On Mon, Sep 26, 2016, at 01:01, Mark Andrews wrote: > > In message > <1474840690.4107784.736591409.28e80...@webmail.messagingengine.com>, > "Radu-Adrian Feurdean" writes: > > > > I know, but for the "server guys" turning on IPv6 it's pretty low on > > priority list. > > Are those server guys interested in stopping attacks without > collateral damage? You can't say that a IPv4 address == 1 customer > today. Any protection measures you put in place based on IPv4 > addresses are likely to affect more than one customer.
To put in context, I live and work in France, where NO mobile operator provides IPv6, but they do use CGN. Wired-line operators (some, not all) barely start deploying CGNAT on some of the new customers. Pro/business access operators MUST provide IPv4 in order to be able to survive. Things will probably change, but this is the situation today. So "1 IPv4 = several customers" it's either mobile (with no alternative and separate abuse handling process) or negligible. > > My customers are eyeballs. Residential ones have dual-stack by default, > > business - some have, some don't and some explicitly refuse (or ask for > > v6 to be disabled). > > Lots of residentual customers don't have a unshared IPv4 address. > The only reason you are seeing IPv4 from them is that the ISP has > had to spend money working around the sheer lazyness of content > providers in not providing IPv6. Lots of residential customers still do here. > > > Is somewhere between 11-14% worldwide enough for you to invest the > > > time to turn on IPv6 enough? It should be. > > > > Since they (the 11-14% worldwide) do have IPv4 anyway, some consider > > it's not worth; at least not yet. > > Actually almost all of the world does not have complete IPv4, they > have a subset of IPv4. You have just got used to not having complete > IPv4. > > > The issue with IPv6 deployment it's not as simple as some people > > suggest. It's not a technical problem either, but it's a big one. > > In most cases it is just a matter of turning it on. ... and in some of those cases turning it on is subject to a "change request" that requires validation from some level of management that requests the answers to questions similar to following : "What do we gain from this ? What does it cost to turn on ? What does it cost to support the new feature ?". Giving acceptable answers to people that don't necessarily understand IPv6 (some of them having spent their entire life in "IPv4-only, behind NAT" environments) is not that obvious, and this is the core of the "non-technical problem". You probably don't have to deal a lot with this kind of people....