Subject: Re: (Somewhat OT) Re: INET6 in GENERIC
To: Jonathan Stone <jonathan@Pescadero.dsg.stanford.edu>
From: Steven M. Bellovin <email@example.com>
Date: 02/23/2006 19:36:37
In message <E1FCNUVfirstname.lastname@example.org>, Jonathan Stone writes:
>In message <200602232009.k1NK9tGh004993@ginger.cmf.nrl.navy.mil>,
>Ken Hornstein writes:
>>>} Japan has a government mandate for IPv6 services with a drop dead date in
>>>} the relatively short future. There are a few other countries that have
>>>} followed suit. That has always been my leverage with management.
>>> I'm not sure if I have the year right, but I think it is 2008 that
>>>the US military will be switching to IPv6. This could push things
>>AFAIK, that date is the date set for when everything should _support_
>>IPv6. I don't believe there is a date set for when IPv4 should be
>>turned off. But those dates have a tendancy to slip.
>Ken, you're a lot closer than most of us, but I';m sure is the third
>such deadline that I've heard about. A cynic might almost say the
>deadline in question is always roughly "two years from now" :-/.
I don't think the US DoD is the primary driver for the conversion,
though it will help. I do think the pieces are just about in place.
The issue has always been an n-way chicken-and-egg problem. Sites
couldn't use v6 because their ISPs didn't support it. ISPs were
waiting for customer demand. Customers didn't demand it because their
operating systems and applications didn't support it. Finally, if they
did use an unusual OS and unusual apps and unusual ISP, it didn't help
them talk to anyone else because no one else ran it. A NAT did just as
well; the benefits of the large address space first appear when you're
trying to run *servers*. (There are other issues involving private
corporate interconnects where people were fighting overlapping 1918
space; I won't go into those save to note that this is why many
corporate networking folks are desparate for v6. Others on this list
have seen that problem first-hand; I'll let them talk.)
Anyway -- given the above scenario, there was little reason for anyone
to switch. On the other hand, once any of the elements started to
change, it would enable the others to change. Several things have in
One was demand from China and Japan; if India hasn't been in the game
yet, it will be soon. China needs a *lot* of IP addresses; since they
came late to the computer party, they didn't get in early the way the
U.S. did. IPv6 is thus very important to them. (Running a network
that couldn't easily talk to the outside world without going through a
gateway also appeals to the Chinese government, for very unpleasant
reasons.) Naturally, vendors like Cisco were happy to build gear that
they could sell to a huge, largely untapped marked.
Microsoft is also committed to v6, not because of DoD -- they've been
in that camp much longer -- but because it's important to them
strategically, for lots of reasons. I'll simply mention the obvious
one: a world where there are more endpoints that are directly
addressable enables lots more high-end applications that benefit from
simple, consistent security mechanisms. Remember that Windows is being
used for cell phones, PDAs, and set-top boxes today. Wouldn't it be
nice if my Internet-enabled cell phone could tell my Internet-enabled
video recorder what to record? Doing that today involves upleasant
interactions with NAT boxes. Microsoft wants seamless connectivity
because it's easier and lets them write simpler-to-use software.
As I said, they've been working on this for years. Early developer
support was available as an add-on for Windows 2000. In XP, they
worked on the networking API to make v6 transparent to applications.
In Vista, it will be on by default and preferentially used. They've
also been lobbying ISPs, if only to persuade them not to block the
tunnelling protocols needed for conversion. Microsoft was also one of
the powers behind the Teredo protocol, seeing it as part of the
We thus have several of the precursors -- routers that can support it,
a major OS that likes it, and specifically likes it enough that most
applications hosted on it will just work. The last piece necessary to
let it grow is ISP support -- and the DoD effort may handle that. Even
if almost no one at a particular DoD site actually needs it, the
procurement contracts are going to have this little check-off box:
routes IPv6. Many ISPs will fall all over themselves to qualify; DoD
is a big customer (though one with much less influence on the world
than 50 years ago, when they gave us COBOL....)
We can add other drivers, such as the support by many Japanese ISPs,
but to me, the bottom line is that it's now coming, and coming fast.
Vista ships later this year; in ~4-5 years most desktops will like v6.
It will be interesting to see what happens.
In 2002, I publicly predicted 2008, based on the assumption that Vista
would ship in 2004. That assumption was off by two years, which brings
us to 2010. I still stick with that estimate; we appear to be right on
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb