[AusNOG] IPv6 - What Should an Engineer Address when 'Selling' IPv6 to Executives?

Wed Mar 6 15:41:38 EST 2013

And the Oscar for best IPv6 deployment strategy goes toooo... Mark Newton!
If it was Friday I'd buy you a beer.

On Wed, Mar 6, 2013 at 3:38 PM, Mark Newton <newton at atdot.dotat.org> wrote:

> On Wed, Mar 06, 2013 at 12:46:57PM +1000, Paul Gear wrote:
>
>  > Nicely written, but moving away from the question again.  Mark, what are
>  > these low-key activities that we should have done in 2011 that are easy
>  > to sell to management?
>
> If they're low-key activities you don't need to sell them to
> management.
>
> You don't sell your IPv4 plan to management, do you? (unless they're
> actually micromanagement, in which case you probably have no hope).
>
> Steps:
>
> There are many ways to go about it, but here's one of them. Contents
> may settle in transit.
>
> 1. Enable IPv6 on at least one of your transit edge routers.
>
> 2. Take an IPv6 feed from at least one of the transit providers
>    that lands on that router.  You should now have connectivity
>    to the IPv6 internet from that router.
>
> 3. Nail-up IPv6 iBGP between that router and at least one
>    router in your core.  Congratulations, you should now have
>    connectivity to the IPv6 internet from your core.  It's
>    only single-homed, but it's not mission critical yet so
>    outages don't really matter, do they?
>
> 4. You can now assign IPv6 prefixes to VLANs in your core.
>    Start with your lab VLAN;  hosts in your lab should now have
>    full dual stack reachability to the internet.
>
> 5. At your option, stand up other iBGP and eBGP sessions to
>    other border routers and transit providers. Each one improves
>    your redundancy and gets you incrementally closer to the same
>    full mesh topology you have with v4.
>
> 6. You'll eventually be at a point where all your routers are
>    dual stack.  Along the way you probably will have turned on
>    all your lab VLANs, and possibly enabled your office network
>    and any intermediate firewalls in the path. Congratulations,
>    you now know how IPv6 firewalling works, and all your staff
>    have access too.
>
> 7. If you have a VPN concentrator, dual-stack that too; now your
>    staff have dual-stack on your network from home.  Even better.
>
>
> At that point, you're dual stack on your entire network except
> for the bits that are customer-facing, and you've probably been
> outage-free throughout the whole process, and haven't had to
> buy any new equipment.
>
> 8. Enable "simple" server networks:  things like DNS, HTTP and SMTP
>    that don't involve complexity like load balancers.  Probably
>    a good time to add IPv6 to any VPS products you offer too.
>    Congratulations, you're now offering IPv6 services to the
>    public.
>
> If you're an eyeball service provider, add another step:
>
> 9. The access network -- you'll need radius support and a few
>    other odds and sods and a fair bit of planning, but is there
>    any reason you can't dual-stack your BRAS/LNS and customer
>    access now?
>
> Now the only bits of your network that aren't v6-enabled are the
> "complex" corner cases, which you can deal with at your leisure.
>
> If you're an IT services provider rather than a network operator,
> come up with a service offering that addresses each step in the
> plan above (research, develop,test). That's what made your business
> successful with IPv4, it'll make it successful with IPv6 too.
>
> Turn that into a 2 year roadmap and you'll be well on the way
> to mitigating your contribution to the IPv4 problem, broadening
> your base of service offerings, and improving your scope for
> profitability.
>
>   - mark
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20130306/e92b28d3/attachment.html>