These are unedited transcripts and may contain errors.
IPv6 Working Group session, Thursday, 19 April, 2012, 11 a.m. to 12:30 a.m.:MARCO HOGEWONING: If people can find a seat, we can start, we have got a pretty full agenda today. I will just start talking and then we will continue. Welcome to the IPv6 Working Group here in Ljubljana, RIPE 64. Figured out this is apparently the 31st meeting of the IPv6 Working Group, we have been doing so for the last 15 years.
We have got quite a full agenda so we are not going to spend too much time talking about this. If this is your first meeting, the IPv6 Working Group has three Co. /KHA*EUS, one of them is me, I am employed by the RIPE NCC and next to me are Shane Kerr and Dave Kessens who works for Nokia Siemens. In case you have any inquiries to us, please mail us on IPv6 ? WG ? Chairs at RIPE /O.net and we will come back to you.
Bit of mandatory announcements, please note that this session is broadcasted and recorded. If you have any comments or questions to make, please use a microphone and state your name and affiliation and we would also appreciate it if could you switch off all electronic devices or make sure they don't make disturbing noises.
We have got two sessions today, this one and we will continue after the lunch at 2 o'clock. The minutes of the RIPE 63 were cycled on the mailing list, we haven't received any comments. Thanks Miriam for scribing them and the RIPE NCC for processing them. If you do feel that there is some issue, please come back to us and we will get it sorted out.
The agenda for the first session, it's a bit of a mix. We are going to start off with Erika explaining on how the Swedish public sector is approaching IPv6 deployment, they have wrote a great big document about how to tack they will problem. We have got update from the RIPE NCC which is done by various people, and then Vesna will go over some of the details of IPv6 RIPEness or deployment measurement system. Ragnar Anfinsen gave a presentation a couple of meetings about Altibox and their IPv6 plans, he is here to show a bit what has happened since and where they stand down now. And last in this session will be Joseph Gersch who is going to show a possible way of how to do IPv6 reverse domain names without having millions and millions of records.
After lunch, the second session, we have we are talking about setting up home networking with IPv6, and from that we nicely move into home equipment, Erik is going to explain how as a vendor you can handle all the different profiles and standards that are fired on them, all the customer demands, how do they prioritise and handle it. A quick update by the German government about how we are looking at the same problem and how they handle all the different profiles and RFCs and BGPs that are out there, and then finally, we end up discussing replacing RIPE 501 that has been an ongoing project so Jan and Sander are going to present and on the changes were that we hope to have some discussion on what else is needed and hopefully we can sort of finish that off and get the document out of there. That is all we have in line.
If you have any other urgent business, please find us and we will find you a slot in the agenda if possible. So please speak up if you have any AOB. And with that, I am going to give the floor to Erika Hersaeus from PTS who is going to show what the Swedish are doing.
ERIKA HERSAEUS: Thank you. Hi, for those of you I am Erika Hersaeus from the Swedish post and telecom agency. I work at the network security departments in six years. And I have joined RIPE, follow your work since 2008. I have a technical background, I have a master of science and computer science. And today, I am going to talk about Sweden's work, a bit about the government and PTS work regarding the fostering of deployment of IPv6 in Sweden.
So, firstly, I will give a short background to the Swedish Government administration. Then I will make a short introduction to PTS and then I come to the Swedish Government's work concerning IPv6. And last but not least our work and a guideline ?? guidance we published last year.
I will give you some background information on the Swedish Government administration. In the 1,600s there was a major reorganisation in the Swedish Government administration and ministries were given a week and overseeing position. Agencies were giving an autonomous and operational role. It was a principle of responsibility that an agency in charge of businesses is also in charge in a crisis. And there was also the principle of subsidiary, that means that decisions are to be made as close as possible to operations.
And agencies or authorities for my sake, are the decision?makers during an emergency and ministries are in fact forbid tone give orders to an agency on operational matters.
Yes, I will come back to this as the government give PTS assignments and so on and how the government steers PTS.
This is how it looks like. Just an overview. A little bit about PTS. We are independent public authority under the ministry of enterprise, communication and energy. We were founded in 1992. And we monitor the post and electronic communications sector and what the electronic and communications sectors means is that it comprises fixed and mobile telephony Internet access. We are approximately 260 persons and at the network security department we are 20 people. We are financed by direct charges from the market and we also ?? there are also appropriations from the national budget for security measures, redundancy measures and so on and services for people with disability.
These are the areas how we are grouped and we work for long?term added value for consumers, so we work with competition issues, spectrum licences and auctions, network and information security, the postal market and the consumer's rights in these areas.
And we shall work to ensure that everyone has a good access ?? has access to good telephony, broadband and postal services. Frequents and telephone numbers are assigned and managed efficiently. So this we have in common. We work to achieve function and competition in the market, resulting in a good range of options and low prices for consumers, and we ensure that networks and services are reliable and secure.
We are steering and governed through different kinds of tools, and as I told you earlier, we are an independent authority reporting to the ministry of enterprise, energy and communications and for those of you who have met Maria Hall, it is where she is placed and we are controlled by EU; sometimes it's the directives and regulations. And the Swedish parliament and the government control us through laws, ordinances, terms of reference and instructions, and the instructions is more of a long?term governing steering our PTS while the terms of reference is short tool for steering PTS, for the coming year.
And then we have government assignments or government mandates.
And I am not going to in details in these acts but we are still steered by seven acts, as you can see, for instance, the Swedish top level domain act and Telecommunications Act which put, amongst others, obligations on security and so on.
And we have some tools defined for us, and how we work is that we identify problems and attempts to remove obstacles, the general view is that we shall not intervene with the market if there isn't any problems, and you can say that there is a staircase of tools that we use and first of all, our first tool is to inform, to inform consumers about the rights or we can make inform them ?? the market of what the situation is like and we describe these different situations and we make analysis and then wave dialogue with the market and we can propose measures. And one of our ?? when there are major problems we can apply mandatory measures and that is, for instance, regulations and we also have another tool, it is when society makes greater demands than the market is delivering, we can procure, for instance, when it comes to coverage, spectrum coverage in rural areas and so on.
And now I will come to our work with fostering the deployment of IPv6.
In 2009, PTS started to deploy IPv6 for our own external E services, so now on, these are on dual stack, and that is our web page, our public E services under this E service domain, our domain name server, e?mail server and spam filters and firewalls. We did participate last year in World IPv6 Day.
We have also arranged two national seminars together with .se in order to raid awareness and we have approached the concept, trying to have as many different stakeholders reporting on what they are doing and the second one of them it was targeted the public sector in Sweden and it was very popular, it was around 300 participants. And in December, in 2010, PTS was instructed by the government to produce a description of how the new addressing ?? how IPv6 can be deployed at an authority level and the objective of this description is to serve as a support for public authorities, municipalities and other organisations within the public sector when they are deploying IPv6. And so compared to the case in Germany and if you had Constanze where they have one State network and LIR, that is not the case in Sweden. In Sweden, all the State bodies are independent and they make their own procurements in order to ensure competition on the market. So, that is one of our roles, to educate them to become good procurers.
And in October last year, just before I arrived at the last RIPE meeting, we handed in to the assignment to the government, and it's a practical guidance on how an organisation can approach the deployment of IPv6 for its public services, and the main text in the report provides a general approach or methodology for the deployment and then several appendices provides more specific guidance, and it also brings up consequences on finances, security and so on. I will till a little bit about the messages in our description.
This is all pieces of cake for you but for the Swedish public sector, it's not. Deploy IPv6 in parallel with IPv4, started employment on time. We have to be a little bit rounder on how we define this since there is no regulation.
Make decisions concerning the deployment, set up a project. Start on a small scale, starting on the per I havery and work towards the core. That is contact your ISP who is ensured IPv6 Internet connection, work towards the firewall and to the internal network. And another message is that IPv6 requires a systematic and controlled deployment for good accessibility and security why it's good to start the deployment on time.
And we suggest a four phase deployment, take stock, plan ?? preparatory work, then activate on your services and lastly, manage them.
So, a little bit about these activities:
We suggest first that the IT department reviews the IT environment and investigate measures for deployment that will maintain security and accessibility, so it's important that one reviews one's server platforms, network equipment, network infrastructure ?? network structure and accessing at a moreover Youghal level that supports IPv6, that one reviews the client platforms and their support for IPv6, also services and functions for which there is internal responsibility and similarly functions for which a third party is responsible. Perhaps this public authority doesn't have the knowledge to operate all of these services themselves, so they might consider having an external part doing this for them, so that is good time to look at this.
And in this phase, it's also appropriate to adapt procurement documentation with requirements regarding IPv6 and review the need of training in its staff.
The second phase, the planning phase. We suggest that one determines the type of IP addresses which is suitable for the organisation, that one produce an address plan for one's network, order IPv6 Internet connection from one's ISP, procure new equipment and services and that one review one's processes, routines and security requirements to encompass IPv6.
In the third phase, the activation phase, yes, remind to start on the per I havery and work towards the core, the activate IPv6 in the Internet connection, distribute assigned address based on the address plan, configure and Commission firewalls, configure and Commission routers, which is another network equipment, after that activate IPv6 in public E services, for instance the DNS or the web. After that, we suggest that one should enable users on the internal network to access external IPv6 services on the Internet. And after all this, last but not least, check and monitor the deployment.
And lastly, the manage phase. Monitor, follow up, adapt and deal with disruptions. It's important, since the protocol is new and it isn't functioning everything ?? everything is not functioning yet properly, it's important that one monitor the IPv6 traffic and differentiate alarms from IPv4 and IPv6, we propose that one keep operational statistics for traffic volumes and accessibility and that one has logs. And of course, one needs to deal with the disruptions and we also suggest that one documents incidence and follow up the courses.
And we suggest this four phases in order to have a secure and planned deployment of the new protocol. And I would welcome the community's feedback on this description of practical guidance. It has been translated into English and it can be found on our web page www. PTS .se. And now something about the government's political will:
On October 6th last year, the Swedish Government produced its digital agenda for Sweden and it states there that public authorities should have deployed IPv6 by no later than 2013.
And we hope that ?? we have proposed to the government that PTS should be assigned to promote and follow up the deployment of IPv6 at government authorities in order for the government to reach their goal, so we are hoping that we will have a new government mandate this year, so we can follow up the activities and report to the government. They haven't made any legislation and we don't think that it is necessary and this is the way we might be approaching this. PTS is also thinking of listing public authorities which support IPv6 in the public E services on our web page. And we will also strive towards new goals for our own organisation regarding the deployment of IPv6 and we would take part in the world IPv6 launch on the 6th of June this year.
Thank you for your attentions. And I will be glad to have your comments or questions.
MARCO HOGEWONING: Any questions for Erika?
SHANE KERR: How was this ?? how were your recommendations generated? Was there consultation with the industry?
ERIKA HERSAEUS: Yes. Actually, when putting together this description, we used our own, the IT department's own experiences, they didn't have anything to follow and we had a consultant who did ?? who had been down there deploying IPv6 in many public authorities or in some, and we did put it on a public ?? we sent it to, I don't remember now, very many public authorities, municipalities, the private sector, relevant stakeholders in the private sector, so ISOC, SC, vendors commenting and so on.
SHANE KERR: And my other question was, you said that there was a kind of instruction that everything would be available IPv6 by 2013?
ERIKA HERSAEUS: Pardon?
SHANE KERR: That IPv6 for government services would be available by 2013?
ERIKA HERSAEUS: Yes.
SHANE KERR: That was January 1st 2013 or December 31st 2013?
ERIKA HERSAEUS: December. Yes.
SHANE KERR: OK.
ERIKA HERSAEUS: But it's the government to assign so we are waiting for the assignment now or mandate to do something.
AUDIENCE SPEAKER: Osama from MENOG. Great effort. My question is, is it working?
ERIKA HERSAEUS: I believe that in the coming mandate, we will have to do lots of awareness raising and different kinds of awareness raising, like in the lowest step on the staircase, so I think yeah, I don't know, you know, the government could really like put into instructions for each public body, like you should have deployed IPv6 by 2013. They have not done it; they have stated their political will and they have said that they will give PTS new government assignments and it's up to them to describe on what level what mandate and tools we can do, but on PTS side we believe it will be through information and following up, posing questionnaires.
AUDIENCE SPEAKER: Are you actually trying to measure adoption?
ERIKA HERSAEUS: Yes, through a technical ?? on the outside for the external services.
AUDIENCE SPEAKER: And from what you have seen, do you have some indication of adoption?
ERIKA HERSAEUS: Yes, actually, our ?? there is the E delegation, there is another committee for evident services and government in Sweden and at the moment they provide this list but they will not (E services) continue any longer with this, so we have an eye on the public sector already.
AUDIENCE SPEAKER: Thank you.
AUDIENCE SPEAKER: Car loss, I come from LACNIC. I congratulate you on your effort because I have done a lot of outreach to governments and I have had a hard time. I was wondering if the guidance document that you put together is public, if we can see it.
ERIKA HERSAEUS: Yes. It's available on the web.
AUDIENCE SPEAKER: Is it to Swedish Government specific or is it kind of a generic document that could be useful for other governments, perhaps?
ERIKA HERSAEUS: Yes, it's pretty overall I think it's pretty generic. Some certain specific parts are for the Swedish case, but we have tried to make it as generic as possible so that many organisations, even private organisations could use it as a guideline or guidance. Yes.
AUDIENCE SPEAKER: Thank you.
MARCO HOGEWONING: I have a question for you, then, following a bit up of what Osama said in monitoring; what is your feedback so far, you tell people OK so plan, procure, first question then is: Do you have a bit of idea where most of the people are, are they still phase 1, 2 or 3 and did you get any feedback once they enter Phase Two and they start procuring since you are also about market regulation and first slide you mentioned, yes, if there is more demand, then market offerings, then we might step in to regulate but what is if a different way, if there are more market demand then server offerings because Swedish Government has to find an ISP that can deliver IPv6.
ERIKA HERSAEUS: Yes, there was so many questions in one.
MARCO HOGEWONING: First of all, what is the ?? where is everybody?
ERIKA HERSAEUS: That is ?? if we get an assignment, there are like 500 public authorities in Sweden, we cannot ask them, since they are independent, we don't have the mandate, but if we get the mandate from the government it might be possible that we can pose them where are you at the moment, do you have any preparedness plans, like make them aware and trigger something, and then we would ask them, like, what ?? what are the obstacles that you encounter and what are your suggestions on help or what guidance do you need?
MARCO HOGEWONING: . OK.
ERIKA HERSAEUS: And then we will make a report on this to the the government, summarising the case. It's like the government can choose to do something else, but in between, this is what we can do.
MARCO HOGEWONING: And then did you receive any voluntary feedback on people, like OK, yes, this might be possible or this is too hard because you gave them this document and, is there any ?? what is in the feedback from your target audience?
ERIKA HERSAEUS: Actually, we have had quite much positive feedback because in Sweden at least they haven't seen any document like this summarising, and there are very many parts also in the appendices about arguments for deploying IPv6 and consequences on financing and security and so on. It has been positively accepted, and both by journalists and by other public authorities that deal with big networks.
MARCO HOGEWONING: Good to hear.
ERIKA HERSAEUS: But I would be really glad, you are experts, so, please, return to me if you have comments.
MARCO HOGEWONING: And feel free to ignore my last question because I am going to put you on the block a bit and drift slightly off this topic but since mentioned it; what do you expect in terms of v4 run?out, because this is where PTS is ? to keep an eye out and where demand is bigger than offerings, and well, v4 is clearly the case. I know this is off topic for this presentation, so feel free to not answer my question.
ERIKA HERSAEUS: Yes, we haven't made up our minds, sometimes ?? we have many different kinds of surveys for the Swedish public sector ?? for the Swedish electronic communications market and we are thinking of posing a question in one of these questionnaires to them, like: Do you support IPv6, for which services and on over which techniques? But no, we are a bit shy, we are a bit ??
MARCO HOGEWONING: Basically, let the market do their job, that is what I hear?
ERIKA HERSAEUS: Yes.
MARCO HOGEWONING: Thank you, it's a wonderful document. Thanks for all the hard work.
(Applause)
Which brings me to the next agenda tight em, which is an update by the RIPE NCC, Susannah, you want to take over from here.
Susannah Grey: As you can probably guess from the slide behind me, I work at the RIPE NCC. I am going to give a brief update of the activities that we are doing at the moment on IPv6.
One change that we made recently is we now have one contact point for IPv6 matters, and that is me. So, this is to make it easier for our community ?? for the RIPE community and our members to contact us about anything to do with IPv6. And so if you have any feedback about what we are doing, IPv6?wise or IPv6 programme, then please feel free to contact me, any feedback, comments or input that you have. You can contact me at the e?mail address here or just talk to me in the hallways.
And now I will gave very quick overview on what we have got on our plate for the next few months. We received a lot of requests to update CPE survey so we are working on that and Marco is going to gave bigger overview of that in a minute. We are also going to be doing the same measurements for the world IPv6 launch this year but we are also using the RIPE Atlas network to help us get a Bert insight into what is going on.
And we are also helping to organise some events in Amsterdam together with the Dutch world IPv6 launch team. And we are also working on getting a fix star into the RIPEness programme, Vesna is going to talk more about that. We have recently updated the content on IPv6 act now website, and I'd really appreciate your feedback on that so if you have any comments on input for anything that you think should be on that website, please get in touch with me. We are going to update it on a continual basis so it would be helpful to know what you'd like to see there. Outreach and events, we continue to send people to any relevant conferences and meetings. But we are also trying to reach out to the non?typical audiences so the end users, the governments, the decision?makers, because the technical community has got the message already; we need to continue getting the message to those people who don't really know what is going on. Finally we are working on IPv6 roadshows. We have completely rewritten the material for this, and these workshops are targeted to government and enterprise networks. We had one event two weeks ago which was very successful in Dubai and we have got several more scheduled in the Middle East region for the next few months and we are torqueing on the getting the programme rolled out in ENOG at the moment in the Russian region. All that is left for me to say, please get in touch with me if you have any comments about what we are doing IPv6?wise and I will hand over to Marco for the next slide, which is CPE survey.
MARCO HOGEWONING: So the CPE survey, we are ?? there is a lot of demand like can you please give an update on that, can you please reissue things. As one of the ?? as the original author of this, I was a bit reluctant because things have changed dramatically over the last two years when we first did this, all we could get were a few bet her images and it was still unclear where everything was going, if you get your hands?on this specific hardware and ask nicely for this version you can play around with it. As we saw in the last meeting in the panel, we had four of them out there, all four of them selling IPv6 capable CPE, they are not the only ones, so yes, the market is much more mature. If you want CPE that can handle IPv6, you can basically go out to a shop and buy them. You still have to buy them and it's the other big struggle people have, you have to spend some money on them. There is a lot unclear, especially when it comes to transitions techniques, which modem supports what, African task force approached us, can we help, we said yes. We are working on a new update. We are going to take a slightly different approach. In the old versions it was more like feedback and testing and what we are now thinking of is going back to the original version one style where we approached the vendors and we are going to present them with a little questionnaire about which features do you support. We are not going to dive too much into testing, is it good, is it not, are there bugs. Of course, we appreciate all the feedback but there are going to be more focus on the feature packs. If you are looking for a specific translation technique these are the vendors you should talk to, one of the reasons is there is just too many out there and too many different protocols and approaches, and you can't just tell them all; it takes ages and every time there is a new draft and you have to adopt your test?bed to it, it's impossible to a get a clear understanding of what is going on. It's more of theoretical approach and what is on the market and which features you like. So stay tuned, we hope to get it out at least internally out in a few weeks and talk to the vendors and hopefully they are quick to respond and we can produce results. I guess labs.ripe.net is one of the places where we publish it. I am sure we will also mention it on our mailing list once it's on.
For my presentation, I need this one. Some numbers. Vesna, later on, is going to dissect more of this, looking at country statistics and progress. This is just some things we had laying around discussions internally with our registration services department, who produced these stats for us. We would like to show them, to give an idea of what is happening, just if you look at the bare numbers, we are not going to make too much of an attempt to put conclusions behind the reasoning.
This is the IPv6 allocation rate over time. You can see the jump there, this is per quarter, of course the big jump is queue 12011 when IANA run out. What is interesting is uptake in basically the last quarter of 2010, and these are per quarter but if you take a look at the raw numbers, then you see a sort of steady rate of 50 allocations per month on IPv6, and then all of a sudden, in October 2010, it jumps to 100, 100 and something. It stays steady and February of course, that was the all time high, we did slightly over 200, I think it was 220?something allocations in one month and it's a really short month so there was the IANA effect probably. It went back to 100 or 100 and something, the interesting part is since July last year we are back at 60, 70 allocations per month, and as you can see here, it sort of stabilised again. It is higher as it was, but the clear peak is out there.
Looking at the other one, IPv6 PI assignments, it sort of showed the same statistics, Q1 bag high. It is growing again so we see slight uptake. Now, of course, we can dive into a bit deeper and especially since there were a couple of policy changes and of course there was the multi?homing. If we take per month statistics, where the error that was two months back is when we implemented the last policy change, the IPv6 multi?homing PI requirement was removed. There is a bit of a spike there, probably some people were waiting for the policy to change. Right now, it's back to where we are at last month it's low but bear in mind that is April and we are only halfway.
As for a last slide then, how does it look from members' perspective, and I am sure that Vesna is going to talk all about it; it's about 50/50. About half of the 8,000 members right now are IPv4 only; the other half are dual stacked, as it were. They have both IPv4 allocations and IPv6 allocations. There is this little tiny red dot, there are 35 members right now which are IPv6 only. I haven't looked at all 35 cases; I accidentally came across one of them a few weeks back, reason for them being IPv6 only is they have legacy IPv4 resources, which are not counted in the registry right now, they are in the process of bringing them in, but in the meantime, they became member and asked for IPv6, so essentially they should be on the green part, I think, where you have IPv4 and IPv6, but from a statistics perspective, they are IPv6 only.
As I said, Vesna is going to show much more of these statistics. If you have any questions, right now, about these or about what Susannah said or the CPE issue, please stand up. If not, well, we will be around ??
SHANE KERR: Just a quick question. So what I don't see is how many of these allocations are to how many organisations. So, I am just doing some simple math, if we allocate 70 or 80 per month, well, in five years everyone will have one and we are done, right? But if this is actually only four LIRs or whatever ?? I don't know anyone would come back for more v6, so much to start with.
MARCO HOGEWONING: I can't say how much additional allocations we have. I am searching now for one of my colleagues from the registration services maybe Alex or Andrea or anybody in the room who can answer that question. If not, I will go out and find you the answer somewhere in the breaks. I don't know on top of my head what the number is there. I assume that most of them were still on the first allocation, but that is an assumption and it's not a good thing. OK. Which then brings me to the next part of basically the RIPE NCC update which is Vesna, who is going to talk about IPv6 RIPEness.
(Applause)
VESNA MANOJLOVIC: I started with this IPv6 RIPEness while I was still a trainer and now, I am building community around our measurements tools. The RIPEness is not strictly a measurement; it's more of a rating of the good behaviour of LIRs. So, if you have done your homework, you get stars for the good performance, and once you get all four stars, we publish your name on the list of the LIRs that have all four stars so you get some kind of public recognition, you contribute to the IPv6 RIPEness of your country, so you have these statistics per country and per LIR, and you get a T?shirt. And that seemed to be the best incentive for deployment of IPv6 because everybody wants a free T?shirt so you get the T?shirt with IPv6 act now, and then you can send us your photo and then you are going to tweet about it and you will become famous, so please write to us if you actually do have four stars and we will send you your T?shirt.
So, we have been doing this for a while, and we are slowly adding new features, very slowly, and mostly we just write about the RIPEness at RIPE Labs, so there are more new articles on there, so you can read about it. And what does it mean? What do you get the stars for? Well, you should collect them all. How do you do that? Well, that has been described in the article that I published last week, and the actual detailed instructions are there, so you can see ?? you can actually check if you have these stars or not and then there are instructions on thousand get them because the public information is not really aggregated if you have only two or three stars, we don't want to publish your name with less than four stars, and if you don't know how to find it out, here you can read about it.
If you do get all four stars then you will be listed on IPv6 RIPEness.ripe.net per country stats, and here is just a screen shot of the top of the page about Slovenia, so all the other medium LIRs and small and extra small, they are down somewhere. And this is the general stat about all the LIRs, including direct assignment users, so our number is a bit higher than 8,000, also last week we have published that RIPE NCC has reached the milestone of 8,000 LIRs, and in the RIPEness we always have larger numbers than that, that is because we also count direct assignment users, their v6 deployment. As Marco was saying, it is almost 50%, and it has been growing very, very slowly towards 50%, but the RIPEness numbers, so this is like all the LIRs with either one star or two stars or three stars or four stars, they just barely cannot reach 50% because the number of new LIRs is growing much faster, so last year already we were taking bets on when are we going to reach 50% and we all failed, like nobody guessed that it's not going to happen last year so we are still taking bets. You can somehow, you will see later the content details. Let us know what is your prediction on when is the RIPEness going to reach 50%. And then I am sure we are going to think of some nice present, a T?shirt or something.
These are other pie charts per country that you can get from the RIPEness website, and this is an attempt to create the normalised version of this statistics to make it a bit more scientific, so this was also published in the labs article. This shows distribution per country, taking into account the size of the v4 address space per LIR. So if you look at these numbers, then all of a sudden the v6 deployment looks enormous, at least in the RIPE NCC area service region because it looks like a lot of LIRs and specifically a lot of, how can I put it, the percentage of the v4 address space which is held by the LIRs who have also received IPv6 address space, is more than 80%. So, that is a very large number. It doesn't mean that actually any IPv6 is being used, because in the routing, you get much more black spots on this three map. And then these are few more views I am going to go very quickly on how can you represent these RIPEness numbers, and as they say, they real ?? they are lies, dam lies and statistics, this is quite implementable for this RIPEness so it actually favours smaller countries, if you look at the relative numbers, so for a long while, Slovenia was on a first place in IPv6 RIPEness, and we were hoping that we can make a big fuss about it at this RIPE meeting because it's in Slovenia and stuff, but they got taken over by arm even I can't in the meantime, so there you go, that is the top country in Europe service region or in v6 RIPEness. But, if you look at the countries that actually have the most LIRs, then you get a completely different picture, which is this one, and this if you look at the relative numbers and we use this with the red colour to show the danger of not deploying IPv6 and if you still don't have v6 then you have zero stars and you get all these red blocks here and if you actually want to talk about the success of deployment of v6, then you grey out that red colour and all of a sudden you have all the cheerful yellow and greens and you can see how we are actually progressing there.
You can also turn it around and then actually put it in a different order. We have done some more analysis and this is the ?? so IPv6 RIPEness per age of the LIR, so for every year let's say or every quarter of the year you can see if that LIR was created in let's say beginning of 2006, how are they doing with their RIPEness. Here you can see in that corner all the LIRs are furthest with their deployment of v6. And again, RIPEness per billing category, so the size of the LIR and again you can see that the extra large LIRs, although they constitute a smallest percentage of the membership of the RIPE NCC, they are the furthest in the deployment of v6.
We also try to map this on an actual map and using these same colours. It's quite hard to automate this, or at least it was for me, I am not a programmer, so this was a one?off, so you can see how small countries are favoured because these are the relative numbers. Again you get Portugal, Slovenia, Moldova and here you get also Holland with leading with the v6 deployment.
And this is the actual measurement that colleagues from research and development in NCC actually made, so this is the number of AS numbers per country that are v6?enabled, and if you go to this URL you can actually type in your country and compare with any other country over time. So, this is quite an interesting tool to show to the politicians, to the governments and say, look, this is how our country compares to the rest of the world and the rest of Europe and to our neighbours and we need to do something about the deployment of v6.
And finally, we are going to take part in world IPv6 launch day. We will publish all the results on RIPE Labs and we are going to use Atlas for actual measurements.
And now, bit of controversy; so, apparently, you can use v6 for your dental care and we were very proud that we are now in Slovenia and Slovenia is one of the top few, top ten in the world for their v6 deployment but yesterday we heard some other very scary statistics that Slovenia is also among the top countries in beer consumption and unfortunately, suicide, so maybe v6 is not good for your health.
Any questions? Well take a chewing gum then and see you later.
(Applause)
MARCO HOGEWONING: Going back to Shane's question, got hold of some people in the office, actually good point, since there are a few bits reserved, additional allocations means the existing allocation gets stretched out, so theoretically every member ? has one allocation. There are about 50 members right now that have more than one allocation and all of these are due to mergers and acquisitions where people in the end ended up with multiple v6 allocations for historic reasons. So that is Shane's answer. Which brings me to the next generaled da item and I ?? so Ragnar. For those of you who are new or missed out on RIPE 62 in Amsterdam, Ragnar from Altibox the problem he had with doing one to end VLANS and the security stuff that comes around when you want to do IPv6, this is his update to show where Altibox now stands and what happened since.
RAGNAR ANFINSEN: I am Ragnar, working at Altibox. I did an update in RIPE 62 or I did talk in RIPE 62 and I wanted to update you on our efforts so far. Quickly about my company again for you who haven't ?? who doesn't know us. We are very large ISP in Norway, we have a high penetration and all the stuff but I won't bore you with the details, we won the FTTH awards for Europe category this year so we are happy about that.
As I mentioned also in RIPE 62 we do have partner model where we are an ISP, where we sell ?? produce the products and services and sell that to third parties, who sell that again to the end customer, so we have a two tier network, if you might. We have a lot of partners, we recently got three new ones in Norway as well.
I am not going to go into details about the previous presentation, but if you want to look at it, this is the URL.
So, what is new? First of all, for some reason I didn't like, the project was actually put on hold in Altibox, and it was kept on hold for almost a year. However, that didn't stop us from doing things because I am a persistent guy so I actually pushed around internally and we actually did stuff, even though that there was no project for it so we did everything we could without actually doing it officially, so we haven't lost that much time.
Also, our vendor Telci, at that point went, bankrupt which was a very surprise for us so we needed to very quickly find new vendor, who could supply us with a large amount of equipment in very short amount of time, and that was one for ?? by all happy chances they do support v6, so we are very happy with that, and I also told that they are trying to get IPv6 ready logo before the 6th of June, so kudos to them.
With a has also happened is that we are in the process of reredining our network in going away from the layer 2, layer 3 that we did announce or that we have done for ten years now. And there is a lot of reasons for that and we are not going into details that might be in other discussion at another point but remember expecting a projection start in that network in Q1 next year.
And as everybody else, we are going to depleat, we are not expecting to get any more allocations from RIPE. If we do, that is just a bonus. And we do know the date when we do depleat, approximately, of course, not the specific date, and I am not going to tell you.
The biggest bomb for me at least was announced to me, and that is the first up security that we are very dependent upon in our shared VLAN model is delayed from our router render and we are not going to roll out IPv6 without these features, it's just that simple because it's too easy to spoof the Mac address and prefixes and steal the traffic from neighbouring customers and such.
So, this slide is taken from the last presentation, showing you the features that we needed, all the looking and mapping of the layer 2 and 3 stuff, just forget it, for us. Because it's coming too late and we actually will not be able to do dual stack v6 deployment in our current network.
So, what now? Well, we have few options, we can hope that our vendor for some strange reason will make the needed features in the platform earlier, actually have the software on the USB stick and it's over a year old but they still haven't been able to put into production. We could wait for the features to come in the standard road map, or we can go for plan B. Plan B is of course ?? as I mentioned in my previous slides there. We will see what we need to decide. We are still in the thought process here, what are we going to do and we are going to have much discussions with our vendor before we decide.
But, more important, we are running out, there is no doubt about that. We not stop to go v4, obviously, because as everybody else, there is too much v4 only traffic out there, and we also need to prioritise customer growth. Without v4 we are not doing service anding there not enough v6 service to do that yet. So as the second phase in my previous slide said that we are going to do CDN, that is now top priority so we are going to concentrate on that.
So, the consequence, as I mentioned, probably not ?? probably do not dual stack in the current network design, which as mentioned, will come in Q1. Luckily, we have a CPE capable of doing 6 RD so plan B is actually a plausible plan. And at start we were going going to support v6 for new customers, obviously, because it's only the new CPEs that will be IPv6?ready. We just recently started talking to Telci again, they have restarted the company and we are negotiating SLAs with them and hopeful get new software for the last generation for doing v6.
And we hope that doing dual stack v6 would actually offload the CGNs. When I can't do that any more, it kind of doesn't count because I need to do 6 RD through the same unit or as equivalent unit so the cost reduction I actually had planned for is not happening. So we need to kind of re?evaluate this and look at our traffic patterns and see what happens.
So, just as bombshell, I would say that the CPE is not long in the ?? no longer the problem, as we have said for many years; it is router vendor seen from my perspective of course, from shared VLAN. So that was a quick update.
Any questions? Not a positive update but still, next year meeting.
MARCO HOGEWONING: Next meeting you are going to say you are all done.
RAGNAR ANFINSEN: Hopefully.
JAN ZORZ: . You just mentioned CGN. I know you are thinking also about A plus B stuff 4 RD map, can you give us a perspective on that, please. Thank you.
RAGNAR ANFINSEN: Yes, I am following the map and 4 RD stuff closely and I have a lot of talks. The thing is that as of today, there are no running code, SiteSell do not support it. My backbone network is not IPv6 ready, so it wouldn't make sense for me to do that now. In a network technical perspective, doing CGN the way I do my network is very, very, very easy; I do not need to change anything in my OSS, I need to implement VRF going directly from the axis router into separate CGN cloud so I can put out the CGN traffic there and put it into my backbone Internet, so the technical efforts for doing that is very, very easy. However, we have the complexity of losing the end?to?end communication or connection between the customers so we actually are looking at trying to find a way where we can identify the customers who actually do not need a public IP address and taking that away from them, CGNing them and giving them to the customers who actually need it and are able to identify it. But that is very difficult thing to do so we are still in the process of doing stuff, so yes. I appreciate your question, Jan and we will do some other kind of transition technology in the new design. We will probably do CGN at start but we are looking at the work you are doing.
MARCO HOGEWONING: Thank you. Any other questions? No. OK. Well, thank you Ragnar.
RAGNAR ANFINSEN: Thank you.
(Applause)
MARCO HOGEWONING: Which brings us to the last presentation of this session, is Joseph Gersch about a possible solution on how to tackle often mentioned problem, how do I solve IPv6 DNS reverse with the millions of problems you might run into.
JOSEPH GERSCH: Good morning. This is to continue a little bit of yesterday, I am not talking about the routing part now, just the naming convention for using, how do you specify in the DNS address block and I am going to show again thousand works in IPv4 and then how logically it extends to IPv6 and once we describe that, we can have a discussion of what can you do with it.
The IPv4 naming convention just to remind you from yesterday, is relatively straightforward. If you take an address such as 1298216 of /16 and just reverse it, after you reverse it you do a MOD and say are we at an octet boundary, and if you are you are done. You have got the reverse address already. If you are not, the idea was to add an M character, take the least significant objecting at the time in binary and separate it with periods. If you have got a /18 and you take the 64 /18 you basically take 12082 insert the M, take the number 64 in binary and say OK it's a /18, how many of these are significant? So that would be /17, 18, so just two. Take the whole thing and reverse it and that is a DNS name. A /20 for the same type of thing, has four significant digits in the binary part, so it's reverse 0010. So it's a relatively simple and straightforward scheme that delegates well and names a complete address block, not just a single host address. So now, I am going to skip the next slide and this talks about how to do it backwards. But let's look at IPv6 address, it's actually simpler, in fact you are working on a nib he will boundary instead of objecting at the time so same algorithm but this time, you basically say, take the address like 2607: FA 88 and it's a /32 and do the normal reversal, 88 ?? I mean, it's DNS names in IPv6 reverse IPv6 are really long. They can be, it's 128 bits so that is a lot of characters. But this is a very typical type of thing, reverse and of host address you would be adding even more but we are not doing a host address, we are doing a CIDR block. So if this is a /32 it is out of anybody he will boundary so you calculate the MOD 4 instead of 8, that is pretty obvious because it's a nib he will and if you add nibble boundary, you are done. Otherwise, same thing, add the M character, convert the least significant ?? that should say nibble to binary and separate it to that. Here is 26 F E ?? so we take this 2607 add the M character, here is the 8,000 and in binary, we only need one significant digit, so that is what it turns into. And in this case we are/34 or 35, same example, two significant digits, reverse it. Here I took a C to give a different number, here is C in binary, 1100, we only need three significant digits so exactly the same kind of scheme in IPv4 as in IPv6. So these name address blocks. So that is how would you do a DNS reverse name. So once you have that as a name in a zone for Reverse?DNS, the next question is what could you do with it? One thing you might put in as well, I have a sub net at such an address block and I have it geophysically located somewhere, so let's put a loc record so you could take a name like this for a/33 and put a location record or you could put a host record. If you have a device that has many, many addresses assigned to it, let's say your refrigerator for some reason has 64 IPv6 IP addresses one, one for ice unit, and refridger and all the sensors, it's possible devices like that will have multiple addresses. Your auto me bile will have, so you could take that whole block and then assign a record to that block of addresses so you could look up that block, so if you knew every car had 64 addresses and your Peugeot ?? I am picking on the French ones with IPv6 addresses you could say I know I have organised this in a 64 block so you can just look them up one at a time. One thing this the not do and it's gets confusing for people, if they say I have a host address and it's a full 128 bit host address all the way to the bottom and they'd like to to know what sub net is it in, this is DNS, it's not a database. You can't look up that and find the nearest enclosing sub net. That does not work because you don't know. There are some DNS tricks, however, that could be done, some people are playing with ideas so I am going to say this as a quote work in progress, but the idea is you could give a address of a host and an extra character which would end up on a non?existent domain and tells you what zone that record is in. At the zone apex you could, and this is just an idea, no one has tried this yet, you could put a record which says which are the subnets within the zone and look it up in there. With a couple of lookups you might be able to take from a host complete number, to the zone name, to find out what subnets are in that zone. There is a couple of tricks could you play to avoid the millions of look?ups. This is just under study now. The naming convention is the first to break through that starts us on that path and we will be publishing some reports to the IETF and others as to how we understand how this could work better in the future. Now, officially, this is for naming a sub net, not for finding the nearest enclosing sub net of a host. That is it. I am done for this particular way of naming things in the particular DNS. Are there any questions?
RUEDIGER VOLK: How come you are assuming if a device has 64 addresses they actually fit into the binary tree as a contiguous fit.
JOSEPH GERSCH: Assuming they are within the same sub net. I should have stated that earlier. Thank you. If it's 64 non?contiguous addresses random, you are right. The application has to know how it's segmenting things.
MARCO HOGEWONING: Anybody else? OK. Thank you.
JOSEPH GERSCH: Thank you.
(Applause)
MARCO HOGEWONING: Did you mention, I saw this floating around in the IETF, I think it's v6 Ops or where is it? DNS, OK.
With that, we are actually 15 minutes short of the first session, so anybody got any interesting things to show, tell for the next 15 minutes? Then do stand up. We have got some spare time. Otherwise, we will go for lunch. Do you want your slot now, Filiz? OK.
FILIZ YILMAZ: Hi, I am speaking on behalf of the RIPE programme committee. We have announced recently that we are running an election process for one seal we will have tomorrow, Daniele is leaving us and nomination process is closed now and we received eight great nominations. The web page of these people with biographies and photographs is being updated currently so after lunchtime, until tomorrow, if you review it and think about who would you like to vote, that will be great. We will run the election tomorrow in the plenary. Thank you.
MARCO HOGEWONING: We will reconvene after lunch, which is 2:00 in the same room. Enjoy your lunch.