RIPE our of IPv4

[sabri at cluecentral.net (Sabri Berisha)]

----- On Nov 26, 2019, at 1:36 AM, Doug Barton dougb at dougbarton.us wrote:

> I get that some people still don't like it, but the answer is IPv6. Or,
> folks can keep playing NAT games, etc. But one wonders at what point
> rolling out IPv6 costs less than all the fun you get with [CG]NAT.

When the MBAs start realizing the risk of not deploying it.

I have some inside knowledge about the IPv6 efforts of a large eyeball network. In that particular case, the cost of deploying IPv6 internally is not simply configuring it on the network gear; that has already been done. The cost of fully supporting IPv6 includes (but is probably not limited to):

- Support for deploying IPv6 across more than 20 different teams;
- Modifying old (ancient) internal code;
- Modifying old (ancient) database structures (think 16 character fields for IP addresses);
- Upgrading/replacing load balancers and other legacy crap that only support IPv4 (yeah, they still exist);
- Modifying the countless home-grown tools that automate firewalls etc;
- Auditing the PCI infrastructure to ensure it is still compliant after deploying IPv6;

If it was as simple as upgrading a few IP stacks here and there, it would be a non-issue.

Don't get me wrong, I'm not advocating against IPv6 deployment; on the contrary. But it is not that simple in the real corporate world. Execs have bonus targets. IPv6 is not yet important enough to become part of that bonus target: there is no ROI at this point. In this kind of environment there needs to be a strong case to invest the capex to support IPv6.

IPv6 must be supported on the CxO level in order to be deployed. 

Thanks,

Sabri, (Badum tsss) MBA