Archives

12:58 < michela_RIPENCC> Hi everyone, I'm Michela Galante from the RIPE NCC. If you have questions/comments for the presenter and want the Session Chair to read it out, please write it here stating your name/affiliation and I will copy/paste it in the Zoom Q&A. Keep in mind that there may be up to a 30 second delay for remote participants, so it's better to get your questions in before the question period begins.
12:59 < Michela_ChatMonitor> Please note that all chat transcripts will be archived and made available to the public on https://ripe80.ripe.net/.
13:00 < luna> time for some IPv6 :)
13:01 < amd2-ripe> (ipv4++)++ ;-)
13:02 < Axu-AS197032> itym ++(++ipv4))
13:03 < Michela_ChatMonitor> Wilhelm Boeddinghaus has begun the presentation "Why Is It so Hard to Implement IPv6?".
13:07 < Deuns> difference between GUI vs CLI is a recurring problem :(
13:07 < Eric_Vyncke> vs. NetConf, gRPC, ... ;-)
13:08 < blake> yeeeep
13:08 < Axu-AS197032> let's write an RFC titled "GUI Considered Harmful"
13:08 < Deuns> :)
13:08 < blake> *this* is why FaaS/runtime as a service (a.k.a."serverless") is such a big deal
13:10 < blake> it's the 1st cloud tech that gets the developers completely out of the mess of the underlying system/network
13:10 < Eric_Vyncke> People are indeed the biggest positive (often) and negative (sometimes) factor for IPv6...
13:10 < blake> https://twitter.com/__dotblake/status/1259522704157429761?s=20
13:10 < blake> https://twitter.com/__dotblake/status/1259520616828452865?s=20
13:13 < blake> Axu: "vendor defaults considered harmful"
13:13 < Axu-AS197032> s/ default//
13:13 < blake> we coined a term in the packet pushers' happy hour a couple months ago:
13:14 < blake> "vendor reliability engineer" VRE
13:15 < Axu-AS197032> why exactly would the log files be doubled?
13:15 < blake> Axu maybe not doubled but certainly more complicated
13:15 < amd2-ripe> dualstack => dual-everything
13:16 < Michela_ChatMonitor> @Axu do you want this question to be read out in Q&A?
13:16 < rvs> might be related to keep an tab on both ipv4 and ipv6 data in the same log
13:16 < Axu-AS197032> sure
13:16 < amd2-ripe> you don't have one network running two protocols, you have two protocols mutiplexing on a cable
13:16 < blake> amd2: good one
13:16 < ondrej> Great talk
13:16 < Michela_ChatMonitor> Wilhelm has asked for questions
13:16 < dinoex> Thanks
13:16 < amd2-ripe> really good talk!
13:16 * Axu-AS197032 applauds.
13:17 < Michela_ChatMonitor> axu: your name and affiliation?
13:17 < Axu-AS197032> Aleksi Suhonen / TREX Regional Exchanges Oy
13:17 < ripe_389> Mikrotik and IPv6 is totaly broken!
13:17 < ripe_389> at least for BGP.
13:17 < rvs> my observation is that it is just overlooked, because it was nog listed in the contract with the customer, and then the engineer thinks "it is not needed" and forgets it. dualstack blindness then let it fly under the radar
13:18 < chrbre_AS206228> can we compile a list with working ipv6 only equipment?
13:19 < Michela_ChatMonitor> your name and affiliation?
13:19 < Barbarossa> Michela_ChatMonitor: Maximilian Wilhelm (asking for myself): What is your solution for servers which might need access to v4 services to provide it's services? With Dual Stack that would work, with v6 only it's a problem.
13:19 < Axu-AS197032> traffic doesn't suddenly increase because you run dual-stack, you have as many packets causing as many log entries as you did before, the traffic is just split between the two protocol versions.
13:19 < chrbre_AS206228> Christian Bretterhofer, Enterprise user
13:19 < Cougar> firefall rules will be about doubled, not log entries
13:20 < rvs> maybe start to deprecate all protocols that stuff address information in the higher layers, like ftp does
13:20 < jbond42> Axu-AS197032: happy eyeballs may cause a process to try both ipv4/ipv6
13:20 < MarkS-> Could disabling SLAAC and better DHCPv6 support (eg in mobile devices) help the deployment? It would help with some migrations from IPv4 to IPv6 I think. (Mark Scholten / asking for myself)
13:20 < jbond42> ...although i agree it probablywouldn;t double the entries
13:20 < lsawyer__ARIN_AC> Don't ask that question to Android, MarkS
13:21 < MarkS-> lsawyer__ARIN_AC: I know ;)
13:21 < iocc> chrbre_AS206228: that would be a start
13:21 < Axu-AS197032> huh?
13:21 < Michela_ChatMonitor> you are very quick all but I am copying all your questions
13:21 < MarkS-> it is one of the reasons Android will not get IPv6 at some locations I maintain
13:22 < Axu-AS197032> MarkS-: what problems have you had with android? i have not have had problems with android and ipv6.
13:22 < chrbre_AS206228> i have the list for my equiment
13:22 < phessler> yea, android has made a decision to never support dhcpv6. good luck getting them to change their mind.
13:22 < luna> might be a good idea to have this list on Github or such as an open document, so everyone can contribute
13:22 < ripe_361> What is the best implementation of microsegmentation for IPv6?
13:22 < rsc> chrbre_AS206228: can you make it public, e.g. GitHub?
13:23 < luna> rsc: great minds think alike
13:23 < Michela_ChatMonitor> ripe_361 name and affiliation?
13:23 < Cougar> https://issuetracker.google.com/issues/36949085 about Android saga
13:23 < luna> https://ipv4flagday.net/
13:24 < chrbre_AS206228> https://github.com/ipviolations/ipv4flagday/issues
13:24 < mzar> yes MarkS- is right, Android disability to use DHCPv6 prevents IPv6 only wireless networks from deployment on campuses
13:24 < Axu-AS197032> on the other hand, android does support rdnss
13:25 < ripe_330> but why is this the case? RFC 8106 should work just fine with Android
13:25 < Eric_Vyncke> Like Windows and others for RDNSS
13:25 < jens> Someone should have asked about IPv4+
13:25 < Michela_ChatMonitor> Fernando Gont has begun the presentation “IPv6 SLAAC & Renumbering Events”
13:25 < sasha> I set up a VPS last week, and ipv4 is default, ipv6 address requires a checkbox during creation - still see that a lot :/
13:25 < Eric_Vyncke> @Jens :-)
13:25 < MarkS-> Axu-AS197032: SLAAC is a problem, eg I have stateless firewall rules and everything is blocked by default. When I have an IP that is assigned (eg DHCP or static) we can open certain things
13:25 < Axu-AS197032> MarkS-: the firewall could react to DAD?
13:25 < agh> screen sharing works here
13:26 < jens> sasha: I'll have one vps where I have to open a ticket for IPv6.
13:26 < Klaas> I can see the presentation
13:26 < MarkS-> with SLAAC it isn't assigned from a central system so no firewall rules to allow the traffic
13:26 < phessler> I've been asking the $office ISP to get us IPv6, but that discussion has been going on for 9 months.....
13:26 < mzar> some vendors like Alcatel-Lucent don't support announcing DNS servers with SLAAC
13:27 < sasha> weirdly, the same VPS provider (vultr) will also sell an IPv6-only budget VPS, $2.50/mo vs $3.50/mo for dual stack
13:27 < Axu-AS197032> sasha: cool
13:27 < luna> stupid question but what is SLAAC?
13:27 < Axu-AS197032> stateless address auto-configuration
13:27 < luna> Axu-AS197032: thanks
13:28 < mutax> He just called, his DSL line dropped.
13:28 < sasha> I'm increasingly seeing discounts for VPSes if ipv6-only, I think gandi.net has done it for a long time
13:28 < mutax> zoom chat: Wasn’t me with his line! ;-)
13:28 < jens> going to steal some stuff from wilhelm for my next IPv6 presentation.
13:28 < mutax> u all are crazy. I love it
13:28 < rsc> jens: I thought you're doing IPv4+ presentations now?
13:29 < luna> IPv4+ feels silly
13:29 < jens> I promissed to do the presentation month ago.
13:29 < jens> luna: It is.
13:29 < phessler> I can't tell if the proposer of ipv4+ is serious, but the proposal itself is a joke
13:29 < Michela_ChatMonitor> please, remember to state your name/affiliation when you want me to copy your question in the Q&A on Zoom
13:30 < rvs> at the office I notice that my slaac address becomes stale, and then any ipv6 connection drops when the laptoy acquires a new address :(
13:30 < jens> but after many years of doing IPv6 i sometimes get a little frustrated and start trolling.
13:30 < rvs> maybe propose ipv4+ as a ipv6 extension header
13:31 < luna> i did not even understand people where trolling yesterday, as i am not involved enough :P
13:31 < Axu-AS197032> rvs: is your laptop using privacy extensions for ipv6?
13:31 < Axu-AS197032> rvs: or is your prefix also changing?
13:31 < luna> but as some wrote an IETF Draft i think some people think its a good idea
13:31 < rvs> jup, macos defaults
13:31 < Axu-AS197032> rvs: i wish i knew how to help you disable that
13:32 < rvs> Axu-AS197032: priv extensions. I suspect the access point's ipv6 implementation isn't mature enough
13:32 < Axu-AS197032> luna: there's an important lesson to be learnt there
13:32 < jens> luna: I think the draft is old and has nothing to do with the ideas presentet on the member discuss mailing list
13:32 < luna> jens: was updated this year :P
13:33 < luna> in January
13:33 < Eric_Vyncke> And BTW, an IETF is just a draft... Anyone can write one, it is meaningless until published by the IETF with a rough consensus behind it
13:33 < luna> Eric_Vyncke: true
13:34 < jens> Eric_Vyncke: "My hovercraft is full of eels"?
13:34 < Eric_Vyncke> 'smart hosts' are not always possible: many consumer-grade IoT do not upgrade themselves :-(
13:35 < Eric_Vyncke> @jens: unsure whether I understand your joke / message. And "Hi" BTW ;)
13:35 < jens> Hi...
13:36 < jens> Eric_Vyncke: There was a draf about anybody can write a draft
13:36 < luna> would not routers need faster CPU/Ram to update more stuff faster? or i am thinking wrong
13:36 < Eric_Vyncke> ;-) esp on April 1st
13:36 < jens> Eric_Vyncke: https://tools.ietf.org/html/draft-wkumari-not-a-draft-08
13:36 < jens> February 4, 2020
13:36 < Eric_Vyncke> @Lune unless you have 100's of attached nodes, changing prefix is easy for routers
13:37 < luna> jens: Eric_Vyncke: haha have not thinked about that :P
13:37 < luna> you learn something new every day
13:37 < Eric_Vyncke> Indeed :)
13:38 < luna> need to read that later, thanks
13:44 < Michela_ChatMonitor> Fernando has asked for questions. Please write it here stating your name/affiliation and I will copy/paste it in the Zoom Q&A.
13:45 < Michela_ChatMonitor> Sorry! No time for more questons
13:46 < luna> nope the time is up now, so break before IoT #iot
13:46 < Michela_ChatMonitor> The presentation has ended
13:46 < Michela_ChatMonitor> This session has now ended.
13:46 < Michela_ChatMonitor> The next session is the Internet of Things Working Group. Discussion for this working group will take place in the IoT chat room. To join this room, type: /join #IoT

[ZOOM CHAT LOGS]
12:59:02 From Michela Galante : Hi everyone, I'm Michela Galante from the RIPE NCC. If you have questions/comments for the presenter and you want the Session Chair to read it out, please write it in the Q&A window stating your name/affiliation.
The chat window is meant for discussion ONLY. Please remember to select 'all panelists and attendees' when sending your messages otherwise only panelists see what you’re writing.
12:59:21 From Michela Galante : Please note that all chat transcripts will be archived and made available to the public on https://ripe80.ripe.net/.
If you need Live transcription, please visit https://ripe80.ripe.net/live/steno
12:59:32 From niall : Ciao, allemaal!
13:00:49 From Denesh Bhabuuta : Hi Michaela
13:00:50 From Jen Linkova : oh i think I was supposed to select 'all attendees" ..sorry, have you just said 'creepy Google apps'? well, I guess everyone is enjoying a break from Comic Sans on the chairs slides... :+P
13:01:16 From Chris Conway : Hi all - quick question. I seen a tweet ——Even after runout runout runout, RIPE NCC is allocating five /24s per day on average, have 1,340 /24 in free pool and expect to release aother 456 in the next six months. #RIPE80 #ipv4 —— we have just about exhausted our ipv4’s what is the criteria to get a free alocation?
13:01:51 From Erik Bais : Chris,
13:03:24 From Luna : it all works
13:03:59 From Erik Bais : Chris, there is the broker market to request (buy) larger allocations via transfers, or there is the option to open a second LIR with the option to request a single /24 ipv4 .. but the IPv6 WG chat might not be the channel to discuss that particular topic ;)
13:04:20 From Taras Heichenko : I wonder why the selection is "All panelist" by default if all ask to choose "all panelists and attendees"?
13:04:25 From Chris Conway : Thanks Erik
13:05:08 From Blake Willis : taras: because Zoom...
13:05:41 From Luna : hahahaha WTF
13:06:31 From niall : NCC, as “Custom Webinar” client, might be in a position to request custom default … (hint)
13:06:47 From niall : For next time
13:07:03 From Taras Heichenko : Exactly what I wanted to say
13:08:37 From Jen Linkova : well, if it's all about VPN products and switches - it's good...we can deal with it..
13:08:43 From Jen Linkova : oh here we are...
13:09:58 From Jen Linkova : isn't because customers do not ask? :)
13:11:08 From Luna : 24 years according to Wikipedia
13:11:30 From Blake Willis : nail “big blue button” is pretty good for this, but also not without its drawbacks
13:12:30 From Kurt Kayser : @Luna: 24 years of protocol evolution is quite difficult to call a "single standard"
13:12:52 From Jen Linkova : I might be repeating myself but...you do not have experience in deploying ipv6 until you turn off ipv4
13:13:32 From Jen Linkova : yeah, me too...
13:14:43 From Jen Linkova : working on it. for the last 6months I've been busy turning off ipv4 for workstations :-p
13:14:51 From Jen Linkova : so baby steps
13:14:53 From Wolfgang Tremmel : the problem with IPv6 is that you neither can remember the addresses nor can you read them out in a reasonable time
13:15:21 From Yannis Nikolopoulos : you get used to that after a few years...
13:15:26 From Jen Linkova : Google 'dns' :-P
13:15:34 From Yannis Nikolopoulos : :D
13:15:39 From Blake Willis : face:booc managed to work around that :-)
13:16:20 From Luna : can hear you
13:16:20 From Richard Hall : I found that I very quickly started remembering the subnet addresses, as there was a logical structure to the scheme
13:16:21 From Jordi Palet Martínez : always use DNS, not addresses!
13:16:22 From Luna : great presentation :)
13:16:23 From Jen Linkova : 2001:4860:4860::64 is easy to remember :)
13:16:41 From Blake Willis : “clap track"
13:16:55 From Pierre Schwarzer : very good presentation clapclapclap
13:17:00 From Leo Vegoda : Excellent!
13:17:02 From Peter Koch : @Wolfgang: “siri, connect to two zero zero one colon dee bee eight …” ???
13:17:03 From Benedikt Merkl : very nice analogy with the berlin wall :)
13:17:03 From Dennis Körner : Mikrotik still has Problems with IPv6 and OSPF.
13:17:11 From Kurt Kayser : **applause** although this was not new content. It's the same since 10+ years
13:17:25 From Nick Hilliard : mikrotik does not support route recursion for ipv6 route resolution
13:17:32 From Yannis Nikolopoulos : +1 Kurt Kayser
13:17:38 From George Michaelson : The Mikrotik experience in all things is .. not good. Its huge in Asia, All through ID, cannot do RPKI, struggles with newer BGP expectations
13:18:30 From Wolfgang Tremmel : you cannot selectively remove BGP communities on Mikrotik
13:19:21 From Dominic Schallert : Mikrotik has so many issues...
13:19:30 From Andres Genovez : Hi, George M, which router you recommend price/features?
13:20:08 From Jen Linkova : nat64 works :)
13:20:19 From Jen Linkova : speaking from experience :)
13:20:22 From George Michaelson : I have none, at the price point I can understand why people went to mikrotik, but it was predicated on a network model which aged out.
13:20:24 From Silvan Gebhardt : vyos works much better for me ;) compared to mtik (I've used mtiks extensively)
the really big issue is the broken IPv reverse path lookup
13:20:57 From Yannis Nikolopoulos : plenty of ways of providing IPv4 over an IPv6-only network
13:21:18 From Silvan Gebhardt : ubnt is almost as good, but lacks RPKI. and their routers have issues scaling with large configurations, we have one edgeRouter from UBNT that works fine, but takes 90 minutes to boot and then load the config (and ssh is last in the config)
Vyos boots much faster
13:21:49 From Andres Genovez : George M., Thanks, Silvan G. I will test Vyos Thanks!
13:22:07 From Silvan Gebhardt : @andres happy to help you off-list too - twitter @wauwuff ;)
13:22:09 From Wolfgang Tremmel : vyos uses frrouting as far as I know, and frrouting does IPv6 fine
13:22:29 From Yannis Nikolopoulos : thank you for the presentation
13:22:58 From niall : Shout-out for my mobile operator, who gives me an IPv6-only APN
13:23:21 From Luna : http://ipv4flagday.net
13:24:09 From Venu Kakarla : https://redmine.ungleich.ch/projects/ipv6/wiki/IPv6_Hardware_Compatibility_List
13:24:48 From Luna : yep yep we can :)
13:24:49 From Sebastian Becker : We do see it.
13:24:52 From Elmar, German stranded in Austria : I do
13:24:53 From Markus Zeilinger : I see the slides!
13:24:57 From Yannis Nikolopoulos : we can see it Fernando
13:25:02 From Pierre Schwarzer : we see your screen
13:25:04 From Elger Postema : I see the slides also
13:25:10 From Elmar, German stranded in Austria : RIPE slides
13:25:10 From Luna : now it went away
13:25:15 From Peter Steinhäuser : Indeed Sharing worked...
13:25:15 From Luna : worked at first
13:25:21 From Florian Streibelt : WORKS
13:25:21 From Silvan Gebhardt : works
13:25:22 From Elmar, German stranded in Austria : Fernando slides!
13:25:23 From Florian Streibelt : ah
13:25:27 From Elmar, German stranded in Austria : Oh…
13:25:29 From Silvan Gebhardt : gone again
13:25:30 From Marc Groeneweg : wow
13:25:32 From Erik Bais : I saw a reply from Raisecom (switch vendor) that for some of their models, IPv6 isn't planned or feasible to implement .. they still sell these models today ..
13:25:33 From Florian Streibelt : now ripe took over
13:25:40 From Florian Streibelt : but it worked
13:25:41 From Luna : it works
13:25:42 From Marc Groeneweg : yes
13:25:43 From Sebastian Becker : Now again!
13:25:43 From Florian Streibelt : now it works again
13:25:44 From Markus Zeilinger : YES its working!!!!
13:25:46 From Christiaan de Die le Clercq : It works here!
13:25:47 From Jordi Palet Martínez : I see the slides!
13:25:49 From Leo Vegoda : Seeing your slides now
13:25:50 From Markus Zeilinger : YESSSSSSS
13:25:51 From Florian Streibelt : YES
13:25:51 From Elmar, German stranded in Austria : It works, go ahead
13:25:52 From Pierre Schwarzer : yes
13:25:53 From Jordi Palet Martínez : yes
13:25:57 From Steffen Weinreich : yes
13:25:57 From Wolfgang Tremmel : yes it is working
13:25:59 From Leif Sawyer : it works on zoom just fine
13:25:59 From Yannis Nikolopoulos : we can see it Fernandoi
13:26:00 From Elger Postema : Still working Fernando
13:26:11 From Yannis Nikolopoulos : it was working before :)
13:26:11 From Sebastian Becker : Wasn’t me with his line! ;-)
13:26:37 From Marc Groeneweg : Doing great Fernando
13:30:58 From Sabine Meyer : I might wanna redo that with the full list of possible recipients ;)...so: at least I am not seeing the speaker but somebody else.
13:31:06 From Sabine Meyer : anyone else experience this?
13:31:36 From Jen Linkova : no, I see Fernando
13:31:55 From Marc Groeneweg : I see Fernando too
13:32:23 From Jaap Akkerhuis : I’m doing side by side and see the speaker and slides
13:32:56 From Sabine Meyer : I have the slides and a live view of Benedikt Stockebrand
13:34:28 From Jen Linkova : not "recommended", just "default"
13:35:26 From Jen Linkova : it's like 4 hrs arp timeout, which reasonable people do change to match Mac address table expiration timers :)
13:37:26 From George Michaelson : Risks of synchronised event storms?
13:37:56 From George Michaelson : VJ said TCP timers were not meant to sync across the net, its emergent behviour. So.. switch reset in the fabric: everyone asks for a newie Caboom all timers align.
13:38:26 From George Michaelson : I guess you hand out a Gaussian distribution of variant lifetimes around a mean
13:43:26 From Geoff Huston : no george, NOT TCP - Van Jacobsen was talking about routing timers (https://ee.lbl.gov/papers/sync_94.pdf) - different problem space I believe.
13:45:27 From George Michaelson : Nothing like half remembering a story about the wrong protocol
13:45:51 From Nigel Titley : Easily done
13:45:55 From George Michaelson : The underlying point stands: is there a risk of things synchronising across switch or routing fabric changes?
13:46:28 From Jen Linkova : and everyone got a seat! no people sitting on the floor :)
13:46:29 From Markus Zeilinger : Thx a lot! *clapclap*
13:46:46 From Michela Galante : Sometimes Zoom retains questions from an earlier session that you watched in the Q&A. If you would like to start afresh with a clean Q&A, leave the meeting and rejoin it.
13:46:48 From Christian Adler : *applause
13:46:52 From Sebastian Becker : Thank you!
13:46:55 From Piotr Strzyżewski : Thanks everyone! clap clap
13:46:58 From Blake Willis : “clap track"
13:47:01 From James Kennedy : Thank you *claps*
13:47:03 From Michela Galante : This session has now ended.