of the dual-stack in terms of introducing additional security threats and attacks from both IPv4 and IPv6 stacks individually and the combination of both collectively. Similarly, if we all can agree that the global network infrastructure is more than just a few Juniper or Cisco routers as you mentioned, then there is no value to continue endless ever-changing topic of discussions.Internet2Guru (talk) 03:50, 2 February 2015 (UTC)
Ultimately the article has to be based around reliable sources, and discussion on the topic itself isn't in the scope of an article talk page like this - it has to relate to improving the article. As for dual stack itself, dual stack is intended to be temporary while IPv6 is not ready to serve everything. Dual stack is indeed complex by virtue of having two stacks, but while the Internet cannot yet rely entirely on IPv6, it's necessary. None of what is said here can be put in the article without reliable sources, and no debate on the subject goes anywhere without such sources either. Also, an internet user is one internet user regardless of which protocol (s)he uses. Thus deploying dual-stack cannot increase the amount of usage (distinct from actual traffic due to inherent overhead) beyond that expected for a growing Internet as a whole.--Jasper Deng (talk) 05:19, 2 February 2015 (UTC)
- It would be to the benefit of everyone to fully understand the nature of the original and current discussions here and spend the time to go through what have already been discussed before commenting on the something may or may not be directly related to the topic here. We all agree that the articles in Wikipedia ultimately need to be objective and from reliable sources. We can also try to hold similar standard for our discussions here. That being said, it is not clear what is your point of discussion here in regard to the original discussions on the impact of the dual-stack to the global netowrk infrastructure. Simply say and/or repeat some general statements do not help with the discussions here, and neither is it the best use of our time.Internet2Guru (talk) 05:46, 2 February 2015 (UTC)
- @Internet2Guru: see WP:NOTAFORUM for what I'm talking about. I see no point in continuing this discussion unless sources are pointed to because it seems to be a matter of your opinion and others' opinions here on the subject; that's not useful for the article.--Jasper Deng (talk) 05:56, 2 February 2015 (UTC)
- What is said does not make any sense. The very fact that we are here discussing about this subject is because we all want to express our opinions about the subject of our concerns. If opinions do not matter in your opinion, why you wanted to join in this discussion here in the first place? If you have all of the reliable sources already and can cite those sources for this topic, why don't you contribute and share them with the group here on this subject?Internet2Guru (talk) 06:41, 2 February 2015 (UTC)
(Edit conflict, and at this point I'm not sure what indenting is appropriate -rw)
- I'm not sure where to even start with this. Multi-protocol routers have existed roughly forever, and while certain favored protocols have at times seen dedicated hardware accelerators, that's neither here nor there. The favored traffic gets the acceleration, the other traffic burdens the main CPU (or whatever). This is not impacted by dual stack operation. Switching to single stack IPv6 operation on a router with (only) IPv4 acceleration hardware does not help that router processed IPv6. Other than routing protocol traffic itself, handling the routing table updates, and memory required to store the routing traffic, running dual stack IPv4/6 does very little to routers. The first two are fairly small loads, and the second is more a binary enough/not-enough situation (where the router has to be upgraded should it fall into the "not enough" category). There really isn't much literature on the impact of dual stack support on routers because there really is very little. You see some in the documentation from the router vendors, but it's most along the lines of specifying memory requirements and packet forwarding overhead on a per stack basis (again, a router with IPv4 acceleration will forward IPv4 packets faster than it will IPv6 packets, but that's not dependent on whether the traffic is all IPv4, all IPv6, or mixed, or a certain router can forward 20% fewer IPv6 packets-per-second than IPv4 packets, but again, not an issue with dual stack support).
- Things like firewalls and gateways see very little impact from IPv6. Almost all of the work my firewalls do is at a higher level than looking at the IP address. The same is true for things like mail servers, web servers, DHCP servers, FTP servers, etc. There is really almost nothing extra going on for supporting IPv6. Consider a web server: it's accepting an incoming TCP connection with a HTTP request (say an HTTP GET), and it writes back to that TCP connection the response (usually an HTML web page). There's literally nothing in that process that depends on the type of IP address. Yes, many IP servers do a bit of security or logging work based on the IP address, but that's a minimal part of the load.
- There are some additional security issues associated with dual stack operation, but certainly nothing like double. Only a tiny fraction of the security threats occur at the stack level, the vast majority occur higher up. The stack level ones may well be doubled (and that’s doubtful), but the higher level ones certainly are not (an SQL injection attack is going to work, or not work, regardless if the web server support IPv4, IPv6, or both). There are some address related issues which propagate beyond the stack (mail server black/whitelists, for example), but again, it's only a small portion of the attack surface at issue.
- There are too many to be addressed here, but I will start from here first. How do you know for sure that there is "certainly nothing like double" in the dual stack mode? Do you have the tools to monitor and verify all of the IPv6 traffic now? Is your company or organization currently using IPv6 single stack or with IPv4 in dual-stack in your production network both internally and externally? Have you personally validated or do you know from the reliable sources that someone has already done so to validate all of the throughput results and compared them for both dual-stack and single stack? How can you know that your network is secured now in IPv4 as well as in IPv6 - if it has been deployed in the first place? If the security is not a concern or just a minor issue as what is stated here, and there is no impact to the network infrastructure regardless whether it is in single stack of IPv4 or in the v4 and v6 dual-stack, please share your experience and help everyone to understand why as of today there is still more than 90% of the Internet traffic that are still in v4 not v6 despite more than two decades efforts to transition to IPv6 worldwide; and why currently there is hardly 1% of the private companies in the U.S. that are monitored by NIST IPv6 deployment monitor are actually using IPv6 for their external public-facing web servers? Internet2Guru (talk) 06:31, 2 February 2015 (UTC)
- The problem is that you're making the extraordinary claim. As I said, the vast majority of vulnerabilities have nothing to do with the stack (just watch bugtraq for a while). While there may be as many, or even more, IPv6 stack related vulnerabilities as IPv4 ones, that still leaves them as a tiny part of the issue. If you think there are such a vast number of IPv6 stack related vulnerabilities that they would actually match up to the rest of the vast world of the vulnerabilities, you'll have to back it up. And even the article you're citing doesn't support that. By basic arithmetic, if running dual stack could double the number of bugs, then the number of stack related bugs in IPv4 and v6 must be similar. Unless running dual stack somehow introduces vast numbers of bugs that that are specifically related to dual stack operation. Again, an extraordinary claim.
- As to us, we're mostly dual stack. Some older devices, and a few specialized devices remain IPv4 only. This is a non-issue for... pretty much everything. Firewalls, routers, mail servers, web servers, whatever. Sure there was setup on all of those (and, of course getting the support in the device), and there was a learning curve, but it was pretty much boring. I'm reasonably confident that there are not a significant number of additional vulnerabilities, although there are almost certainly some IPv6 ones lurking out there (as there are IPv4 ones). But again, dual stack is not an issue, except, perhaps, the extra work. Our main externally visible web servers are hosted elsewhere, and they're not IPv6 yet.
- Now as to why IPv6 deployment has been slow in the US, it's pretty simple. There's little pressure to do it. We have enough IPv4 addresses. Rwessel (talk) 23:17, 3 February 2015 (UTC)
- In particular, it will be very helpful to share the information or cite from the reliable sources regarding the firewalls and other security devices that you have tested and/or used in the production environment that are so robust and reliable. Better yet, your company's experience, if it is appropirate and mutually agreed, could be a good candidate for the Internet Society's IPv6 case studies in its Deploy360 Collections.Internet2Guru (talk) 06:31, 2 February 2015 (UTC)
- As for continues support of IPv4. AFAIK, no one has announced plans for discontinuing IPv4 support. It may well happen at some point, but it's going to be because support IPv4 is more work than it's worth, not because it's impacting IPv6 performance. But there is a germ of an issue in here. Supporting both stack certainly does increase the workload of the folks administering the Internet. That additional workload may well negatively impact the operation of the Internet. The email server black/whitelists, for example, might not be as quickly updated for the time being for IPv6 addresses as they are for IPv4 addresses.
- Agreed. The impact will be more severe for the network devices, especially the network security devices than servers as most of which are far more powerful in terms of their physical capabilities.Internet2Guru (talk) 08:09, 2 February 2015 (UTC)
- Dual stack is certainly something that requires work to deploy. As you mentioned it will impact everything from routers, to DHCP servers, to web servers. But most of those impacts are (roughly) one time. The web server needs to be updated to process an IPv6 address (assuming it's going to log that), and the underlying OS will need IPv6 support, and that will need to be configured, and the network it attaches to configured to support IPv6, etc. But once that's done, it's done, and it's not much of an ongoing burden (yes, until IPv4 disappears, the logging code will need to be able to format both types of addresses, and yes there’s some amount of ongoing software maintenance effort this will require).
- If everything is as simple as what is stated here, why we even need to try to make the single stack of IPv6 as the ultimate objective for the global IPv6 deployment? If dual-stack is so stable and wonderful, why don't we just keep the dual-stack indefinitely? See my additional comments elsewhare in this section on this subject.Internet2Guru (talk) 07:21, 2 February 2015 (UTC)
- We're running out of IPv4 addresses and over time IPv4 only devices will lose connectivity to increasing potions of the world. And there is, of course, some extra work involved in dual stack. Rwessel (talk) 23:17, 3 February 2015 (UTC)
- As to specific issues with these additions. The cited link does not support the statement that dual stack support results in a burdensome amount of increased traffic. Traffic is increasing, routers (and whatnot) need to deal with that increased traffic, whether its IPv4 or IPv6 is not really an issue. The cite is also a very short blurb, desperate short on analysis or sources. It does make the statement that handling dual stack routing (not traffic!) may be a problem for (some?) routers, but doesn't really back that up. It largely doesn't mention any other sort of devices.
- And the fact that you've cited the exact same article *four* times is certainly not helpful. If I were inclined to not WP:AGF, I might well consider that a deliberate deception. So if you want to toss accusation of vandalism around, you should consider the aphorism about people living in glass houses. And consider that I *did* read the discussion, and posted a non-trivial response to it before I reverted your edits, and it was *you* who just reverted that back without further discussion. And I didn't start the name-calling either. Perhaps in the interest of a civil discussion we could end that now?
- Agreed. If I had more time to spend initially when noticing the changes without convincing arguments in the remarks regarding the change, I would definitely had not called it vandalism. In addition, I would had used different words in my comments as well. Internet2Guru (talk) 08:34, 2 February 2015 (UTC)
- In regard to the citations, as previously stated, I strongly believe that more than four different verifiable references from various well-known publishers are not insignificant, even if they may refer to the same or similar publication, especially when considering it was published and/or republished and widely cited in different languages (English, Russian, German, Chinese) and from different part of the world (North America, South America-even cited by a magazine in Cuba, Europe, Asia, and Africa), which is in compliance with the Wikipedia guidelines regarding the source of the reference as the key concept here is “verifiable”, “published”, information from reputable sources and/or publishers, such as, in this case, Computerworld, InfoWorld, CIO Magazine’s CIO.com, and IDG News in India, etc. and twitted and promoted by ARIN, CIO.com, etc… [3], [4]Internet2Guru In this case, with not many open sources available to support the frank discussions on this very subject, any reliable and verifiable sources of information and citations would be very helpful to strengthen and support the discussions here and in the article. Internet2Guru (talk) 08:34, 2 February 2015 (UTC)
- Translations are not additional sources, nor are simple reprints. I'd judge that the same article published in multiple (many related) publications also don't count as multiple sources. Rwessel (talk) 23:17, 3 February 2015 (UTC)
- Cite your sources and guidelines from Wikipedia regarding the references to back up your opinion if you so strongly object to it. If it is fully documented and discussed regarding this matter, it should not be difficult to resolve this case. Only until then, no changes should be made without any documents and guidelines to prove otherwise.Internet2Guru (talk) 17:49, 4 February 2015 (UTC)
- So, to sum up, there is little here that support the notion that dual stack support is going to be a major burden on the world, and certainty the *one* citation doesn't make that broad claim, and is pretty questionable in the much narrower claim it does make. But since we're discussing it, I won't revert,
except to remove three of the quadruplicated citesheck for the time being I won't even do that. Rwessel (talk) 05:29, 2 February 2015 (UTC)
References
- ^ Sun, Charles C. (2 May 2014). "Stop using Internet Protocol Version 4!". InfoWorld.
External links modified
Hello fellow Wikipedians,
I have just added archive links to one external link on IPv6. Please take a moment to review my edit. If necessary, add {{cbignore}}
after the link to keep me from modifying it. Alternatively, you can add {{nobots|deny=InternetArchiveBot}}
to keep me off the page altogether. I made the following changes:
- Added archive https://web.archive.org/20120105112751/http://rmv6tf.org/2008-IPv6-Summit-Presentations/Dan%20Torbet%20-%20IPv6andCablev2.pdf to http://rmv6tf.org/2008-IPv6-Summit-Presentations/Dan%20Torbet%20-%20IPv6andCablev2.pdf
When you have finished reviewing my changes, please set the checked parameter below to true to let others know.
An editor has reviewed this edit and fixed any errors that were found.
- If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
- If you found an error with any archives or the URLs themselves, you can fix them with this tool.
Cheers. —cyberbot IITalk to my owner:Online 10:39, 26 August 2015 (UTC)