Re: [RRG] Consensus? IPv4 scaling problem must be solved directly, not by relying on migration to IPv6

[Robin Whittle <rw@firstpr.com.au>]

I am replying to Randall and Brian.

Randall Atkinson wrote:

> Earlier, Robin wrote:
> % Also:
> %
> %   Any number of game protocols.
> 
> Most people don't play networked games.  Some do.
> Gaming protocol developers are already quite good at
> (re-)engineering their protocols to work in challenging
> environments (e.g. through firewalls that try to block them).

I think that networked games are a big enough category of protocol
to present a serious barrier for the widespread marketability of an
IPv6-only service.

Initially, why should all these game developers add messy proxy
stuff and IPv6 capabilities to their already immensely complex
programs, just to suit a handful of people who have chosen to pay
for a different kind of Internet service than what the rest of the
world uses?

I think it is likely that in order for the system to work, all
participants in these multi-player games would need upgraded
software - probably the entire protocol would need to change so it
could be amenable to proxying to some host which doesn't have an
IPv4 address.

Also, ideally, the game developers would add pure IPv6 capabilities,
so any game server or client could interact with any other client or
server, IPv4->IPv6, IPv6->IPv4 and IPv6->IPv6, as well as the
current IPv4->IPv4.  This sounds really complex.

One of the problems of relying on proxies (even if the protocol is
amenable to proxying) is that any novel protocol is basically
unusable for all those with an IPv6-only Internet service, until the
proxying capability is installed in their ISP's proxies.

To the extent that significant numbers of end-users had IPv6-only
services, this would be a major disincentive to the development of
new protocols and therefore applications.  Alternatively, to the
extent that these new protocols were not supported by the proxies,
it would be a severe impediment to attracting customers to these
IPv6-only services.

You haven't addressed my argument that there is great scope for the
next decade or so making better use of IPv4 space, especially with
map-encap - and that this will be cheaper and better than trying to
get end-users to pay for a second-rate IPv6-only Internet service.


> %   Any number of P2P file sharing, real-time video streaming etc.
> %   protocols.
> 
> The file sharing protocols are among the mot robust out there.
> They either will work without change -- or the updates will be
> pushed out in very very short time intervals so that they can
> resume working.

Why, initially, would end-users adopt an IPv6-only service where a
lot of the things they want to do don't work?

Why, initially, would application developers do a major rewrite of
their software, firstly to support IPv6 and secondly to alter the
protocol so it could be proxied between IPv4 and IPv6, when the only
demand for it is from a small number of people who have been foolish
enough to pay for an Internet service which is well known not to
provide the same capabilities as what everyone else uses?


> %   VPN protocols - standard and proprietary.
> 
> Well, I disagree at least with respect to IP Security,
> which is one I'm slightly familiar with.  MPLS is likely the
> most widely used VPN protocol -- and it would be unchanged
> as it is at a different protocol layer entirely.
> 
> VPN protocols are used by a *minority* of users,
> mostly corporate users.

I imagine there are some basic standard VPN protocols and a bunch of
proprietary ones - such as whatever mechanisms enable someone to
control a Windows machine remotely.

You are proposing that all these protocols be made amenable to
proxying - and that some good souls would promptly write, test and
deploy the relevant proxying code for all the ISPs who sell IPv6
only services.

This does not seem all realistic to me.


> %   VoIP protocols - standard and proprietary.
> 
> Again, a small minority of Internet users, and might
> well work fine without any change.

A small minority???

Hopefully someone else can contribute to this discussion - I think
your assessments are not realistic.


> %   Subversion & CVS.
> 
> Only used by software developers, who are a smallish
> minority of the Internet user base, and these might well
> work fine without change.

Subversion apparently has an IPv6 patch.  But my guess is this is
not the same thing as having a protocol which can be proxied so as
to communicate seamlessly between IPv4 and IPv6.


> % What I meant is that for any ordinary end-user to be happy with
> % having only an IPv6 address - they would need some very high
> % proportion of other end-users to be fully accessible via IPv6.
> 
> I used to work for a multi-continent residential broadband ISP.
> So I've seen traffic usage statistics.  People still in that business
> tell me the trends are not wildly different now versus then.
> 
> Most residential users, and residential users dwarf corporate Internet
> users by numbers, ONLY use email and the web.

... and various IM programs, VoIP etc.


> A very small number of residential users have deployed some sort
> of peer-to-peer system.

I don't believe it is a "very small number".


http://csdl2.computer.org/comp/proceedings/hicss/2008/3075/00/30750383.pdf

  The Evolution of the Peer-to-Peer File Sharing Industry
  and the Security Risks for Users
  M. Eric Johnson, Dan McGuire, Nicholas D. Willey  2008

  p 2:  Nearly ten million simultaneous users.

  p 4:  13M simultaneous users in June 2006.

  p 5:  30% of broadband users use P2P.
        In 2004, 10% of BB users were involved in P2P at any given
        moment.

> (Aside: That tiny number of users consumes an impressive amount of
> bandwidth, but the total peer-to-peer user base is really a very small
> percentage of the residential broadband users.  This is why broadband
> ISPs find the peer-to-peer users frustrating -- they consume a hugely
> disproportionate amount of bandwidth.)

I think your estimates of the popularity of P2P are way too low.



> % This is the central point in my argument, and if you think that most
> % end-users would be happy to have an Internet service in which they
> % couldn't communicate with 20%, 10%, 1% or whatever of other
> % end-users, please explain why.
> 
> The current Internet is NOT fully connected.  It might seem that way
> in moments, but really it isn't fully connected.  I know of a number of
> sites, particularly in Asia/Pacific or Africa, that have prefixes advertised
> only in a limited set of locations to a limited set of upstreams.  This
> seems to be due to how BGP peering has de facto been broken into
> several different peering regions (e.g. Americas, Europe, Asia/Pacific)
> usually requiring the purchase of transit to cause one's prefix to appear
> in other regions.

This is interesting, and I would appreciate some references.

However it does not address my argument: that a very high proportion
of Internet users (at home, web servers, at work etc.) will need to
have fully functional IPv6 connectivity before significant numbers
of end-users will pay for an IPv6-only service.


> Second, existing protocol translation boxes (think IPv4::IPv6) and proxies
> handle email/web/IM protocols just fine.  As noted above, that covers
> most Internet users.

Please provide some examples.


> % The old model of there being content providers and mail servers -
> % and a bunch of end-user clients - doesn't apply any more.
> 
> It does for the vast majority of users.

I completely disagree.  You haven't given any evidence for why you
think P2P, IM, VoIP etc. is not used by the "vast majority of users".


> % People are sending video to each other, running game servers
> % at home, running P2P programs etc.
> 
> Some people are -- but a smallish percentage.

Where is your evidence?


> For example, the main video sharing approach is to upload/download
> to YouTube -- which only requires web protocols to work properly.

I agree.


> % If an end-user has a choice between two services:
> %
> %  1 - IPv4 or IPv4 dual-stack with IPv6 - which connects directly
> %      to essentially every server and home-user computer on Earth.
> %
> %  2 - IPv6-only, which does not connect to some subset of hosts -
> %      servers, home or office machines etc. - even if the subset
> %      is a fraction of a percent.
> %
> % then I believe most end-users will only adopt the first one.
> 
> The premise of scenario 2 above is wrong -- with the commerically
> available protocol translation middleboxes, users can connect to any
> machine using the most widely used application protocols.

I see no evidence for this.

Please point me to the details of these proxies, ALGs etc., so I can
see what protocols they support.


> So comparing the corrected (2) just above with (1), most users
> can't even distinguish the difference.

I disagree for reasons already stated.


> % Please provide some specific details of these proxies,
> % what protocols they work with etc.
> 
> I am not inclined to advertise for my competitors, sorry.

If you expect me to take your assessment seriously, it needs to be
backed up by independent evidence.


> It would be worth reading the COMCAST presentations of the past
> ~2 years at NANOG, RIPE, and likely APRICOT, if one wants to
> know more.

Presentations are cheap.  Please point to the actual products which
do this IPv4-IPv6 proxying.


> % If a DNS lookup returns only an IPv4 address, the
> % application needs to send packets to it and receive
> % from the host at that address.
> 
> A DNS proxy is included in the protocol translation gateway,
> so one gets back a proxied address that just works.

How do you use an application which is only written for IPv4 (as
many are) on an IPv6-only host?


> % If you rely on proxies, ALGs etc. then you would have
> % a situation in which no-one could write a new application
> % and have it work in general unless it was recognised and
> % supported by the world's "IPv4 to IPv6 proxy servers".
> 
> The trick is to avoid repeating the mistake of FTP.  Pass
> domain-names in the application protocols, not IP addresses.
> Many applications were rewritten to do just this when they
> were updated to be IPv6-capable.

This does not answer my critique.

P2P programs, VoIP programs etc. can't necessarily rely on there
being a DNS name for the host they need to exchange packets with.
So the protocols exchange IP addresses in the raw.

I don't see how this is amenable to proxying to an IPv6-only host.



> %  There are only about 4 pages of material in this Draft.
> 
> Go look at the RIPE, NANOG, or APRICOT presentations.

The draft is more recent than the presentations.  Internet Drafts
should be more substantial than presentations.

This lists a number of approaches - but they all have problems.

If it is as easy as you say it is to proxy IPv4 <--> IPv6, you
should be able to point me to some actual products which do this
work so I can read their specifications.



> % Why would any ordinary end-user want to pay for an
> % Internet service which did not have the full global connectivity
> % all (IPv4) services have today?
> 
> Most users don't have universal connectivity today, see above.

This is not addressing my critique.

In the initial situation of the first hundred, first million or
whatever end-users adopting IPv6-only services, they will be the
only users directly reachable from their hosts.

The whole thing about the Internet is that it is global - not
country-specific or restricted in any other way.


> Most users only care about email, web, and IM.  So long
> as those work (e.g. through a gateway), then they are happy
> and they perceive that their Internet service is fine.

I think you are imagining users to have simple enough needs that
they would not mind having an IPv6-only service.  I do not think
this matches the real needs of many or most users, for reasons
already stated.


> % So you need to show why ...
> 
> You can believe whatever you wish.  I'm not trying to change
> your mind.  Rather, I am pointing out why I don't believe your
> conclusions are reasonable given the data available to me.

The fact that you believe something is of some interest - but not as
interesting and convincing as knowing why you believe it and being
able to chase up the evidence for your view through independent
references.


> % I think your view is way too high altitude.
> 
> I'm viewing things architecturally, not from an engineering
> perspective.  I believe that is the best approach in a Routing RG
> context.   Your mileage apparently varies.

Indeed.  I take an interest in low-level details, as well as the
details of the broader architecture.

   Oh! ye'll take the high road and I'll take the low road,
   And I'll be in Scotland afore ye;


Brian E Carpenter wrote:

> On 2008-05-26 02:42, Robin Whittle wrote:
> ...
>> What I meant is that for any ordinary end-user to be happy with
>> having only an IPv6 address - they would need some very high
>> proportion of other end-users to be fully accessible via IPv6.
>
> s/other end-users/desirable services/


What's all this slash stuff?

> This is the key point. For an IPv6-only client to be happy, the
> services (s)he wishes to reach must be accessible via IPv6.
> That is a vastly easier and more realistic goal than Robin
> describes. It even has a built-in economic incentive, since
> the service providers want clients*.

But why would service providers go to a lot of trouble to make their
sites available to an initially small number of people who chose to
pay for a Internet service which is technically totally different
from what the rest of the world uses?

Why would those users adopt such a service before a very large
proportion of other end-users (including content providers) support
their kind of service?

IPv6 has had 10 years to be adopted - and virtually no-one has
adopted it.

As far as I can tell, almost no-one outside the IETF cares about
IPv6. (The Chinese government is keen about it - or at least I have
read material promoting IPv6 in China on this basis - since it wants
to do away with NAT so every citizen has their own IP address in
oder that their activities can be efficiently monitored.  I have
some references somewhere.)


> However, this isn't very relevant to RRG goals.

It certainly would be if there is consensus that it is OK not to
tackle the IPv4 routing scaling problem directly, but instead tackle
it for IPv6 and allow a mass migration to IPv6 take the pressure off
the IPv4 problem.


> What is relevant,
> IMHO, is divining whether the BGP4 system for IPv4 will hit a
> catastrophic scaling limit within a foreseeable timescale. If the
> answer is 'yes' we need a first-class solution for IPv4; if the
> answer is 'no' we only need a first-class solution for IPv6. Since
> my divination skills are weak, it seems safer to seek a
> first-class solution for both.

I support a first-class solution for both.

I don't think there is a catastrophic limit.  However, the burden of
the growing DFZ routing table makes DFZ routers more and more
expensive, and so burdens all Internet users with increased ISP
fees.  Meanwhile, end-user networks which want and need portable
address space, multihoming and TE are increasingly unable to get it
due to the barriers erected to them getting PI space, in order to
try to reduce the burden of the bloated DFZ routing table.

The situation will get worse and worse - and I am sure the rate of
worsening will grow around 2010 as fresh IPv4 space runs out and
people start chopping their current assignments into smaller pieces
so it can be used more effectively.

>     Brian
>
> * This argument applies to peer-to-peer services too. It slightly
> increases the desirable properties of a supernode - the ideal
> supernode will not only be outside firewalls and NATs, but will
> also be dual stacked.

I don't clearly understand this.

  - Robin


--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg