Dan White wrote the following on 6/5/2013 9:44 AM:
On 06/05/13 00:34 +0200, Mikael Abrahamsson wrote:
I read:
http://www.nanog.org/sites/default/files/tues.general.Papandreou.conservation.24.pdf
I would like to point out RFC 3069. On most cisco equipment this is
done using static routes and "ip unnumbered".
So my question is basically: What am I missing? Why can't data center
guys not build their network the same way regular ETTH is done?
Either one vlan per customer and sharing the IPv4 subnet between
several vlans, or having several customers in the same vlan but use
antispoofing etc (IETF SAVI-wg functionality) to handle the security
stuff?
VLAN-per-subscriber (1 customer per VLAN), can require more costly
routing
equipment, particularly if you're performing double tagging (outer tag
for
switch, inner tag for customer). Sharing an IPv4 subnet among
customers is
appropriate for residential and small business services, which is how we
typically deliver service. But may be less appropriate for larger
business
customers (and I presume hosting customers) where the number of IPs is
large enough that you're throwing away less addresses ratio-wise.
Generally
the simpler deployment model wins out in that type of scenario. Also, the
'ip unnumbered' approach may require some layer-3 security features.
One thing not mentioned so far in this discussion is using PPPoE or some
other tunnel/VPN technology for efficient IP utilization. The result
could be zero wasted IP addresses without the need to resort to
non-routable IP addresses in a customer's path (as the pdf suggested)
and without some of the quirkyness or vendor lock-in of using ip unnumbered.
PPPoE (and other VPNs) have many of the same downsides as mentioned
above though, they require routing cost and increase the complexity of
the network. The question becomes which deployment has more cost: the
simple, yet wasteful, design or the efficient, but complex, design.
--Blake
