These are unedited transcripts and may contain errors.
IPv6 Working Group
2 p.m.
16 October, 2013
MARCO HOGEWONING: I think we're close to two o'clock and we're close to start.
Hello and welcome. The IPv6 Working Group at RIPE 67. I did a bit of work on the logo this time and this is session 1. Tomorrow there will be another session which will be in the room next door, which will be at nine o'clock. Sorry about that.
Now, there is a DIY social tonight, so you can go to it early and go there.
A bit of housekeeping. Minutes of last meeting on the mailing list, there were no big objections so we considered them final and have them published on the website. Thanks to the RIPE NCC for providing the last minute, Miriam and again thanks to the RIPE NCC for scribing this session and jab monitoring, it's Emile this time who is going to do the typing together with Natalie and of course the lovely lady from the transcription work.
Smile you are on the Internet. Yes this session is webcasted so if you have comments or a question please use the microphone and please state your name and affiliation, yes, apologies, Randy, that I forgot yesterday, but please... if you are watching remote, please use the RFC channel for feedback and we can relay that to the rest of the room.
This is the IPv6 Working Group. I am still up one of the co?chairs, the other two are sitting here in the front row, David and Shane, you have probably all seen them. If you have anything that you want to bring to our attention, questions, comments, ideas for things to talk about, ideas for work to be done in our Working Group, please contact us at address on the screen. That will end up in our mailbox and sooner or later you will get a response.
Then there is this. There is an IPv6 only network. You may have seen the fliers, you may have seen it POP up on your thing. That was based on the discussion we had in Dublin, we thought let's give it a try, so, we set up an SS ID that will only give you IPv6, the password is there. I know best effort, and that's there for a reason because the RIPE NCC is not going to support it. If you have any comments, questions, problems, either have a chat with me or Andreiey Revchenko or come to tomorrow's session for feedback and we'll discuss the results of our little experiment. Feel free to give it a try but of course after this session, because you have now got to pay attention to our speakers.
Our agenda: Somebody in Twitter called it a Geoff?a?thon. Here he is again. Geoff Huston looking back at IPv6 launch day, how far did we get, what happened next. We have got Peter Lothberg from, it systems, you saw him present earlier on on Monday talking about the new TeraStream network that is built that is completely IPv6. He is going to get more details on the IPv6 part here. Then we have got Zuzana Duracinska from nic.cz talking about their project about measuring the deployment of IPv6 in governments. And last but not least and you may have seen him before because he presented at an earlier RIPE Meeting, it's Yannis and he is going to talk about how they handle their addressing plan in their IPv6 network. That's it. Here is a quick snapshot of what we're going to do. Tomorrow. There is going to be another session with Benedikt, Jen, Tasos and like I said, the feedback for the IPv6 only experiment. I won't steal more time from you, Geoff.
GEOFF HUSTON: The only reason why I'm here is to maximise the chances of getting a submission through the Programme Committee, I put in three. And I said here is one, we'll send the other two off to the Working Groups and that's the result. So I'm sorry you have got me again.
This is a presentation about sort of launch 365 days ago and a bit more, because it's really about what happened in that year since we go the world IPv6 launch, and you know that was the 6th June 2012, and you kind of wondering did it work? Because I saw this strand stuff from ISOC saying it's fantastic, the Internet doubled its use of v6. I am going that's a lot. Is that real? So the questions that I had in my head were sort of written up there and I'm pretty sure you'd have have all much the same kind of questions, because saying the world has doubled doesn't give you a good insight into what's going on. My question in my head was, it's twelve months, what's really changed. Then you want the specifics. Who is actually doing the work? Where are they? And what have we seen? And what have we measured?
So, we have been using online ads and you probably heard about this a few times now, but this is just an amazing way of seeing the entire Internet really cheaply. Because the online advertisers have databases of IP addresses that number, as far as I can see, right up in the billions. They know where everyone is. They know your address. So we do around 350,000 ad impressions everyday and we have been doing this for a couple of years. And the repeat rate is really low. We just keep on getting new eyeballs all over the globe. So, this is an amazing way of actually looking at the entire Internet, all of it, at once, very, very cheaply. So, go ads, you should have more of them on your screen, you should look at them all the time. YouTube is brilliant, and for God sake don't run an ad blocker. If you ever seen an ad it talks about we're measuring IPv6, do not click because if you click, that's a dollar I have to pay. And that's bad.
So any other ad just click like crazy, because they have probably got more money than me. Don't click the: "Thank you for helping us measure IPv6."
The technology we are using is pretty standard. A few years ago a number of us, Google as well, we thought what set of URLs can we ask someone to fetch that gives a good picture of what they are able to do in terms of v6. Because originally, we thought I'll give you a dual stack, because everyone knows that if you have v6 as well as v4, you are going to prefer to use v6. So if I just give you a dual stack thing you'll come back at me in 6. Well that's wrong. That doesn't happen, for all kinds of reasons, not the least of which is happy eyeballs. So sometimes your dual stack and if you are running a Mac it's not even predictable, you have v6 and v4, I have v6 and v4, the Mac looks up some kind of strange RTT table of averages, and picks a protocol at random. So, that's not kind of working. We then thought if I give a v4 object that will tell if you you have gone into this v6 only land or not. If I give you a v6 object that really does force it. Then we found that Teredo is so deeply hidden inside Windows that if you do anything with the DNS that turns off Teredoey owe, it never gets picked T you look at networks like BitTorrent and so on you'll see a lot of Teredo addresses so it's still there. How do we do Teredo? I send you a URL that has the v6 address encoded in the URL. There is no DNS. If you have Teredo, it will use it. So, then the next thing is that you, collectively, suffer from attention deficit disorder. You do. When you see an ad you say I'll going to another page and the problem is this test takes a little while, and I need to flick out those people who, you know, lose attention inside half a second, because I am not interested in you. You have got to sit there and watch this ad, stare at it, so if you see an ad we are helping you measure IPv6, stare at it for at least ten seconds please because that's as long as it takes for me to figure out you have done the tests so the result reporting comes ten seconds later.
I have gone through this. That's why we do these tests. We figure out between preference and capability. But when recording everything, because those URLs are not cacheable deliberately every single DNS string we send is unique so, that means I see everything both in DNS and in the web so therefore, I'm recording the lot, but the packet traces the DNS logs and the TCP logs. The TCP logs give me RTTs and reliability. I can get a fair deal of amount of information from back from those logs. That's a year in the life of IPv6.
Those are percentages. It's up and to the right, but you know I have got to look hard here because it's from 0.4 percent to 1.4 percent. Yes, those numbers are lower than Google he is numbers, yes. We may see a subtly different world. And you know, that's the kind of thing. It did more than double over the year but it was a funny kind of year. Because things got turned off at times and then got turned back on again. I think it has a lot to do with China. And China is a very large population of v6 users in their academic network and there seems to be interaction between those networks and their fire warning mechanisms. The Google figures for China go occupy and down. Yeah, stuff gets turned on and turned off. It's not all monotonic.
I can break out the world. That's Europe compared to the Americas, Africa, Asia and Oceania. If anyone says they are doing much better than Asia, China is well ahead. Nonsense. Most of the activity in v6 in percentage terms in Europe it's up over 2 and a half percent right now. It's astonishing amount of deployment of v6 in this area of the world. And everywhere else, less than 1%. So, this is actually where most of it is happening.
I can break it out in Asia and say it's all east Asia; and of course the folk who are really doing work in Asia are Japan, and the folk who are doing work in Japan is KDDI. So this sort of thing zeros right into the network. That line with China looks low. That's percentage. Don't forget the number of users in China is in the hundreds of millions. So even 2% of hundreds of millions is millions. Whereas other countries find that hard to compete with.
But we're in Europe, so let's have a look at Europe, north, south, east and west the it's the west that's doing all the work. It's the east that's also doing some work. The north and the south it's the latitude thing, you Scandinavians are asleep or frozen. And the south, who knows? Too much Sun.
It is really amazing because in many other pieces of technology, including DNSSEC, Sweden is out there. No v6. There was a slight kick up in the middle of June, well done. What about in the south? Well, the biggest ones I could find, Slovenia, Portugal and Greece. It's hardly impressive guys, do more. Work harder.
What about in ethernet Europe? Totally different story. We saw in a RIPE Meeting this time last year, sometime, the Romanians came and said we just turned it on. By God they were right. They just turned it on, 10% of their country is doing v6, it's just amazing. Czech Republic, quite there, Slovakia, almost there. In the west, there are some astonishing stories. Switzerland, just around May decided to turn it on, up to 1% of Switzerland is now doing it. Luxembourg, there are only about three people there, so that's fine. Another one amazing me is Germany, there is a lot of people there and that's a lot of work and there is a lot of incumbent phone companies who I thought were living in the Stone Age and it takes years to move. It doesn't. That relentless slope of that light blue in Germany is just amazing, they are looking at just under 4 percent. Western Europe has been amazing. That's a conclusion that sort of you immediately see that v6 isn't everywhere all at once. It's not the world happily dancing. There are some economies, some that are doing amazing things and everyone else asleep at the wheel.
So, you know, which countries do we see? I'll show you the differences in a second, but you know what we saw across that twelve months of Switzerland straight up and Germany straight up where the number of users in Germany rose from 200,000 to 2 million in that year. Amazing. Slovenia didn't move. And that's that China thing because the 1% in China was 5 million. 0.9 percent is only 4.6 million. In absolute terms it's still amazing numbers but in percentage terms there was movement in China downwards. Geographically much the same picture. We used to point and laugh at America, it's a lot harder now because they are doing stuff. I can still point and laugh at Australia, so that's cool.
In terms of, you know, numbers and so on, who is actually deploying right now. This is the number of people who got v6 turned on in twelve months. So Switzerland turned it on for 650,000 of their customers. Luxembourg bearing 20,000. United States, 4.2 million folk. So, between Comcast, Verizon and AT&T, a massive amount of work, similarly? Japan turned it on for 2.3 million and Germany for 1.9 million. Oh, and someone from Time Warner did something too, well done.
But let me isolate some of these countries. I talked about the rise in Germany and when you look at the scale and move it a bit they made a decision in December to start working and they just worked.
United States figure again across the entire year, multiple providers working incredibly hard. Switzerland quite late in the year and Japan. And I can drill down and that's interesting, it's not everybody. The ones that are dramatic across that year actually do fit mostly on this page. Although I didn't put Time Warner telecom in and I am sorrily, I should have put it in. Hurricane Electric sell could he which is Verizon cellular, AT&T etc., those numbers in percentage terms look small but in raw numbers are huge. Those are the list of folk that did something last year. That's not an awful lot, but some of the big names in the Internet are just right there like Deutsche Telekom, like Swisscom, like Bellnet, like AT&T and so on. So some of the big names are there.
So, that was until the 1st July. What happened since thence because it's not October I have been told. Well oddly enough sort of up and down. There was summer holidays here in this northern hems severe and the numbers just seemed to relax a bit so we are still looking in my numbers at somewhere between 1.2, 1.4 percent. The US, it's still continued and the big one there has been Comcast with that roll out you can actually see them roll out city by city just huge and moving very, very quickly.
Versus eyes on mobile they said years ago this 4G network is going to be v6, it is. This 4G network is v6. The percentage of folk doing v6 in versus eyes on is again amazing. Yes, that is 40. 40% of their users in that versus eyes on network respond in 6. Think of it as a challenge. If you get there, we're done.
I have shown you Germany, France, France predominantly free.
And of course there is Greece. That's Greece, that's fortunate did most of that work and congratulations to them. The numbers went in Greece from really low into visibly up there, so even one provider doing something makes a hell of a difference.
So moving on from the numbers, I want to talk a little bit about performance, I'm not doing 6 because it sucks, well does it? The first thing is the connection failure rate. The connection failure rate I measure when you try and connect with me, you send me the opening packet, because it's all TCP. I send you back my response. You are meant to send me something, send me something, I'm waiting, listening. How many folk don't? So that green line down the bottom that you can hardly see is v4. So, even in v4, 0.1% of connections don't work. Some of that is just straight up bot /SKAPLG. So it's not real. There is a residual failure rate in v4, but look at that v4 v6 in red. I think that's inbound query, inbound traffic on demented CPE. All those crap mode items that people use sometimes have filters that say v6 is evil for incoming and it varies a bit across the you're and I'm not sure why, but it's not getting any better or worse. They can send the packets, but they are not listening.
So, again the bane of our industry, the CPE is I think just a massive issue even here that that still a residual problem that we haven't addressed yet. So it's not really getting more reliable, and that's the reason why.
What about performance? 6 is slower, isn't it, the packet head is bigger is has to be slower, weight of gravity and all that. Well, yes it's true, it's all about gravity in physics. More bits, they weigh more. One of the things about this is I am collecting every packet. And I have noticed that in most drivers, in most implementations of TCP, that initial SYN?ACK handshake, you can't stop it, you send the SYN, I send back a SYN?ACK and as soon as a SYN?ACK gets there you sent me an ACK. You are told the operating system do a connection to this IP address so. At this point I am up at an elevated interrupt and generally those timings are pretty good. So, I used them and I did a profile and this is a little bit hard to explain but if you are in the middle line you are as fast as v4. And if you are over here on the right, v4 was faster and if you are over here on the left, v6 is faster in raw RTT. And it is amazing that over a year things have changed. As far as I can see, the infrastructure tunnels that glued v6 together have been vaporised. This is brilliant. This is what we wanted. And the end result now is that on the whole, there is more folk in v6 who are faster at getting to my server than v4. That's amazing. So if one tells you well v4 is faster, I don't think in the whole that's true. I think on the whole you could actually say right now that we are seeing v6 is statistically and probably faster than 4. What a difference a year makes. We have actually engineered a network better. That's brilliant.
So, yeah, that's what it says. So, what are we seeing? It's not the world doubled. It's not the world turned it on and just sort of did a bit. It's not happening everywhere all at once the that's very true. But what is happening is that a small number of countries in a small number of service providers are doing amazing things. So there is this concentrated area where some operators have gone look guys, the deal is we turn it on. We turn it on now, we turn it on everywhere. And that's interesting, because when we talk to people about why aren't you doing v6? What's the real reason? Pretty often what you hear is, I'm just waiting for everyone else. When they jump, I'll jump. I don't want to be the first. I'm not that interested in being the last because that's a bit scary too so first or last is scary, I just want to be in the middle. So, the question that I'd ask you is: Who are you waiting for? Are you waiting for AT&T? Well they have jumped. Are you in the cable business, are you waiting for one of the majors? Are you waiting for Comcast? Well they have jumped. Who are you waiting for? Because if you are looking towards the United States, the major operators there, including Time Warner cable, are actually doing it right now. And they haven't even run out of addresses in v4. Even that pressure has happened. They are working at it now. So who are you waiting for? What other party could possibly jump that you are waiting for? There is none left. And you look at that and go if that's the reason why you are sitting there on your hands going yeah I'll do it when they do it, well I think that reason has now vaporised. So at this point you are going to have to find another reason not to do it and you might well do it, we are a very inventive industry. But I'd like to be optimistic, honestly, I'd like to think that that is actually enough impetus to motivate others that if you see a 4, G mobile network with /#40* percent penetration of v6, that is amazing. When you see those kinds of things I think there is some now evidence that's quite credible that this is no longer just empty rhetoric and ah yes, we'll do T this is kind of saying, like I said, if you are waiting for the majors to move, you have waited too long. It's happening. So with that, I'll pass it over for questions. Thank you.
MARCO HOGEWONING: Thank you Geoff.
(Applause)
Any questions, comments?
AUDIENCE SPEAKER: Blake Lillis with L33 network. Let's say 8218 for now. Given that myself and I know that I'm not alone in France, for example, using tunnel broker tunnel to get around a certain peering debates between my residential operator and, you know, content like Google, etc., could it be that the IPv4 just got worse rather than IPv6 getting better?
GEOFF HUSTON: I don't think so. The reason why is that every carrier makes its money out of v4 at the moment. There is a large amount of traffic there and there are literally thousands of nodes and thousands of knocks making v4 work and that's why we're deploying all this infrastructure and so on and the industry is very sensitive to performance. I remember Google and a number of other content providers talking about the million dollar microsecond. That any kind of delay in delivering content up there in your face as soon as you click, costs them. So, no, I don't think it is getting worse, that is not what this industry does. We are focused on making this network faster, faster, faster, so when you find something even faster which is what we're seeing in v6, that is kind of interesting, and in fact it's more than kind of interesting, that's pretty amazing. So, yeah, we have done a great job in 6, and well done all of you because it's you that did it, not me.
AUDIENCE SPEAKER: Lee Howard. It is very interesting that you are seeing IPv6 performing faster than v4. In most case it is looked like from that chart that is consistent with what you are internal measurements too most of the time v6 is performing measurably better, 20% faster, 30 percent faster than v4, have you any guesses as to why?
GEOFF HUSTON: No, I don't know. I do get these enormous system of samples without traceroute and I suppose the next thing is to get somebody ?? you know, we have a team of two so if it's not me, it's George, and he is not here so I may as well volunteer him, George will look through all of this amazing amount of data and analyse why in terms of path differences, but I know I can offer you an explanation. The end result that I'm looking at in terms of packet captures is that I'm seeing the statistical, you know, bias that v6 does it faster and that is, as I say amazing.
AUDIENCE SPEAKER: I haven't done a thorough investigation of our traceroutes but we do capture traceroutes from the few probes that we have and it looks like it's faster within the data centre network, not within the network, or whoever is intermediaries are.
GEOFF HUSTON: Okay. Thanks.
AUDIENCE SPEAKER: Tore Anderson. I noticed on your slide where you had all the ISPs, but opera software was in there. And opera software is a web browser vendor and here is something interesting, they are running a proxy rendering service in the cloud in data centres all around the world to which users of their browser which are also all around the world are connecting to, they have recently dual stacked this proxy farm, but their users are not necessarily on v6, predominantly not on v6, versus not in Norway, and proxys are not in Norway. But it makes Norway look fantastically good in the graph because now we are up to like 10% or something like that. But obviously that's a a lot of bull.
GEOFF HUSTON: No, you're not because they use a very small number of IP addresses so they don't bias the Norway numbers. It is amazing. 100 percent if you are using Opera and you use that Opera proxy system v6 works via it, yes, for everybody behind it.
AUDIENCE SPEAKER: So you are not counting the amount of hits. You are counting the number of addresses?
GEOFF HUSTON: Pretty much so, yes.
AUDIENCE SPEAKER: Okay. I notice that the Google data is now up to like 8, 9 percent or something like that for Norway.
GEOFF HUSTON: Yes.
TORE ANDERSON: I was wondering if this was something that you think you should compensate for or ??
GEOFF HUSTON: You are trying to talk your way up. Deploy 6 and you will be there.
MARCO HOGEWONING: Thank you Geoff. What was it, German increase, 1.9 million people. I guess our next speaker is partially to blame for it, Peter Lothberg. So we saw him on Monday explaining the new, it system that worked, TeraStream and it's entirely IPv6 based and I guess that's what he is now going to explain on what they actually did with IPv6. So, the floor is yours Peter.
PETER LOTHBERG: Thank you.
So, first of all, I had nothing to do with the increase of IPv6 use on the existing network. All that should go, thanks for all that work should go to Rudiger Volk wherever he is hiding. He and his team did that. I am working on something for the future.
I am going to split the talk with Mikael, so he is going to talk about the home gateways. I am going to talk about the IPv6 specific things rand some of the strings I did in this network, so that because I really want feedback and Monday kind of, most questions I get are policy questions, I want technical questions, I am not doing policy but thanks so much for the feedback so far.
Let's see if this works. I know I was told that the pointer sucks. This is what we did, right. We changed the way we built the network when we use IPv6 on this piece of the network, which is the section that goes from the data centre to the customer and if it's IPv6, it goes to the rest of the Internet. Didn't put any IPv4 here because it made it sort of all the dirty tricks I played by using the addresses don't work if I try to involve IPv4, so I couldn't. And I also looked and said okay, this is going to be an IPv6 network and if he is rightnd hope he is, we will all be IPv6 sometime in the future. The question is how long will the tail for v4 and every time we try to assimilate it it never goes away. It's like you have half?way to the zebra crossing, you make half the distance, and you still have half the distance left and you never get there. So IPv6 ?? sorry, IPv4 will probably stay for a long time.
Also, remember, this piece of the network that actually talks to the outside world is still speaking IPv4 because we need to talk to the rest of the world, but also the NAT boxes or the tunnel terminations lives in here.
When you look at the fibre network that I showed yesterday or showed Monday, where the horseshoes, this is actually the layer 1 topology. This is the layer 1 topology and I wanted to talk a little bit about routing because everybody talks about complicated BGP labels, this and that. I didn't do any of that. Here is the physical topology. Basically every router on layer 1 looks like it actually sits next to each other, because the fibre goes past all those nodes. It doesn't actually stop at the node it just goes by. But here is the layer 1 topology versus the layer 3 topology that actually basically looks like point to point links, where the multiple links end up being a link group or whatever it's called.
All of this basically became how do you do routing on this and make it go fast? And we ended up using ISIS to out the IPv6 things and the only thing we are carrying in ISI is a loop back interface from this box and this one, there is one loop back interface route and it's a /128 route carrying ISIS that actually routes the topology of the network and then all the links are included in that and then every other route that we have in the network, for example, all the routes for the customers, like that is there block of address space that is used by the customers which are all the /56s we give to the customers, they grouped into 8,000s and that route is put in BGP and as I have different kind of services, I actually have eight groups of addresses, so everyone of those R1 routers generates eight /48s or 42s I think they become.
The two boxes here ends up being route servers for everything here so the iBGP goes to this guy and this guy and then there is a full mesh between the R2s in the network. There are route reflectors if you blow that box up you don't need a route reflector because there is no connectivity left.
I showed this slide, and I am basically saying that I'm putting the toss bits here that says I'm using this for different kind of services. And the rest of the bits are basically the bits that says which router R1 are we talking about and what customer on that box are we talking about and what ?? this is the address space we give to the user. Nobody said anything. So, my boss made it in PowerPoint, made it look pretty instead.
So, what we are doing is we are putting services here, right, so we are actually wasting a little bit of address space of the IPv6 space to make the Internet bigger and I'm actuallien coding what kind of traffic it is and what kind of prior it is and goes into the address. If you look at the packet you can say this is coming from a customer it's going to the voice gateway. It's coming from a customer set top box, it's going the video gateway. It's coming from a customer, it's going to the Internet. It's coming from the Internet, it's going to the customer, and I just need to look at the packet. So if you want to do priorities or access list or anything you want to do it's simple because it's all indicated there. The other way of doing it is to take a traffic and nut a label, the tunnel, like use MPLS, for example, and you have LSPs to carry it. It's not escapable and it doesn't work to everybody.
Another question that people come up with is okay. Why don't we standardise the bits here. You put ten operators in a room and try to standardise the bits here, they will never come out. They will die, they will be talking, talking, talking. But it's not a big a problem because the beginning of the address basically says I got this from the RIPE block, I am a provider in Europe so this thing here actually tells if I'm talking to anybody of you and we have some kind of interaction with each other you can put my bits, you can make a very simple access that says these address box is allocated to Peter here is how I uses his bits. I can take this information and say this address space it allocated and use the bits. It's not a draw back we scant standardise them. The whole thing is from a network architecture point of view it's just on the location policy. It's not really technology and no new technology is required to make this work.
And I still want feedback because I'm blowing away a little bit of address space but I think by doing it that way, I actually make the network better and I get the global NNI, it works from anywhere to anywhere which none the other technologies work, they are just low account to the provider, and I really don't want to touch the information in the IP packet that comes to the customer because if the customer limits the capacity he is buying a 10 megabit service, and he wants to tell the network what traffic is important to him, leaving his home, piece of cake right you put the priorities in the home gateway coming from the outside world, he has no way unless he can tell the sender of the packets to put the right information in there and then I honour that at the point of the network where we actually have a congestion or a choke point where is basically I force what he is buying. This at least gives them a way of doing it and hopefully in the new upper layer protocols you use to request your NetFlix or something, you can tell in the future coming back if we get this thing done right.
If you look at the routes people go oh you are doing BGP, non BGP freecore, media are doing routing the old way. Well, my goal was that whatever happened to the network, whatever happened to the network it should take 200 millisecond to get the traffic back to the customer, no matter what. When we started off trying to where this and test this, we wrote this little test list and said okay, we end up with 8,000 R1 routers, which is what it takes to do a small country in Europe. That be means that you have 32,000 point to point links and you get 60,000 iBGP routes. That is 8000 times 8, right? This is the amount of routes I decided that I wanted from the outside world. You see I took I want to have 6 million routes and I counted backwards. I said there is going to be 6 million routes generated by the outside world. And then I said 300 of the routes are flapping. And some of my internal routes from always flapping. Some people that make routers they have this wonderful code that says if this prefix goes up and down too fast I will hold it for 20 minutes or 20 seconds or something. If you remember my optical design where I actually had connectivity between the routing layer and the physical layer, so, IP get information from the optical layer that this circuit is about to break. We are now going to be able to carry packet without having packet drops because there will be errors in the line and I took that and put it in the routing system. I'm never turning anything that goes bad off. So when the link goes bad, I'm just increasing its metrics so if there is any other better link in the network working I will actually use the better link. But if you want to make a very, very cost effective network, what you do is you basically, as the network is fully redundant they have lots of paths. Two paths to every box, you utilise the fact and say, okay, I'm not going to have 70 DB margins doing nothing costing me a fortune in optical systems. I am going to have very little margin and I'm going to make the 20 minute hit. So that is means that in your 30,000 links, there is always going to be something flapping, and when some router vendors decided that oh we're going to go to sleep if we see too many updates they basically controlled black holes. When we test this had system we saw this and we actually had the flapping routes from both the outside and the inside and we make sure that traffic actually was restored within the 200 milliseconds. So when you go looking at your new next design, make sure what you are thinking actually is what the boxes you are trying to use are actually going to do.
And they tend to do things different for IPv4 and IPv6 and I don't know why.
I showed this picture. I said okay, we are going to pretend to be free service providers, and I actually have four here because free doesn't divide by the power of 2. So there are four queues going down to the customers and from the customer and each queue is actually have his own address space. So, it becomes that way because remember, the voice bits in the beginning is one bit and the Internet is another bit. So, I get one Address Block for this queue and I got one Address Block for this queue and one for that and one for that. So they are actually four /56s if you want to go for /56s for everything being announced to the customer or available to the customer.
Now, you probably heard of IMS or something, this wonderful phone company people. They had this notion that they have signalling behind your back that can control things and you look at them and okay it stops at your network, how do you get the signal into the home? How do you make sure that phone calls are actually treated by all the routers that the guy that puts in his home. They didn't think about that. So, we go okay. What tools do we have that can actually carry, be carried between domains? Not that many. And the only tool I can figure out that we can use was actually multi?homing. Logically the whole thing looks like this. I have a service provider for Internet. I have a service provider for voice, v4 video and I have the last one here, and basically the customer is sitting on an exchange point much this is an exchange point. Everybody has a router at an exchange point. You have different policies. The policies are implemented by the users so the users are multihomed to 4 ISPs the this is no different than what we're doing at the Linx or NetNod or somewhere else. It's just in a much smaller scale at your house. And if the handoff here is a layer 2 ethernet or you can actually put the switch here and add your other service providers and some more of your routers and you can bit your home gateway and you go he is insane. Everybody that has been around the block knows that I am insane. So, we need a tool so that we can carry the policy across, so ifs the guy that does the Internet things. This guy understand that things inside using the Internet using this path and video use this is box and so on. I don't know what this do with this one yet. So that happen means that the home network meets up at an exchange point.
Another thing I wanted to do is move towards IPv4 happens here and if we can find good ways of making IPv4 traffic being IPv6 traffic when it goes and talks to these guys, it probably would help that migration over to IPv6 will show the contents guys a that it's important for them to have their IPv6 content. It doesn't matter for the host that speaks port 80 to Google if we do this or not. But it will move traffic onto the native part of the network and off load this thing.
And again, we carried IPv4 traffic on the tunnel using IPv6. Now, I really want to dot bottom picture, right. Today, your home ?? you want to have a server in your home. You either have to configure very, very complicated port mappingings in the home gateway because it's a net boxes. Today, yes, tomorrow, why do we have a net box? Let's get rid of it. We need a way to enforce policy all around the house, but make sure it becomes part of the Internet. Yesterday, if you had to have a server at home, you had a sling box or something, it's basically dialogue, your house dials in the user dials in and you have a meeting point outside the home and you tunnel everything in port 80 that is the transport protocol. I think we want to go back to using IPs as it was defined, have a new start because we are going to go another 30 years and use this will tool for something, great and fantastic for humanity.
Now, I showed a video voice and the TV thing, and don't read into it that I like triple play. I mean, have you guys ever talked to your power company? Can you apply triple play power, like one power metre for a toast err, for the TV and one power metre for something else? It's a utility, we have power. We are packets so. Hopefully had marketing thing will somehow get solved.
Mikael is going to talk about what we are going to do in the home. And most of the things we are doing there are directed towards the IETF and their work because we want it to be standardised AIB AIB some of these slides were on the presentation in Monday and a lot of other stuff was in Mark Townsley's presentation because basically this is the sail thing. This is basically what you see on network drawings nowadays when you look at a home.
And you might have multiple networks. And sometimes you might have prefix delegations, this was the hip net for instance that mark was talking about.
We want to be able to do arbitrary topology and everything so basically a routed homes, sensors, all kind of services, to connect to your neighbours, basically anything that you can dream up that you today do in your core network, do in your home. So if you want to have one router per room or multiple, should be fine, just hook them up.
And topology, multi?homing, sir configuration because this is grandma stuff. So no grand port on the home gateway, just hook them up and it works. To do this, and to have multiple IPs we need to do source bases routing because with BGP 38 packets that are assigned from this ISP needs to go out this way.
So there is a lot of requirements that is not even done today in the core. And these ?? and also these 239 /64s here, that is per ISP by the way but the whole thinking is that each these links have network addresses from each of the ISPs.
Then this whole prefix colouring and this brings interesting stuff for applications. Because now the application needs to understand what prefixes want. So, if you have your media player here talking video to the video ISP in Peter's example, it now needs to understand what address it has. Because this computer here has at least three different addresses, one from each prefix. So how do you communicate that? We want to make a standard for that so, and this is hopefully being done in the IETF multiple interface ?? in the Working Group there, and this really needs to get done because your phones do this already but we need a standard for it so that all operating systems and so on understand this.
So, you should be able to hook up anything anywhere and remember, there could be multiple TV operators and so on. So this TV up here, where it's hooked up, it now might have one, two or three TV prefixes, one or two or three TV services worst case, so what should it do? Again, I don't have all the answers. I'm making questions and telling you what we're working on.
Together with a lot of other people of course.
So, one way of doing this is to actually provision this to the device in this case, and so, it starts off as a host with RA, the DHCP gets an address, it interacts and try to establish a connection to a server. So either, actually ?? this is I just notice that had this slide is ?? I forgot to change this one, either you can ask netcom server to and then connect to the server and act as a client which cause as reverse SSH in this case. After it gets this information, then the gateway here has enough information to actually become a router. So instead of putting all the information in the DHCP, is there another way? Because we are trying to overload a lot of information in the DHCP right now. As long as you want to do something new, put it in DHCP is another option.
One way of doing this is as well as when the next gateway here, it's called and interior gateway router, it can then either be, talk to the provider configuration server or this guy here actually will be the one doing the configuration here to provide the information. I guess a lot of people will be hesitant about having the ISP configure their interior routers ?? this is going to be an interesting discussion. So, some people probably want that. Some others probably want to run their own configuration server to control this.
No reason you can't do this with hosts as well. So for instance, a set top box, your PC, to acquire some information you might need in order to make these decisions. Not conF and YANG is a standard for using this.
Security policy, do we want to have a perimeter defence, do we want security in depth to have firewalls and so on on all these devices, so basically the question is, do we have a distributed security policy or do we have a parameters policy? What policy do you want towards your neighbours? Do you want special policy for your kids? So perhaps this should be on a per device basis in the home. I don't know. Needs to be looked at. So this was the source based routing again that I mentioned before. So, no need to speak more about that.
And, also, it's probably beneficial for all device to say know the topology of the home. You need it for the routing and in order to discover where things are, perhaps actually to have a separate address for the capabilities of the device, because then all of a sudden all the devices in the home would know what capabilities the other devices have and you can understand this via the routing protocol. It might be a good idea, it might not. We need to take a look at that. There are a lot of ways to skin this cat.
Then I just did a diagram about how to do the boot strap process of the border router because you probably want to do this with the keys and so forth for authentication, this is absolutely not per in effect in a cryptographic sense because it's sending parts of the keys in clear text over link local between the ISP and the CP. Is this good enough? I don't know. Because, it's better than using clear text all the way and just blindly trusting the certificates who get when you connect DSCH to the server. Also stuff, this is me and Ian, my colleague, we are writing a draft for this to do zero configuration basically. I am via box, put it in and then it should be configured.
That was my presentation. So, any questions? I don't know if Peter should come up as well.
MARCO HOGEWONING: Any questions for Peter or Mick Ale? Not all at once.
AUDIENCE SPEAKER: Geoff Huston. I am just trying to understand this because it's kind of confusing me a bit. I assume that this company went off to the RIPE NCC and said we have this many users and our network is this big so we're going to get an address allocation of this size. But then you are taking 6 bits out of the policy which is a factor of 2 to the 6.
SPEAKER: 64.
GEOFF HUSTON: Are you taking out more bits? Fine. Our addressing policys in v6 don't seem to correlate well with what you're trying to do here, and if you are saying this is a good thing for others to look at and think about, what does this mean about how we should be viewing what is inside the provider prefix of an address?
PETER LOTHBERG: This is exactly why I tried to make this presentation.
GEOFF HUSTON: Okay. So what kind of combinatorial explosion would one expect in policies in the future? Is 8 bits enough or do you think you need 10 or would 12 be better? Maybe 15. I am just trying to understand. Sorry. I am a bit confused.
PETER LOTHBERG: So, again, I'm at the RIPE Meeting. This is the operators forum of Europe. We were the body that helps the RIPE NCC to hand out addresses to people that sets the policies that are in this room, or maybe out in the hallway somewhere, and that's why I took it here. I said, look, I am doing something that is not really what we talked about when we started. This is something we talked about when we were trying to explain to people maybe we should have variable length addresses, but that was shut down in 1994. And if you want to talk about how many bits or where they are going, I don't know. That's exactly why I took it to RIPE, and I said, look, here is what I think is the way of using address bits to actually simplify the network so the cost for the user goes down, I actually ?? the savings were significant, if you compare what it cost to run this multiple infrastructure versus flat nail hold down, right. So I'm saying I'm using address bits to build a bigger Internet, which they were for.
Another question I have is, is 8 bit for the customer the right size?
GEOFF HUSTON: So I'm not criticising. I am simply highlighting ??
PETER LOTHBERG: I'm not defending ?? I show here is what Peter suggests to do. Okay. And I want feedback. We all need to have feedback because in the case of D, it we can actually do this due to ?? if this becomes a good way ?? if we have all this what it's proposing and it becomes okay this is not a bad way of building an Internet for the future for a while, we need to talk about it and that's why I asked to have this slot and I didn't ask to have this slot before I actually knew that it was practically feasible and it was working. So, yeah, what do you think?
GEOFF HUSTON: That's why I am here at the microphone highlighting too like you this is worth talking about because that's not what we had in mind years ago and this is certainly a change that you guys need to think about.
PETER LOTHBERG: So there is also a clue that there is some people trying to remove, so when we did IPv6 and we were not allowed to do variable length addresses because then it would be possible to put an N sap in there and that's bad. I can't see object and me salt down in a concern err corner and went the world will need variable length addresses how do we do this? So we came up with this thing we smuggled it in, it's called extension headers. That's another way of doing all of this and it's a way of doing variable length addresses. Even if we blow up the IPv6 space as it is today, IPv6 would actually work in the future. But I don't have answers. I'm showing what I want to do. AIB AIB if I can just say as well that according to policy that I know, each site can get a /48, so, we're handing out multiple /56s okay or not, that's a nice discussion to have. We are not using nor addresses per customer than what is allowed by policy as far as I can interpret it, I might be wrong.
PETER LOTHBERG: A comment that somebody had in the hallway was, oh, you are giving the customer one /56 per provider. That's overkill. And I go, okay, there are two solutions in my head. You either have every customer routed by their routing system in the world. It's not very useful. Or you nut a NAT box in and those we want to avoid. Martin.
AUDIENCE SPEAKER: Martin Levey, Hurricane Electric. If you go back in your slides to your v6 bit layout ?? I want to ask two separate questions. And then I want to give you kudos on doing some fantastic which I didn't notice until a few days ago. There are two separate questions here. The first question is: Is there anything in this numbering scheme that is in some way releasing to an end user or somebody looking at packets coming past them at the addresses that is giving tomorrow clue as to who the user is or where they are? There is this at one point you talked about splitting by geography and hard coding addresses. The other thing you talked about is this whole issue of you can tell whether a user is, by this bit pattern, whether they are using a best effort service or something that may be internal and may be given better preference so. My first question and I'll ask both. My first question is is there something you are exposing to the world that you think you shouldn't be in this numbering scheme? And then the second question is haven't we learnt by now that every time we do static splits of numbers like this, that we run out? And that isn't this split at some point going to get a lig ugly errand further split and isn't life going to ?? you have painted this very ROSIE picture, and don't get me wrong, I like it, but it's not my network.
PETER LOTHBERG: All the slides are pink. It's pink.
AUDIENCE SPEAKER: These are my questions.
PETER LOTHBERG: Let me answer question number one. Is there any information about the customer directly in the address? There is no more information here than what you have in any other IPv4 system that we have today. The geography you get to learn from the address is basically you get to learn where, what box, this identifies the router that has the interface on it, right. And this is just, addresses here represents network topology, right, network geography, it's how you do routing. You can randomly put those boxes out in the /TRUPBT, but I don't see any reason why renumbering the world every morning because it becomes really hard to operate. (Country) so this actually tells you network topology. This tells you what port it is on the box. And in some countries, they want to change this number every morning at six o'clock. And if you go through the math, I have 5,000 ports on the box and I have 8,000 addresses, and I was about to say that if you want to have random addresses every morning at six o'clock, you may not get the /56, you may actually get something smaller because then you are obviously not using the /56 for anything useful in your house, so, I have the possibility of rotating this every morning so they are randomised but still randomised within that piece. That's the same thing if you look at an Ipv4 address being randomised by the BRAS to the infrastructure today. But I have a hard time understanding, most people have telephones that have numbers, they are not random. When I want to call Martin, I actually know what Martin's phone number is and it doesn't change every morning at six o'clock, usually. But then, I have a hard time with a renumbering every morning too. Okay, that works fine if you're dial up. If you assume for a second your house is networked tomorrow, okay, everything in your house is actually networked, it uses a network to communicate and you have this fantastic outer?config but you have this outer?configuration server which is going to set speed on how fast you can reconfig the network. You wake up at 6:15, you were supposed to wake up at six o'clock but the alarm clock bell was reprogrammed 15 minutes later and you go take a dump at the toilet and it flushes at noon because the toilet got reprogrammed and updated to the new address. So maybe this is not the right thing to do in the future. I think we are mixing past and future. That was question number 1.
Why are you asking complicated questions that needs complicated answers? Are we going to run out of it? Well, I counted on my fingers and I said look, the purpose of the exercise is to do from here onto the end the the bottom line was we need to put more people on the Internet, right. So, I counted on my fingers and I said if people do like this and you basically say an operator ?? you base how many bits they get on this piece based on how many houses there are in that country or in their domain possible business, right and you use the bits here, there is space for 4 or 8,000 operators of this size with some spares of 200 percent. I'm not worried, right. You know, if you have a problem using up the bits, go talk to Bob Hinden and Steve Deering, that's the reason we have fixed link addressed, they refuse to listen, not my problem.
Leave leave: My very quick note is that I noticed some of these addresses showing up out of Deutsche Telecom and I was actually quite impressed that reverse DNS is set obviously programmically on some of your v6 addresses and I give you credit for that. It was at least within AS3320 which would not be this per se but somewhere inside Deutsche Telekom someone is thinking out seeing literally 64 full v6 addresses from end consumers and giving them a programmic response, very HEX decimal reverse DNS for anybody that seems to be still picking on stuff like that. You are going to have to do the same.
PETER LOTHBERG: Actually DNSSEC is a problem I didn't mention. But you know, I am trying to make the Internet work the way it was supposed to work, and I'm trying to do reverse ?? I'm trying to do programmic answers and trying to sign them which is a separate problem because a sub?net is two to the 64 addresses and I don't have two to the 64 bites on my hard drive so I have to outer?generate the programmic answer and then sign it on the fly in order to dot DNSSEC. So there is a possible DOS attack against the reversed name server. I could have star and sign that, but that wouldn't tell you anything and then you need to build a name server that have would rate extreme because you must allow the customer to put whatever name they want on the box they have. But that wasn't part of the question. Sorry.
AUDIENCE SPEAKER: So, I'm not a protocol guy, I am an operator. So the PowerPoint slide actually makes more sense to me because it's presented more as a /whatever. This seems to say that you have a /what, 11, 19 from the RIR and you are using 26 plus 6 bits. I'm failing to capture exactly the magnitude of what size allocation you are requesting or using from an RIR to make this happen. The 6 bits for ?? this doesn't make a big difference to me because you are going from a 56 to a 60. What bothers me more is you are saying I need 14 plus 13 bits to number the rest of it so that part I think is actually more relevant to the question are we going to exhaust the IPv6 space than the question of whether you are going to use 6 bits for three types of service. Maybe if you put it to the next slide it would make more sense to me, I'm not sure.
PETER LOTHBERG: I didn't put any numbers on there because I wanted to show the concept. I don't want to ?? I don't want to put up a slide and then have anybody coming back to the RIR and say Peter's slide said slash X. I wanted to have a discussion around the doing this.
AUDIENCE SPEAKER: I'll give you an answer from my perspective. If you can do the network structure bits in the number of bits it takes you to go from a 32 to a 48, then we're talking about using those service bits, the 6 or 8 service bits to go from a 48 to a 56, that seems entirely reasonable to me. If you really require 26 bits for your network structure, I think that's a bigger problem.
PETER LOTHBERG: And I think the answer is we have to work it backwards. How many potential customers are we serving? That's the price we're paying.
AUDIENCE SPEAKER: If you are just as efficient addressing your customers as you would be any any hierarchical allocation system I think we are fine F you are give your customer a 48 under today's allocation system, and you switch to giving them a 56 and using 6 bits for service, then great.
PETER LOTHBERG: But you are saying you are going to ?? you want to give away the 8 bits ?? you wanted me to take some of the 8 bits you are giving to the customer.
AUDIENCE SPEAKER: No you are giving them the 56 to 64 bits, those 8 bits and you are taking the 48 to 56 bits
PETER LOTHBERG: If you ??
AUDIENCE SPEAKER: This is rat holding I'm ill talk to you later. Lot I'm going to take away the bits from the customer.
MARCO HOGEWONING: Can you discuss this further in the coffee break.
AUDIENCE SPEAKER: I'd like to you consider the fact of problems that you might have with the multiple addresses on end stations with regard to routing prefix announcements. So, if you have this kind of problems that you mentioned before like some prefix disappear at a specific time, for instance, during early morning, then you need a way to trigger that, to signal that to the end host and there is nothing like that yet in the operating systems. So, take that into consideration. And on the addressing scheme, I hear, I am really interested to see why you don't pick up the serve approach and /UFP this kind of in serve philosophy out here. So why don't you manage to dot same thing like the bandwidth management using the dip serve beat and not using the address bits?
PETER LOTHBERG: Thank you for your input on the trigger. That's a longer discussion. The DiffServ bits is very simple. I want the customer to be able to use them ?? if you have 10 megabits of service, and there is 50 megabits of traffic coming to your house, I want to be able to look at the DiffServ bits on those packets or toss bits on those packets and honour those and queue traffic to you using the limited resource because something is going to the toilet and I want you you to make the choice, not me.
MARCO HOGEWONING: Thanks, thank you.
(Applause) bear in mind we also have a Working Group mailing list, so you can also continue the discussion there. And next up is Zuzana Duracinska talking about the project she's been doing with nic.cz.
ZUZANA DURACINSKA: Hello everybody. My name is Zuzana Duracinska and I am going to talk about gen 6 project. Gen 6 stands for governments enabled with IPv6 so it's not going to be as technical as previous presentations but I hope it's interesting. What I'm going to talk about is going to be the reason why we have chosen public administration in particular. But I'm going to talk about methodology we used, what's the way of collecting the data. Of course some results and a little conclusion at the end.
So, talking about public administration, think about it how it's changed in the last couple of years. Now we have got way way more electronic services. And if Europe wants to be considered competitive player, what we do need to employ are Information Technologies and IPv6, because electronic services are worthless without IPv6 and without cities being able to connect to them. So maybe you think I am a representative of Government here. I am not. I am working for cz.nic, which is a private non?profit company. As you can see Czech Republic in general is doing very well in IPv6, which we are very, very proud of. So what we did, we did organise special training for implementation, especially for technical people. We are still publishing blogs and articles. We published a book that is free to download. We co?organised IPv6 day in Czech Republic, but we couldn't find a way how to reach the public sector, so what we decided to do is to make our own research.
It's unique research that in a way our data, our data from Government to institutions. For example, IPv6 observe tree it working with and it's kind of hard to distinguish between national and international, because in RA 500 what's going to be number 1, I guess it's going to be Google which is going to be followed by Facebook which is international as well, by Twitter, so there is nothing like just national research. And I think everybody here heard about the agent for Europe and especially it's article 89, which is basically saying that member States should make e?government services fully interoperatable overcoming organisational, technical or semantic barriers and supporting IPv6.
So we have been trying to do methodology that would feed all the states, especially European states, to make things that we could compare. We did collect data from all our partners in the gen 6 project and we involved only governmental institutions. So we have been trying to find something what all the states do have in common. It doesn't matter if we are small or big, as you can see from the sample, there is German which is Federal state and we are going to compare that for example with Luxembourg, a small tiny state. We decided to divide the State into three levels. The first one would be national. So over there we are going to have institutions that are basically the most important public institutions in the State. Starting with president, legislative power, executive power, judicial power. Then there is going to be regional level. Regional level is what's kind of tricky, we had a little problem with that because on every single State has got a different regional level. Sometimes they do have less powers, sometimes they do have more power, but it's kind of tricky. And of course local level where we are going to have the biggest State's, the biggest cities and towns in the state.
So what we came up with was the sample of over 2,000 websites we're going to analyse and all these websites again just governmental institutions. And as you can see, the biggest sample we have got from Germany, since it's the biggest State, then of course Czech Republic, Netherlands, are 347 websites of the most important institutions in the State. And how are we going to do that? Okay, we need a tool for that. So we cooperate ?? we have been cooperating with Turkey and they have a tool it's called IPv6 services monitoring tool. Over on the top you can see the website, you can learn more about it too and it's an open source, so, a good point for an open source. So what we did, the tool is monitoring approximate, DNS and SMTP services. Whether the services are available over IPv6, so it creates a given list of domain and checks for records.
So, that's what it looks like. Over on the top you can select a date, we are doing the measurements every three months. You can see the name of the institution, the website, and we have been checking web server, name server and mail server. As you can see they are three different colours so that is why. The web server fully supports IPv6 and we distinguish if server does have IPv6 address, but the HTTP request over is not successful then it's a yellow?ish colour. Then on the name servers and mail servers, you are see the number of servers, number of servers that do have IPv6 and number of servers where HTTP requests over IPv6 is successful. On the top of the slide again you get the ?? you have got a ?? you can see all the results, so you're browsing the web anyway so maybe you want to check it out.
So what is kind of unique is you can compare these results within the State and in between the State. So if in the State sometimes we did find very, I don't want to say funny results, but sometimes for example cities are supporting IPv6 but on the other side the most important institution is president's office, judicial power and so on, they don't. So there are huge differences within the State and then of course we can compare between the States. So if we look at some results. I did it with 30 percent, on the top left corner you can see 30 percent, otherwise it will be too depressing but still we are doing great job there, Czech Republic, over 27 percent, you can see Netherlands are doing pretty well, Slovakia, Slovenia and Germany of course. But what is kind of funny, I am going to compare now the institutions on a national and local level and you are going to see some differences. I'm going to point out, especially in Slovakia, Czech Republic in a way, Luxembourg, so look at that, that's national level. In Czech Republic over 50% of the institutions at national level so the most institutions in a State that are providing e?government services are enabled with IPv6. Same in Netherlands, over 40% on the web servers. We do have pretty nice result with name servers as well. And look at Slovakia for example, there is none support on a national level. If I'm going to switch to local level, you can see there is a huge difference.
So for example in the case of Slovakia and there are like eight regions but just cities in one region are supporting IPv6, just in one. All the cities in one region are supporting IPv6.
Here when I mention Luxembourg and their support of IPv6 on ?? in a name servers, again Czech Republic is doing very well, which is not surprising.
I want to mention some best practices we had here. Because we are talking about IPv6, how we did, but nobody is saying why, what we need for that. So, for example in Czech Republic, we did have governmental resolution that was published in 2009 and governmental resolution was saying that all national, all bodies on a national level should implement IPv6. Well, it didn't happen until 2013. And the Gen 6 project is not something that was proved from the Czech Republic, it was also two other Ministries and look at the remarkable difference we had. There was just 16.6 percent in January and now it's over 50%. So even though there was some kind of legislation since 2009, the resolution was saying they should enable IPv6 until the end of 2010. Well, it didn't happen. But there was something we could ?? there was something we had in hands to force the institutions. Not force, just like nicely persuade them.
The other thing we did in Czech Republic and it really helped this year was kind of like competitions. I don't know if you have something like that, but on a local level in the cities and towns, we do have competition for best website. So, there are a couple of judges that are saying whether the website is user friendly, whether it's secure, if it does have some electronic services, if it's providing online forums and one of our colleagues was a judge there and of giving extra points for websites that were enabled with IPv6 and look at the difference. In January again, 7.7 percent, now, almost 25%. So, it was a little thing, it didn't cost us anything, just a little try to do something.
I did talk about the reason why we have chosen public services, the methodology we used, how we collected the data, the reason why we are doing these regular check ups. But maybe you are not a representative of Government here but what you can do is dodo your own research, as we did, just try to work with the different data. There is something else then ?? I'm not saying it's wrong, it's awesome, it's very good, but still it's necessary to collaborate as we did with Turkey, they will opted too, an open source /?PD we developed the methodology so that was a nice thing had you to do it. (Developed) and ask for help. Ask the other countries how /TPHE did it. We did collaborate with the gen 6 projects, all the /KRUPBS that were involved we had meetings twice a year and we were exchanging practices that really helped the other states as well.
So, thank you for your attention. If you do have some questions.
MARCO HOGEWONING: Thank you. Any questions?
AUDIENCE SPEAKER: Hello, Alexander from Russian Federation. Do you know what's the reason of complimenting IPv6 by European Governmental sides? Because I am some kind of research for Russian governmental website. In Russia percentages is very low and no IPv6 requirements was in the Government contracts, just enforcing provider which serves Government supports IPv6 and towards it by default Government site supports IPv6 in this case.
We heard you presented some European countries who had programmes of implementing IPv6. So do your results correlate with such programmes by European countries or not? Have you studied this somehow?
ZUZANA DURACINSKA: Well, in that particular level one of the programmes is GEN6, that's one of the things we are doing, we are trying to help that. What we did for example in Czech Republic we did collaborate a lot with Government so there were a lot of talks, a lot of cooperation. So private sector in Czech Republic is kind of involved as well. But the reason why we did it or why the GEN6 project, why it's there, for example, if you are going demand on a market in a public sector for IPv6, if there is really going to be huge demand they will just turn it on, it's going to be right away. But for example, in Government, no offence please, but it takes a while. Everything takes like forever. So, that's why we have to start now and just see legislation, it was there since 2009, now it's 2013, and still it's 50% and that's Government resolution. So, for years. That's why.
AUDIENCE SPEAKER: Lee Howard. Thank you very much for doing this, this is very useful to see. I would love to see or collaborate or see collaboration to extend it to as this gentleman was saying to compare policies by country and see which country, which policies are the most effective at encouraging IPv6 and see if we can come up with some best practices for other nations to follow. For me, I think that the public policy reason to encourage IPv6 is that IPv4 is getting more expensive and I think that's been an effort that I have been trying to show and that's bad for citizens who are trying to get Internet access on for the first time but even not for the first time you don't want to have Government ?? citizen access to Government websites cost more money because they are only available over IPv4. Thank you.
ZUZANA DURACINSKA: Thank you for your comment, we can talk about it later but you have to realise it's not just about the web sites. We are going to have more an ?? more electronic services and we want to do it online, especially everybody here in the room doesn't want to stand in line in an office doing their stuff all hours. We want to to it online and we won't be able to do it without IPv6.
MARCO HOGEWONING: Unless there are any further questions, the moment you touch address policy, your sessions run out. I will promise you four talks, but as it is our coffee break and I don't want to squeeze Yannis in like, let's do this in three or four minutes, he said he is okay with moving it to tomorrow. So, Yannis' talk is going to move to tomorrow morning's session, at nine o'clock. So it's that, and the other four I announced earlier, Benedikt talking about redundant up links with IPv6, IP RIR so, from Jen and me and ?? talking about IPv6 only and if you can advance one more slide, because I don't have a remote here.
That's the one I want. Feel free to keep testing. We haven't thought when we are going to take it down but it's probably going to be somewhere Friday noon as we pack up. Please do give it a try and see you back tomorrow, 9 o'clock in the next room, and before you know over and out to queue up for the barrista. And I was asked if you want to go to the GM tonight, if you are a RIPE NCC member, please pick up your badge and meeting pack during this coffee break at the registration desk. Thank you allm and see you back tomorrow at nine o'clock. And apologies to Yannis for pushing him over to tomorrow. Thank you.
(Coffee break)