RE: ISP customer assignments
In a message written on Tue, Oct 13, 2009 at 08:14:40PM -0500, Chris Adams wrote: <..> > What about web-hosting type servers? Right now, I've got a group of > servers in a common IPv4 subnet (maybe a /26), with a /24 or two routed > to each server for hosted sites. What is the IPv6 equivalent? I can > see a /64 for the common subnet, but what to route for aliased IPs for > web hosts? It is kind of academic right now, since our hosting control > panel software doesn't handle IPv6, but I certainly won't be putting > 2^64 sites on a single server. Use a /112 here again as well? Use a > /64 per server because I can? I'd be interested in any suggestions on this part as well. We're a Hosting provider and basicly we have (for now) 3 different product-groups we want to launch IPv6 on : 1 - Shared Hosting These servers (Linux), are all in 1 vlan. Each server has 1 IPv4 address from the subnet that's configured on the vlan. Then we have an IPv4 /24 routed to each of the servers (each server has 1 /24 to host sites on). Here I'd assign a single /64 and use static addressing. 2 - Premium Managed & Unmanaged Hosting (Co-location). Each customer has one (or more) dedicated subnets and vlans. Here I'd assign a /64 per vlan. I'd do static addressing for Managed, but probably provide RA (EUI-64) for Unmanaged. 3 - Managed and Umanaged Hosting (Co-location). These servers are in 'shared' subnets, ranging from /23 to /26, and each customer get's assigned at least 1 IP from this subnet and more if they can justify. For customers needing 'large' subnets, we'd route a different subnet to their server of choice. Here, I'm not sure what to do... You should at least assign a /64 per customer, but how would one do that when they are in shared subnets/vlans... ? If for every server I'd need to assign a /64 secondary to our vlan interfaces, I'd trip the maximums (Nortel Passport 8600 used for these customers has quite some limitations on IPv6). It would be nice though, cause once IPv4 is no longer used (...) we could move customers to another/dedicated vlan. We've also fiddled with the idea of assigning one /48 to each of these vlans, and let each 'server' use a /64 out of it. This still seems a bit weird though... Also, since we do IP based billing here, we'd never know if one has 'hijacked' some IP space. Yes, we'd know for un-assigned addresses (not assigned but has traffic -> alert), but I don't expect a customer to use all addresses out of 'their' /64, so the not used addresses could be easily be abused. For IPv4, all addresses are usually really used and the customer who's IP's are hijacked, would almost definitely hang on the phone in no-time. Some advice would be very appreciated. Best regards, Wouter de Jong WideXS
Re: Is v6 as important as v4? Of course not [was: IPv6 internet broken, cogent/telia/hurricane not peering]
Patrick W. Gilmore wrote: For the v6 'Net to be used, customers - you know the people who pay for those router things and that fiber stuff and all our salaries and such - need to feel some comfort around it actually working. This did not help that comfort level. And I believe it is valid to ask about it. That is entirely correct and I'm glad you asked that question! ;) Let me explain: (Lots of truisms here, bear with me!) IPv6 is newer than IPv4. As IPv6 is newer than IPv4, the equipment to support IPv6 natively is newer than legacy equipment already deployed that only supports IPv4. As the equipment that supports native IPv6 is newer, there are fewer core networks that run native IPv6. As these new IPv6 networks are deployed they are growing and developing. (Like neurons forming connections, the IPv6 network is.) Deployment of IPv6 in the core has been growing year to year, with that growth accelerating. In fact, I'd tell trend watchers of business econometrics the accelerating growth curve both represents something important happening right now and something that is likely to have real world implications for Internet infrastructure companies in the future: http://bgp.potaroo.net/cgi-bin/plot?file=%2fvar%2fdata%2fbgp%2fv6%2fas6447%2fbgp%2dactive%2etxt&descr=Active%20BGP%20entries%20%28FIB%29&ylabel=Active%20BGP%20entries%20%28FIB%29&with=step (Short url: http://tiny.cc/An6fl ) If you are in the connectivity business, you can add a caption to this graph of your choosing: "Ignore at your own peril." Or (I like this one): "I see opportunity." However, the question still stands about the stability, and therefor, utility of the v6 'Net. Is it still some bastard child, some beta test, some side project? As you know, the IPv4 Internet of today is a product of the hard work of people of yore (ok well, more seriously, a large number of the people on this list and at networks around the world). The nature of things is that the coherent shared illusion of a single Internet routing table is the result of a rough consensus produced by years and years and years of accumulated business relationships and network engineer routing policy configurations. IPv6 is going through that phase right now, at accelerated pace. Perhaps geometric growth is not good enough for you as a business person. Perhaps where we are on the curve is not good enough for you yet. Perhaps you'd like to retire before working with another protocol. I hereby apologize to you on behalf of IPv6 that it has not had the same three decades of deployment and experimentation as IPv4. ;) IPv6 is not going to spring into existence as a fully complete global network to replace IPv4 on a specific flag day (December 21st 2012?). IPv6 will grow in deployment at the same time the Internet continues to work, at what appears to be on a geometric growth curve, due to some reasons a business economist can write a paper about. Network effect? Risk avoidance due to IPv4 run out? Risk avoidance due to technology shift? Yukon gold rush? The after the fact result of careful planning by thoughtful people started years earlier? Or perhaps, the projected functional economic value of IP addresses? Or is it ready to have _revenue_producing_ traffic put on it? IPv6 is production for some value of the word production. We see traffic around 1.5 Gbps, peaks at 2 Gbps and growing... Perhaps this says something about the amount of traffic that will be seen when it gets used widely. 1000 times as much? (Our guess) What's your guess? Warning! If you pick a low number you are saying that IPv6 is in widespread production use right now. :-P In summary, we have the standard Chicken & Egg problem. No one cares about v6, speak for yourself (introduce into evidence exhibit 1: the graph linked to above, exhibit 2: we note how part of the original poster's problem got fixed that day). so no one puts anything important on v6, speak for yourself (reference real traffic above). Once upon a time, something called IPv4 was invented, and some people created hardware for it, wrote software for it, tried it out, wrote some papers, wrote some RFCs (after writing working code, the way it should be done LOL), and then experimented some more. There were lots of problems that got solved, things that worked in real life in spite of theoretical problems, and bugs that got fixed. Some companies got created... blah blah blah. Sad times for the future of the Internet if we all need to use v6 Real Soon Now. Or, expect real freaking huge opportunity and dislocation ahead. Of course, this dislocation may only affect some specific players and companies and industries. For the regular user it could just happen transparently that by the time they get their next computer with Microsoft Windows 9 or Ubuntu Quick Quagga... it just works. Imagine, what would it be like if all the core network oper
Re: ISP customer assignments
On 14/10/2009, at 7:23 PM, Mark Andrews wrote: DS-Lite is there for when the ISP runs out of IPv4 addresses to hand one to each customer. Many customers don't need a unique IPv4 address, these are the ones you switch to DS-Lite. Those that do require a unique IPv4 you leave on full dual stack for as long as you can. The authors of DS-lite say it's because running a dual stack network is hard. You clearly don't share that view , so in your view what's wrong with dual stack with IPv4for everyone then, whether they need a unique address or not? DS-lite requires CGN, so does dual stack without enough IPv4 addresses. This is probably the wrong forum for a DS-lite debate. I'm sure people have a use for it, they actually might have gear that can only do IPv4 OR IPv6 but not both or something. My problem with it is that it's being seen as a solution for a whole lot of people, when in reality it's a solution for a small number of people. Thanks for the point about the tunnel brokers though, I missed that, I'll update this tomorrow with any suggestions I get before then. -- Nathan Ward
Re: Is v6 as important as v4? Of course not [was: IPv6 internet broken, cogent/telia/hurricane not peering]
> I think you are stretching things to make a pithy post. More > importantly, you are missing the point. and hundreds of words do not cover that you accused HE of something for which you had no basis in fact. type less, analyse and think more. randy
Re: ISP customer assignments
In message , Nathan Ward writes : > > On 14/10/2009, at 7:23 PM, Mark Andrews wrote: > > > DS-Lite is there for when the ISP runs out of IPv4 addresses to > > hand one to each customer. Many customers don't need a unique IPv4 > > address, these are the ones you switch to DS-Lite. Those that do > > require a unique IPv4 you leave on full dual stack for as long as > > you can. > > The authors of DS-lite say it's because running a dual stack network > is hard. It is harder. > You clearly don't share that view, so in your view what's wrong with > dual stack with IPv4 for everyone then, whether they need a unique > address or not? Dual stack for everyone was feasible 5 years ago. It isn't anymore, that transition plan has sailed and almost no one got on board. Because there aren't enough addresses to go around and there hasn't been for years. PNAT is a kludge to work around that fact. When you can't give every customer their own IPv4 address yet you still need to provide IPv4 connectivity you need to work out how to share those addresses you have efficiently. Given double PNAT or DS-Lite I know which one I prefer. DS-Lite allows lots of the tricks used with PNAT to continue to work. Those tricks will just stop working with double PNAT. > DS-lite requires CGN, so does dual stack without enough IPv4 addresses. > > This is probably the wrong forum for a DS-lite debate. I'm sure people > have a use for it, they actually might have gear that can only do IPv4 > OR IPv6 but not both or something. > My problem with it is that it's being seen as a solution for a whole > lot of people, when in reality it's a solution for a small number of > people. It's not the only solution. There are others and customers and ISP's will need to work out what is best for their collective requirements. It is a reasonable fit for residentual ISP's as the CPE PNAT is really very inefficient at conserving addresses and by splitting the PNAT across 2 co-operating boxes you can get the address utilisation efficency we now need in IPv4 to cover all the short sightedness that has got us to the place where we need things other than dual stack. > Thanks for the point about the tunnel brokers though, I missed that, > I'll update this tomorrow with any suggestions I get before then. > > -- > Nathan Ward -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
Re: Is v6 as important as v4? Of course not [was: IPv6 internet broken, cogent/telia/hurricane not peering]
On Oct 14, 2009, at 9:32 AM, Randy Bush wrote: I think you are stretching things to make a pithy post. More importantly, you are missing the point. and hundreds of words do not cover that you accused HE of something for which you had no basis in fact. type less, analyse and think more. I expanded to try and get you to see the point. I obviously failed. I shall not bother to try again as I'm worried the failure was at least partially because you would rather be pithy than see the point not matter how fully explained. As for facts, there is lots of basis. HE has run a network for decades and has never let a v4 bifurcation happen so long. Ever. They've run v6 for a few years yet it happened. Asking the network in question's view on this perfectly reasonable - in fact the opposite would be unreasonable. As for accusations, I challenge you to show where I accused them of anything. Typing less does not mean you are actually thinking. You should try the latter before your next pithy post. Or at least read the post to which you are replying. -- TTFN, patrick
multicast nightmare #42
Please explain how this would be possible: 1 sender 1 mcast group 1 receiver = no data loss 1 sender 1 mcast group 2+ receivers on same VLAN and physical segment = data loss
RE: multicast nightmare #42
which mode? -Original Message- From: Philip Lavine [mailto:source_ro...@yahoo.com] Sent: Wednesday, October 14, 2009 11:20 AM To: nanog Subject: multicast nightmare #42 Please explain how this would be possible: 1 sender 1 mcast group 1 receiver = no data loss 1 sender 1 mcast group 2+ receivers on same VLAN and physical segment = data loss This message is intended only for the personal and confidential use of the recipients named above. If the reader of this email is not the intended recipient, you have received this email in error and any review, dissemination, distribution or copying is strictly prohibited. If you have received this email in error, please notify the sender immediately by return email and permanently delete the copy you received. This message is provided for informational purposes and should not be construed as a solicitation or offer to buy or sell any securities or related financial instruments. Wolverine is not responsible for any recommendation, solicitation, offer or agreement or any information about any transaction, customer account or account activity that may be attached to or contained in this communication. Wolverine accepts no liability for any content contained in the email, or any errors or omissions arising as a result of email transmission. Any opinions contained in this email constitute the sender's best judgment at this time and are subject to change without notice.
Re: multicast nightmare #42
Philip Lavine wrote: Please explain how this would be possible: 1 sender 1 mcast group 1 receiver = no data loss 1 sender 1 mcast group 2+ receivers on same VLAN and physical segment = data loss Probably a crappy switch. -- Best regards, Adrian Minta
Re: Is v6 as important as v4? Of course not [was: IPv6 internet broken, cogent/telia/hurricane not peering]
> As for accusations, I challenge you to show where I accused them of > anything. > From: patr...@ianai.net (Patrick W. Gilmore) > Date: Mon, 12 Oct 2009 12:09:58 -0400 > Subject: IPv6 internet broken, cogent/telia/hurricane not peering > In-Reply-To: > References: > Message-ID: <0a37fd5d-d9d1-4d89-ac8a-105612bb8...@ianai.net> > > ... > > It is sad to see that networks which used to care about connectivity, > peering, latency, etc., when they are small change their mind when > they are "big". The most recent example is Cogent, an open peer who > decided to turn down peers when they reached transit free status. > I never thought HE would be one of those networks.
Re: Is v6 as important as v4? Of course not [was: IPv6 internet broken, cogent/telia/hurricane not peering]
You really can't read, can you? And I spoke to Martin about it personally. If he's OK with it, perhaps you should clam down? -- TTFN, patrick On Oct 14, 2009, at 11:47 AM, Randy Bush wrote: As for accusations, I challenge you to show where I accused them of anything. From: patr...@ianai.net (Patrick W. Gilmore) Date: Mon, 12 Oct 2009 12:09:58 -0400 Subject: IPv6 internet broken, cogent/telia/hurricane not peering In-Reply-To: > References: > Message-ID: <0a37fd5d-d9d1-4d89-ac8a-105612bb8...@ianai.net> ... It is sad to see that networks which used to care about connectivity, peering, latency, etc., when they are small change their mind when they are "big". The most recent example is Cogent, an open peer who decided to turn down peers when they reached transit free status. I never thought HE would be one of those networks. From: "Patrick W. Gilmore" Date: October 12, 2009 12:49:02 PM EDT To: NANOG list Cc: "Patrick W. Gilmore" Subject: Re: IPv6 internet broken, cogent/telia/hurricane not peering To be clear, I was not trying to imply that HE has a closed policy. But I can see how people might think that given my Cogent example. My apologies to HE. And to be fair, I'm pounding on HE because they've always cared about their customers. I expect Telia to care more about their own ego than their customers' connectivity. So banging on them is nonproductive. In summary: HE has worked tirelessly and mostly thanklessly to promote v6. They have done more to bring v6 to the forefront than any other network. But at the end of day, despite HE's valiant effort on v6, v6 has all the problems of v4 on the backbone, PLUS growing pains. Which means it is difficult to rely on it, as v4 has enough dangers on its own. Anyway, I have confidence HE is trying to fix this. But I still think the fact that it happened - whatever the reason - is a black eye for the v6 "Internet", whatever the hell that is.
Re: multicast nightmare #42
On Wed, Oct 14, 2009, Adrian Minta wrote: > >1 sender > >1 mcast group > >2+ receivers on same VLAN and physical segment > > > >= data loss > Probably a crappy switch. specifically, is your switch doing frame replication on ingress or egress? :) adrian
Re: Is v6 as important as v4? Of course not [was: IPv6 internet broken, cogent/telia/hurricane not peering]
Patrick W. Gilmore wrote: As for facts, there is lots of basis. HE has run a network for decades and has never let a v4 bifurcation happen so long. Ever. They've run v6 for a few years yet it happened. News flash, IPv6 is new. News flash, every single IPv6 network that gets configured that previously did not exist is new. News flash, when an IPv6 newbie configures IPv6 for the first time they have zero IPv6 BGP peers and transits until they configure them. News flash, some of these IPv6 newbies will even commit the error of not bothering to establish much IPv6 peering or decent IPv6 transit, before adding a record for their main website, ensuring that it is broken for the majority of the existing IPv6 Internet. News flash, newbies make mistakes, insist up is down, blue is green etc. This is called learning if they fix it, and stupidity otherwise. News flash, Hurricane will do everything possible to reach these newbie networks where ever they are in the world, some of them rather large, and try to help them (sometimes in spite of themselves), however some of them will insist on breaking themselves anyway! It's just going to happen and there is nothing you can do to stop them. Customers will vote with dollars (or whatever currency), problem solved. Mike.
Re: Is v6 as important as v4? Of course not [was: IPv6 internet broken, cogent/telia/hurricane not peering]
Patrick W. Gilmore (patrick) writes: > You really can't read, can you? > > And I spoke to Martin about it personally. If he's OK with it, > perhaps you should clam down? I know Randy to be a bit taciturn and hard to get through to sometimes, but never of being a shellfish. P.
Re: Is v6 as important as v4? Of course not [was: IPv6 internet broken, cogent/telia/hurricane not peering]
>> You really can't read, can you? >> And I spoke to Martin about it personally. If he's OK with it, >> perhaps you should clam down? > I know Randy to be a bit taciturn and hard to get through to sometimes, > but never of being a shellfish. i am from the pacific northwest. so shellfish is good. it's endless aggressive/defensive bs that is harder to let go by without calling it. randy
Re: Is v6 as important as v4? Of course not [was: IPv6 internet broken, cogent/telia/hurricane not peering]
Randy Bush wrote: As for accusations, I challenge you to show where I accused them of anything. From: patr...@ianai.net (Patrick W. Gilmore) Date: Mon, 12 Oct 2009 12:09:58 -0400 Subject: IPv6 internet broken, cogent/telia/hurricane not peering In-Reply-To: References: Message-ID: <0a37fd5d-d9d1-4d89-ac8a-105612bb8...@ianai.net> ... It is sad to see that networks which used to care about connectivity, peering, latency, etc., when they are small change their mind when they are "big". The most recent example is Cogent, an open peer who decided to turn down peers when they reached transit free status. I never thought HE would be one of those networks. The only thing Patrick is guilty of is not providing enough context. The party at fault here is Cogent. If you re-read the entire thread and speak with Mike Leber, you'll find that HE offered peering and/or transit, for free, to Cogent - like they do to everyone else, and Cogent didn't take it, providing for the segmentation we saw. -Dave
Re: multicast nightmare #42 - REDUX
More info if this helps: Switch Platform: 4500 SUPII+ with gig line cards Data rate is <100Mbps Server OS: Windows 2003 R2 (please withhold snickering). - Original Message From: Philip Lavine To: nanog Sent: Wed, October 14, 2009 8:19:51 AM Subject: multicast nightmare #42 Please explain how this would be possible: 1 sender 1 mcast group 1 receiver = no data loss 1 sender 1 mcast group 2+ receivers on same VLAN and physical segment = data loss
Re: multicast nightmare #42 - REDUX
Philip Lavine wrote: More info if this helps: Switch Platform: 4500 SUPII+ with gig line cards Data rate is <100Mbps Server OS: Windows 2003 R2 (please withhold snickering). Multicast traffic is routed ? -- Best regards, Adrian Minta
Contact for netsolmail.net / networksolutionsemail.com
Hello and sorry to bother you with my OT query. I'm looking for a technical contact at netsolmail.net or networksolutionsemail.com to troubleshoot an issue. It seems their SMTP servers can't join mine and I can't see what's wrong on my side. Thank you very much in advance, Denis
Re: Is v6 as important as v4? Of course not [was: IPv6 internet broken, cogent/telia/hurricane not peering]
On 10/14/09 8:11 AM, Patrick W. Gilmore wrote: Typing less does not mean you are actually thinking. You should try the latter before your next pithy post. Or at least read the post to which you are replying. Now now boys and girls. Settle down and be civil. :)
Re: multicast nightmare #42 - REDUX
Is the packet loss uniform for each receiver? Or is there a pattern to the loss, e.g. each receiver hears a different / non-overlapping 50% of the packets? Off the cuff, I'd suspect a problem with IGMP snooping. Cheers, -Benson On 14 Oct 09, at 12:36 PM, Adrian Minta wrote: Philip Lavine wrote: More info if this helps: Switch Platform: 4500 SUPII+ with gig line cards Data rate is <100Mbps Server OS: Windows 2003 R2 (please withhold snickering). Multicast traffic is routed ? -- Best regards, Adrian Minta
RE: ISP customer assignments
So you're saying moving away from PPPoA/E and just going bridged? Frank -Original Message- From: Dan White [mailto:dwh...@olp.net] Sent: Tuesday, October 13, 2009 9:15 AM To: Justin Shore Cc: nanog@nanog.org Subject: Re: ISP customer assignments On 12/10/09 21:34 -0500, Justin Shore wrote: > To go along with Dan's query from above, what are the preferred methods > that other SPs are using to deploy IPv6 with non-IPv6-capable edge > hardware? We too have a very limited number of dialup customers and > will never sink another dollar in the product. Unfortunately I also > have brand-new ADSL2+ hardware that doesn't support IPv6 and according > to the vendors (Pannaway) never will. I don't recall if Pannaway is a layer 3 or layer 2 DSLAM, but we have a mix of Calix C7 (ATM) and Calix E5 (Ethernet) gear in our network. We're kinda in the same boat, but we expect to be able to gracefully transition to dual stacked IPv4/IPv6 without having to replace DSL modems, by reconfiguring the modems into bridged mode and leaving the layer 3 up to the customer's router. We're also in the process of budgeting for a new broadband aggregation router next year that will handle IPv6. Ask Pannaway if they can bridge traffic (either ATM PVC, or Ethernet QinQ/VLAN per subscriber) up to a broadband aggregator, like a Redback or Cisco. -- Dan White
