Re: [swinog] background migration of swisscom connection from IPv4 native to v6 + DS-Lite
--- g...@space.net wrote: From: Gert DoeringOn Sun, Oct 29, 2017 at 12:57:54PM -0700, Scott Weeks wrote: > Yeah, it's quite unfortunate that IPv4 ran out so suddenly, > barely 15 years after people were told to move towards IPv6. > --- > > > Especially after IETF made it backwards compatible and made > it so easy to switch from 4 to 6... ;-) There's no way to make "something with longer addresses" compatible without IPv4 without changing everything (routers, endpoints) - so, that argument is usually one brought forward as one of a long list of standard excuses to avoid deploying IPv6, while at the same time blaming everyone else for the problems with IPv4. --- Note the smiley face above. This one, too... :) I was not around for those discussions (and not being a computer science person, nor wanting to go on this for too long as has been endlessly done on other lists), but it seems TLV would have allowed 4 to be a subset of the new space. I never heard that discussed much and that's what I meant by my comment. scott ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] background migration of swisscom connection from IPv4 native to v6 + DS-Lite
Hi, On Sun, Oct 29, 2017 at 12:57:54PM -0700, Scott Weeks wrote: > Yeah, it's quite unfortunate that IPv4 ran out so suddenly, > barely 15 years after people were told to move towards IPv6. > --- > > > Especially after IETF made it backwards compatible and made > it so easy to switch from 4 to 6... ;-) There's no way to make "something with longer addresses" compatible without IPv4 without changing everything (routers, endpoints) - so, that argument is usually one brought forward as one of a long list of standard excuses to avoid deploying IPv6, while at the same time blaming everyone else for the problems with IPv4. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AGVorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] background migration of swisscom connection from IPv4 native to v6 + DS-Lite
--- g...@space.net wrote: From: Gert DoeringYeah, it's quite unfortunate that IPv4 ran out so suddenly, barely 15 years after people were told to move towards IPv6. --- Especially after IETF made it backwards compatible and made it so easy to switch from 4 to 6... ;-) scott ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] background migration of swisscom connection from IPv4 native to v6 + DS-Lite
>> Yeah, it's quite unfortunate that IPv4 ran out so suddenly, barely 15 years >> after people were told to move towards IPv6. sad but true 2017-10-29 10:33 GMT+01:00 Gert Doering: > Hi, > > On Sun, Oct 29, 2017 at 10:32:03AM +0100, WolfSec-Support wrote: > > The vpn needs to run on v4 > > Its not site 2 site in this case. > > > > As all know it is still rare to get v6 access everywhere > > > > But in general it would be better if an ISP informs the customer BEFORE > > such a change. > > > > To implement CGN without making sure the customer gets a notice was > simply > > the root of the problem > > Yeah, it's quite unfortunate that IPv4 ran out so suddenly, barely 15 years > after people were told to move towards IPv6. > > Gert Doering > -- NetMaster > -- > have you enabled IPv6 on something today...? > > SpaceNet AGVorstand: Sebastian v. Bomhard > Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann > D-80807 Muenchen HRB: 136055 (AG Muenchen) > Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 > ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] background migration of swisscom connection from IPv4 native to v6 + DS-Lite
Hi, On Sun, Oct 29, 2017 at 10:32:03AM +0100, WolfSec-Support wrote: > The vpn needs to run on v4 > Its not site 2 site in this case. > > As all know it is still rare to get v6 access everywhere > > But in general it would be better if an ISP informs the customer BEFORE > such a change. > > To implement CGN without making sure the customer gets a notice was simply > the root of the problem Yeah, it's quite unfortunate that IPv4 ran out so suddenly, barely 15 years after people were told to move towards IPv6. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AGVorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 signature.asc Description: PGP signature ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] background migration of swisscom connection from IPv4 native to v6 + DS-Lite
The vpn needs to run on v4 Its not site 2 site in this case. As all know it is still rare to get v6 access everywhere But in general it would be better if an ISP informs the customer BEFORE such a change. To implement CGN without making sure the customer gets a notice was simply the root of the problem Br Stephan Am 29.10.2017 10:12 schrieb "Gert Doering": > Hi, > > On Sun, Oct 29, 2017 at 09:52:07AM +0100, WolfSec-Support wrote: > > With CGN outbound for sure no prob. > > But inbound due to CG NAT impossible. > > Run the VPN over IPv6? > > In 2017 there shouldn't be any reason anymore to rely on IPv4... > > Gert Doering > -- NetMaster > -- > have you enabled IPv6 on something today...? > > SpaceNet AGVorstand: Sebastian v. Bomhard > Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann > D-80807 Muenchen HRB: 136055 (AG Muenchen) > Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 > ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] background migration of swisscom connection from IPv4 native to v6 + DS-Lite
Roger Well you are wrong. No ipsec. With CGN outbound for sure no prob. But inbound due to CG NAT impossible. Br Stephan Am 28.10.2017 17:32 schrieb "Roger Schmid": Well i only suspecting your try to use ipsec, wich is a crazy vpn solution. I would sugest to evaluate ssl based vpn in the future which naturally do not run into nat problems. Just my five cents Em 27 de outubro de 2017 03:00:18 AMT, WolfSec-Support escreveu: > > Hello, > > > could be someone from swisscom so kind and contact me offlist via email > please. > > our customer has a swisscom dsl connection and last week they changed > these to v6. > he already tried 3 times via swisscom helpdesk without success. > the first level seems to have no idea about ds lite and v6... ;-/ > > we want to go back to v4 native. > in customer center we have deactivated v6 - but it is still online via v6 > and ds-lite > > we did all what was explained: > - switchoff modem for an hour > - reboot 3 times router etc > > effectively now the vpn is for sure not working via ds lite and carrier > grade NAT > > thanks in advance > > Stephan > > > Besten Dank. > > Freundliche Grüsse, > WolfSec-Support > > WolfSec > Postanschrift: > Swiss Post Box: 104213 > Zürcherstrasse 161 > CH-8010 Zürich > > http://www.wolfsec.ch > > -- Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog