Thoughts about ipv6 white listing

George Bonser gbonser at
Sun Dec 5 01:09:52 CET 2010

> It looks like a lot of those broken 6to4 Mac OS X users are getting
> fixed pretty fast at the moment:

Yes, I have been seeing the same thing.  That is one thing that has
delayed deployment of v6 in our office LANs as many have Macs.

> But how about we 'break content' for just one day for those users and
> announce it to the world before hand ?

In our case we have a maintenance window with the remote network on the
phone, change the resource, test connectivity, and if it works, call it
a day and move on to the next one.  And v4 connectivity won't stop
working just because v6 is available but in our first migration targets,
I expect nearly all the traffic to migrate to v6 pretty much instantly.

> That seems to be the idea from Google/ISOC:
> >
> > George, I think your approach is fine _as a starting point_, and
> > recommended it in the past. IMO the main utility of this approach is
> > to make sure that _your_ IPv6 connectivity is working properly
> without
> > the added debugging complexity of dealing with broken end users.

Yes, absolutely agreed.  That is exactly why we have delayed doing this
until we have all of our internal T-s crossed and I-s dotted.  We needed
to announce our network to two different external transit peers, needed
to upgrade code on load balancers and other internal gear, deploy
separate instances of named, etc.  That process is nearing completion.
Only once we are fairly convinced we have everything as "correct" as we
can get it, will we register the v6 name server in whois and roll it out
to a partner.

> > One could make the argument that this model of gradually rolling it
> > out and debugging one element at a time would have benefit to the
> > larger network as well.

More information about the ipv6-ops mailing list