Re: Private use of non-RFC1918 IP space
Just for the record, the original post was in reference to use of non-RFC1918 space on an *air-gapped* network. --Trey Let's face it - they're going to have to come up with much more creative $200/hour chucklehead consultants to burn through that much anytime soon. Anybody feel like starting a pool for when we'll see a posting to NANOG about somebody who's managed to burn through a /32? ++++ Kingfisher Operations Trey Darley - Principal
Re: Private use of non-RFC1918 IP space
On Sun, Feb 8, 2009 at 11:42 PM, Joel Jaeggli joe...@bogus.com wrote: FD00::/8 ula-l rfc 4139 s/4139/4193/ -- Thanks; Bill Note that this isn't my regular email account - It's still experimental so far. And Google probably logs and indexes everything you send it.
Re: Private use of non-RFC1918 IP space
valdis.kletni...@vt.edu wrote: On Tue, 03 Feb 2009 11:25:40 +0900, Randy Bush said: snip Not quite.. 2^96 = 79228162514264337593543950336 2^128-2^32 = 340282366920938463463374607427473244160 not quite. let's posit 42 devices on the average lan segment (ymmv). 42*(2^64) = 774763251095801167872 Let's face it - they're going to have to come up with much more creative $200/hour chucklehead consultants to burn through that much anytime soon. snip Anybody feel like starting a pool for when we'll see a posting to NANOG about somebody who's managed to burn through a /32? two of them will separately just assign fc00::/7 to a network instead of following the instructions.
Re: Private use of non-RFC1918 IP space
Skeeve Stevens wrote: Owned by an ISP? It isn't much different than it is now. As long as you are multi-homed you can get a small allocation (/48), APNIC and ARIN have procedures for this. Yes, you have to pay for it, but the addresses will be yours, unlike the RFC1918 ranges which is akin to 2.4Ghz wireless.. lets just share and hope we never interconnect/overlap. I can't find a RFC1918 equivalent for v6 with the exception of 2001:0DB8::/32# which is the ranges that has been assigned for documentation use and is considered to NEVER be routable. In that /32 are 65536 /48's... way more than the RFC1918 we have now. FD00::/8 ula-l rfc 4139 If I was going to build a v6 network right now, that was purely private and never* going to hit the internet, and I could not afford to be a NIC member or pay the fees... then I would be using the ranges above I wonder if that will start a flame war *puts on fire suit*.
Re: Private use of non-RFC1918 IP space
On Tue, 03 Feb 2009 20:29:36 -0500, Skeeve Stevens ske...@skeeve.org wrote: I agree... I'd love to know where they got that from... who even wrote it? I see you've never done business with EDS. They've been using 1/8 for over a decade. Also, over the years, I've seen a number of universities and supercomputing facilities number nodes out of 1/8 -- however, those systems are never supposed to see the internet anyway, so they could technically number them however they want. Personally, I've used 1/8 in lab setups. --Ricky
Re: Private use of non-RFC1918 IP space
--On onsdag, onsdag 4 feb 2009 17.44.20 -0500 Ricky Beam jfb...@gmail.com wrote: On Tue, 03 Feb 2009 20:29:36 -0500, Skeeve Stevens ske...@skeeve.org wrote: I agree... I'd love to know where they got that from... who even wrote it? I see you've never done business with EDS. They've been using 1/8 for over a decade. Also, over the years, I've seen a number of universities and supercomputing facilities number nodes out of 1/8 -- however, those systems are never supposed to see the internet anyway, so they could technically number them however they want. Personally, I've used 1/8 in lab setups. Last time I built a supercomputer (as in a cluster of run-of-the-mill servers) RIPE gave us a /21 -- I wanted a /20 for the expected upgrade but was told I had to reapply. The compute nodes need to read files from AFS from CERN or another university, so NAT'ing them is so not an option. -- Måns NilssonM A C H I N A Sign my PETITION. pgpRAYgcPsBjH.pgp Description: PGP signature
Re: Private use of non-RFC1918 IP space (IPv6-MW)
On Feb 4, 2009, at 6:56 PM, Scott Howard wrote: On Mon, Feb 2, 2009 at 9:35 PM, Patrick W. Gilmore patr...@ianai.netwrote: Except the RIRs won't give you another /48 when you have only used one trillion IP addresses. Of course they will! A /48 is only the equivalent of 65536 networks (each network being a /64). Presuming that ISPs allocate /64 networks to each connected subscriber, then a /48 is only 65k subscribers, or say around a maximum of 200k IP addresses in use at any one time (presuming no NAT and an average of 3-4 IP-based devices per subscriber) IPv4-style utilization ratios do make some sense under IPv6, but not at the address level - only at the network level. First, it was (mostly) a joke. Second, where did you get 4 users per /64? Are you planning to hand each cable modem a /64? -- TTFN, patrick
Re: Private use of non-RFC1918 IP space (IPv6-MW)
Patrick W. Gilmore wrote: On Feb 4, 2009, at 6:56 PM, Scott Howard wrote: On Mon, Feb 2, 2009 at 9:35 PM, Patrick W. Gilmore patr...@ianai.netwrote: Except the RIRs won't give you another /48 when you have only used one trillion IP addresses. Of course they will! A /48 is only the equivalent of 65536 networks (each network being a /64). Presuming that ISPs allocate /64 networks to each connected subscriber, then a /48 is only 65k subscribers, or say around a maximum of 200k IP addresses in use at any one time (presuming no NAT and an average of 3-4 IP-based devices per subscriber) IPv4-style utilization ratios do make some sense under IPv6, but not at the address level - only at the network level. First, it was (mostly) a joke. Second, where did you get 4 users per /64? Are you planning to hand each cable modem a /64? That was the generally accepted subnet practice last time I had a discussion about it on the ipv6-ops list. I'm not an ISP, but I have a /48 and each subnet is a /64. Some devices will refuse to work if you subnet smaller than a /64. (Yes, poorly designed, etc.) ~Seth
RE: Private use of non-RFC1918 IP space (IPv6-MW)
IPv4-style utilization ratios do make some sense under IPv6, but not at the address level - only at the network level. First, it was (mostly) a joke. Second, where did you get 4 users per /64? Are you planning to hand each cable modem a /64? At the least. Some would say a /56 is more appropriate. So, one /64 for your desktop and one /64 for your open wireless. :-) Mike PGP.sig Description: PGP signature
Re: Private use of non-RFC1918 IP space (IPv6-MW)
On Wed, 4 Feb 2009 15:56:44 -0800, Scott Howard sc...@doc.net.au wrote: On Mon, Feb 2, 2009 at 9:30 PM, Anthony Roberts na...@arbitraryconstant.com wrote: It has been my experience that when you give someone a huge address space to play with (eg 10/8), they start doing things like using bits in the address as flags for things. Suddenly you find yourself using a prefix that should enough for a decent sized country in a half-rack. Which is, of course, a core design philosophy for IPv6. Stateless autoconfig relies on the fact that each network will be allocated 2^64 address. I'm actually pretty happy about /64's, they take away all the hand-wringing over how big a network should be, and they make manually configured server addresses easier to remember through the use of big regions of 0s. I was thinking more about wasting prefix bits. -Anthony
Re: Private use of non-RFC1918 IP space
I see you've never done business with EDS. They've been using 1/8 for over a decade. Also, over the years, I've seen a number of universities and supercomputing facilities number nodes out of 1/8 -- however, those systems are never supposed to see the internet anyway, so they could technically number them however they want. Personally, I've used 1/8 in lab setups. brilliant! i think all my competitors should do that. randy
Re: Private use of non-RFC1918 IP space
Clarification here: 1/8 was never on the EDS backbone. Was only used locally in one site, as far as I can determine. On Feb 4, 2009, at 7:29 PM, Randy Bush wrote: I see you've never done business with EDS. They've been using 1/8 for over a decade. Also, over the years, I've seen a number of universities and supercomputing facilities number nodes out of 1/8 -- however, those systems are never supposed to see the internet anyway, so they could technically number them however they want. Personally, I've used 1/8 in lab setups. brilliant! i think all my competitors should do that. randy James R. Cutler james.cut...@consultant.com
RE: Private use of non-RFC1918 IP space (IPv6-MW)
On Mon, Feb 2, 2009 at 9:35 PM, Patrick W. Gilmore patr...@ianai.netwrote: Except the RIRs won't give you another /48 when you have only used one trillion IP addresses. Of course they will! A /48 is only the equivalent of 65536 networks (each network being a /64). Presuming that ISPs allocate /64 networks to each connected subscriber, then a /48 is only 65k subscribers, or say around a maximum of 200k IP addresses in use at any one time (presuming no NAT and an average of 3-4 IP-based devices per subscriber) IPv4-style utilization ratios do make some sense under IPv6, but not at the address level - only at the network level. First, it was (mostly) a joke. Second, where did you get 4 users per /64? Are you planning to hand each cable modem a /64? No, we should hand each home a /56 (or perhaps a /48, for the purists out there) - allowing for multiple segments (aka subnet, aka links, etc.). Note - the actual number of hosts is irrelevant; the 64 bits on the host side of the address are not meant to encourage 18BB hosts/segment. Oh, and utilization should be based on /56s anyway. /TJ
RE: Private use of non-RFC1918 IP space (IPv6-MW)
Some devices will refuse to work if you subnet smaller than a /64. (Yes, poorly designed, etc.) Actually, no - not poorly designed. The spec says it must be a /64 (excluding those starting with 000 binary) so that is what devices (rightfully) expect. Ref: http://tools.ietf.org/html/rfc4291#section-2.5.1 /TJ
Re: Private use of non-RFC1918 IP space (IPv6-MW)
TJ wrote: No, we should hand each home a /56 (or perhaps a /48, for the purists out there) - allowing for multiple segments (aka subnet, aka links, etc.). If there are, say, 250-500 million broadband services in the world (probably more) then, if every ISP followed best practise for IPv6 address allocation, (sparse, bits for infrastructure, whatever etc) then what percentage of the space do we have left if we hand out /56 or /48s?). Taking into account the space already carved off for link local, private addressing, US Military etc. Has anyone done some analysis of what this might look like? Especially with growth etc. MMC -- Matthew Moyle-Croft - Internode/Agile - Networks Level 4, 150 Grenfell Street, Adelaide, SA 5000 Australia Email: m...@internode.com.au Web: http://www.on.net Direct: +61-8-8228-2909 Mobile: +61-419-900-366 Reception: +61-8-8228-2999 Fax: +61-8-8235-6909
Re: Private use of non-RFC1918 IP space
On Wed, 04 Feb 2009 20:35:15 -0500, James R. Cutler james.cut...@consultant.com wrote: Clarification here: 1/8 was never on the EDS backbone. Was only used locally in one site, as far as I can determine. They might have done that for other customers as well. (to avoid 10/8 collisions.) Personally, I'd think if they were going to NAT at the edge, they'd only set it up for the machines we were supposed to use, instead, we could see, well, a lot more than we should have. --Ricky
RE: Private use of non-RFC1918 IP space (IPv6-MW)
Has anyone done some analysis of what this might look like? Especially with growth etc. Sure, probably lots of people lots of times. Off the top of my head, using some current/common allocations sizes: Current Global Unicast space -- 2000::/3 An average RIR -- /12 an average ISP -- /32 an average enterprise -- /48 an average home user -- /56 So, the current IPv6 world (2000::/3) can support 512 standard RIR sized allocations. Each standard RIR can support 1M standard ISPs. Each standard ISP can support 64K enterprises or 16M standard home-users, or some combination thereof. So -How much do we want held in reserve? How flexibly (ref RFC3531) are we allocating our addresses? How many total (enterprise | home) clients do we want to support? Off the cuff, let's say we use left-most (sparse) allocation and only hit 50% efficiency (keeping the right-most bit totally in reserve!) ... If I am an ISP, and I have 300M home users (/56s) I just need a /26, and that actually gives me a lot of room for more clients (like 200M more). So - what was the problem again? Let's make it even more interesting - let's say I am an ISP, I am allocating /48s, and I need to support - say - 6B assignments for every person in the world + 2B for every organization in the world (#s chosen arbitrarily, feel free to add another bit if it makes you feel better). Bearing in mind that this means every single person and organization has 64k subnets, each of which contains as many hosts as is appropriate, and all of these are globally routable ... I just need a /15 to cover this absolute worst case. Heck, let's make it /14 for good measure. So now each standard RIR can only support 4 of this size service provider, but we still have 512 RIR sized allocations. If the individuals got /56s instead these numbers getting even bigger ... So - what was the problem again? Oh, and this is just from the 2000::/3 range ... next up, 4000::/3 ... 6000::/3, 8000::/3, a000::/3, c000::/3. And if we feel like we burned through 2000::/3 too fast at some point in the future, maybe we revisit the rules around the time we start thinking about allocating from 4000::/3? (Or skip one, and star the new rules with 6000::/3 ... I am not picky). Note, I am _NOT_ saying we should be careless or cavalier about address allocation, just saying we don't live in a constrained situation. And if there is a choice to be made between scalability/flexibility/summarization'ability (is that a word?) and strict efficiency ... the efficiency loses. /TJ PS - Yes, 4.3B seemed really big at one point ... but seriously, do the above numbers not _really_ sound big enough?
Re: Private use of non-RFC1918 IP space (IPv6-MW)
On 5/02/2009, at 3:09 PM, Matthew Moyle-Croft wrote: TJ wrote: No, we should hand each home a /56 (or perhaps a /48, for the purists out there) - allowing for multiple segments (aka subnet, aka links, etc.). If there are, say, 250-500 million broadband services in the world (probably more) then, if every ISP followed best practise for IPv6 address allocation, (sparse, bits for infrastructure, whatever etc) then what percentage of the space do we have left if we hand out /56 or /48s?). Taking into account the space already carved off for link local, private addressing, US Military etc. Has anyone done some analysis of what this might look like? Especially with growth etc. My addressing plan works like this: ISP gets /32, 2001:db8::/32 - 2001:db8:0::/48 = ISP use -- 2001:db8:0:0::/64 = infrastructure --- 2001:db8:0:0:0:0:0::/112 = loopbacks ( 65536 ) --- 2001:db8:0:0:1:0:0::/112 through 2001:db8:::::0/112 = / 112 link nets between ISP routers ( 281474976710656 ) -- 2001:db8:0::/64 through 2001:db8:0:::/64 = ISP networks, ie. servers, etc. - 2001:db8:1::/64 through 2001:db8::::/64 = customer networks. Assuming the above, we have 65535 /48s available to customers, or 16,711,680 /56s. The ISP use /48 burns 256 /56s, or potential customers. So, like burning a /24 for the entire ISP operation. So, if you have more than 65K business customers, get more than a /32. If you have more than 16M residential or small business customers, get more than /32. The above plan puts the addresses you type lots (loopbacks, link nets) on the shortest addresses you have - you can use the zero compression :: thing. These are also the addresses that cause the most trouble if fat fingered, so shorter addresses leave less room for error. In addition, the entire first /64 (loopbacks, link nets) should never really receive packets from outside the network. Drop in an ACL. Modification to the above plan is to use /64s for link nets between ISP routers, if you are worried about compatibility issues. You now have a trade off between 65k ISP server networks, and 65k link nets. Let's say 32k for each. -- Nathan Ward
Re: Private use of non-RFC1918 IP space (IPv6-MW)
--On onsdag, onsdag 4 feb 2009 19.02.56 -0500 Patrick W. Gilmore patr...@ianai.net wrote: Second, where did you get 4 users per /64? Are you planning to hand each cable modem a /64? Telia got their /20 based on calculations where they give every customer a /48. Every apartment in every highrise gets 2^16 networks. I think that /56 or /52 is a more appropriate allocation per broadband subscriber. -- Måns NilssonM A C H I N A ... he dominates the DECADENT SUBWAY SCENE. pgp9epLSXt9oD.pgp Description: PGP signature
Re: Private use of non-RFC1918 IP space
On Feb 3, 2009, at 1:01 AM, Stephen Sprunk wrote: Patrick W. Gilmore wrote: Except the RIRs won't give you another /48 when you have only used one trillion IP addresses. Are you sure? According to ARIN staff, current implementation of policy is that all requests are approved since there are no defined criteria that would allow them to deny any. So far, nobody's shown interest in plugging that hole in the policy because it'd be a major step forward if IPv6 were popular enough for anyone to bother wasting it... Touché. I assumed if you had an allocation and came back for a second, they would say no. Hrmm, time for me to go get another (or another 1000?) v6 allocations. :) -- TTFN, patrick
Re: Private use of non-RFC1918 IP space
Stephen Sprunk wrote: Patrick W. Gilmore wrote: Except the RIRs won't give you another /48 when you have only used one trillion IP addresses. Are you sure? According to ARIN staff, current implementation of policy is that all requests are approved since there are no defined criteria that would allow them to deny any. So far, nobody's shown interest in plugging that hole in the policy because it'd be a major step forward if IPv6 were popular enough for anyone to bother wasting it... Catch 22? From my experience IPv6 is unlikely to become popular until it fully supports NAT. Much as network providers love the thought of owning all of your address space, and ARIN of billing for it, and RFCs like 4864 of providing rhetorical but technically flawed arguments against it, the lack of NAT only pushes adoption of IPv6 further into the future. Roger Marquis
Re: Private use of non-RFC1918 IP space
I don't consider IPv6 a popularity contest. It's about the motivation and the willingness to. Technical issues can be resolved if you and people around you are motivated to do so. I think there are some hard facts that need to be addressed when it comes to IPv6. Facts like 1. How do we migrate to a IPv6 stack on all servers and I am talking about the thousands of servers that exist on peoples network that run SaaS, Financial/Banking systems. 2. How do we make old applications speak IPv6? There are some old back-end systems that run core functions for many businesses out there that don't really have any upgrade path and I don't think people are thinking about this. From a network perspective IPv6 adoption is just about doing it and executing with your fellow AS neighbors. The elephant in the room is the applications that ride on your network. Zaid - Original Message - From: Roger Marquis marq...@roble.com To: nanog@nanog.org Sent: Tuesday, February 3, 2009 9:39:33 AM GMT -08:00 US/Canada Pacific Subject: Re: Private use of non-RFC1918 IP space Stephen Sprunk wrote: Patrick W. Gilmore wrote: Except the RIRs won't give you another /48 when you have only used one trillion IP addresses. Are you sure? According to ARIN staff, current implementation of policy is that all requests are approved since there are no defined criteria that would allow them to deny any. So far, nobody's shown interest in plugging that hole in the policy because it'd be a major step forward if IPv6 were popular enough for anyone to bother wasting it... Catch 22? From my experience IPv6 is unlikely to become popular until it fully supports NAT. Much as network providers love the thought of owning all of your address space, and ARIN of billing for it, and RFCs like 4864 of providing rhetorical but technically flawed arguments against it, the lack of NAT only pushes adoption of IPv6 further into the future. Roger Marquis
Re: Private use of non-RFC1918 IP space
Zaid Ali wrote: I don't consider IPv6 a popularity contest. It's about the motivation and the willingness to. Technical issues can be resolved if you and people around you are motivated to do so. I think there are some hard facts that need to be addressed when it comes to IPv6. Facts like 1. How do we migrate to a IPv6 stack on all servers and I am talking about the thousands of servers that exist on peoples network that run SaaS, Financial/Banking systems. Just upgrade your load balancer (or request a feature from your load balancer company) to map an external IPv6 address to a pool of IPv4 servers. Problem solved. 2. How do we make old applications speak IPv6? There are some old back-end systems that run core functions for many businesses out there that don't really have any upgrade path and I don't think people are thinking about this. Continue to run IPv4 internally for this application. There's no logical reason that IPv4 can't continue to coexist for decades. Heck, people still run IPX, right? -Paul
RE: Private use of non-RFC1918 IP space
It's not just technical. Companies are reluctant to migrate to an IP address owned by an ISP. We are one of those companies. If and when it is easy for us to apply and receive our own Ipv6 address space, we will look at deploying ipv6, but not until then. That's not a technical issue, but rather a business decision, and it's not going to change. We aren't depending our network resources on an external third-party, especially given their track record. Matthew Huff | One Manhattanville Rd OTA Management LLC | Purchase, NY 10577 http://www.ox.com | Phone: 914-460-4039 aim: matthewbhuff | Fax: 914-460-4139 -Original Message- From: Zaid Ali [mailto:z...@zaidali.com] Sent: Tuesday, February 03, 2009 1:19 PM To: Roger Marquis Cc: nanog@nanog.org Subject: Re: Private use of non-RFC1918 IP space I don't consider IPv6 a popularity contest. It's about the motivation and the willingness to. Technical issues can be resolved if you and people around you are motivated to do so. I think there are some hard facts that need to be addressed when it comes to IPv6. Facts like 1. How do we migrate to a IPv6 stack on all servers and I am talking about the thousands of servers that exist on peoples network that run SaaS, Financial/Banking systems. 2. How do we make old applications speak IPv6? There are some old back- end systems that run core functions for many businesses out there that don't really have any upgrade path and I don't think people are thinking about this. From a network perspective IPv6 adoption is just about doing it and executing with your fellow AS neighbors. The elephant in the room is the applications that ride on your network. Zaid - Original Message - From: Roger Marquis marq...@roble.com To: nanog@nanog.org Sent: Tuesday, February 3, 2009 9:39:33 AM GMT -08:00 US/Canada Pacific Subject: Re: Private use of non-RFC1918 IP space Stephen Sprunk wrote: Patrick W. Gilmore wrote: Except the RIRs won't give you another /48 when you have only used one trillion IP addresses. Are you sure? According to ARIN staff, current implementation of policy is that all requests are approved since there are no defined criteria that would allow them to deny any. So far, nobody's shown interest in plugging that hole in the policy because it'd be a major step forward if IPv6 were popular enough for anyone to bother wasting it... Catch 22? From my experience IPv6 is unlikely to become popular until it fully supports NAT. Much as network providers love the thought of owning all of your address space, and ARIN of billing for it, and RFCs like 4864 of providing rhetorical but technically flawed arguments against it, the lack of NAT only pushes adoption of IPv6 further into the future. Roger Marquis Matthew Huff.vcf Description: Binary data smime.p7s Description: S/MIME cryptographic signature
Re: Private use of non-RFC1918 IP space
Yes we all go to NANOG meetings and talk about these solutions but the change has to come from within. its not just a technical solution. There has to be motivation and incentive for people to make this change. Zaid - Original Message - From: Paul Timmins p...@telcodata.us To: Zaid Ali z...@zaidali.com Cc: Roger Marquis marq...@roble.com, nanog@nanog.org Sent: Tuesday, February 3, 2009 10:22:16 AM GMT -08:00 US/Canada Pacific Subject: Re: Private use of non-RFC1918 IP space Zaid Ali wrote: I don't consider IPv6 a popularity contest. It's about the motivation and the willingness to. Technical issues can be resolved if you and people around you are motivated to do so. I think there are some hard facts that need to be addressed when it comes to IPv6. Facts like 1. How do we migrate to a IPv6 stack on all servers and I am talking about the thousands of servers that exist on peoples network that run SaaS, Financial/Banking systems. Just upgrade your load balancer (or request a feature from your load balancer company) to map an external IPv6 address to a pool of IPv4 servers. Problem solved. 2. How do we make old applications speak IPv6? There are some old back-end systems that run core functions for many businesses out there that don't really have any upgrade path and I don't think people are thinking about this. Continue to run IPv4 internally for this application. There's no logical reason that IPv4 can't continue to coexist for decades. Heck, people still run IPX, right? -Paul
Re: Private use of non-RFC1918 IP space
Matthew Huff wrote: It's not just technical. Companies are reluctant to migrate to an IP address owned by an ISP. We are one of those companies. If and when it is easy for us to apply and receive our own Ipv6 address space, [..] Because like, ARIN wasn't the first RIR to provide that possibility. http://www.arin.net/registration/guidelines/ipv6_assignment.html I assume you will have IPv6 next week now? Greets, Jeroen signature.asc Description: OpenPGP digital signature
RE: Private use of non-RFC1918 IP space
DNS is great, but there is plenty of stuff to change that doesn't use DNS (ACLS, etc...). The point is, why should we go through the pain of renumbering, and have to do it everytime our relationship with our ISP changes? We aren't going to go there. It isn't renumbering that's the problem, the problem is that it being tied to an external company. Matthew Huff | One Manhattanville Rd OTA Management LLC | Purchase, NY 10577 http://www.ox.com | Phone: 914-460-4039 aim: matthewbhuff | Fax: 914-460-4139 -Original Message- From: Måns Nilsson [mailto:mansa...@besserwisser.org] Sent: Tuesday, February 03, 2009 4:19 PM To: Matthew Huff; 'Zaid Ali'; 'Roger Marquis' Cc: 'nanog@nanog.org' Subject: RE: Private use of non-RFC1918 IP space --On tisdag, tisdag 3 feb 2009 13.24.59 -0500 Matthew Huff mh...@ox.com wrote: It's not just technical. Companies are reluctant to migrate to an IP address owned by an ISP. We are one of those companies. If and when it is easy for us to apply and receive our own Ipv6 address space, we will look at deploying ipv6, but not until then. That's not a technical issue, but rather a business decision, and it's not going to change. We aren't depending our network resources on an external third-party, especially given their track record. Renumbering will happen. Be prepared or cry louder when it happens. DNS was invented for this, and v4 PA space is functionally equivalent to v6 here. Getting PI space only pushes the inevitable a bit, while lessening the incentives to DTRT wrt IP address mobility. -- Måns Nilsson M A C H I N A YOW!!! I am having fun!!! Matthew Huff.vcf Description: Binary data smime.p7s Description: S/MIME cryptographic signature
RE: Private use of non-RFC1918 IP space
With new dual-stack border devices people will be able to move bit by bit, and there is no real reason to have to run around and change everything that you have internally. These will change and update over time. These internal applications aren't running on public IP addresses anyway. ...Skeeve -Original Message- From: Zaid Ali [mailto:z...@zaidali.com] Sent: Wednesday, 4 February 2009 5:19 AM To: Roger Marquis Cc: nanog@nanog.org Subject: Re: Private use of non-RFC1918 IP space I don't consider IPv6 a popularity contest. It's about the motivation and the willingness to. Technical issues can be resolved if you and people around you are motivated to do so. I think there are some hard facts that need to be addressed when it comes to IPv6. Facts like 1. How do we migrate to a IPv6 stack on all servers and I am talking about the thousands of servers that exist on peoples network that run SaaS, Financial/Banking systems. 2. How do we make old applications speak IPv6? There are some old back-end systems that run core functions for many businesses out there that don't really have any upgrade path and I don't think people are thinking about this. From a network perspective IPv6 adoption is just about doing it and executing with your fellow AS neighbors. The elephant in the room is the applications that ride on your network. Zaid - Original Message - From: Roger Marquis marq...@roble.com To: nanog@nanog.org Sent: Tuesday, February 3, 2009 9:39:33 AM GMT -08:00 US/Canada Pacific Subject: Re: Private use of non-RFC1918 IP space Stephen Sprunk wrote: Patrick W. Gilmore wrote: Except the RIRs won't give you another /48 when you have only used one trillion IP addresses. Are you sure? According to ARIN staff, current implementation of policy is that all requests are approved since there are no defined criteria that would allow them to deny any. So far, nobody's shown interest in plugging that hole in the policy because it'd be a major step forward if IPv6 were popular enough for anyone to bother wasting it... Catch 22? From my experience IPv6 is unlikely to become popular until it fully supports NAT. Much as network providers love the thought of owning all of your address space, and ARIN of billing for it, and RFCs like 4864 of providing rhetorical but technically flawed arguments against it, the lack of NAT only pushes adoption of IPv6 further into the future. Roger Marquis
RE: Private use of non-RFC1918 IP space
Owned by an ISP? It isn't much different than it is now. As long as you are multi-homed you can get a small allocation (/48), APNIC and ARIN have procedures for this. Yes, you have to pay for it, but the addresses will be yours, unlike the RFC1918 ranges which is akin to 2.4Ghz wireless.. lets just share and hope we never interconnect/overlap. I can't find a RFC1918 equivalent for v6 with the exception of 2001:0DB8::/32# which is the ranges that has been assigned for documentation use and is considered to NEVER be routable. In that /32 are 65536 /48's... way more than the RFC1918 we have now. If I was going to build a v6 network right now, that was purely private and never* going to hit the internet, and I could not afford to be a NIC member or pay the fees... then I would be using the ranges above I wonder if that will start a flame war *puts on fire suit*. ...Skeeve * never say never! # http://www.iana.org/assignments/ipv6-unicast-address-assignments -Original Message- From: Matthew Huff [mailto:mh...@ox.com] Sent: Wednesday, 4 February 2009 5:25 AM To: 'Zaid Ali'; 'Roger Marquis' Cc: 'nanog@nanog.org' Subject: RE: Private use of non-RFC1918 IP space It's not just technical. Companies are reluctant to migrate to an IP address owned by an ISP. We are one of those companies. If and when it is easy for us to apply and receive our own Ipv6 address space, we will look at deploying ipv6, but not until then. That's not a technical issue, but rather a business decision, and it's not going to change. We aren't depending our network resources on an external third-party, especially given their track record. Matthew Huff | One Manhattanville Rd OTA Management LLC | Purchase, NY 10577 http://www.ox.com | Phone: 914-460-4039 aim: matthewbhuff | Fax: 914-460-4139 -Original Message- From: Zaid Ali [mailto:z...@zaidali.com] Sent: Tuesday, February 03, 2009 1:19 PM To: Roger Marquis Cc: nanog@nanog.org Subject: Re: Private use of non-RFC1918 IP space I don't consider IPv6 a popularity contest. It's about the motivation and the willingness to. Technical issues can be resolved if you and people around you are motivated to do so. I think there are some hard facts that need to be addressed when it comes to IPv6. Facts like 1. How do we migrate to a IPv6 stack on all servers and I am talking about the thousands of servers that exist on peoples network that run SaaS, Financial/Banking systems. 2. How do we make old applications speak IPv6? There are some old back- end systems that run core functions for many businesses out there that don't really have any upgrade path and I don't think people are thinking about this. From a network perspective IPv6 adoption is just about doing it and executing with your fellow AS neighbors. The elephant in the room is the applications that ride on your network. Zaid - Original Message - From: Roger Marquis marq...@roble.com To: nanog@nanog.org Sent: Tuesday, February 3, 2009 9:39:33 AM GMT -08:00 US/Canada Pacific Subject: Re: Private use of non-RFC1918 IP space Stephen Sprunk wrote: Patrick W. Gilmore wrote: Except the RIRs won't give you another /48 when you have only used one trillion IP addresses. Are you sure? According to ARIN staff, current implementation of policy is that all requests are approved since there are no defined criteria that would allow them to deny any. So far, nobody's shown interest in plugging that hole in the policy because it'd be a major step forward if IPv6 were popular enough for anyone to bother wasting it... Catch 22? From my experience IPv6 is unlikely to become popular until it fully supports NAT. Much as network providers love the thought of owning all of your address space, and ARIN of billing for it, and RFCs like 4864 of providing rhetorical but technically flawed arguments against it, the lack of NAT only pushes adoption of IPv6 further into the future. Roger Marquis
RE: Private use of non-RFC1918 IP space
See my other email. You don't need to use a providers range. ...Skeeve -Original Message- From: Matthew Huff [mailto:mh...@ox.com] Sent: Wednesday, 4 February 2009 8:35 AM To: 'Måns Nilsson'; 'Zaid Ali'; 'Roger Marquis' Cc: 'nanog@nanog.org' Subject: RE: Private use of non-RFC1918 IP space DNS is great, but there is plenty of stuff to change that doesn't use DNS (ACLS, etc...). The point is, why should we go through the pain of renumbering, and have to do it everytime our relationship with our ISP changes? We aren't going to go there. It isn't renumbering that's the problem, the problem is that it being tied to an external company. Matthew Huff | One Manhattanville Rd OTA Management LLC | Purchase, NY 10577 http://www.ox.com | Phone: 914-460-4039 aim: matthewbhuff | Fax: 914-460-4139 -Original Message- From: Måns Nilsson [mailto:mansa...@besserwisser.org] Sent: Tuesday, February 03, 2009 4:19 PM To: Matthew Huff; 'Zaid Ali'; 'Roger Marquis' Cc: 'nanog@nanog.org' Subject: RE: Private use of non-RFC1918 IP space --On tisdag, tisdag 3 feb 2009 13.24.59 -0500 Matthew Huff mh...@ox.com wrote: It's not just technical. Companies are reluctant to migrate to an IP address owned by an ISP. We are one of those companies. If and when it is easy for us to apply and receive our own Ipv6 address space, we will look at deploying ipv6, but not until then. That's not a technical issue, but rather a business decision, and it's not going to change. We aren't depending our network resources on an external third-party, especially given their track record. Renumbering will happen. Be prepared or cry louder when it happens. DNS was invented for this, and v4 PA space is functionally equivalent to v6 here. Getting PI space only pushes the inevitable a bit, while lessening the incentives to DTRT wrt IP address mobility. -- Måns Nilsson M A C H I N A YOW!!! I am having fun!!!
RE: Private use of non-RFC1918 IP space
OK, I will make an (what looks to this list) embarrassing admission. We use 1.0.0.0/8 for our internal ranges, but this is on a small scale. We do it because of the kind of business we do... we manage many other much larger networks which already use every possible overlapping RFC1918 network you can imagine... we have half a dozen networks using 192.168.0, and even more using many varied masks in the 10.0.0.0/8. We already have issues with the overlapping networks as is, without making it worse for us by using on of them. I chose to go the 1.0.0.0 path because: - It wont conflict with my customers and us doing our business - As long as it is not APNIC who gets it, the chances of it conflicting will be extremely minimal (rolls dice) - We don't design customer networks with non-RFC1918 ranges unless there is some extreme reason - Yes it is potentially allocate-able in the future, but if it happens I will deal with it then - just renumber or see the next point - We will be fully IPv6 within 6-9 months with a separate VLAN which will support legacy equipment with NAT-PT... this will still be an issue interconnecting to customer networks, but we will think of something. ..Skeeve -Original Message- From: David Conrad [mailto:d...@virtualized.org] Sent: Tuesday, 3 February 2009 6:48 AM To: Bruce Grobler Cc: NANOG list Subject: Re: Private use of non-RFC1918 IP space On Feb 2, 2009, at 8:10 AM, Bruce Grobler wrote: Most ISP's, if not all, null route 1.0.0.0/8 therefore you shouldn't encounter any problems using it in a private network. Is this true? This will cause endless entertainment when IANA allocates 1.0.0.0/8 sometime within the next two or three years... Regards, -drc
Re: Private use of non-RFC1918 IP space
Stephen Sprunk wrote: Patrick W. Gilmore wrote: Except the RIRs won't give you another /48 when you have only used one trillion IP addresses. Keyword: *Another* Are you sure? According to ARIN staff, current implementation of policy is that all requests are approved since there are no defined criteria that would allow them to deny any. So far, nobody's shown interest in plugging that hole in the policy because it'd be a major step forward if IPv6 were popular enough for anyone to bother wasting it... S I believe Stephen is thinking of initial allocation policy - because a subsequent allocation policy in the ARIN region exists: (and it's been modified atleast once in the last few years) Justification to obtain another netblock is .94 HD-Ratio in the current allocation Endusers (minimum allocation is a /48) For a /48 that's about 72% utilization or 184 /56's assigned/used ISP's (minimum allocation is a /32) For a /32 that's about 37% utilization or 6,183,533 /56's assigned ARIN provides a handy chart: http://www.arin.net/policy/nrpm.html#six7
IPv6 space (was: RE: Private use of non-RFC1918 IP space )
Which is exactly what they should do - actually before that one would hope. This is not the $200/hour chcklehead consultant's fault, that is the design. Don't you love the idea of using 18446744073709551616 IP addresses to number a point-to-point link? Let's not ignore that all IPv6 allocations are basically charged-for, so my expectation is that there will be fewer idle allocations that can't be recovered running around (when an org has to justify $36,000 per year [after 2012], forever, some bean counter may ask why... especially if they can get a sensibly sized allocation from their provider for a fraction of that cost). I'm not sure if that is cynical, or optimistic, but since the allocations are not free, there seems to be less incentive to squat. Deepak Jain AiNET
Re: Private use of non-RFC1918 IP space
Skeeve Stevens wrote: Owned by an ISP? It isn't much different than it is now. As long as you are multi-homed you can get a small allocation (/48), APNIC and ARIN have procedures for this. Yes, you have to pay for it, but the addresses will be yours, unlike the RFC1918 ranges which is akin to 2.4Ghz wireless.. lets just share and hope we never interconnect/overlap. I can't find a RFC1918 equivalent for v6 with the exception of 2001:0DB8::/32# which is the ranges that has been assigned for documentation use and is considered to NEVER be routable. In that /32 are 65536 /48's... way more than the RFC1918 we have now. RFC4193 - Unique Local IPv6 Unicast Addresses http://www.iana.org/assignments/ipv6-address-space FC00::/7 Unique Local Unicast[RFC4193] ..maybe they should have called it RFC1918 for IPv6. FWIW, 2001:0DB8::/32 was allocated by APNIC. Not quite the same as being an RFC/IANA delegated/reserved netblock. --heather Heather Schiller Verizon Business Customer Security 1.800.900.0241 IP Address Management hel...@verizonbusiness.com =
Re: Private use of non-RFC1918 IP space
Skeeve Stevens wrote: [please fix your line length, my screen is still not a 100] Owned by an ISP? It isn't much different than it is now. As long as you are multi-homed you can get a small allocation (/48), APNIC and ARIN have procedures for this. Yes, you have to pay for it, but the addresses will be yours, unlike the RFC1918 ranges which is akin to 2.4Ghz wireless.. lets just share and hope we never interconnect/overlap. I can't find a RFC1918 equivalent for v6 with the exception of 2001:0DB8::/32# which is the ranges that has been assigned for documentation use and is considered to NEVER be routable. In that /32 are 65536 /48's... way more than the RFC1918 we have now. Documentation is exactly that: Documentation. Do not EVER use that in a real box. If you need 'RFC1918 alike' space then go for ULA (RFC4193). Also see http://www.sixxs.net/tools/grh/ula/ for a semi-registered version of that. If you want guaranteed unique then go to a RIR. If I was going to build a v6 network right now, that was purely private and never* going to hit the internet, and I could not afford to be a NIC member or pay the fees... then I would be using the ranges above I wonder if that will start a flame war *puts on fire suit*. Google goes straight through that suit, I suggest you use it and read up on IPv6. Even the Wikipedia entry contains this information. google(rfc1918 ipv6) or http://en.wikipedia.org/wiki/Private_network Greets, Jeroen signature.asc Description: OpenPGP digital signature
Re: Private use of non-RFC1918 IP space
On 4/02/2009, at 12:25 PM, Owen DeLong wrote: There is the ULA-Random space, but, I'm not sure if that got ratified or was rescinded. I really don't see a need for RFC-1918 in the IPv6 world. RFC-1918 was intended to solve a problem with a shortage of address space by allowing disparate private networks to recycle the same numbers behind NAT or for use on non-connected networks. There is no such shortage in IPv6. I think it is wiser to number non-connected IPv6 networks from valid unique addresses since there is no shortage. ULA is useful for organisations that cannot get an RIR allocation/ assignment, so are likely to need to re-number. If they number on ULA *in addition to* whatever space their ISP gives them, they do not need to alter any internal DNS, ACLs, etc. etc. if/ when they re-number. An easy example of a good use for ULA might be the internal recursive DNS server addresses that the DHCPv6 server hands out. If they are so inclined, they might even re-number dynamically if they get their prefix using PD. -- Nathan Ward
RE: Private use of non-RFC1918 IP space
And for those kinds of applications, yell at your vendors to come up with a solution. They say that there is about 2 years of ipv4 left. Then we’re screwed. If people sit with their thumbs up their asses now, and are not out planning budgets and migration strategies, they will be caught when they want to do network expansions. Note… the running out of IPv4 will NOT effect your current operations in any way. Your providers transit will (or already has) become dual stack, and you will continue to be able to talk to the internet as a whole unless native v6 only content starts to appear, which it will and then problems will appear. This situation will be able to go on for years without your changing anything….. unless you want these applications to keep communicating with the ever growing internet on ipv6… and if you do, plan for it… decide if you’re going to do it now, in a year, or in 10 years and how you want to look to your shareholders or stakeholders… because eventually, they will ask… they may not want to pay for it just now… but there is a lot of things you can do before you have to start paying real money for things. - Getting your assignment/allocation - Developing your documentation/plan of how it will be assigned internally - Start to identify what parts of your infrastructure will not cope (everyone will need to use NAT-PT internally for some 10 years or more) - Start talking to your hardware and software vendors about v6 and understanding their product roadmaps, timelines and so on. With all this, when it becomes inevitable you won’t have to suddenly do a ton of work…. Or you could buy ‘Migrating my corporate network to IPv6 for Dummies’ …Skeeve From: Dave Temkin [mailto:dav...@gmail.com] Sent: Wednesday, 4 February 2009 9:06 AM To: ske...@skeeve.org Cc: 'Zaid Ali'; 'Roger Marquis'; nanog@nanog.org Subject: Re: Private use of non-RFC1918 IP space The problem with that solution mainly being that the application itself still needs some sort of intelligence as well as the border device potentially doing L7 operations (header insertion/etc.) - unless you're OK with generally losing all information about the source of incoming traffic at the backend (except for looking at NAT tables...) -Dave Skeeve Stevens wrote: With new dual-stack border devices people will be able to move bit by bit, and there is no real reason to have to run around and change everything that you have internally. These will change and update over time. These internal applications aren't running on public IP addresses anyway. ...Skeeve -Original Message- From: Zaid Ali [mailto:z...@zaidali.com] Sent: Wednesday, 4 February 2009 5:19 AM To: Roger Marquis Cc: nanog@nanog.org Subject: Re: Private use of non-RFC1918 IP space I don't consider IPv6 a popularity contest. It's about the motivation and the willingness to. Technical issues can be resolved if you and people around you are motivated to do so. I think there are some hard facts that need to be addressed when it comes to IPv6. Facts like 1. How do we migrate to a IPv6 stack on all servers and I am talking about the thousands of servers that exist on peoples network that run SaaS, Financial/Banking systems. 2. How do we make old applications speak IPv6? There are some old back-end systems that run core functions for many businesses out there that don't really have any upgrade path and I don't think people are thinking about this. From a network perspective IPv6 adoption is just about doing it and executing with your fellow AS neighbors. The elephant in the room is the applications that ride on your network. Zaid - Original Message - From: Roger Marquis mailto:marq...@roble.com marq...@roble.com To: nanog@nanog.org Sent: Tuesday, February 3, 2009 9:39:33 AM GMT -08:00 US/Canada Pacific Subject: Re: Private use of non-RFC1918 IP space Stephen Sprunk wrote: Patrick W. Gilmore wrote: Except the RIRs won't give you another /48 when you have only used one trillion IP addresses. Are you sure? According to ARIN staff, current implementation of policy is that all requests are approved since there are no defined criteria that would allow them to deny any. So far, nobody's shown interest in plugging that hole in the policy because it'd be a major step forward if IPv6 were popular enough for anyone to bother wasting it... Catch 22? From my experience IPv6 is unlikely to become popular until it fully supports NAT. Much as network providers love the thought of owning all of your address space, and ARIN of billing for it, and RFCs like 4864 of providing rhetorical but technically flawed arguments against it, the lack of NAT only pushes adoption of IPv6 further into the future. Roger Marquis
Re: Private use of non-RFC1918 IP space
Owen DeLong wrote: ... I don't know what the APNIC fees and membership requirements are. A succinct summary, see below ! However, in the ARIN region, you do not need to be a member to get address space. The renewal fee for end-user space is $100/year. If you can't afford $100/year, how are you staying connected to the network or paying to power your equipment? APNIC fees are an order of magnitude (or more) higher ! http://www.apnic.net/member/feesinfo.html#non_mem_fee ftp://ftp.apnic.net/apnic/docs/non-member-fees-2008 (APNIC-118) I quote from APNIC-118 : A host address in IPv4 is defined as a /32 and a site address in IPv6 is defined a /48. The initial fee for an assignment or allocation of IP addresses is AU$1.27 per host or site address, with a minimum fee of AU$10,384. After the first year of the initial assignment or allocation, there is an annual registration fee is AU$0.127 per host or site address, with a minimum fee of AU$1,038.40.
Re: Private use of non-RFC1918 IP space
On Feb 3, 2009, at 2:18 PM, Skeeve Stevens wrote: Owned by an ISP? It isn't much different than it is now. As long as you are multi-homed you can get a small allocation (/48), APNIC and ARIN have procedures for this. To clarify, you can get whatever size assignment you need, but, the default unless you request larger and can justify it is a /48. To put this in perspective, a /48 is 65536*4billion*the total IPv4 address space. Further, it's enough space for 65,536 subnets with 64 bit host addresses. Likely, this is enough for most end-user organizations, but, if you are part of an organization that needs more, you can get it simply by justifying your additional needs. Yes, you have to pay for it, but the addresses will be yours, unlike the RFC1918 ranges which is akin to 2.4Ghz wireless.. lets just share and hope we never interconnect/overlap. In the ARIN region, the end-user annual fees are quite low. I don't see this as a significant barrier to entry to most end-user organizations. I can't find a RFC1918 equivalent for v6 with the exception of 2001:0DB8::/32# which is the ranges that has been assigned for documentation use and is considered to NEVER be routable. In that / 32 are 65536 /48's... way more than the RFC1918 we have now. There is the ULA-Random space, but, I'm not sure if that got ratified or was rescinded. I really don't see a need for RFC-1918 in the IPv6 world. RFC-1918 was intended to solve a problem with a shortage of address space by allowing disparate private networks to recycle the same numbers behind NAT or for use on non-connected networks. There is no such shortage in IPv6. I think it is wiser to number non-connected IPv6 networks from valid unique addresses since there is no shortage. If I was going to build a v6 network right now, that was purely private and never* going to hit the internet, and I could not afford to be a NIC member or pay the fees... then I would be using the ranges above I wonder if that will start a flame war *puts on fire suit*. I don't know what the APNIC fees and membership requirements are. However, in the ARIN region, you do not need to be a member to get address space. The renewal fee for end-user space is $100/year. If you can't afford $100/year, how are you staying connected to the network or paying to power your equipment? Owen ...Skeeve * never say never! # http://www.iana.org/assignments/ipv6-unicast-address-assignments -Original Message- From: Matthew Huff [mailto:mh...@ox.com] Sent: Wednesday, 4 February 2009 5:25 AM To: 'Zaid Ali'; 'Roger Marquis' Cc: 'nanog@nanog.org' Subject: RE: Private use of non-RFC1918 IP space It's not just technical. Companies are reluctant to migrate to an IP address owned by an ISP. We are one of those companies. If and when it is easy for us to apply and receive our own Ipv6 address space, we will look at deploying ipv6, but not until then. That's not a technical issue, but rather a business decision, and it's not going to change. We aren't depending our network resources on an external third-party, especially given their track record. Matthew Huff | One Manhattanville Rd OTA Management LLC | Purchase, NY 10577 http://www.ox.com | Phone: 914-460-4039 aim: matthewbhuff | Fax: 914-460-4139 -Original Message- From: Zaid Ali [mailto:z...@zaidali.com] Sent: Tuesday, February 03, 2009 1:19 PM To: Roger Marquis Cc: nanog@nanog.org Subject: Re: Private use of non-RFC1918 IP space I don't consider IPv6 a popularity contest. It's about the motivation and the willingness to. Technical issues can be resolved if you and people around you are motivated to do so. I think there are some hard facts that need to be addressed when it comes to IPv6. Facts like 1. How do we migrate to a IPv6 stack on all servers and I am talking about the thousands of servers that exist on peoples network that run SaaS, Financial/Banking systems. 2. How do we make old applications speak IPv6? There are some old back- end systems that run core functions for many businesses out there that don't really have any upgrade path and I don't think people are thinking about this. From a network perspective IPv6 adoption is just about doing it and executing with your fellow AS neighbors. The elephant in the room is the applications that ride on your network. Zaid - Original Message - From: Roger Marquis marq...@roble.com To: nanog@nanog.org Sent: Tuesday, February 3, 2009 9:39:33 AM GMT -08:00 US/Canada Pacific Subject: Re: Private use of non-RFC1918 IP space Stephen Sprunk wrote: Patrick W. Gilmore wrote: Except the RIRs won't give you another /48 when you have only used one trillion IP addresses. Are you sure? According to ARIN staff, current implementation of policy is that all requests are approved since there are no defined criteria that would allow them to deny any. So far, nobody's shown
RE: Private use of non-RFC1918 IP space
Exactly. So.. do I have to be in the US to get ARIN space? Technically space you get is announceable anywhere in the world... Can I just have a /32 from ARIN please and not pay the ton of money that APNIC ask for? I can setup a POBOX in New York if that will help? ;-) Actually, that is an interesting question... If I have a network I am building in the US/other locale, but I am based here, can I become an ARIN/RIPE/etc member and get a range out of them? ...Skeeve -Original Message- From: Peter J. Cherny [mailto:pet...@luddite.com.au] Sent: Wednesday, 4 February 2009 11:06 AM To: nanog@nanog.org Subject: Re: Private use of non-RFC1918 IP space Owen DeLong wrote: ... I don't know what the APNIC fees and membership requirements are. A succinct summary, see below ! However, in the ARIN region, you do not need to be a member to get address space. The renewal fee for end-user space is $100/year. If you can't afford $100/year, how are you staying connected to the network or paying to power your equipment? APNIC fees are an order of magnitude (or more) higher ! http://www.apnic.net/member/feesinfo.html#non_mem_fee ftp://ftp.apnic.net/apnic/docs/non-member-fees-2008 (APNIC-118) I quote from APNIC-118 : A host address in IPv4 is defined as a /32 and a site address in IPv6 is defined a /48. The initial fee for an assignment or allocation of IP addresses is AU$1.27 per host or site address, with a minimum fee of AU$10,384. After the first year of the initial assignment or allocation, there is an annual registration fee is AU$0.127 per host or site address, with a minimum fee of AU$1,038.40.
RE: Private use of non-RFC1918 IP space
--On tisdag, tisdag 3 feb 2009 13.24.59 -0500 Matthew Huff mh...@ox.com wrote: It's not just technical. Companies are reluctant to migrate to an IP address owned by an ISP. We are one of those companies. If and when it is easy for us to apply and receive our own Ipv6 address space, we will look at deploying ipv6, but not until then. That's not a technical issue, but rather a business decision, and it's not going to change. We aren't depending our network resources on an external third-party, especially given their track record. Renumbering will happen. Be prepared or cry louder when it happens. DNS was invented for this, and v4 PA space is functionally equivalent to v6 here. Getting PI space only pushes the inevitable a bit, while lessening the incentives to DTRT wrt IP address mobility. -- Måns NilssonM A C H I N A YOW!!! I am having fun!!! pgprwXVH3KEIw.pgp Description: PGP signature
Re: Private use of non-RFC1918 IP space
The problem with that solution mainly being that the application itself still needs some sort of intelligence as well as the border device potentially doing L7 operations (header insertion/etc.) - unless you're OK with generally losing all information about the source of incoming traffic at the backend (except for looking at NAT tables...) -Dave Skeeve Stevens wrote: With new dual-stack border devices people will be able to move bit by bit, and t here is no real reason to have to run around and change everything that you have internally. These will change and update over time. These internal applicatio ns aren't running on public IP addresses anyway. ...Skeeve -Original Message- From: Zaid Ali [[1]mailto:z...@zaidali.com] Sent: Wednesday, 4 February 2009 5:19 AM To: Roger Marquis Cc: [2]na...@nanog.org Subject: Re: Private use of non-RFC1918 IP space I don't consider IPv6 a popularity contest. It's about the motivation and the wi llingness to. Technical issues can be resolved if you and people around you are motivated to do so. I think there are some hard facts that need to be addressed when it comes to IPv6. Facts like 1. How do we migrate to a IPv6 stack on all servers and I am talking about the thousands of servers that exist on peoples network that run SaaS, Financial/Banking systems. 2. How do we make old applications speak IPv6? There are some old back-end syste ms that run core functions for many businesses out there that don't really have any upgrade path and I don't think people are thinking about this. From a network perspective IPv6 adoption is just about doing it and executing w ith your fellow AS neighbors. The elephant in the room is the applications that ride on your network. Zaid - Original Message - From: Roger Marquis [3]marq...@roble.com To: [4]na...@nanog.org Sent: Tuesday, February 3, 2009 9:39:33 AM GMT -08:00 US/Canada Pacific Subject: Re: Private use of non-RFC1918 IP space Stephen Sprunk wrote: Patrick W. Gilmore wrote: Except the RIRs won't give you another /48 when you have only used one trillion IP addresses. Are you sure? According to ARIN staff, current implementation of policy is that all requests are approved since there are no defined criteria that would allow them to deny any. So far, nobody's shown interest in plugging that hole in the policy because it'd be a major step forward if IPv6 were popular enough for anyone to bother wasting it... Catch 22? From my experience IPv6 is unlikely to become popular until it fully supports NAT. Much as network providers love the thought of owning all of your address space, and ARIN of billing for it, and RFCs like 4864 of providing rhetorical but technically flawed arguments against it, the lack of NAT only pushes adoption of IPv6 further into the future. Roger Marquis References 1. mailto:z...@zaidali.com 2. mailto:nanog@nanog.org 3. mailto:marq...@roble.com 4. mailto:nanog@nanog.org
RE: Private use of non-RFC1918 IP space
It isn't ipv6 that needs to support NAT, it is the devices doing dual-stack. This is where NAT-PT (v6-v4 NAT) will come in. My opinion is that we only aren't further along because the hardware vendors are slackers, mostly the low end guys like D-Link, Belkin, Netgear and so on who provide most of the home networking equipment. The big boys have supported v6 NAT and NAT-PT for ages. ...Skeeve -Original Message- From: Roger Marquis [mailto:marq...@roble.com] Sent: Wednesday, 4 February 2009 4:40 AM To: nanog@nanog.org Subject: Re: Private use of non-RFC1918 IP space Stephen Sprunk wrote: Patrick W. Gilmore wrote: Except the RIRs won't give you another /48 when you have only used one trillion IP addresses. Are you sure? According to ARIN staff, current implementation of policy is that all requests are approved since there are no defined criteria that would allow them to deny any. So far, nobody's shown interest in plugging that hole in the policy because it'd be a major step forward if IPv6 were popular enough for anyone to bother wasting it... Catch 22? From my experience IPv6 is unlikely to become popular until it fully supports NAT. Much as network providers love the thought of owning all of your address space, and ARIN of billing for it, and RFCs like 4864 of providing rhetorical but technically flawed arguments against it, the lack of NAT only pushes adoption of IPv6 further into the future. Roger Marquis
RE: Private use of non-RFC1918 IP space
OK. Following myself up, and referencing a link someone else gave me in regards to IPv6 http://en.wikipedia.org/wiki/Private_network Has the entry: Private use of other reserved addresses Several other address ranges, in addition to the official private ranges, are reserved for other or future uses, including 1.0.0.0/8 and 2.0.0.0/8[1]. In recent years, large companies have begun to use this address space internally. Though discouraged, it appears to have become an accepted practice among larger companies to use these reserved address spaces when connecting two private networks, to eliminate the chance of address conflicts when using standards-based private ranges. --- Now I'm not using this as justification just interesting to see people have put it up there, and comment that a lot of large companies are using 1/8 and 2/8 for private networking. ...Skeeve -Original Message- From: Skeeve Stevens [mailto:ske...@skeeve.org] Sent: Wednesday, 4 February 2009 9:48 AM To: 'David Conrad'; 'Bruce Grobler' Cc: 'NANOG list' Subject: RE: Private use of non-RFC1918 IP space OK, I will make an (what looks to this list) embarrassing admission. We use 1.0.0.0/8 for our internal ranges, but this is on a small scale. We do it because of the kind of business we do... we manage many other much larger networks which already use every possible overlapping RFC1918 network you can imagine... we have half a dozen networks using 192.168.0, and even more using many varied masks in the 10.0.0.0/8. We already have issues with the overlapping networks as is, without making it worse for us by using on of them. I chose to go the 1.0.0.0 path because: - It wont conflict with my customers and us doing our business - As long as it is not APNIC who gets it, the chances of it conflicting will be extremely minimal (rolls dice) - We don't design customer networks with non-RFC1918 ranges unless there is some extreme reason - Yes it is potentially allocate-able in the future, but if it happens I will deal with it then - just renumber or see the next point - We will be fully IPv6 within 6-9 months with a separate VLAN which will support legacy equipment with NAT-PT... this will still be an issue interconnecting to customer networks, but we will think of something. ..Skeeve -Original Message- From: David Conrad [mailto:d...@virtualized.org] Sent: Tuesday, 3 February 2009 6:48 AM To: Bruce Grobler Cc: NANOG list Subject: Re: Private use of non-RFC1918 IP space On Feb 2, 2009, at 8:10 AM, Bruce Grobler wrote: Most ISP's, if not all, null route 1.0.0.0/8 therefore you shouldn't encounter any problems using it in a private network. Is this true? This will cause endless entertainment when IANA allocates 1.0.0.0/8 sometime within the next two or three years... Regards, -drc
Re: Private use of non-RFC1918 IP space
On Wed, Feb 04, 2009 at 11:57:36AM +1100, Skeeve Stevens wrote: OK. Following myself up, and referencing a link someone else gave me in regards to IPv6 http://en.wikipedia.org/wiki/Private_network Has the entry: Private use of other reserved addresses Several other address ranges, in addition to the official private ranges, are reserved for other or future uses, including 1.0.0.0/8 and 2.0.0.0/8[1]. In recent years, large companies have begun to use this address space internally. [citation required] - Matt
RE: Private use of non-RFC1918 IP space
I agree... I'd love to know where they got that from... who even wrote it? ...Skeeve -Original Message- From: Matthew Palmer [mailto:mpal...@hezmatt.org] Sent: Wednesday, 4 February 2009 12:26 PM To: nanog@nanog.org Subject: Re: Private use of non-RFC1918 IP space On Wed, Feb 04, 2009 at 11:57:36AM +1100, Skeeve Stevens wrote: OK. Following myself up, and referencing a link someone else gave me in regards to IPv6 http://en.wikipedia.org/wiki/Private_network Has the entry: Private use of other reserved addresses Several other address ranges, in addition to the official private ranges, are reserved for other or future uses, including 1.0.0.0/8 and 2.0.0.0/8[1]. In recent years, large companies have begun to use this address space internally. [citation required] - Matt
Re: Private use of non-RFC1918 IP space
On Feb 3, 2009, at 5:25 PM, Matthew Palmer wrote: On Wed, Feb 04, 2009 at 11:57:36AM +1100, Skeeve Stevens wrote: OK. Following myself up, and referencing a link someone else gave me in regards to IPv6 http://en.wikipedia.org/wiki/Private_network Has the entry: Private use of other reserved addresses Several other address ranges, in addition to the official private ranges, are reserved for other or future uses, including 1.0.0.0/8 and 2.0.0.0/8[1]. In recent years, large companies have begun to use this address space internally. [citation required] - Matt I've added a blurb to this page expressing the risks associated with such use. Owen
Re: Re: Private use of non-RFC1918 IP space
Some nitwits just grab one out of fat air. I've seen 192.169.xx and 192.254.xx randomly used before. On Feb 2, 2009 12:03pm, sth...@nethelp.no wrote: What reason could you possibly have to use non RFC 1918 space on a closed network? It's very bad practice - unfortunately I do see it done sometimes There are sometimes good reasons to do this, for instance to ensure uniqueness in the face of mergers and acquisitions. Steinar Haug, Nethelp consulting, sth...@nethelp.no
RE: Re: Private use of non-RFC1918 IP space
I've even seen at a previous place (note: 'previous') that decided to use 40.x.x.x for their internal IP space I find it hard to believe a company can mismanage their IP space that 10.0.0.0, 192.168.0.0, and 172.(16-31).0.0 are all used up, but then again, I shouldn't be surprised. Back in '96 or so, an ISP I was working at was giving out /24's for a 14.4 dialup account Ken Matlock Network Analyst Exempla Healthcare (303) 467-4671 matlo...@exempla.org -Original Message- From: mikelie...@gmail.com [mailto:mikelie...@gmail.com] Sent: Monday, February 02, 2009 10:16 AM To: sth...@nethelp.no; pstew...@nexicomgroup.net; nanog@nanog.org Subject: Re: Re: Private use of non-RFC1918 IP space Some nitwits just grab one out of fat air. I've seen 192.169.xx and 192.254.xx randomly used before. On Feb 2, 2009 12:03pm, sth...@nethelp.no wrote: What reason could you possibly have to use non RFC 1918 space on a closed network? It's very bad practice - unfortunately I do see it done sometimes There are sometimes good reasons to do this, for instance to ensure uniqueness in the face of mergers and acquisitions. Steinar Haug, Nethelp consulting, sth...@nethelp.no
Re: Private use of non-RFC1918 IP space
On Mon, 02 Feb 2009 12:20:25 EST, D'Arcy J.M. Cain said: On Mon, 02 Feb 2009 18:03:57 +0100 (CET) sth...@nethelp.no wrote: What reason could you possibly have to use non RFC 1918 space on a closed network? It's very bad practice - unfortunately I do see it done sometimes There are sometimes good reasons to do this, for instance to ensure uniqueness in the face of mergers and acquisitions. How does that help? If you are renumbering due to a merger, couldn't you just agree on separate private space just as easily? They don't renumber, they end up just double-NAT or triple-NAT betweem the merged units. I think one poor soul posted here that they had quintuple-NAT'ing going on due to a long string of mergers pgpcWoO05l4Of.pgp Description: PGP signature
Re: Private use of non-RFC1918 IP space
There are sometimes good reasons to do this, for instance to ensure uniqueness in the face of mergers and acquisitions. How does that help? If you are renumbering due to a merger, couldn't you just agree on separate private space just as easily? It would ensure that you could get the networks to communicate, without IP address conflicts, *before* you started any renumbering. Steinar Haug, Nethelp consulting, sth...@nethelp.no
Re: Private use of non-RFC1918 IP space
On 2009/02/02 07:16 PM mikelie...@gmail.com wrote: Some nitwits just grab one out of fat air. I've seen 192.169.xx and 192.254.xx randomly used before. Seen 198/8, 196.200/16 and 172.whatever the hell the admin felt like/16 And these people are shocked when I tell them to renumber before I'll touch their network..
RE: Private use of non-RFC1918 IP space
Le lundi 02 février 2009 à 19:22 +, Johnny Eriksson a écrit : Paul Stewart pstew...@nexicomgroup.net wrote: What reason could you possibly have to use non RFC 1918 space on a closed network? It's very bad practice - unfortunately I do see it done sometimes Really really LARGE scalability testing that needs more addresses than RFC1918 gives you. Use IPv6. Cheers, mh In a closed lab. Yes, it is ugly. Been there. Sometimes ugly can not be avoided. Paul --Johnny -- michael hallgren, mh2198-ripe signature.asc Description: Ceci est une partie de message numériquement signée
Re: Private use of non-RFC1918 IP space
On a related note, do you think that 0.0.0.0/8 (excluding 0.0.0.0/32, of course :) ) will be feasible for allocation and use ? On Mon, Feb 2, 2009 at 12:57 PM, Leo Vegoda leo.veg...@icann.org wrote: On 02/02/2009 8:10, Bruce Grobler br...@yoafrica.com wrote: Most ISP's, if not all, null route 1.0.0.0/8 therefore you shouldn't encounter any problems using it in a private network. 1.0.0.0/8 will be allocated in the not too distant future. All currently unallocated unicast IPv4 /8s will be allocated in the not too distant future. Regards, Leo Vegoda
RE: Private use of non-RFC1918 IP space
Most ISP's, if not all, null route 1.0.0.0/8 therefore you shouldn't encounter any problems using it in a private network. -Original Message- From: Michael Butler [mailto:i...@protected-networks.net] Sent: Monday, February 02, 2009 5:59 PM To: t...@kingfisherops.com Cc: nanog@nanog.org Subject: Re: Private use of non-RFC1918 IP space -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Trey Darley wrote: Some colleagues and I are running into a bit of a problem. We've been using RFC 1918 Class A space but due to the way subnets have been allocated we are pondering the use of public IP space. As the network in question is strictly closed I don't anticipate any problems with this as the addresses would be unambiguous within our environment. I'm curious if anyone else is doing this. This is a *VERY BAD IDEA* - why not take the hit now rather than exponentiate the problem and, in so doing, make it nearly impossible to reverse later? Michael -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (FreeBSD) iEYEARECAAYFAkmHGCgACgkQQv9rrgRC1JLWrACfTxrfxz/6DFCCByldBqMv/MjL ssYAn3Se0GRA+s3Szn9dMUN8c7AlQzj/ =FZWG -END PGP SIGNATURE-
Re: Private use of non-RFC1918 IP space
On Mon, 02 Feb 2009 12:53:35 PST, David Barak said: I have long wondered why two entire /8s are reserved for host self identification( 0 and 127, of course...) It's part of the whole '2**32 addresses should be enough viewpoint (keep in mind they were coming from NCP, that had a limit of 256 addresses). pgpqqIoDAxFZb.pgp Description: PGP signature
RE: Private use of non-RFC1918 IP space
What reason could you possibly have to use non RFC 1918 space on a closed network? It's very bad practice - unfortunately I do see it done sometimes Paul -Original Message- From: Trey Darley [mailto:t...@kingfisherops.com] Sent: February 2, 2009 10:48 AM To: nanog@nanog.org Subject: Private use of non-RFC1918 IP space Hi, y'all - Some colleagues and I are running into a bit of a problem. We've been using RFC 1918 Class A space but due to the way subnets have been allocated we are pondering the use of public IP space. As the network in question is strictly closed I don't anticipate any problems with this as the addresses would be unambiguous within our environment. I'm curious if anyone else is doing this. I'd be very interested in corresponding off-list with anyone who's in a similar position. Cheers, --Trey ++-- --++ Kingfisher Operations Trey Darley - Principal The information transmitted is intended only for the person or entity to which it is addressed and contains confidential and/or privileged material. If you received this in error, please contact the sender immediately and then destroy this transmission, including all attachments, without copying, distributing or disclosing same. Thank you.
Re: Private use of non-RFC1918 IP space
What reason could you possibly have to use non RFC 1918 space on a closed network? It's very bad practice - unfortunately I do see it done sometimes There are sometimes good reasons to do this, for instance to ensure uniqueness in the face of mergers and acquisitions. Steinar Haug, Nethelp consulting, sth...@nethelp.no
Re: Private use of non-RFC1918 IP space
On Mon, Feb 2, 2009 at 9:48 AM, Trey Darley t...@kingfisherops.com wrote: Some colleagues and I are running into a bit of a problem. We've been using RFC 1918 Class A space but due to the way subnets have been allocated we are pondering the use of public IP space. As the network in question is strictly closed I don't anticipate any problems with this as the addresses would be unambiguous within our environment. I'm curious if anyone else is doing this. I'd recommend against it, because even though the network is not connected to the Internet now you never know what the future holds. Even if it's never connected there are always things that seem to pop up and cause problems. Also, if you're address allocation policy has been so badly managed that you've run out of space in 10.0.0.0/8 adding more IPs to the pool isn't going to help for very long. -- Jeff Ollie You know, I used to think it was awful that life was so unfair. Then I thought, wouldn't it be much worse if life were fair, and all the terrible things that happen to us come because we actually deserve them? So, now I take great comfort in the general hostility and unfairness of the universe. -- Marcus to Franklin in Babylon 5: A Late Delivery from Avalon
Re: Private use of non-RFC1918 IP space
--On måndag, måndag 2 feb 2009 16.15.06 -0200 Andre Sencioles Vitorio Oliveira ase...@gmail.com wrote: What about this? Genius from company A chooses public IP block A. Genius from company B chooses public IP block A. Genius collision detected... What you do is go to your LIR and ask for a /24 and tell them I am going to use this for purpose which is at best semi-internal. It has worked for me; I got a PI /24 for the facility management system in a datacenter. (MODBUS over IP stuff, windows machines and embedded boxes sending email alarms about burning UPSes and sauna-hot computer rooms) My colleagues argued that this network won't ever be connected to anything but it took all of one week before they were proved wrong and the first contractor VPN box was installed. QED. The really, really, nice thing with registered PI or PA space is that it is pretty unique, bar fatfingering and route hijacking. Once there is a merger, the company with a RIPE db entry for the nonrouted space will have a most convincing position in merger negotiations: This is our space: _you_ will renumber. Burning v4 space is good. Gets us v6 faster. -- Måns NilssonM A C H I N A HUGH BEAUMONT died in 1982!! pgpg0zfPVCZI3.pgp Description: PGP signature
RE: Private use of non-RFC1918 IP space
Michael Hallgren m.hallg...@free.fr: Really really LARGE scalability testing that needs more addresses than RFC1918 gives you. Use IPv6. For an IPv4 scalability test? Interesting idea... Apart from the basic incompability here, my opinion of IPv6 is that it just gives you 2^96 more addresses to repeat all the old mistakes with. --Johnny
Re: Private use of non-RFC1918 IP space
Stephen Sprunk wrote: Trey Darley wrote: Some colleagues and I are running into a bit of a problem. We've been using RFC 1918 Class A space but due to the way subnets have been allocated we are pondering the use of public IP space. As the network in question is strictly closed I don't anticipate any problems with this as the addresses would be unambiguous within our environment. I'm curious if anyone else is doing this. Closed networks nearly always end up getting connected to public networks, either by intent or by accident. If you act as if your network will remain closed forever, e.g. by using public addresses that are (or will be) assigned to someone else, you're going to cause a lot of headaches for yourself or your replacement down the road, eventually. Contrary to popular belief, ARIN (and possibly other RIRs) _will_ assign public IPs for private/closed networks if you can explain why RFC1918 space will not suffice for your needs, e.g. because you are running a private internetwork between multiple companies and thus NAT/RFC1918 is simply not viable due to the number of ASes and the difficulty in avoiding collisions or the sheer number of hosts... Or you can always get some PA space from an ISP rather easily. ~Seth
Re: Private use of non-RFC1918 IP space
On Mon, 02 Feb 2009 23:17:23 GMT, Johnny Eriksson said: Michael Hallgren m.hallg...@free.fr: Really really LARGE scalability testing that needs more addresses than RFC1918 gives you. Use IPv6. For an IPv4 scalability test? Interesting idea... Might wanna consider that if you're doing a scalability *test* that burns over a /8 of IPv4, how do you intend to *deploy* the sucker? Gonna be a bear trying to get a /8 or 3 allocated when The Final Days are upon us already... pgpNOWwKI4UzH.pgp Description: PGP signature
RE: Private use of non-RFC1918 IP space
Using public IP space in general is typically just asking for trouble. I worked with an ISP once who decided to use 192.0.0.0/24 for IP's to customers who didn't need a static ip. They did it not knowing what they were doing (oh you mean 192.0.0.0/8 isnt rfc1918) but very quickly they had to change it. In our current customer base we have run into it a few times where someone is using non rfc1918 space internally and propose changing it very quick as we have had several customers who don't know it, but need to get to something in that public space. If you happen to be the funny guy who uses an IP range from some tiny foreign off the wall country because we will never need to connect to their IP space remember that IP address allocations change and you won't think it's so funny when the company who provides your anti-virus moves their update servers to match your internal IP space. There are sometimes good reasons to do this, for instance to ensure uniqueness in the face of mergers and acquisitions. If you are going to force uniqueness and one of the parties in the merger was super smart in their original deployment and decided to use 10.0.0.0/8 for their network of 300 machines, force them to change to something smarter. Remind them how layer 3 networks inside of a single building work. Even if a network is not publically seen, you have to keep in mind how many machines see it while they might see a public network. A specific customer had a 216.xx.xx.0/24 network for their private production network. Their internal router also saw it and had an ACL on who could access it. Meaning their entire staff couldn't get to their collocated webserver when their provider re addressed that floor in the datacenter. All rambling aside, its much easier to renumber on the front end opposed to ending up with VPN natting that makes you cry on the inside. Think of the person who will take over your network when you eventually leave your position. This is a bit off-topic, but I thought I'd mention that this is one reason I recommend use of the 172.16/12 block to people building or renumbering enterprise networks. Most people seem to use 10/8 in large organizations and 192.168/16 in smaller ones, so it raises your chances of not having to get into heavy natting down the road. My theory on this is that most people who don't deal with CIDR on a daily basis find the /12 netmask a bit confusing and just avoid the block at all. Also a good point. Most of support engineers I run into think that 172.24.0.0 is public IP space. -Original Message- From: D'Arcy J.M. Cain [mailto:da...@druid.net] Sent: Monday, February 02, 2009 10:20 AM To: sth...@nethelp.no Cc: nanog@nanog.org Subject: Re: Private use of non-RFC1918 IP space On Mon, 02 Feb 2009 18:03:57 +0100 (CET) sth...@nethelp.no wrote: What reason could you possibly have to use non RFC 1918 space on a closed network? It's very bad practice - unfortunately I do see it done sometimes There are sometimes good reasons to do this, for instance to ensure uniqueness in the face of mergers and acquisitions. How does that help? If you are renumbering due to a merger, couldn't you just agree on separate private space just as easily? -- D'Arcy J.M. Cain da...@druid.net | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: Private use of non-RFC1918 IP space
On Mon, 02 Feb 2009 18:03:57 +0100 (CET) sth...@nethelp.no wrote: What reason could you possibly have to use non RFC 1918 space on a closed network? It's very bad practice - unfortunately I do see it done sometimes There are sometimes good reasons to do this, for instance to ensure uniqueness in the face of mergers and acquisitions. How does that help? If you are renumbering due to a merger, couldn't you just agree on separate private space just as easily? -- D'Arcy J.M. Cain da...@druid.net | Democracy is three wolves http://www.druid.net/darcy/| and a sheep voting on +1 416 425 1212 (DoD#0082)(eNTP) | what's for dinner.
Re: Private use of non-RFC1918 IP space
On 02/02/2009 8:10, Bruce Grobler br...@yoafrica.com wrote: Most ISP's, if not all, null route 1.0.0.0/8 therefore you shouldn't encounter any problems using it in a private network. 1.0.0.0/8 will be allocated in the not too distant future. All currently unallocated unicast IPv4 /8s will be allocated in the not too distant future. Regards, Leo Vegoda
RE: Private use of non-RFC1918 IP space
It's not unheard of to see the government cyber squatting unallocated /8 blocks too. -Original Message- From: Randy Bush [mailto:ra...@psg.com] Sent: Monday, February 02, 2009 3:49 PM To: sth...@nethelp.no Cc: nanog@nanog.org Subject: Re: Private use of non-RFC1918 IP space i am surprised that no one has mentioned that it is not unusual for folk, even isps, to use space assigned to the us military but never routed on the public internet. i was exceedingly amused when first i did a traceroute from bologna. randy
Re: Private use of non-RFC1918 IP space
Apart from the basic incompability here, my opinion of IPv6 is that it just gives you 2^96 more addresses to repeat all the old mistakes with. Not quite.. 2^96 = 79228162514264337593543950336 2^128-2^32 = 340282366920938463463374607427473244160 not quite. let's posit 42 devices on the average lan segment (ymmv). 42*(2^64) = 774763251095801167872 randy
Re: Private use of non-RFC1918 IP space
On Tue, 03 Feb 2009 11:25:40 +0900, Randy Bush said: Apart from the basic incompability here, my opinion of IPv6 is that it just gives you 2^96 more addresses to repeat all the old mistakes with. Not quite.. 2^96 = 79228162514264337593543950336 2^128-2^32 = 340282366920938463463374607427473244160 not quite. let's posit 42 devices on the average lan segment (ymmv). 42*(2^64) = 774763251095801167872 Let's face it - they're going to have to come up with much more creative $200/hour chucklehead consultants to burn through that much anytime soon. Of course, I've long suspected that the 90% of the universe that's dark matter is all contained inside the craniums of all those chucklehead consultants (which is why they're so resistant to interactions with cluons from the rest of reality), so there's unfortunately a definite growth potential there... Anybody feel like starting a pool for when we'll see a posting to NANOG about somebody who's managed to burn through a /32? pgpIMpoSoxcma.pgp Description: PGP signature
Re: Private use of non-RFC1918 IP space
Let's face it - they're going to have to come up with much more creative $200/hour chucklehead consultants to burn through that much anytime soon. It has been my experience that when you give someone a huge address space to play with (eg 10/8), they start doing things like using bits in the address as flags for things. Suddenly you find yourself using a prefix that should enough for a decent sized country in a half-rack. It's only slightly harder to imagine a /48 being wasted like that. -Anthony
Re: Private use of non-RFC1918 IP space
On Feb 3, 2009, at 12:30 AM, Anthony Roberts wrote: Let's face it - they're going to have to come up with much more creative $200/hour chucklehead consultants to burn through that much anytime soon. It has been my experience that when you give someone a huge address space to play with (eg 10/8), they start doing things like using bits in the address as flags for things. Suddenly you find yourself using a prefix that should enough for a decent sized country in a half-rack. It's only slightly harder to imagine a /48 being wasted like that. Except the RIRs won't give you another /48 when you have only used one trillion IP addresses. -- TTFN, patrick
Re: Private use of non-RFC1918 IP space
Patrick W. Gilmore wrote: Except the RIRs won't give you another /48 when you have only used one trillion IP addresses. Are you sure? According to ARIN staff, current implementation of policy is that all requests are approved since there are no defined criteria that would allow them to deny any. So far, nobody's shown interest in plugging that hole in the policy because it'd be a major step forward if IPv6 were popular enough for anyone to bother wasting it... S -- Stephen Sprunk God does not play dice. --Albert Einstein CCIE #3723 God is an inveterate gambler, and He throws the K5SSSdice at every possible opportunity. --Stephen Hawking smime.p7s Description: S/MIME Cryptographic Signature