[AusNOG] IPv6 - What Should an Engineer Address when 'Selling' IPv6 to Executives?
joshua at railgun.com.au
Wed Mar 6 15:41:38 EST 2013
And the Oscar for best IPv6 deployment strategy goes toooo... Mark Newton!
If it was Friday I'd buy you a beer.
On Wed, Mar 6, 2013 at 3:38 PM, Mark Newton <newton at atdot.dotat.org> wrote:
> On Wed, Mar 06, 2013 at 12:46:57PM +1000, Paul Gear wrote:
> > Nicely written, but moving away from the question again. Mark, what are
> > these low-key activities that we should have done in 2011 that are easy
> > to sell to management?
> If they're low-key activities you don't need to sell them to
> You don't sell your IPv4 plan to management, do you? (unless they're
> actually micromanagement, in which case you probably have no hope).
> There are many ways to go about it, but here's one of them. Contents
> may settle in transit.
> 1. Enable IPv6 on at least one of your transit edge routers.
> 2. Take an IPv6 feed from at least one of the transit providers
> that lands on that router. You should now have connectivity
> to the IPv6 internet from that router.
> 3. Nail-up IPv6 iBGP between that router and at least one
> router in your core. Congratulations, you should now have
> connectivity to the IPv6 internet from your core. It's
> only single-homed, but it's not mission critical yet so
> outages don't really matter, do they?
> 4. You can now assign IPv6 prefixes to VLANs in your core.
> Start with your lab VLAN; hosts in your lab should now have
> full dual stack reachability to the internet.
> 5. At your option, stand up other iBGP and eBGP sessions to
> other border routers and transit providers. Each one improves
> your redundancy and gets you incrementally closer to the same
> full mesh topology you have with v4.
> 6. You'll eventually be at a point where all your routers are
> dual stack. Along the way you probably will have turned on
> all your lab VLANs, and possibly enabled your office network
> and any intermediate firewalls in the path. Congratulations,
> you now know how IPv6 firewalling works, and all your staff
> have access too.
> 7. If you have a VPN concentrator, dual-stack that too; now your
> staff have dual-stack on your network from home. Even better.
> At that point, you're dual stack on your entire network except
> for the bits that are customer-facing, and you've probably been
> outage-free throughout the whole process, and haven't had to
> buy any new equipment.
> 8. Enable "simple" server networks: things like DNS, HTTP and SMTP
> that don't involve complexity like load balancers. Probably
> a good time to add IPv6 to any VPS products you offer too.
> Congratulations, you're now offering IPv6 services to the
> If you're an eyeball service provider, add another step:
> 9. The access network -- you'll need radius support and a few
> other odds and sods and a fair bit of planning, but is there
> any reason you can't dual-stack your BRAS/LNS and customer
> access now?
> Now the only bits of your network that aren't v6-enabled are the
> "complex" corner cases, which you can deal with at your leisure.
> If you're an IT services provider rather than a network operator,
> come up with a service offering that addresses each step in the
> plan above (research, develop,test). That's what made your business
> successful with IPv4, it'll make it successful with IPv6 too.
> Turn that into a 2 year roadmap and you'll be well on the way
> to mitigating your contribution to the IPv4 problem, broadening
> your base of service offerings, and improving your scope for
> - mark
> AusNOG mailing list
> AusNOG at lists.ausnog.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the AusNOG