[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IPv6 - a noobs prespective

This is dual stack, my recommendation is disable IPv6 on your servers (so your clients will still talk to them on IPv4 only), and let your client goes IPv6 first. Once you understand what is happening, get on IPv6 on your servers.

Alternatively, use someone else network to understand IPv6. Attend, NANOG, ICANN, IETF, they always have IPv6 enabled, you can better understand how your machine reacts, what tools you have, how to do ping, debug, packet capture,...

For the firewall, shorewall does IPv4 and IPv6, with a relatively simple interface and is free...

----- Original Message -----
From: "William Herrin" <bill at herrin.us>
To: "Robert Lusby" <nanogwp at gmail.com>
Cc: nanog at nanog.org
Sent: Thursday, 10 February, 2011 7:03:01 AM
Subject: Re: IPv6 - a noobs prespective

On Wed, Feb 9, 2011 at 6:00 AM, Robert Lusby <nanogwp at gmail.com> wrote:
> I also get why we need IPv6, that it means removing the NAT (which, surprise
> surprise also runs our Firewall), and I that I might need new kit for it.
> I am however *terrified* of making that move. There is so many new phrases,
> words, things to think about etc

The thing that terrifies me about deploying IPv6 is that apps
compatible with both are programmed to attempt IPv6 before IPv4. This
means my first not-quite-correct IPv6 deployments are going to break
my apps that are used to not having and therefore not trying IPv6. But
that's not the worst part... as the folks my customers interact with
over the next couple of years make their first not-quite-correct IPv6
deployments, my access to them is going to break again. And again. And
again. And I won't have the foggiest idea who's next until I get the
call that such-and-such isn't working right.

Bill Herrin

William D. Herrin ................ herrin at dirtside.com? bill at herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004