On Aug 4, 2011, at 2:55 PM, Dan White wrote: > On 04/08/11 14:32 -0700, Owen DeLong wrote: >> >> On Aug 4, 2011, at 2:08 PM, Jay Ashworth wrote: >> >>> ----- Original Message ----- >>>> From: "Owen DeLong" <o...@delong.com> >>> >>>> On Aug 4, 2011, at 8:35 AM, Jay Ashworth wrote: >>>> >>>>>> - Generic consumer grade NAT/Firewall >>>>> >>>>> Hobby horse: please make sure it support bridge mode? Those of us who >>>>> want to put our own routers on the wire will hate you otherwise. >>>> >>>> Why? As long as it can be a transparent router, why would it need to >>>> be a bridge? >>> >>> Ask a Verizon FiOS customer who wants to run IPv4 VPNs. >>> >>> He didn't say IPv6 only, right? >>> >>> I have a couple of customers who can't get bridge mode on residence FiOS >>> service, and therefore can't run their own routers to terminate IPsec. >>> >> If they could get routed static IPv4 rather than bridge, why wouldn't they >> be able to terminate IPSec VPNs? Note I did say TRANSPARENT router. >> That would mean no NAT and routed static IPv4. > > For residential use, for users currently requesting one public address, > that's a waste of a /30 block (sans routing tricks requiring higher end > customer equipment). Multiply that by the number of residential customers > you have and that's bordering on mismanagement of your address space. > You say waste, I say perfectly valid use.
> If you're dealing with business customers, then your usage versus wasted > ratio is much higher and less of a concern, but what's the point? Are you > trying to cut down on a large broadcast domain? > Why is it less of a waste to allocate a /30 to a business using a single public IP than it is to a residence? This makes no sense to me. I simply prefer the additional troubleshooting and other capabilities given to me in a routed environment in most cases. Owen
smime.p7s
Description: S/MIME cryptographic signature
