[AusNOG] IPv6 - What Should an Engineer Address when 'Selling' IPv6 to Executives?
newton at atdot.dotat.org
Wed Mar 6 15:05:15 EST 2013
On Wed, Mar 06, 2013 at 03:41:09PM +1300, Don Gould wrote:
> Mark my guess here is that the major difference between me and you is
> your superior understanding of v4 over mine and your general technical
I came into v4 with exactly the same level of understanding you had
when you came into it.
I came into v6 with exactly the same level of understanding you had
when you came into it too.
Everyone starts from the same point, with the same information
> We're trying to understand why SMB are being so slow to pull finger.
That's pretty easy to answer from where I sit: AU/NZ companies are
pretty conservative, and tend to "manage" risk by either shunting it
off to third parties or by avoiding it altogether.
Service organizations make money by taking on the business risks
that their customers are offloading, accepting them, and monetizing
"I will take full and complete responsibility for this complex
thing you want to do, in exchange you will give me money."
That works pretty well, right up until the service organization
decides to manage risk by avoiding it or offloading it too.
As soon as they do that, they lose control of the outcome, their
customers learn to mistrust them, and they can no longer sell
IPv6 is an unknown. That makes it "risky." And, in my observation,
the service companies who look after SMBs have largely done a pretty
poor job of accommodating and accepting that risk so that they
can offer IPv4 remediation services to their customers.
In 2013, is it still acceptable for a network specialist to
say, "I don't understand IPv6, have never used it, and don't know
how it works."
Think about Linux as a contrast: it entered businesses in SMEs
well before it entered the big end of town. SMEs felt comfortable
with it because they had geeks on staff who ran it at home, who
hacked away at it until they knew how it worked; then they were
able to import those skills into the workplace to help their
employers reduce their costs of doing business. And, over time,
it spread by osmosis into large enterprises too.
Why isn't IPv6 proceeding in the same way? It's been in existence
for around about the same timescale as Linux. It even dovetails
nicely with the alternative-OS skillset. Yet the same people who
have been hacking VirtualBox in their spare time to work out how
virtualization works, or running Win8 betas, or developing Linux
kernel modules all apply some kind of blind spot to IPv6.
Why is that? It makes very little sense to me.
> I think that there's whole bunch of us in the SMB space who have bigger
> egos than technical skill.
> I also think that a bunch of us have under stated just how complex our
> IT systems are - Google WINZ Security, Novopay, the list goes on just in
> my back yard.
IPv4 doesn't stop working just because IPv6 is running. If
you have bits of complexity you don't understand, then enable
IPv6 piecewise on the bits you do understand.
At least come up with a _plan_, a roadmap for enablement.
What's happening at the moment is that everyone is saying things
like, "I don't know how it works with <insert application here>,"
and they use that as an excuse for doing nothing at all.
> I put my tunnel in and backed it right back out the second it occurred
> to me that I didn't understand the security implications of having a
> public IP all the way to every device in my network.
Did you then research the security implications, deal with them,
and re-enable the tunnel, so you could confidently work the
knowledge you gained into a product or service offering?
If not, why not?
That's how professionals behave in pretty much any other industry
in existence. It's also how people have behaved in other segments
of this industry.
Why is IPv6 so different?
More information about the AusNOG