Bashing IPv6 at TelecomNEXT

IPv6 is dead, and I think pretty much everyone already knows it. I gave a presentation about IPv6 at TelecomNEXT in Las Vegas last week (full presentation archived here) entitled “Realities of IPv6 as the Future Network Layer”. I regard it as a largely straightforward presentation of the facts: IPv6 is used by virtually no one, is not seeing significant adoption and has lost in the marketplace of new ideas. Since we will, in fact, run out of IPv4 address space eventually, and since IPv6 is obviously not the solution that people want for this problem, let’s start working on a better one right away. Of course, the presentation contains juicy quotes like:

  • “The market has spoken: IPv6 is the wrong technology at the wrong time and most organizations will profit from simply ignoring it”
  • “NAT and IPv6 are both evil, but IPv6 is the more dangerous of the two.”
  • “IPv6 was designed with no migration strategy from the real Internet.”

This perspective has been making a lot of people angry, since it implies (or rather, bluntly states) that those who have made significant investments in IPv6 have wasted their money, since we will obviously have to replace it with something else. I think that this conclusion is painfully obvious, but I guess lots of people are still deluding themselves. So who will win and who will lose in the ultimate failure of IPv6?

The basics of the argument are outlined in the presentation, but the core point is the one about a migration strategy: IPv6 is a new network protocol with no interoperability with IPv4 (and no, tunnels don’t count). It’s just a new, non-Internet network protocol. When network operators face the decision of whether to deploy it, they can consider IPv6 along with every other non-Internet network protocol to decide whether they meet some need. IPv6 gains no advantage whatsoever from the huge existing installed base of IPv4. That is the truly sad fact. Protocol designers chose purity of implementation over interoperability and thereby doomed IPv6 to a permanent, marginal existence.

Moreover, since virtually every important feature of IPv6 has been back-ported to IPv4 (auto-configuration, security, QoS), there’s no compelling reason for any individual user or end-site to want IPv6 service and there are a lot of reasons not to want it. There’s no content to look at. This is largely because there are no users. There are no users because there are no other users. And so on. The lack of true interoperability with IPv4 is death for any new network protocol hoping for Internet-scale adoption, even if it has “IP” at the front of its name.

So who is pushing IPv6? I think there are at least three categories of interested parties: equipment vendors, network consultants and protocol designers/developers. These last are true believers and will never agree with me on this issue. They’re convinced that IPv6 is a great network protocol and that everyone else will soon realize this. Perhaps. But they’ve been saying that for at least 5 years now. I suspect that we could just wait to see the continued non-adoption of IPv6 if we weren’t in need of a solution to the address space exhaustion issue.

Consultants like IPv6 precisely because it’s not compatible. It requires lots more work to integrate IPv6 with IPv4 than it should. And more work means more money for consultants. Example: Bechtel announces IPv6 roll-out, alone among US enterprises. Is it at all surprising that Bechtel, a contracting company that does the bulk of its work for the US military, would cheer IPv6 adoption? Smells fishy to me. It’s certainly not representative of the views of US industry in general.

Equipment vendors think that they like IPv6 because it obsoletes old hardware and encourages upgrading. But I think they’re seriously missing the big picture on this one: a long-term, slow, partial adoption of a new network protocol is just about the worst thing that can happen to someone like Cisco. Massive investment in new software and firmware and ASICs to handle IPv6 is being amortized over essentially zero business. Router vendors should wake up to the fact that IPv6 isn’t what people want to move to, and should get behind an effort to develop a protocol that interoperates with IPv4 while solving the address space problem. Such a protocol would have massive, immediate adoption and would spur far greater equipment upgrades and purchases than IPv6 ever will.

I suspect this won’t happen, though. I suspect that most of the people who have been involved in IPv6 (and dreamed up the shim6 end-station multi-homing foolishness) for the last several years probably think I’m an idiot. They think that these issues were discussed and settled and that the prudent thing is to go forward trying to fix IPv6. The problem is that they’ve been “fixing” IPv6 for at least eight years and it’s still not what anyone really wants.

Ultimately, if I’m right, it will be obvious by the fact that 2-3 years from now no one will be using IPv6. The only problem with that is that we’ll be that much closer to address-space exhaustion for real Internet (IPv4) addresses. Fortunately, we have some time. Geoff Huston estimates that IPv4 addresses will run out in June, 2013. Furthermore, once they run out, allocated-but-not-used space will be reclaimed taking us up to something like 2023. I guess that’s just about enough time for the stubborn IPv6 camp to admit they’re wrong and for all of us to come together and make something that we can easily migrate to.

9 comments
Trace Gunsch
Trace Gunsch

Comments for Todd Underwood, Renesys regarding IPv6 I work for the US Army as a communications technology engineer and futurist. I have long been a fence-sitter about the value of migrating to IPv6 and whether IPv4 band-aids would continue to sustain the Internet. Since the Department of Defense's (DoD) mandate to migrate to IPv6 (2003), I've been forced to be very involved in IPv6 implementation and testing and am one of the US Army's leading experts on the subject. I continue to be skeptical about the values of IPv6 and certainly don't endorse Congress/DoD's approach of not funding the migration, but I also recognize some positives in its deployment. I read with great interest Mr. Underwood's presentation and blog on the subject, however, I found many inaccurate and emotionally charged statements that I would like to rebut. Slide 3: "The market has spoken" I was looking for proof to back up this statement, but see none. The market in Asia and, to a lesser degree, Europe is migrating toward IPv6, adding capabilities in the backbone for IPv6 applications. The applications don't exist yet, but the market migration continues anyway. Slide 6: "address trading market" This is an interesting idea. I don?t think it would succeed, but it is interesting. Slide 6: "Actually a good reason not to move to another network technology" US domination of IPv4 is a good reason to stay with IPv4, but if the rest of the world migrates to IPv6, then we will be in a very bad position. This is a far-future scenario, but not far-fetched. Asian countries are migrating to IPv6: Japan and Korea have had government mandates in place since 2002 that all ISPs must support IPv6 and they are establishing IPv6 networks and applications. One impetus behind the US mandate to move government networks to IPv6 is to prevent us falling behind and losing our Internet dominance as other countries gain IPv6 knowledge and power. Slide 7: "IPSEC...is in every IPv4 implementation." This is not true. IPSEC may be more common now, but it is not in all IPv4 implementations. It IS mandated for all IPv6 products, though. Slide 7: "NAT is evil." NAT solves problems and introduces new problems. NAT prevents end-end communication which the Internet was based on. We see the problems with new applications like VoIP and Internet gaming. You can?t initiate a peer-peer game if both users are behind NATs, because neither user is able to call to an IP address (NAT disguises the IP addresses). This is only solvable through intermediate, non-NAT-ted, servers that the users can both contact. This has hindered Internet application growth. IPv6 may or may not fix this problem. It won't require NAT for address space, but the security implementations being considered for IPv6 networks could cause many of the same problems. Slide 7: "IPv6 is more dangerous [than NAT]" Why? Slide 8: "IPv6 has little or no market adoption anywhere." Not true. Europe and especially Asia are adopting IPv6, by necessity. A few years ago the Chinese government decided to Internet-connect all of their school systems. They requested 65000 class B addresses, one for each of their school districts. They were given a single class B network and told to share, using NAT. This was unacceptable to China and was an impetus for their migration to IPv6. Slide 9: "Support of IPv6 is not required for...business with US Fed Govt." Huh? DoD and OMB have mandates in place that any IT product must have IPv6 capability to be purchased. Initially (2003), the definition of IPv6-capable was fairly loose, but each year we?ve tightened it up and now products that don't demonstrate IPv6 capabilities are not purchased. Slide 10: Asia wants it. DoD wants it, not simply to keep up with the Joneses (or Changs), but also for the potential of enhanced capabilities. DoD is interested in improved mobility, simplified management, tighter security, ad hoc networking, header compression and other network bandwidth efficiencies. Most of these features are not implemented - no products exist to take advantage of these IPv6 promises, in fact some things like management and security will actually be harder for a time while both IPv4 and IPv6 are on the network - but these benefits are the rationale why DoD is migrating to IPv6. Slide 11: "No end-site multihoming" Multihoming is a problem for IPv6, but it is equally a problem for IPv4. Multihoming is not hard to do, but it messes up the hierarchical routing benefits of IPv6. Slide 12: "IPv6 was designed with no migration strategy" This isn't totally true. IPv6 does have a backward-compatible addressing scheme and migration approach, but it is largely not implemented for various reasons. Without that scheme, then yes, it is pretty much a new network. Slide 13: Security problems: Yup, the cat/mouse game continues on a new battlefield. Slide 13: Performance problems: My organization (US Army Technology Integration Center) is one of the premier testing centers of network devices in the US. We have been subjecting layer three switches, routers, firewalls, IDSes and the like to rigorous performance tests of IPv4 and IPv6 traffic. Most products that handle IPv4 and IPv6 in software have equivalent performance. Some products, such as layer-3 switches, handle IPv4 in hardware and IPv6 in software. In those, obviously, the software switching is considerably slower than the hardware switching. Many newer switches handle IPv6 in hardware, and their performance is equivalent to their IPv4 capabilities. This is what we call IPv4-parity and is increasingly becoming critical for DoD purchase decisions. Many IPv6 capabilities still lag, such as security and management, but the vendors are definitely taking the migration to IPv6 seriously. Slide 16: "trouble for voice, not for video" I don't understand what you mean here. The IPv6 header does not have a checksum (CRC) in it, which means it is compressible, something IPv4 cannot do. This makes it a better solution for the battlefield and other low-bandwidth environments, for voice over IP, video and other applications. Though I claim to be a fence-sitter, I recognize that this dialogue sounds strongly biased toward IPv6. I think IPv6 definitely has some weaknesses. My most recent whitepaper on the subject is subtitled "Not Ready for Prime Time," and exposes many of the flaws in current IPv6 products that aren't discussed in the IPv6 venues that I frequent. It was written to produce dialogue on the subject of IPv6 and its capabilities, so that DoD and US government do not force this migration blindly. Similarly, I did not write this rebuttal to discredit Mr. Underwood, but rather to initiate dialogue on the topic. I welcome questions and challenges to my comments. Trace Gunsch Emerging Technology CSE US Army Technology Integration Center e-mail: trace.gunsch@us.army.mil

Jordi Palet
Jordi Palet

Is clear that you're out of the market. There is much more IPv6 deployment and users that what you realize. Even more, this type of comments only prove that either you, or your company, are broken and your customers should look for somebody else that has a more realistic view, otherwise, they will be in trouble sooner or later.

Fred Wamsley
Fred Wamsley

Aren't China, Japan, and South Korea deploying IPv6?

Craig
Craig

Todd, If you are not aware, OMB has mandated that all US federal agencies be IPv6 compliant by June 2008. That being said it sure looks like IPv6 will eventually replace IPv4.

Jeff
Jeff

I agree. One big reason you left out is multi-homing. Until there's a real alternative that allows PI space multi-homing, IPv4 is here to stay.

Next&IPV6
Next&IPV6

TelecomNEXT was as dead as IPv6 seems to be. I think GLOBALCOMM will be a much better show, and I am looking forward to it... and to never returning to TelecomNEXT.

Daniel Golding
Daniel Golding

Good for you, Todd! Maybe if a few more folks mention that ipv6 is basically unworkable, people will begin to realize that this is a consultant and vendor pipedream.