On Jul 30, 2010, at 3:11 AM, Matthew Walster wrote:
> On 30 July 2010 09:53, Owen DeLong wrote:
>> 2. Yes, they are already available. A moderate PC with 4 Gig-E
>>ports can actually route all four of them at near wire speed.
>>For 10/100Mbps, you can get full featured CPE l
Matthew Walster wrote:
On 29 July 2010 18:08, Leo Vegoda wrote:
There's a good chance that in the long run multi-subnet home networks will
become the norm.
With all due respect, I can't see it. Why would a home user need
multiple subnets? Are they really likely to have CPE capable of
In a message written on Fri, Jul 30, 2010 at 09:13:54AM +0100, Matthew Walster
wrote:
> On 30 July 2010 08:32, Jeroen Massar wrote:
> > On 2010-07-30 09:27, Matthew Walster wrote:
> >> On 29 July 2010 18:08, Leo Vegoda wrote:
> >> With all due respect, I can't see it. Why would a home user need
On Fri, 30 Jul 2010 11:11:04 BST, Matthew Walster said:
> Seriously, this is getting silly. I'm not even going to respond any
> more - if you genuinely think users care about network management,
> you're wrong. They treat it as a black box, and that isn't going to
> change for a long, long, long ti
On 30 July 2010 09:53, Owen DeLong wrote:
> 2. Yes, they are already available. A moderate PC with 4 Gig-E
> ports can actually route all four of them at near wire speed.
> For 10/100Mbps, you can get full featured CPE like the SRX-100
> for around $500. That's the upper
Hi,
* Matthew Walster
On 30 July 2010 09:20, David Conrad wrote:
Even today, people are deploying multiple subnets in their homes.
For example, Apple's Airport allows you to trivially set up a
"guest" network that uses a different prefix (192.168.0.0/24) and
different SSID than your "normal"
On Jul 30, 2010, at 1:13 AM, Matthew Walster wrote:
> On 30 July 2010 08:32, Jeroen Massar wrote:
>> On 2010-07-30 09:27, Matthew Walster wrote:
>>> On 29 July 2010 18:08, Leo Vegoda wrote:
There's a good chance that in the long run multi-subnet home networks will
become the norm.
>>
On Jul 30, 2010, at 12:27 AM, Matthew Walster wrote:
> On 29 July 2010 18:08, Leo Vegoda wrote:
>> There's a good chance that in the long run multi-subnet home networks will
>> become the norm.
>
> With all due respect, I can't see it. Why would a home user need
> multiple subnets? Are they re
On 30 July 2010 09:20, David Conrad wrote:
> Even today, people are deploying multiple subnets in their homes. For
> example, Apple's Airport allows you to trivially set up a "guest" network
> that uses a different prefix (192.168.0.0/24) and different SSID than your
> "normal" network (10.0.1
Matthew,
On Jul 30, 2010, at 9:27 AM, Matthew Walster wrote:
> On 29 July 2010 18:08, Leo Vegoda wrote:
>> There's a good chance that in the long run multi-subnet home networks will
>> become the norm.
>
> Why would a home user need multiple subnets?
Even today, people are deploying multiple s
On 30 July 2010 08:32, Jeroen Massar wrote:
> On 2010-07-30 09:27, Matthew Walster wrote:
>> On 29 July 2010 18:08, Leo Vegoda wrote:
>>> There's a good chance that in the long run multi-subnet home networks will
>>> become the norm.
>>
>> With all due respect, I can't see it. Why would a home u
On 2010-07-30 09:27, Matthew Walster wrote:
> On 29 July 2010 18:08, Leo Vegoda wrote:
>> There's a good chance that in the long run multi-subnet home networks will
>> become the norm.
>
> With all due respect, I can't see it. Why would a home user need
> multiple subnets?
* Wireless
* Wired
*
On 29 July 2010 18:08, Leo Vegoda wrote:
> There's a good chance that in the long run multi-subnet home networks will
> become the norm.
With all due respect, I can't see it. Why would a home user need
multiple subnets? Are they really likely to have CPE capable of
routing between subnets at 21s
Jeroen Massar wrote:
>> See my earlier comments on "upsell" and "control". While you
>> have some ISPs starting from the mentality that gives us "accepting
>> incoming connections is a chargeable extra", they're also going
>> to be convinced that there's a revenue opportunity in segmenting
>> cus
Owen DeLong wrote:
> If you want to build a business based on upsell and control by trying
> to convince users that they should give you extra money to provision
> a resource that costs you virtually nothing, then more power to you.
>
> However, I think this will, in the end, be as popular as ame
On Jul 29, 2010, at 10:41 AM, Stephen Sprunk wrote:
> On 29 Jul 2010 12:19, Owen DeLong wrote:
>> On Jul 29, 2010, at 8:00 AM, Matthew Walster wrote:
>>
>>> On 29 July 2010 15:49, Owen DeLong wrote:
>>>
If we give every household on the planet a /48 (approximately 3 billion
/48s), w
On Jul 29, 2010, at 10:32 AM, Tim Franklin wrote:
>> Why waste valuable people's time to conserve nearly valueless
>> renewable resources?
>
> See my earlier comments on "upsell" and "control". While you have some ISPs
> starting from the mentality that gives us "accepting incoming connections
On 29 Jul 2010 12:19, Owen DeLong wrote:
> On Jul 29, 2010, at 8:00 AM, Matthew Walster wrote:
>
>> On 29 July 2010 15:49, Owen DeLong wrote:
>>
>>> If we give every household on the planet a /48 (approximately 3 billion
>>> /48s), we consume less than 1/8192 of 2000::/3.
>>>
>> Th
On 2010-07-29 19:32, Tim Franklin wrote:
>> Why waste valuable people's time to conserve nearly valueless
>> renewable resources?
>
> See my earlier comments on "upsell" and "control". While you
> have some ISPs starting from the mentality that gives us "accepting
> incoming connections is a char
> Why waste valuable people's time to conserve nearly valueless
> renewable resources?
See my earlier comments on "upsell" and "control". While you have some ISPs
starting from the mentality that gives us "accepting incoming connections is a
chargeable extra", they're also going to be convinced
On Jul 29, 2010, at 8:00 AM, Matthew Walster wrote:
> On 29 July 2010 15:49, Owen DeLong wrote:
>> If we give every household on the planet a /48 (approximately 3 billion
>> /48s), we consume less than 1/8192 of 2000::/3.
>
> There are 65,536 /48s in a /32. It's not about how available 2000::/3
On 29 Jul 2010, at 8:00, Matthew Walster wrote:
> On 29 July 2010 15:49, Owen DeLong wrote:
>> If we give every household on the planet a /48 (approximately 3 billion
>> /48s), we consume less than 1/8192 of 2000::/3.
>
> There are 65,536 /48s in a /32. It's not about how available 2000::/3
> is
wen DeLong
Cc: nanog@nanog.org
Date: Thu, 29 Jul 2010 16:00:40 +0100
Subject: Re: Addressing plan exercise for our IPv6 course
On 29 July 2010 15:49, Owen DeLong wrote:
> If we give every household on the planet a /48 (approximately 3 billion
> /48s), we consume less than 1/8192 of 20
On 29 July 2010 15:49, Owen DeLong wrote:
> If we give every household on the planet a /48 (approximately 3 billion
> /48s), we consume less than 1/8192 of 2000::/3.
There are 65,536 /48s in a /32. It's not about how available 2000::/3
is, it's hassle to keep requesting additional PA space. Some
On Jul 29, 2010, at 4:08 AM, Matthew Walster wrote:
> On 23 July 2010 01:45, Karl Auer wrote:
>> Unless I've misunderstood Matthew, and he was suggesting that the /64 be
>> the link network. That would indeed effectively give the customer a
>> single address, unless it was being bridged rather t
On Jul 29, 2010, at 3:51 AM, Mark Smith wrote:
> On Sun, 25 Jul 2010 03:56:52 +1000
> Karl Auer wrote:
>
>> On Sat, 2010-07-24 at 10:42 -0700, Owen DeLong wrote:
>>> You do have to properly set up the rules for which addresses to use for what
>>> communication properly. It breaks less if you fo
On 23 July 2010 01:45, Karl Auer wrote:
> Unless I've misunderstood Matthew, and he was suggesting that the /64 be
> the link network. That would indeed effectively give the customer a
> single address, unless it was being bridged rather than routed at the
> CPE. Not sure bridging it is such a goo
On Sun, 25 Jul 2010 03:56:52 +1000
Karl Auer wrote:
> On Sat, 2010-07-24 at 10:42 -0700, Owen DeLong wrote:
> > You do have to properly set up the rules for which addresses to use for what
> > communication properly. It breaks less if you forego the ULA brokenness,
> > but, some people insist for
> I look at this as water under the bridge. Yep, it was complicated code
> and now it works. I can run bittorrent just fine beyond an Apple
> wireless router and I did nothing to make that work. Micro-torrent
> just communicates with the router to make the port available.
So, the security model he
On Tue, 27 Jul 2010 12:34:40 -0700
Owen DeLong wrote:
>
> On Jul 27, 2010, at 12:05 PM, Akyol, Bora A wrote:
>
> > Please see comments inline.
> >
> >
> > On 7/22/10 10:13 PM, "Owen DeLong" wrote:
> >
> >> In all reality:
> >>
> >> 1. NAT has nothing to do with security. Stateful insp
On Jul 27, 2010, at 12:05 PM, Akyol, Bora A wrote:
> Please see comments inline.
>
>
> On 7/22/10 10:13 PM, "Owen DeLong" wrote:
>
>> In all reality:
>>
>> 1. NAT has nothing to do with security. Stateful inspection provides
>>security, NAT just mangles addresses.
> Of course, t
Please see comments inline.
On 7/22/10 10:13 PM, "Owen DeLong" wrote:
> In all reality:
>
> 1. NAT has nothing to do with security. Stateful inspection provides
> security, NAT just mangles addresses.
Of course, the problem is that there are millions of customers that believe
that
Owen,
> Correct, now, what portion of ICANN's budget is related to the NRO sector?
Read the ICANN budget. ICANN does not budget things that way.
You asked "explain how the numbers side of IANA pays for anything when the RIRs
stop funding it?"
Doug and I, who have a bit of knowledge on the subj
On Mon, Jul 26, 2010 at 06:24:04AM +0200, Jens Link wrote:
> Owen DeLong writes:
> > The correct answer is "No, you don't have to configure rules, you just need
> > one rule supplied by default which denies anything that doesn't have a
> > corresponding outbound entry in the state table and it wor
Owen DeLong writes:
>> You know that, I know that and (hopefully) all people on this list know
>> that. But NAT == security was and still is sold by many people.
>>
> So is snake oil.
Ack, but people are still buying snake oil too.
>> After one of my talks about IPv6 the firewall admins of a
Saku Ytti writes:
> RFC4193 + NAT quite simply is what they know and are comfortable with.
NAT is *not simple*. NAT adds one more layer of complexity. When
using multiple NAT things get worse.
In most cases people don't want or need NAT they are just used to it and
old habits die hard.
Jens
Owen DeLong writes:
>> for NAT. Enterprises of non-trivial size will likely use RFC4193 (and I
>> fear we will notice PRNG returning 0 very often) and then NAT it to
>> provider provided public IP addresses.
>>
> Why on earth would you do that? Why not just put the provider-assigned
> addresses
On Jul 25, 2010, at 11:54 AM, David Conrad wrote:
> On Jul 25, 2010, at 6:02 PM, Owen DeLong wrote:
>> My point was that as a cost center, IANA depends on funding from other
>> sources. The RIRs are a major source of that funding.
>
> I guess it depends on your definition of "major". From sec
On Sun, 2010-07-25 at 16:19 +, Nathan Eisenberg wrote:
> > If an expert stood up in court and said "the chances that this
> > fingerprint is the defendant's are a million to one", and the
> > prosecutor then said "Aha! So you admit it's *possible*!" we would
> > rightly scorn the prosecutor for
On Jul 25, 2010, at 6:02 PM, Owen DeLong wrote:
> My point was that as a cost center, IANA depends on funding from other
> sources. The RIRs are a major source of that funding.
I guess it depends on your definition of "major". From section 5.1 of ICANN's
draft FY11 budget
(http://www.icann.or
> If an expert stood up in court and said "the chances that this
> fingerprint is the defendant's are a million to one", and the
> prosecutor then said "Aha! So you admit it's *possible*!" we would
> rightly scorn the prosecutor for being an innumerate nincompoop. Yet
> here we are paying serious h
>>>
>> For bonus points, explain how the numbers side of IANA pays for anything
>> when the RIRs stop funding it?
>
> David already answered more eloquently than I could, so I'll simply add that
> what he said applied when I was there as well. The IANA is, and always has
> been a cost center.
On Jul 24, 2010, at 11:40 PM, David Conrad wrote:
> On Jul 25, 2010, at 8:10 AM, Owen DeLong wrote:
>>> The logical candidate to operate option 1 was the IANA, and the RIRs were
>>> having none of that. (For bonus points, explain how the RIRs continue to
>>> exist if everyone can have all of th
On (2010-07-25 10:28 -0400), valdis.kletni...@vt.edu and Mark Smith wrote
similarly:
> > http://www.wolframalpha.com/input/?i=1-((2^40)!)%2F((2^40)^100+((2^40)-100)!)+
> >
> > So if there are million assigned ULA's there is 36.5% chance of collision,
> > if
> > formula is right.
>
> Bzz
On Sun, 25 Jul 2010 11:40:19 +0300, Saku Ytti said:
> On (2010-07-25 17:32 +1000), Karl Auer wrote:
>
>
> > The risk of a ULA prefix conflict is for *all practical purposes* zero.
>
> http://www.wolframalpha.com/input/?i=1-((2^40)!)%2F((2^40)^100+((2^40)-100)!)+
>
> It wouldn't puke n
On Sat, 24 Jul 2010 22:35:07 PDT, Doug Barton said:
> having none of that. (For bonus points, explain how the RIRs continue to
> exist if everyone can have all of the guaranteed-globally-unique IPv6
> space they wanted for free.)
The same way that companies are making money selling people credi
On Sun, 25 Jul 2010 11:40:19 +0300
Saku Ytti wrote:
> On (2010-07-25 17:32 +1000), Karl Auer wrote:
>
>
> > The risk of a ULA prefix conflict is for *all practical purposes* zero.
>
> http://www.wolframalpha.com/input/?i=1-((2^40)!)%2F((2^40)^100+((2^40)-100)!)+
>
> It wouldn't puke
On Sun, 25 Jul 2010 09:01:33 +0200
David Conrad wrote:
> On Jul 25, 2010, at 8:42 AM, Jack Bates wrote:
>
> > Doug Barton wrote:
> >> having none of that. (For bonus points, explain how the RIRs continue to
> >> exist if everyone can have all of the guaranteed-globally-unique IPv6
> >> space t
On (2010-07-25 17:32 +1000), Karl Auer wrote:
> The risk of a ULA prefix conflict is for *all practical purposes* zero.
http://www.wolframalpha.com/input/?i=1-((2^40)!)%2F((2^40)^100+((2^40)-100)!)+
It wouldn't puke nice graph with 'n', it did try, but never finished.
So if there are
On Sun, 2010-07-25 at 01:42 -0500, Jack Bates wrote:
> This is my concern. A business would rather be assured uniqueness over
> gambling, no matter what the odds. Given no additional services are
> needed, the administration cost is the same as handing out snmp
> enterprise oids. The fact that t
On Sat, 24 Jul 2010, Owen DeLong wrote:
On Jul 24, 2010, at 10:35 PM, Doug Barton wrote:
On Sat, 24 Jul 2010, Brandon Butterworth wrote:
Eventually ARIN (or someone else will do it for them) may create a
site
...
Did you mean something like this maybe ?:
http://www.sixxs.net/tools/grh/ul
On Sun, 25 Jul 2010, Jack Bates wrote:
Doug Barton wrote:
having none of that. (For bonus points, explain how the RIRs continue to
exist if everyone can have all of the guaranteed-globally-unique IPv6 space
they wanted for free.)
whois. what did I win? IANA can handle very basic assignments,
> whois. what did I win? IANA can handle very basic assignments, but
> hasn't the staff for large support or extra services (whois, POC
> management/validity, routing registry).
routing registry not necessarily needed from address registry.
and i am sure even the icann/iana could do the combine
On Jul 25, 2010, at 8:56 AM, Jack Bates wrote:
> David Conrad wrote:
>> On Jul 24, 2010, at 7:52 PM, Brandon Butterworth wrote:
>>> Indeed, best not listen to vendors
>> As it is best not to listen to doctors that tell you if you continue chain
>> smoking or eating 5000 calories a day, you'll like
On Jul 25, 2010, at 8:42 AM, Jack Bates wrote:
> Doug Barton wrote:
>> having none of that. (For bonus points, explain how the RIRs continue to
>> exist if everyone can have all of the guaranteed-globally-unique IPv6 space
>> they wanted for free.)
> whois.
http://whois.iana.org
> what did I w
David Conrad wrote:
On Jul 24, 2010, at 7:52 PM, Brandon Butterworth wrote:
Indeed, best not listen to vendors
As it is best not to listen to doctors that tell you if you continue chain
smoking or eating 5000 calories a day, you'll likely regret it.
Bad analogy. A doctor tells you these th
Doug Barton wrote:
having none of that. (For bonus points, explain how the RIRs continue to
exist if everyone can have all of the guaranteed-globally-unique IPv6
space they wanted for free.)
whois. what did I win? IANA can handle very basic assignments, but
hasn't the staff for large support
On Jul 25, 2010, at 8:10 AM, Owen DeLong wrote:
>> The logical candidate to operate option 1 was the IANA, and the RIRs were
>> having none of that. (For bonus points, explain how the RIRs continue to
>> exist if everyone can have all of the guaranteed-globally-unique IPv6 space
>> they wanted f
On Jul 24, 2010, at 10:35 PM, Doug Barton wrote:
> On Sat, 24 Jul 2010, Brandon Butterworth wrote:
>
Eventually ARIN (or someone else will do it for them) may create a site
>> ...
>>> Did you mean something like this maybe ?:
>>>
>>> http://www.sixxs.net/tools/grh/ula/
>>
>> Q.E.D.
>>
>>
On Sat, 24 Jul 2010, Brandon Butterworth wrote:
Eventually ARIN (or someone else will do it for them) may create a site
...
Did you mean something like this maybe ?:
http://www.sixxs.net/tools/grh/ula/
Q.E.D.
The RFC seeks to avoid a registry so we end up with the potential for
many as a r
On Sat, 24 Jul 2010 19:41:18 +0100 (BST)
Brandon Butterworth wrote:
> > The RFC provides for two address ranges in fc00::/7, one for random
> > prefixes (fc00::/8), the other reserved for later management (fd00::/8).
>
> Later, in some undefined way. A PI lacking enterprise considering
> doing v
On Sat, 24 Jul 2010 10:57:49 -0700
Owen DeLong wrote:
>
> On Jul 24, 2010, at 9:40 AM, Brandon Butterworth wrote:
>
> >>> Enterprises of non-trivial size will likely use RFC4193 (and I
> >>> fear we will notice PRNG returning 0 very often) and then NAT it to
> >>> provider provided public IP ad
On Jul 24, 2010, at 7:52 PM, Brandon Butterworth wrote:
>>> Such a site would be the seed for when (if) we come up with the tech
>>> for everyone to have PI and lose all the restrictions imposed so far.
>> Oh, we have the technology. It's called "memory"
> If that were viable then we'd be doing it.
On Sat, 2010-07-24 at 14:07 -0500, Jack Bates wrote:
> > The chance that any
> > random prefix will conflict with any chosen prefix is very, very small.
> > The chance that two conflicting prefixes would belong to entities that
> > will ever actually interact is even smaller. Makes it an interestin
On Jul 24, 2010, at 11:41 AM, Brandon Butterworth wrote:
>> The RFC provides for two address ranges in fc00::/7, one for random
>> prefixes (fc00::/8), the other reserved for later management (fd00::/8).
>
> Later, in some undefined way. A PI lacking enterprise considering
> doing v6 this way ei
On Sat, 24 Jul 2010 18:49:55 BST, Brandon Butterworth said:
> The RFC seeks to avoid a registry so we end up with the potential for
> many as a result. May as well have had ARIN do it officially in the
> first place so there'd only be one.
Given our failure rate with registries of AS numbers, IP
Karl Auer wrote:
The "random" one allows for swift, bureaucracy-free self-allocation. The
more important it is to you that your allocation be unique, the more
careful you will be to choose a truly random one.
If it is that important, you'd prefer a managed solution, not a truly
random one.
> The RFC provides for two address ranges in fc00::/7, one for random
> prefixes (fc00::/8), the other reserved for later management (fd00::/8).
Later, in some undefined way. A PI lacking enterprise considering
doing v6 this way either waits or decides the available space will do
as someone will f
On Sat, 2010-07-24 at 18:49 +0100, Brandon Butterworth wrote:
> > Did you mean something like this maybe ?:
> >
> > http://www.sixxs.net/tools/grh/ula/
>
> Q.E.D.
>
> The RFC seeks to avoid a registry so we end up with the potential for
> many as a result. May as well have had ARIN do it officia
On Jul 24, 2010, at 9:40 AM, Brandon Butterworth wrote:
>>> Enterprises of non-trivial size will likely use RFC4193 (and I
>>> fear we will notice PRNG returning 0 very often) and then NAT it to
>>> provider provided public IP addresses.
>
> Eventually ARIN (or someone else will do it for them)
On Sat, 2010-07-24 at 10:42 -0700, Owen DeLong wrote:
> You do have to properly set up the rules for which addresses to use for what
> communication properly. It breaks less if you forego the ULA brokenness,
> but, some people insist for whatever reason.
What is "the ULA brokenness"?
Regards, K.
On Jul 24, 2010, at 9:23 AM, Karl Auer wrote:
> On Sat, 2010-07-24 at 08:50 -0700, Matthew Kaufman wrote:
>> Even if all your hosts end up with external connectivity that works, the
>> odds
>> that they can reliably talk to each other is low.
>
> I hope I'm not taking the above quote out of co
> > Such a site would be the seed for when (if) we come up with the tech
> > for everyone to have PI and lose all the restrictions imposed so far.
>
> Oh, we have the technology. It's called "memory"
If that were viable then we'd be doing it.
> Speaking from the perspective of a vendor, I'll hap
>> Eventually ARIN (or someone else will do it for them) may create a site
...
> Did you mean something like this maybe ?:
>
> http://www.sixxs.net/tools/grh/ula/
Q.E.D.
The RFC seeks to avoid a registry so we end up with the potential for
many as a result. May as well have had ARIN do it offic
On Jul 24, 2010, at 8:50 AM, Matthew Kaufman wrote:
> Owen DeLong wrote:
>>
>> Why on earth would you do that? Why not just put the provider-assigned
>> addresses on the interfaces along side the ULA addresses? Using ULA
>> in that manner is horribly kludgy and utterly unnecessary.
>>
> Becaus
Eventually ARIN (or someone else will do it for them) may create a site
you can register your address and know that it really is unique
among participating registrants. Random is fine, unique is better.
Such a site would be the seed for when (if) we come up with the tech
for everyone to have PI
On Jul 24, 2010, at 6:40 PM, Brandon Butterworth wrote:
> Such a site would be the seed for when (if) we come up with the tech
> for everyone to have PI and lose all the restrictions imposed so far.
Oh, we have the technology. It's called "memory". Speaking from the perspective
of a vendor, I'l
> > Enterprises of non-trivial size will likely use RFC4193 (and I
> > fear we will notice PRNG returning 0 very often) and then NAT it to
> > provider provided public IP addresses.
Eventually ARIN (or someone else will do it for them) may create a site
you can register your address and know that
On Sat, 2010-07-24 at 08:50 -0700, Matthew Kaufman wrote:
> Even if all your hosts end up with external connectivity that works, the odds
> that they can reliably talk to each other is low.
I hope I'm not taking the above quote out of context, but why do you
think this? How does the fact that int
Owen DeLong wrote:
Why on earth would you do that? Why not just put the provider-assigned
addresses on the interfaces along side the ULA addresses? Using ULA
in that manner is horribly kludgy and utterly unnecessary.
Because, although one of the original goals of IPv6 was for hosts to be
eas
On (2010-07-24 02:13 -0700), Owen DeLong wrote:
> > This is non-technical problem, enterprises of non-trivial size can't
> > typically even tell without months of research all the devices and software
> > where they've written down the IP addresses.
>
> Sounds like they haven't written them down
On Jul 24, 2010, at 1:29 AM, Saku Ytti wrote:
> On (2010-07-24 03:50 -0400), valdis.kletni...@vt.edu wrote:
>
>> Firewall != NAT. The former is still needed in IPv6, the latter is not.
>> And I
>> suspect that most Joe Sixpacks think of that little box they bought as a
>
> Maybe you are talk
On Jul 23, 2010, at 1:26 PM, Matthew Kaufman wrote:
> sth...@nethelp.no wrote:
>>> It is not about how many devices, it is about how many subnets, because you
>>> may want to keep them isolated, for many reasons.
>>>
>>> It is not just about devices consuming lots of bandwidth, it is also about
On (2010-07-24 03:50 -0400), valdis.kletni...@vt.edu wrote:
> Firewall != NAT. The former is still needed in IPv6, the latter is not. And
> I
> suspect that most Joe Sixpacks think of that little box they bought as a
Maybe you are talking strictly in context of residential DSL, in which case
I
On Thu, 22 Jul 2010 19:53:48 PDT, "Akyol, Bora A" said:
> As long as customers believe that having a NAT router/"firewall" in place is
> a security feature,
> I don't think anyone is going to get rid of the NAT box.
Firewall != NAT. The former is still needed in IPv6, the latter is not. And I
s
I tend to think a /60 is a reasonable allocation for a residential user. In my
home I have two subnets and will in time likely add two more:
- general network access
- my office (required to be separate by Cisco Information Security policy)
- (future) would likely want routable separate ban
On Fri, 23 Jul 2010 13:26:43 -0700
Matthew Kaufman wrote:
> sth...@nethelp.no wrote:
> >> It is not about how many devices, it is about how many subnets, because you
> >> may want to keep them isolated, for many reasons.
> >>
> >> It is not just about devices consuming lots of bandwidth, it is al
On Fri, 23 Jul 2010 14:48:47 -0400
Joe Maimon wrote:
>
>
> Owen DeLong wrote:
> >
> > On Jul 22, 2010, at 9:51 PM, Joe Maimon wrote:
> >
> >>
> >>
>
> >>
> >> Funny how so much concern is given to eliminating the possibility of end
> >> users returning for more space, yet for ISP's we have no
On Fri, 2010-07-23 at 17:53 +0200, sth...@nethelp.no wrote:
> > And I'm not saying to forget about what we have learn with DHCP, in
> > fact DHCPv6 has many new and good features, but for many reasons,
> > autonconfiguration is good enough, and much more simple.
> [...]
> For our scenarios DHCPv6 i
> -Original Message-
> From: Matthew Kaufman [mailto:matt...@matthew.at]
> Sent: Thursday, July 22, 2010 8:38 PM
> To: valdis.kletni...@vt.edu
> Cc: nanog list
> Subject: Re: Addressing plan exercise for our IPv6 course
> "Home wifi router" vendors will do
On Fri, 23 Jul 2010, Marco Hogewoning wrote:
In short, why a /48 'Because we can!'.
I do not buy your argument "consumers expect a /48 so we'll get grief if
we don't give it to them." As others have pointed out, "consumers" don't
want IPv6, they want web surfing, playing games, and e-mail.
sth...@nethelp.no wrote:
It is not about how many devices, it is about how many subnets, because you
may want to keep them isolated, for many reasons.
It is not just about devices consuming lots of bandwidth, it is also about
many small sensors, actuators and so.
I have no problems with g
Owen DeLong wrote:
On Jul 22, 2010, at 9:51 PM, Joe Maimon wrote:
Funny how so much concern is given to eliminating the possibility of end users
returning for more space, yet for ISP's we have no real concern with what will
happen when they near depletion of their /32 what with /48s
> It is not about how many devices, it is about how many subnets, because you
> may want to keep them isolated, for many reasons.
>
> It is not just about devices consuming lots of bandwidth, it is also about
> many small sensors, actuators and so.
I have no problems with giving the customer seve
On Jul 23, 2010, at 2:50 AM, Jens Link wrote:
> Owen DeLong writes:
>
>> In all reality:
>>
>> 1. NAT has nothing to do with security. Stateful inspection provides
>> security, NAT just mangles addresses.
>
> You know that, I know that and (hopefully) all people on this list know
> tha
rtain
evidence-grade services and what it takes to offer those.
Todd
>
>
>> From: Matthew Kaufman
>> Reply-To:
>> Date: Fri, 23 Jul 2010 07:22:53 -0700
>> To: Jordi Palet Martínez
>> Cc:
>> Subject: Re: Addressing plan exercise for our IPv6 course
>>
&
s, but for many reasons,
autonconfiguration is good enough, and much more simple.
Regards,
Jordi
> From: Matthew Kaufman
> Reply-To:
> Date: Fri, 23 Jul 2010 07:22:53 -0700
> To: Jordi Palet Martínez
> Cc:
> Subject: Re: Addressing plan exercise for our IPv6 course
>
JORDI PALET MARTINEZ wrote:
And then next you can say ok, so /32 bits is big enough for your home, so
let's change it again, kill autoconfiguration, ask existing IPv6 users to
redo their addressing plans, renumber, etc., and use all the rest of the
bits for routing ?
I *really* don't understan
orm /48 ways to address all end sites.
Regards,
Jordi
> From: Matthew Kaufman
> Reply-To:
> Date: Fri, 23 Jul 2010 07:04:17 -0700
> To: Owen DeLong
> Cc: nanog list
> Subject: Re: Addressing plan exercise for our IPv6 course
>
> Owen DeLong wrote:
>>
>>
Owen DeLong wrote:
Well, wouldn't it be better if the provider simply issued enough space to
make NAT66 unnecessary?
The thing is, IPv6 is 128 bits of address space, so a /64 for your home
*really* should be enough to have >1 machine online at a time.
It'll be a lot easier to change the s
1 - 100 of 131 matches
Mail list logo
