Re: [swinog] background migration of swisscom connection from IPv4 native to v6 + DS-Lite

[Scott Weeks]

--- g...@space.net wrote:
From: Gert Doering 
On Sun, Oct 29, 2017 at 12:57:54PM -0700, Scott Weeks wrote:
> Yeah, it's quite unfortunate that IPv4 ran out so suddenly, 
> barely 15 years after people were told to move towards IPv6.
> ---
> 
> 
> Especially after IETF made it backwards compatible and made
> it so easy to switch from 4 to 6...  ;-)

There's no way to make "something with longer addresses" compatible 
without IPv4 without changing everything (routers, endpoints) - so,
that argument is usually one brought forward as one of a long list of
standard excuses to avoid deploying IPv6, while at the same time 
blaming everyone else for the problems with IPv4.
---


Note the smiley face above.  This one, too...  :)

I was not around for those discussions (and not being a computer 
science person, nor wanting to go on this for too long as has been 
endlessly done on other lists), but it seems TLV would have allowed
4 to be a subset of the new space.  I never heard that discussed 
much and that's what I meant by my comment.

scott









___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] background migration of swisscom connection from IPv4 native to v6 + DS-Lite

[Gert Doering]

Hi,

On Sun, Oct 29, 2017 at 12:57:54PM -0700, Scott Weeks wrote:
> Yeah, it's quite unfortunate that IPv4 ran out so suddenly, 
> barely 15 years after people were told to move towards IPv6.
> ---
> 
> 
> Especially after IETF made it backwards compatible and made
> it so easy to switch from 4 to 6...  ;-)

There's no way to make "something with longer addresses" compatible 
without IPv4 without changing everything (routers, endpoints) - so,
that argument is usually one brought forward as one of a long list of
standard excuses to avoid deploying IPv6, while at the same time 
blaming everyone else for the problems with IPv4.

Gert Doering
-- NetMaster
-- 
have you enabled IPv6 on something today...?

SpaceNet AGVorstand: Sebastian v. Bomhard
Joseph-Dollinger-Bogen 14  Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen   HRB: 136055 (AG Muenchen)
Tel: +49 (0)89/32356-444   USt-IdNr.: DE813185279


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] background migration of swisscom connection from IPv4 native to v6 + DS-Lite

[Scott Weeks]

--- g...@space.net wrote:
From: Gert Doering 

Yeah, it's quite unfortunate that IPv4 ran out so suddenly, 
barely 15 years after people were told to move towards IPv6.
---


Especially after IETF made it backwards compatible and made
it so easy to switch from 4 to 6...  ;-)

scott






















___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] background migration of swisscom connection from IPv4 native to v6 + DS-Lite

[WolfSec-Support]

>> Yeah, it's quite unfortunate that IPv4 ran out so suddenly, barely 15
years
>> after people were told to move towards IPv6.

sad but true




2017-10-29 10:33 GMT+01:00 Gert Doering :

> Hi,
>
> On Sun, Oct 29, 2017 at 10:32:03AM +0100, WolfSec-Support wrote:
> > The vpn needs to run on v4
> > Its not site 2 site in this case.
> >
> > As all know it is still rare to get v6 access everywhere
> >
> > But in general it would be better if an ISP informs the customer BEFORE
> > such a change.
> >
> > To implement CGN without making sure the customer gets a notice was
> simply
> > the root of the problem
>
> Yeah, it's quite unfortunate that IPv4 ran out so suddenly, barely 15 years
> after people were told to move towards IPv6.
>
> Gert Doering
> -- NetMaster
> --
> have you enabled IPv6 on something today...?
>
> SpaceNet AGVorstand: Sebastian v. Bomhard
> Joseph-Dollinger-Bogen 14  Aufsichtsratsvors.: A. Grundner-Culemann
> D-80807 Muenchen   HRB: 136055 (AG Muenchen)
> Tel: +49 (0)89/32356-444   USt-IdNr.: DE813185279
>

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] background migration of swisscom connection from IPv4 native to v6 + DS-Lite

[Gert Doering]

Hi,

On Sun, Oct 29, 2017 at 10:32:03AM +0100, WolfSec-Support wrote:
> The vpn needs to run on v4
> Its not site 2 site in this case.
> 
> As all know it is still rare to get v6 access everywhere
> 
> But in general it would be better if an ISP informs the customer BEFORE
> such a change.
> 
> To implement CGN without making sure the customer gets a notice was simply
> the root of the problem

Yeah, it's quite unfortunate that IPv4 ran out so suddenly, barely 15 years 
after people were told to move towards IPv6.

Gert Doering
-- NetMaster
-- 
have you enabled IPv6 on something today...?

SpaceNet AGVorstand: Sebastian v. Bomhard
Joseph-Dollinger-Bogen 14  Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen   HRB: 136055 (AG Muenchen)
Tel: +49 (0)89/32356-444   USt-IdNr.: DE813185279


signature.asc
Description: PGP signature

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] background migration of swisscom connection from IPv4 native to v6 + DS-Lite

[WolfSec-Support]

The vpn needs to run on v4
Its not site 2 site in this case.

As all know it is still rare to get v6 access everywhere

But in general it would be better if an ISP informs the customer BEFORE
such a change.

To implement CGN without making sure the customer gets a notice was simply
the root of the problem

Br
Stephan

Am 29.10.2017 10:12 schrieb "Gert Doering" :

> Hi,
>
> On Sun, Oct 29, 2017 at 09:52:07AM +0100, WolfSec-Support wrote:
> > With CGN outbound for sure no prob.
> > But inbound due to CG NAT impossible.
>
> Run the VPN over IPv6?
>
> In 2017 there shouldn't be any reason anymore to rely on IPv4...
>
> Gert Doering
> -- NetMaster
> --
> have you enabled IPv6 on something today...?
>
> SpaceNet AGVorstand: Sebastian v. Bomhard
> Joseph-Dollinger-Bogen 14  Aufsichtsratsvors.: A. Grundner-Culemann
> D-80807 Muenchen   HRB: 136055 (AG Muenchen)
> Tel: +49 (0)89/32356-444   USt-IdNr.: DE813185279
>

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] background migration of swisscom connection from IPv4 native to v6 + DS-Lite

[WolfSec-Support]

Roger


Well you are wrong. No ipsec.

With CGN outbound for sure no prob.
But inbound due to CG NAT impossible.

Br
Stephan


Am 28.10.2017 17:32 schrieb "Roger Schmid" :

Well i only suspecting your try to use ipsec, wich is a crazy vpn solution.
I would sugest to evaluate ssl based vpn in the future which naturally do
not run into nat problems.

Just my five cents



Em 27 de outubro de 2017 03:00:18 AMT, WolfSec-Support 
escreveu:
>
> Hello,
>
>
> could be someone from swisscom so kind and contact me offlist via email
> please.
>
> our customer has a swisscom dsl connection and last week they changed
> these to v6.
> he already tried 3 times via swisscom helpdesk without success.
> the first level seems to have no idea about ds lite and v6... ;-/
>
> we want to go back to v4 native.
> in customer center we have deactivated v6 - but it is still online via v6
> and ds-lite
>
> we did all what was explained:
> - switchoff modem for an hour
> - reboot 3 times router etc
>
> effectively now the vpn is for sure not working via ds lite and carrier
> grade NAT
>
> thanks in advance
>
> Stephan
>
>
> Besten Dank.
>
> Freundliche Grüsse,
> WolfSec-Support
>
> WolfSec
> Postanschrift:
> Swiss Post Box: 104213
> Zürcherstrasse 161
> CH-8010 Zürich
>
> http://www.wolfsec.ch
>
>
-- 
Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog