Subject: Re: (Somewhat OT) Re: INET6 in GENERIC
To: Jonathan Stone <jonathan@Pescadero.dsg.stanford.edu>
From: Steven M. Bellovin <smb@cs.columbia.edu>
List: tech-net
Date: 02/23/2006 19:36:37
In message <E1FCNUV-00055b-00@smeg.dsg.stanford.edu>, Jonathan Stone writes:
>
>In message <200602232009.k1NK9tGh004993@ginger.cmf.nrl.navy.mil>,
>Ken Hornstein writes:
>
>>>} Japan has a government mandate for IPv6 services with a drop dead date in 
>>>} the relatively short future.  There are a few other countries that have 
>>>} followed suit.  That has always been my leverage with management.
>>>
>>>     I'm not sure if I have the year right, but I think it is 2008 that
>>>the US military will be switching to IPv6.  This could push things
>>>along.
>>
>>AFAIK, that date is the date set for when everything should _support_
>>IPv6.  I don't believe there is a date set for when IPv4 should be
>>turned off.  But those dates have a tendancy to slip.
>
>Ken, you're a lot closer than most of us, but I';m sure is the third
>such deadline that I've heard about.  A cynic might almost say the
>deadline in question is always roughly "two years from now" :-/.
>
I don't think the US DoD is the primary driver for the conversion, 
though it will help.  I do think the pieces are just about in place.

The issue has always been an n-way chicken-and-egg problem.  Sites 
couldn't use v6 because their ISPs didn't support it.  ISPs were 
waiting for customer demand.  Customers didn't demand it because their 
operating systems and applications didn't support it.  Finally, if they 
did use an unusual OS and unusual apps and unusual ISP, it didn't help
them talk to anyone else because no one else ran it.  A NAT did just as 
well; the benefits of the large address space first appear when you're 
trying to run *servers*.  (There are other issues involving private 
corporate interconnects where people were fighting overlapping 1918 
space; I won't go into those save to note that this is why many 
corporate networking folks are desparate for v6.  Others on this list 
have seen that problem first-hand; I'll let them talk.)

Anyway -- given the above scenario, there was little reason for anyone 
to switch.  On the other hand, once any of the elements started to 
change, it would enable the others to change.  Several things have in 
fact happened.  

One was demand from China and Japan; if India hasn't been in the game 
yet, it will be soon.  China needs a *lot* of IP addresses; since they 
came late to the computer party, they didn't get in early the way the 
U.S. did.  IPv6 is thus very important to them.  (Running a network 
that couldn't easily talk to the outside world without going through a 
gateway also appeals to the Chinese government, for very unpleasant 
reasons.)  Naturally, vendors like Cisco were happy to build gear that 
they could sell to a huge, largely untapped marked.

Microsoft is also committed to v6, not because of DoD -- they've been 
in that camp much longer -- but because it's important to them 
strategically, for lots of reasons.  I'll simply mention the obvious 
one: a world where there are more endpoints that are directly 
addressable enables lots more high-end applications that benefit from 
simple, consistent security mechanisms.  Remember that Windows is being 
used for cell phones, PDAs, and set-top boxes today.  Wouldn't it be 
nice if my Internet-enabled cell phone could tell my Internet-enabled 
video recorder what to record?  Doing that today involves upleasant 
interactions with NAT boxes.  Microsoft wants seamless connectivity 
because it's easier and lets them write simpler-to-use software.  

As I said, they've been working on this for years.  Early developer 
support was available as an add-on for Windows 2000.  In XP, they 
worked on the networking API to make v6 transparent to applications.  
In Vista, it will be on by default and preferentially used.  They've 
also been lobbying ISPs, if only to persuade them not to block the 
tunnelling protocols needed for conversion.  Microsoft was also one of 
the powers behind the Teredo protocol, seeing it as part of the 
conversion process.

We thus have several of the precursors -- routers that can support it, 
a major OS that likes it, and specifically likes it enough that most 
applications hosted on it will just work.  The last piece necessary to 
let it grow is ISP support -- and the DoD effort may handle that.  Even 
if almost no one at a particular DoD site actually needs it, the 
procurement contracts are going to have this little check-off box: 
routes IPv6.  Many ISPs will fall all over themselves to qualify; DoD 
is a big customer (though one with much less influence on the world 
than 50 years ago, when they gave us COBOL....)

We can add other drivers, such as the support by many Japanese ISPs, 
but to me, the bottom line is that it's now coming, and coming fast.  
Vista ships later this year; in ~4-5 years most desktops will like v6.  
It will be interesting to see what happens.  

In 2002, I publicly predicted 2008, based on the assumption that Vista 
would ship in 2004.  That assumption was off by two years, which brings 
us to 2010.  I still stick with that estimate; we appear to be right on 
track.  

		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb