[c-nsp] RIPE 554, availability of required IPv6 features

[Phil Mayers]

On 11/24/2012 11:00 PM, Frank Bulk wrote:
> You speak with your dollars...
>

That's the basic idea, but it's often more problematic (as I'm sure 
everyone here knows). Purchasing and procurement rules are often imposed 
by other parts of the organisation, and can make it extremely difficult 
to mandate a very limiting technical requirement.

[I should emphasise that none of this is true where I work; we have 
excellent purchasing and procurement people, with sensible attitudes]

RIPE-554 is an excellent signal to vendors that the community wants a 
much higher standard of IPv6 support. But unfortunately the standard in 
RIPE-554 is indeed higher than the majority of equipment can attain.

For example, I believe in Cisco-land, the only kit that does it all is 
6500/sup2T and 3750-X?

MLDv2/DHCPv6 filter/RA filter are reasonably available these days, but 
ND/NS/DAD snoop/filter are quite a bit more complex; I could relate a 
story here about the difficulty of implementing this on another vendors 
platform, were it not under NDA. Suffice to say that a lot of merchant 
silicon lacks the necessary bits and pieces to do this well...

The best advice I can offer to OP: if you can't take the step of making 
RIPE-554 mandatory, make it a highly desirable and signal via the 
wording of your procurement docs that it will be weighted/scored as 
such. You may also take the opportunity to signal that future 
procurement will make this mandatory.

Another option is to make the volume / contract length dependent on this 
feature - "We will buy for 3 years if you implement RIPE-554, or 
re-procure after 18 months if you don't".

However: I would be very wary indeed about buying equipment without at 
least DHCPv6 and RA filtering in some form, for obvious reasons. Those 
should probably be mandatory.

Here's hoping that a really really big customer does us all a favour and 
mandates it at some point...

Cheers,
Phil