Public or private you have the same issues of not putting too many Google requests through the same public v4 address, keeping things at multiple egress points in sync, etc.
----- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com Midwest Internet Exchange http://www.midwest-ix.com ----- Original Message ----- From: "Mel Beckman" <m...@beckman.org> To: "Mike Hammett" <na...@ics-il.net> Cc: "Nanog" <nanog@nanog.org> Sent: Sunday, July 5, 2015 9:47:14 AM Subject: Re: Dual stack IPv6 for IPv4 depletion That's only an issue if you distribute a public IPv4 address to each customer. If you use private addressing in the core, ordinary NAT works if you're not a carrier-grade provider, and even then it can be practical in many cases. CGN is a solution for providers not willing to migrate to a private core. -mel beckman > On Jul 5, 2015, at 7:35 AM, Mike Hammett <na...@ics-il.net> wrote: > > I believe he (at least someone) was looking for recommendations to CGN type > devices. Many can do NAT, but looking for something a bit more intelligent. > Your standard residential user may not understand, but would also be > unwilling to pay any difference. > > > > > ----- > Mike Hammett > Intelligent Computing Solutions > http://www.ics-il.com > > ----- Original Message ----- > > From: "Mel Beckman" <m...@beckman.org> > To: "Josh Moore" <jmo...@atcnetworks.net> > Cc: jo...@iecc.com, nanog@nanog.org > Sent: Sunday, July 5, 2015 9:12:37 AM > Subject: Re: Dual stack IPv6 for IPv4 depletion > > Josh, > > Your job is simple, then. Deliver dual-stack to your customers and if they > want IPv6 they need only get an IPv6-enabled firewall. Unless you're also an > IT consultant to your customers, your job is done. If you already supply the > CPE firewall, then you need only turn on IPv6 for customers who request it. > With the right kind of CPE, you can run MPLS or EoIP and deliver public IPv4 > /32s to customers willing to pay for them. Otherwise it's private IPv4 and > NAT as usual for IPv4 traffic. > > -mel via cell > >> On Jul 5, 2015, at 6:57 AM, Josh Moore <jmo...@atcnetworks.net> wrote: >> >> We are the ISP and I have a /32 :) >> >> I'm simply looking at the best strategy for migrating my subscribers off v4 >> from the perspective of solving the address utilization crisis while still >> providing compatibility for those one-off sites and services that are still >> on v4. >> >> >> >> >> Thanks, >> >> Joshua Moore >> Network Engineer >> ATC Broadband >> 912.632.3161 >> >> On Jul 5, 2015, at 9:55 AM, Mel Beckman <m...@beckman.org> wrote: >> >>>> >>>> Josh Moore wrote: >>>> >>>> Tunnels behind a CPE and 4to6 NAT seem like bandaid fixes as they do not >>>> give the benefit of true end to end IPv6 connectivity in the sense of >>>> every device has a one to one global address mapping. >>> >>> No, tunnels do give you one to one global IPv6 address mapping for every >>> device. From a testing perspective, a tunnelbroker works just as if you had >>> a second IPv6-only ISP. If you're fortunate enough to have a dual-stack ISP >>> already, you can forgo tunneling altogether and just use an IPv6-capable >>> border firewall. >>> >>> William Waites wrote: >>>> I was helping my >>>> friend who likes Apple things connect to the local community >>>> network. He wanted to use an Airport as his home gateway rather than >>>> the router that we normally use. Turns out these things can *only* do >>>> IPv6 with tunnels and cannot do IPv6 on PPPoE. Go figure. So there is >>>> not exactly a clear path to native IPv6 for your lab this way. >>> >>> Nobody is recommending the Apple router as a border firewall. It's terrible >>> for that. But it's a ready-to-go tunnelbroker gateway. If your ISP can't >>> deliver IPv6, tunneling is the clear path to building a lab. If you have a >>> dual-stack ISP already, the clear path is to use an IPv6-capable border >>> firewall. >>> >>> So you are in a maze of non-twisty paths, all alike :) >
