> Would you say that your network is a typical representation of > a future Joe Six- Pack network with IPv6? With the eBGP peers > and all?
A little overkill for Joe Six-Pack, but the eBGP peering is already available for free from several providers, I don't see why it would change for power users. > With that setup I think you are competent enough to handle your > IPv6 internal network, and filtering (routing, access-lists and > what not) without relying on site locals for any of it. I always like that people that haven't even seen a diagram of my network teach me how I should operate it. > So the people in whos homes these devices are installed have > several subnets internally Not internal to their home. Their home subnet is part of the corporate address plan. > and therefore needs to run a dynamic routing protocol within their > home as well as extending it to the service provider upstream? No relation with the former paragraph but yes. Static routes suck. > Is NAT involved here somewhere? Most of the time. > Or do you mean that there are VPNish configurations over which > the dynamic routing is run with an internal corporate network > but still a static configuration for the defaultroute to the > service provider and vice verse? For v4, mostly. There are three types of config. On one the default route comes from the dynamic routing and goes across the tunnel; the only routes in the home router are two /32 routes to the corporate VPN endpoints (pointing to the default gateway of the ISP). This ensures that even regular web surfing is encrypted on the last mile. On the other one the tunnel is used to access the corporate network only and the regular Internet traffic goes over the default route to the ISP. On another one there is no public Internet access and the network is used to access corporate assets only (typically there will be another PC to access the net). For v6 there is no clear picture. > Does the people in their home manage their configuration and > routers themselves or is that provided as part of the service? No, heaven forbid. Done by corporate IT and/or consultants. > In my view the "consumer" is the average user connecting > the home to the Internet by some form of broadband access > to get access to triple-play services etc. Perhaps that > connection is also used for telecommuting. But I do not > see the requirement for dynamic routing and through that > route filtering with the upstream service provider(s). How do you configure multiple links? A T1 with ISDN as a backup (from the same provider) is a very common config. > Running a VPN tunnel and routing over that to the job > over the broadband access is a different thing, most likely > not involving the service provider at all except for > carrying tunnel packets. Correct it's a different animal. > I commented on route filtering in combination with security. > I argue that route filtering for security to prevent hacking > is neither common ridiculous > nor encouraged. There are many valid uses of route filtering > in networks with routing requirements. I do not think the > average consumer network will be of such complexity to require > filtering of routes, and I do not think that site locals would > add anything if route filtering would be used for security to > prevent hacking. You certainly are entitled to an opinion, but the bottom line is that it is my call and I decided otherwise. Michel. -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
