On 20-Sep-12 20:51, George Herbert wrote: > On Thu, Sep 20, 2012 at 5:13 PM, Stephen Sprunk <step...@sprunk.org> > wrote: >> Actually, they're not any different, aside from scale. Some >> private internets have hundreds to thousands of participants, and >> they often use obscure protocols on obscure systems that were >> killed off by their vendors (if the vendors even exist anymore) a >> decade or more ago, and no source code or upgrade path is >> available. >> >> The "enterprise" networking world is just as ugly as, if not >> uglier than, the consumer one. > > I haven't worked much on the commercial private internets, but I did > work for someone who connected on the back end into numerous telco > cellphone IP data networks. > > For all of those who argue that these applications should use 1918 > space, I give you those networks, where at one point I counted > literally 8 different 10.200.x/16 nets I could talk to at different > partners (scarily enough, 2 of those were "the same company"...). > And hundreds and hundreds of other space conflicts.
That's all? I consulted for one customer that had several (six? eight?) instances of 10/8 within their own enterprise, simply because they needed that many addresses. That doesn't include the dozens of legacy /16s they used in their data centers--plus the hundreds of legacy /24s they used in double-sided NAT configurations between them and various business partners, COINs, etc. Yet all that was exposed to the consumer internet was a couple of /24s for their web servers, email servers and VPN concentrators. > Yes, you can NAT all of that, but if you get network issues where > you need to know the phone end address and do end to end debugging > on stuff, there are no curse words strong enough in the English > language. That's the truth. To get from a credit card terminal to the bank involved _at least_ three layers of NAT on our side, and I don't know how many layers of NAT there were in total on the bank's side, but it was at least two. S -- Stephen Sprunk "God does not play dice." --Albert Einstein CCIE #3723 "God is an inveterate gambler, and He throws the K5SSS dice at every possible opportunity." --Stephen Hawking
smime.p7s
Description: S/MIME Cryptographic Signature
