[AusNOG] Prediction: Google et. al. may artificially penalise IPv4 clients
Mark Newton
newton at atdot.dotat.org
Tue May 2 22:32:59 EST 2017
On May 2, 2017, at 9:49 PM, Geoff Huston <gih at apnic.net> wrote:
>
> If you want to avoid packet mangling out there you need to ensure that every IPv6 packet you send is no larger than 1280 octets and you need to avoid fragmentation completely. And everybody else needs to do the same.
… and yet, we have it in a state right now today where a plethora of very large ISPs have turned it on, and their users who care to measure discover that over half of their traffic, including almost all of the traffic they actually care about, is IPv6.
The issue you’re describing is literally no worse than IPv4, where a multitude of idiot consultants have convinced enough people to block ICMP to make PMTUD unreliable, forcing end users to clamp IPv4 MTUs to 1360 bytes.
So in this specific case there are (at least) two issues: One is migrating to the new protocol, and the other is fixing each protocol’s flavour of brokenness. The current state of the art is that it’s relatively easy to solve the first, and the second is no worse than the status quo. That sounds like a step forward to me, even if it isn’t perfect.
> Today, many of the problems that occur in V6 are masked by dual stack - if it fails in 6 there is always 4. And the implications of this observation is that we just don’t care about broken equipment that discards packets with Extension Headers or firewalls that block ICMPv6 PTB, or systems that ignore incoming PTB messages.
We’re talking about broken equipment deployed by capital-E Enterprise, rather than by ISPs and content providers, yeah?
Sweeping with a broad brush, Enterprise has always been internet-broken. Big surprise: It’s IPv6 internet-broken too.
> Because there is always 4 to make it work. But it seems to me that a protocol that is incapable of reliably supporting any packet over 1280 octets in size is a broken protocol. And all the protestations that claim this is just a minor side issue or that vendors will lift their game just can’t fix that.
> So how are you going to make it better Mark?
I haven’t bought IPv6-broken equipment, I’m not rewarding any dumbshit vendors with my financial graces.
But let’s be clear here: Advocacy like what you’ve put forth in this last message has the inescapable effect of convincing people like Tim Raphael, who’s considering dipping a toe in the water, that the water is actually battery acid and that he’d be better off staying where he is.
That’s doing him (and the Internet) a disservice. He’s perfectly safe leaping forward, as long as he starts with the common known-good use-cases, and makes procurement decisions that avoid busted vendors.
The IPv6 minimum-viable-product is easy, cheap, at least as well supported as its IPv4 equivalents. Yes, you can drive edge cases which expose deficiencies, but most of those are avoidable; and you never even get placed into a situation where you need to choose to avoid them or not if you haven’t taken the first step.
Tim: Come on in, the water’s fine.
- mark
More information about the AusNOG
mailing list