 |
 |
On 06/06/2012 10:24 PM, Scott Armitage wrote: > How did IPv6 Launch go for sites. Unfortunately, due to some > blacklisting by google our IPv6 traffic has massively decreased now (See > image). Hopefully over sites had better luck. tl;dr - aside from the blacklist, very little of note. Much as was the case last year. As you're no doubt aware, we had the same issue. Thread here, for the curious: http://lists.cluenet.de/pipermail/ipv6-ops/2012-June/007008.html In the end, I became convinced that Google were mistaken in some fashion - I simply don't see evidence that we have IPv6 brokenness, and certainly not to the 2% level - so I cheated and changed the query source of our resolvers to dodge the blacklist. Once done, we ran at our "usual" rate of 100-200Mbit/sec of IPv6. I am still discussing the brokenness readings with Google. Absent the blacklist, we didn't see any problems - a bunch of our inbound services were enabled in preparation, including our two main websites and our Exchange services (IMAP/POP/MAPI/Web). Some other services (inbound MX, outbound SMTP, edge subnets) have been IPv6-enabled for some time. About the only problem we saw in the run-up to the day was in the translational IPv6->IPv4 load-balancing we're doing for one service (Oracle Portal, which doesn't do IPv6 yet). Unlike the NAT64 lash-up we did last year, we're doing that on our newly upgraded Cisco ACE30, which in theory support translational load-balancing. Unfortunately there seems to be a slight bug (again) with path MTU discovery in this config; the ACE fails to subtract 20 bytes from the MTU when translating the ICMPv6 "packet too big" message as per section 5.2 of RFC 6145. We have a bug open with Cisco, but no progress as yet. In the end, we solved this by using the linux "route" command to clamp the MTU/MSS (both were needed - seems to be a bug in Linux) towards the NAT pool used for the translation. This worked fine. One thing to note: we're still IPv6-less on our wireless, as we haven't deployed enough of the new controllers to retire our older WiSMv1 which don't do IPv6. Cheers, Phil