[address-policy-wg] insufficient availability of IPv6 address space for end customers

Hi,

> I believe the problem is twofold - the usual hen-and-egg-problem. On the
> one hand, many (especially larger) providers have been slow to adopt v6
> in their networks. Partly due to the technical requirements (which, if
> you want to do it right, will cost them more man-power and real money
> (tm) than for a small ISP that only has a hand full of routers to take
> care of), but also due to business case - barely anybody actually wants
> or needs v6 at the moment. Which is "the other hand". With barely

I'd tend to disagree: Everyone _needs_ IPv6, people just don't realize it.
I mean, just look at how much overhead the lack of IPv4 addresses generates
every day (both in the form of management overhead due to having to deal
with getting addresses assigned from RIPE/ISPs, but even more due to the
grotesque workarounds that are deployed everywhere to make due with IPv4,
like private address ranges, which tend to collide all the time if you try
to connect previously separate networks, and NAT, and all the easy
solutions to problems that NAT prevents from working, ...)--all of that
cost would simply vanish once everyone has switched to IPv6, but people
simply aren't aware, because they think that private addresses inside your
network plus NAT just is how the internet works, they have no idea what
costs sticking with IPv4 is causing, so they don't want it, even though
they very much need it.

> anybody requesting v6 - even if it is available - there is no pressure.
> e.g., we've had v6 since the 6bone-days, applied for and received and
> activated our /32 when it became available at RIPE, and to this day had
> 3 (!) actual requests for v6 throughout our customer base. And that even
> though we actively promoted v6 use through our newsletter, explained how
> easy it is to use, etc. Apart from those 3 users, we also have a couple
> more that have active v6 "by accident", because their DSL CE routers

Given that IPv6 should in the end be easier for ISPs as well: Have you
considered offering IPv6 only connectivity at a lower price?

> just request and receive their addresses (btw, for dynamic dialup
> without fixed configuration, we use a /64 ... which IMHO is sufficient
> for the "everyday" user who only cares about having reliant Internet
> access) - which is, btw, another 7 connections at the moment.

I think you are wrong here, I think you are making exactly the mistake that
I am trying to point out providers tend to make.

Your mistake is that you think that "it's sufficient" is a good reason.
It's not. It's a really, really bad reason. It was a good reason with IPv4,
but with IPv6 this approach to justifying assignment sizes is
counterproductive.

You are (correct me if I am wrong) not looking at the full tradeoff.

What would the cost increase be for you if you assigned /56 prefixes by
default?  Zero, right? You have to make an initial assignment anyway, and
/64 or /56 makes no difference in the effort required, and you still would
have space for ~ 16 million customers, so no real risk of running out of
addresses either, and even if you did, as per RIPE policy you could obtain
a /29 without even providing any documentation, and once you have connected
a further ~ 120 million customers, it still should be relatively easy to
obtain space for another ~ 134 million customers, with no additional fees
to pay (yes, I know that you cannot really fit 134 million customers into a
/29 with a reasonable wide-area routing setup, but the RIPE policy does use
an HD ratio < 1, obviously).

What would the (negative) externalities be if you assigned a /56 by
default? Also zero--the only potential externality would be that others
might end up without addresses when they need them because you assigned too
much, but there is no risk of running out of addresses even with /48
prefixes per customer, not even if earth's population increases ten-fold
and every single person got assigned /48 prefixes from 10 different
providers, even then only about a quarter of one percent of the available
address space would be assigned, and think about how realistic that
scenario is, and then divide the risk by another 256 if you use /56
prefixes instead.

So, we do agree that there would be no cost, no negative consequences to
assigning /56 prefixes by default, right?

Now, let's look at the other side of the equation: You can be pretty sure
one in a million customers (once they use IPv6) might want to use more than
one LAN. Now, what are their options? Well, they could not use SLAAC.
Great! Or they could just forget about the idea. Or they could request
assignment of additional addresses. Either way, you have just created
costs, be it in the form of lowered convenience or the need to request
addresses, the need for you to process that request, the added complexity
of managing this special case, probably the need to renumber the customer's
network, the delay until the addresses have been assigned ... all of which
also acts as an incentive to choose technically inferior solutions to avoid
this overhead. Or imagine a CPE manufacturer that considers the idea of
creating a product that would need multiple subnets to achieve some
functionality ... if selling the product means convincing potential
customers that they would have to negotiate address assignment with their
providers, they'll probably simple scrap the idea.

All of that for what? There is no upside to it, only downsides. And I mean
_NO_ upside, not even minimal, marginal, potential upside, none. Why do you
still think that it's a good idea to assign a /64? Do you have any actual
reason _against_ assigning at least a /56 by default? I would really be
interested to hear if you have--my guess is that you don't and that it's an
unconcious bias in favour of saving addresses no matter what because that
is the right thing to do with IPv4, and that's what I suspect is at work at
all those providers that assign /64 prefixes (or even smaller) by default.
People have to be taught now that saving addresses is actively _BAD_, that
it's causing harm, that it is to be avoided if possible, just as assigning
an IPv4 /24 to every dialup customer is to be avoided, just for entirely
different reasons.

> In essence, then, where do we stand? Sure, more and more providers in
> the net set up their v6. For probably 95% (or more) of the customers, v6
> isn't an issue. And they couldn't care less. They want internet. If it's
> transported via v4 or v6 isn't their concern. They just want their
> Facebook, WhatsApp, etc. to work.

Well, yeah, that is a problem, but I don't think it's in any way an
argument for a bad address assignment policy.

> On the provider side, the lack of actual interest in v6 makes the
> business-side of the decision easy - v6 won't make them a single buck
> more, rather it will cost them money in the short run.

Well, yeah, the advantages are only to be had in the long run, obviously -
however, how long that "long run" is away and how much you spend on
maintaining a harder and harder to maintain ipv4 network very much depends
on when you (and everyone else, unfortunately) make these investments.

> For ISPs smart (or stupid?) enough to invest time and money now, it is
> somewhat depressing - knowing you have all those shiny, new, untainted
> v6 addresses, and nobody wants them. And you can't even recuperate the
> cost for the additional service. At least not in a market where most
> customers just want to pay as little as they can for the service they
> want. Which gets me to my final point:

Well, I am looking for a provider that will also provide IPv6 precisely
because I want to support those who have made the effort instead of paying
one that hasn't and then getting a free v6 tunnel, but that has turned out
to be far more difficult than expected.

> Service costs money. In our case, we're a (mostly/almost exclusively)

Which I totally understand, but ... I don't need any service? I don't need
anything that should be special. I don't need anything that should cause
any costs beyond the cost for a standard product that should be possible to
run at a large scale, and I don't need any help with setting up my side of
things.

> business provider, setting up business networks utilizing all sorts of
> lines (apart from Voice services and network monitoring consulting). We
> don't have the numbers to cover all of Telekom's OVSt's with our
> equipment in order to get the end customers' lines at some (perceived)
> low prices, we have to get the service indirectly from Telekom. Which
> means we will never be able to compete with the dumping price wars that
> large providers like Telekom or the cable companies have. Instead, we

Which is part of why I am looking for a tunnel or virtual server to set up
the tunnel myself (and no, I don't care about DTAG peering, in case you are
wondering, that's DTAG's problem).

> provide SERVICE to our customer. You can reach a tech person usually
> relatively quickly (and not some first level drone at a call center
> without any real technical knowledge and ability), we allow for custom
> setups for all our lines, and we try to keep up to date with technical
> development. In turn, all of this does one thing: it costs us money. Not
> v6 specifically (which I see as part of doing business without the
> danger of being pushed out of business some time down the road), but the
> whole package. Most of the additional cost is earned with the high-end
> products and services for leased lines, but we still need to make some
> of it from our "low-end" DSL services, which means we will be more
> expensive than your 1&1, Congstar or whoever the dumping-ISP of your
> choice may be (* just in case - no, we are even . So just as in
> "physical" life, where a cheap Fiat may (well, rather "will") not
> include all of the amenities of a Beamer or Merc, you will need to put
> your money where your mouth (and your requirements) are.

I can see all of that, but I really don't need service nor do I need a
custom setup. Yes, I need that you fix things when they break on your side
(and if you have installed call center drones who can't handle a competent
caller, thus preventing you from fixing your problems, that's a cost factor
for you, not for me, as it's wasting your resources, not mine (if I call,
it's probably because you are at fault, and you won't be able to avoid
fixing your problem other than by getting rid of me as a customer), and
more than likely will make you lose me as a customer), and I also don't
mind paying extra for additional effort - but assigning a /56 by default
shouldn't be any additional effort.

> (Side note: and no, even with our service we're by far not as expensive
> as the "premium" product of your current provider, but we can't compete
> with his "flex" product ... so if the latter is your desired rate, don't
> even look at our page - but don't complain that you don't receive the
> professional services you would like to get)

Well, you might have overlooked that no traffic price is specified in that
table ;-)

But no, I don't have any of the products currently listed on their website
(it's access over T-DSL, which I had running with multiple PPPoE sessions
until DTAG recently decided that that's a feature that they should switch
off without warning, and haven't been able to re-activate (see call center
drones above, and that despite the not quite dumping price of that line),
which is also why I am looking to replace it now).

Regards, Florian