Re: DualStack (CGNAT) vs Other Transition methods

2021-04-06 Thread JORDI PALET MARTINEZ via NANOG
ng Sony and Playstation to do IPv6 the right way, without wanting to "seize the occasion" to publicize the IPv6 transition case and consultancy service? Please? Em seg., 5 de abr. de 2021 às 17:02, JORDI PALET MARTINEZ via NANOG escreveu: Hi Douglas, In a different mail

Re: DualStack (CGNAT) vs Other Transition methods

2021-04-06 Thread JORDI PALET MARTINEZ via NANOG
I wish I could do it already! As soon as the client starts the massive deployment, it should be announced. Covid delayed it at least for 1 year up to now … Regards, Jordi @jordipalet El 6/4/21 7:07, "NANOG en nombre de Mark Tinka" escribió: On 4/5/21 22:00, J

Re: DualStack (CGNAT) vs Other Transition methods

2021-04-05 Thread JORDI PALET MARTINEZ via NANOG
Hi Douglas, In a different mailing list, we had a discussion with Tore about his testing and other testing that may not be available in that blog. It was basically about 464XLAT. As you know IPv6-only with IPv4aaS, provides *dual-stack* in the customer LANs, where the PS5 was sitting.

Re: OVH datacenter SBG2 in Strasbourg on fire 

2021-03-10 Thread JORDI PALET MARTINEZ via NANOG
In addition to that, even if this is not good for many "honest" people that was using the DC, we need to take it in the positive side. In my own case, OVH is probably the cause of 80% of the abuse cases I report, and they never react. I'm convinced I'm not the only one, as I read in other ops

Re: DualStack (CGNAT) vs Other Transition methods

2021-02-24 Thread JORDI PALET MARTINEZ via NANOG
Algs. Preferably BPA - Bulk Port Allocation. Em qua., 24 de fev. de 2021 às 04:11, JORDI PALET MARTINEZ via NANOG escreveu: I did this "economics" exercise for a customer having 25.000.000 customers (DSL, GPON and cellular). Even updating/replacing the CPEs, the cost of 464XLAT d

Re: CGNAT

2021-02-23 Thread JORDI PALET MARTINEZ via NANOG
I did this "economics" exercise for a customer having 25.000.000 customers (DSL, GPON and cellular). Even updating/replacing the CPEs, the cost of 464XLAT deployment was cheaper than CGN or anything else. Also, if you consider the cost of buying more IPv4 addresses instead of investing that

Re: CGNAT

2021-02-19 Thread JORDI PALET MARTINEZ via NANOG
IPv4 as a Service such as 464XLAT, will allow them to use less IPv4 public addresses than CGNAT, less costly equipment (or open source) and still provide dual-stack inside the customers networks. There is nothing from Internet that will not work. I’ve many deployments based on this, and

Re: Past policies versus present and future uses

2021-01-24 Thread JORDI PALET MARTINEZ via NANOG
nte redes y servicios que operan en dicha región.” El 25/1/21 0:15, "Matthew Petach" escribió: On Sun, Jan 24, 2021 at 4:22 AM JORDI PALET MARTINEZ via NANOG wrote: [...] So, you end up with 2-3 RIRs allocations, not 5. And the real situation is that 3 out of 5 RIR

Re: Nice work Ron

2021-01-24 Thread JORDI PALET MARTINEZ via NANOG
, the formal text is the Spanish one. El 24/1/21 23:13, "Masataka Ohta" escribió: JORDI PALET MARTINEZ wrote: >> In the case of LACNIC it is spanish, it is clearly indicated in >> the web site, > > I can't see it clearly indicated in LACNIC web site

Re: Nice work Ron

2021-01-24 Thread JORDI PALET MARTINEZ via NANOG
not convinced it will reach consensus. El 24/1/21 15:34, "NANOG en nombre de Masataka Ohta" escribió: JORDI PALET MARTINEZ via NANOG wrote: > I fully understand what you mean, however, I don’t think this is a > problem even if all the RIRs ask for “%50 or eve

Re: Nice work Ron

2021-01-24 Thread JORDI PALET MARTINEZ via NANOG
El 24/1/21 15:25, "NANOG en nombre de Masataka Ohta" escribió: JORDI PALET MARTINEZ via NANOG wrote: > To summarize several responses: You don't. > In the case of LACNIC it is spanish, it is clearly indicated in the > web site, I can't see i

Re: Nice work Ron

2021-01-24 Thread JORDI PALET MARTINEZ via NANOG
ady mention, note that there is a similar case in AFRINIC policy. They require that *all* the resources you get, are used in the region. El 24/1/21 12:30, "Matthew Petach" escribió: On Sat, Jan 23, 2021 at 1:11 AM JORDI PALET MARTINEZ via NANOG wrote: When you si

Re: Nice work Ron

2021-01-23 Thread JORDI PALET MARTINEZ via NANOG
To summarize several responses: Every RIR decides which one is their official languages for the policies, contracts, etc.. In case of discrepancies, the one that is binding is the official one. In the case of LACNIC it is spanish, it is clearly indicated in the web site, and in the policy

Re: Nice work Ron

2021-01-23 Thread JORDI PALET MARTINEZ via NANOG
ACNIC, 30% in APNIC and 30% in RIPE then the majority of addresses by region are in the LACNIC region. -- Mark Andrews > On 22 Jan 2021, at 23:48, JORDI PALET MARTINEZ via NANOG wrote: > >  > > El 22/1/21 13:25, "NANOG en nombre de Masataka

Re: Nice work Ron

2021-01-22 Thread JORDI PALET MARTINEZ via NANOG
El 22/1/21 13:25, "NANOG en nombre de Masataka Ohta" escribió: JORDI PALET MARTINEZ via NANOG wrote: > My proposal added the clarification that "majority" is understood as "over 50%". And the proposal is denied to be unreasonable by Toma

Re: Nice work Ron

2021-01-22 Thread JORDI PALET MARTINEZ via NANOG
to policy making. Regards, Jordi @jordipalet El 22/1/21 12:51, "NANOG en nombre de Masataka Ohta" escribió: JORDI PALET MARTINEZ via NANOG wrote: > Policies in each RIR are developed by the (global) community. I live > in Madrid, EU, my RIR is RIPE NCC, RIPE commu

Re: Nice work Ron

2021-01-22 Thread JORDI PALET MARTINEZ via NANOG
again on the same will not be useful for the NANOG community. El 22/1/21 12:41, "NANOG en nombre de Masataka Ohta" escribió: Sorry to have sent uneditted text. JORDI PALET MARTINEZ via NANOG wrote: > First think to clarify: In the Spanish version, the text is (mayoría

Re: Nice work Ron

2021-01-22 Thread JORDI PALET MARTINEZ via NANOG
the rules that will actually apply are your original document rules? El 22/1/21 12:19, "NANOG en nombre de Masataka Ohta" escribió: JORDI PALET MARTINEZ via NANOG wrote: > Not at all. > > The "top" mandate of any RIR, in terms or resource allocation, is

Re: Nice work Ron

2021-01-22 Thread JORDI PALET MARTINEZ via NANOG
Right? Note also that at any point, the policies can change. If you/anyone really believes that's broken, a policy proposal can be sent for discussion. El 22/1/21 12:09, "Töma Gavrichenkov" escribió: Peace, On Fri, Jan 22, 2021, 12:27 PM JORDI PALET MARTINEZ via NANOG:

Re: Nice work Ron

2021-01-22 Thread JORDI PALET MARTINEZ via NANOG
;NANOG en nombre de Masataka Ohta" escribió: JORDI PALET MARTINEZ via NANOG wrote: > No, this is not correct. LACNIC policies, state: that LACNIC has contradicting statements is a problem of LACNIC and you can not say others that the statement of your choice is the

Re: Nice work Ron

2021-01-22 Thread JORDI PALET MARTINEZ via NANOG
No, this is not correct. LACNIC policies, state: 1.14 Principles for Proper Administration and Stewardship The fundamental principle is to distribute unique Internet numbering resources according to the technical and operational needs of the networks currently using, or that will use, these

Re: Ipv6 help

2020-08-30 Thread JORDI PALET MARTINEZ via NANOG
ost CPE as a "bridge" to its real network. El 30/8/20 3:05, "NANOG en nombre de Brandon Martin" escribió: On 8/26/20 12:48 PM, JORDI PALET MARTINEZ via NANOG wrote: > I work and I'm in touch with many CPE vendors since long time ago ... many are on the way (I ca

Re: Ipv6 help

2020-08-27 Thread JORDI PALET MARTINEZ via NANOG
> So for 464XLAT I will need to install a PLAT capable device(s)... PLAT support has been around already with the traditional vendors. It's not new. [Jordi] NAT64 (PLAT) is there available in excellent open source implementations. You can use VMs in big rackable servers and it gets

Re: Ipv6 help

2020-08-27 Thread JORDI PALET MARTINEZ via NANOG
onses in-line... > On Aug 27, 2020, at 2:22 AM, JORDI PALET MARTINEZ via NANOG wrote: > > You need to understand the different way NAT64 works vs CGN (and 464XLAT uses NAT64 for the translation): The ports are allocated "on demand" in NAT64. > > W

Re: Ipv6 help

2020-08-27 Thread JORDI PALET MARTINEZ via NANOG
t a single host behind the NAT can have to the same destination address and port. El 27/8/20 6:55, "Brian Johnson" escribió: Responses in-line > On Aug 26, 2020, at 4:07 PM, JORDI PALET MARTINEZ via NANOG wrote: > > Because: > > 1)

Re: Ipv6 help

2020-08-27 Thread JORDI PALET MARTINEZ via NANOG
This one is the published version: https://datatracker.ietf.org/doc/rfc8683/ El 27/8/20 8:10, "NANOG en nombre de Mark Tinka" escribió: On 27/Aug/20 07:58, Bjørn Mork wrote: > Because NAT64 implies DNS64, which avoids NATing any dual stack service. > This makes a major

Re: Ipv6 help

2020-08-26 Thread JORDI PALET MARTINEZ via NANOG
:23 PM, JORDI PALET MARTINEZ via NANOG wrote: > > They know we are there ... so they don't come! > > By the way I missed this in the previous email: I heard (not sure how much true on that) that they are "forced" to avoid CGN because the way games are oft

Re: Ipv6 help

2020-08-26 Thread JORDI PALET MARTINEZ via NANOG
They know we are there ... so they don't come! By the way I missed this in the previous email: I heard (not sure how much true on that) that they are "forced" to avoid CGN because the way games are often programmed in PSP break them. So maybe will not be enough to sort out the problem with an

Re: Ipv6 help

2020-08-26 Thread JORDI PALET MARTINEZ via NANOG
port since X-BOX One. > On Aug 26, 2020, at 1:09 PM, Mark Tinka wrote: > > > > On 26/Aug/20 18:42, JORDI PALET MARTINEZ via NANOG wrote: > >> The crazy thing is that PSN doesn't (up to my knowledge) yet work with IPv6 ... > > To

Re: Ipv6 help

2020-08-26 Thread JORDI PALET MARTINEZ via NANOG
t; escribió: On 8/26/20 2:48 AM, JORDI PALET MARTINEZ via NANOG wrote: > This is why we wrote RFC8585, so users can freely buy their own router ... It's a great RFC. Hopefully it continues to gain traction. Do you know of a single router available in the US (or even br

Re: Ipv6 help

2020-08-26 Thread JORDI PALET MARTINEZ via NANOG
less PMTUD issues) as turning on 464XLAT in the CPE. Traffic shifts to IPv6 due to hosts preferring IPv6. You can still disable sending RA’s in either scenario. > >Mark > >> On 26 Aug 2020, at 16:51, JORDI PALET MARTINEZ via NANOG wrote: >> >

Re: Ipv6 help

2020-08-26 Thread JORDI PALET MARTINEZ via NANOG
g 2020, at 16:51, JORDI PALET MARTINEZ via NANOG wrote: > > No, this doesn't work > > The point your're missing (when I talked before about putting all the costs to make a good calculation of each case and then replacing CPEs become actually cheaper) is that you

Re: Ipv6 help

2020-08-26 Thread JORDI PALET MARTINEZ via NANOG
to migrate as they are able/need to. If you try and force the change, you will loose users. > On Aug 25, 2020, at 3:15 PM, Brandon Martin wrote: > > On 8/25/20 3:38 PM, JORDI PALET MARTINEZ via NANOG wrote: >> This is very common in many countries and not related to IPv6, bu

Re: Ipv6 help

2020-08-26 Thread JORDI PALET MARTINEZ via NANOG
This is why we wrote RFC8585, so users can freely buy their own router ... The ISP can also list some of the compatible models in case they are using "additional" features. El 25/8/20 22:16, "NANOG en nombre de Brandon Martin" escribió: On 8/25/20 3:38 PM, JORD

Re: Ipv6 help

2020-08-25 Thread JORDI PALET MARTINEZ via NANOG
This is very common in many countries and not related to IPv6, but because many operators have special configs or features in the CPEs they provide. If you don’t use our own CPE, we can’t warrantee the service neither the support. El 25/8/20 21:00, "NANOG en nombre de Mike Hammett"

Re: Ipv6 help

2020-08-25 Thread JORDI PALET MARTINEZ via NANOG
, "NANOG en nombre de Mark Tinka" escribió: On 25/Aug/20 19:36, JORDI PALET MARTINEZ via NANOG wrote: --- I’ve managed to get better support from vendors which are different than Mikrotik. Some years ago, I even offered Mikrotik *free* help to correctly do transition … and

Re: Ipv6 help

2020-08-25 Thread JORDI PALET MARTINEZ via NANOG
> Many vendors are running on top of OpenWRT or Linux, and both of them have > CLAT support. > > Unfortunately, I can't give names which aren't already published, such as > Sagemcom, D-Link, NEC and Technicolor. Believe me there are others, you just > need to ask them. This shouldn't be

Re: Ipv6 help

2020-08-25 Thread JORDI PALET MARTINEZ via NANOG
OG en nombre de Mark Tinka" escribió: On 24/Aug/20 17:21, JORDI PALET MARTINEZ via NANOG wrote: > You probably mean 464XLAT > > Ask you vendors. They should support it. Ask for RFC8585 support, even better. > > If they don't do, is because

Re: Ipv6 help

2020-08-24 Thread JORDI PALET MARTINEZ via NANOG
You probably mean 464XLAT Ask you vendors. They should support it. Ask for RFC8585 support, even better. If they don't do, is because they are interested only in selling new boxes ... just something to think in the future about those vendors. I can tell you that many vendors now support

Re: Compromized modems in Thai IP Space

2020-08-11 Thread JORDI PALET MARTINEZ via NANOG
I don't know what you tried in APNIC, my experience is that they are usually responding very quickly. Have you tried the abuse contacts of the ISP? If they fail, have you tried to escalate to escalation-ab...@apnic.net, following our abuse-mailbox proposal

Re: MAP-T in production

2020-07-22 Thread JORDI PALET MARTINEZ via NANOG
The comparison between MAP-T and 464XLAT is not just state. With 464XLAT you can have more subscribers (almost unlimited) per IP address, without a limitation on the number of ports, so you save a lot of money in addresses. And of course, a limited number of ports in MAP-T means troubles for

Re: MAP-T in production

2020-07-22 Thread JORDI PALET MARTINEZ via NANOG
/7/20 23:25, "NANOG en nombre de Fred Baker" escribió: For the record, we are asking similar questions about 464XLAT in v6ops. If you are deploying it, please advise Jordi Palet Martinez. For those unfamiliar with them, MAP-T and 464XLAT are each deployment frameworks for

Re: CGNAT Opensource with support to BPA, EIM/EIF, UPnP-PCP

2020-07-07 Thread JORDI PALET MARTINEZ via NANOG
Hi Douglas, There was, long time ago, something developed by ISC, but I think never completed and not updated … 464XLAT is always a solution and becomes much cheaper, than CGN from vendors, even if you need to replace the CPEs. I’m doing that now with 25.000.000 subscribers … (slowed

Re: RIPE NCC Executive Board election

2020-05-13 Thread JORDI PALET MARTINEZ via NANOG
y" From: NANOG on behalf of JORDI PALET MARTINEZ via NANOG Sent: Wednesday, May 13, 2020 11:17 PM To: NANOG list Subject: Re: RIPE NCC Executive Board election It is curious how many times we have heard that, not only heard in NANOG and other NOGs, but also in IETF, even debated in long thr

Re: RIPE NCC Executive Board election

2020-05-13 Thread JORDI PALET MARTINEZ via NANOG
It is curious how many times we have heard that, not only heard in NANOG and other NOGs, but also in IETF, even debated in long thread with several IDs, and for some strange reason, we all missed that or maybe because nobody got the running code to demonstrate his/her point in a realistic way?

Re: RIPE NCC Executive Board election

2020-05-13 Thread JORDI PALET MARTINEZ via NANOG
Hi Ronald, The election starts today, but in order to be able to vote, you need to pre-register with your organizations before 16:00 Amsterdam time *today*. Here is the info and registration link: https://www.ripe.net/participate/meetings/gm/meetings/may-2020/voting-at-the-gm and the list of

Re: CGNAT Solutions

2020-04-30 Thread JORDI PALET MARTINEZ via NANOG
And more and more CPE providers support it. See RFC8585. I inititally started using OpenWRT, but now I already got samples from several vendors. Regards, Jordi @jordipalet El 30/4/20 6:16, "NANOG en nombre de Ca By" escribió: On Wed, Apr 29, 2020 at 7:17 PM

Re: CGNAT Solutions

2020-04-28 Thread JORDI PALET MARTINEZ via NANOG
I will say it is much better to consider 464XLAT with NAT64, if the CPEs allow it. https://datatracker.ietf.org/doc/rfc8683/ I’m right now doing a deployment for 25.000.000 customers of an ISP (GPON, DLS and cellular mix), all the testing has been done, and all doing fine. I’ve done

Re: MAP-E

2019-08-08 Thread JORDI PALET MARTINEZ via NANOG
I think the only reason DS-Lite got more implementations is that it was the first and "only" choice or IPv6-only with IPv4aaS. Regards, Jordi @jordipalet El 8/8/19 22:57, "NANOG en nombre de Jay Hanke" escribió: > I can't think of a public presentation off the top of my head that

Re: MAP-E

2019-08-08 Thread JORDI PALET MARTINEZ via NANOG
rt team spending their time. CPE support is the next big frontier in IPv6 deployment. Lee > > On Fri, Aug 2, 2019 at 10:34 AM JORDI PALET MARTINEZ via NANOG > wrote: >> I understand that, but the inconvenient is the fix allocation of ports per

Re: MAP-E

2019-08-08 Thread JORDI PALET MARTINEZ via NANOG
Hi Lee, I recall the original sender of this post indicated a small number of users, that’s why I responded that. Regards, Jordi @jordipalet El 8/8/19 22:17, "NANOG en nombre de Lee Howard" escribió: On 8/2/19 1:10 PM, JORDI PALET MARTINEZ via NANOG wrote:

Re: MAP-E

2019-08-06 Thread JORDI PALET MARTINEZ via NANOG
The difference is that 464XLAT/NAT64 is the only one that runs in cellular networks. Also with 464XLAT, you don't need DNS64. This document is already in the RFC Editor Queue: https://datatracker.ietf.org/doc/draft-ietf-v6ops-nat64-deployment/ El 6/8/19 1:24, "NANOG en nombre de Mark

Re: MAP-E

2019-08-05 Thread JORDI PALET MARTINEZ via NANOG
This is not surprising to me as Dlink was one of my co-authors for RFC8585 ... and they indicated in v6ops that implementing CLAT was really easy. I guess they need to improve the GUI, etc. Note that with 464XLAT, you still need the NAT64 at the ISP side, and also, the traceroutes will shows

Re: MAP-E

2019-08-03 Thread JORDI PALET MARTINEZ via NANOG
> The cost of sharing IPs in a static way, is that services such as > SonyPlaystation Network will put those addresses in the black list, > so you need to buy more addresses. This hasn’t been the case for > 464XLAT/NAT64, which shares the addresses dynamically. A

Re: MAP-E

2019-08-02 Thread JORDI PALET MARTINEZ via NANOG
this gives a cost of USD 1.25 per user for a fully redundant solution. For us it is even cheaper as we can recirculate existing address space. Regards, Baldur On Fri, Aug 2, 2019 at 5:32 PM JORDI PALET MARTINEZ wrote: I understand that, but the inconvenient is the fix allocation of

Re: MAP-E

2019-08-02 Thread JORDI PALET MARTINEZ via NANOG
of having to run a redundant NAT server setup with thousands of users. MAP is the only alternative that avoids a provider run NAT server. Regards, Baldur On Fri, Aug 2, 2019 at 3:38 PM JORDI PALET MARTINEZ via NANOG wrote: Ask the vendor to support RFC8585. Also,

Re: MAP-E

2019-08-02 Thread JORDI PALET MARTINEZ via NANOG
Ask the vendor to support RFC8585. Also, you can do it with OpenWRT. I think 464XLAT is a better option and both of them are supported by OpenWRT. You can also use OpenSource (Jool) for the NAT64. Regards, Jordi @jordipalet El 2/8/19 14:20, "NANOG en nombre de Baldur

contacts for two abuse cases - cloudstar.is and heficed.com

2019-06-12 Thread JORDI PALET MARTINEZ via NANOG
We are getting since several weeks ago, intrusion attempts via SIP (among others) from: 1) cloudstar.is - They are not responding at all. 2) heficed.com - The people responding is "unable" to resolve it. In both cases the attacks come from different IP addresses. So, anyone has a "realiable"

Re: IPv6 ingress filter

2019-05-14 Thread JORDI PALET MARTINEZ via NANOG
Hi Amos, Just responded in another mailing list on this: 6to4 is still a valid protocol. IT SHOULD NOT be filtered. 6to4 uses the same protocol as other tunnels such as 6in4 (protocol 41). https://www.ietf.org/rfc/rfc3056.txt It works fine for peer to peer applications. What

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

2019-04-27 Thread JORDI PALET MARTINEZ via NANOG
Hi, El 27/4/19 1:35, "Jared Mauch" escribió: > On Apr 26, 2019, at 5:49 PM, JORDI PALET MARTINEZ wrote: > > "AP stated that at the LACNIC meeting has discussed it and they dismissed it as out of scope." > > LACNIC will have

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

2019-04-26 Thread JORDI PALET MARTINEZ via NANOG
RSA (https://www.arin.net/about/corporate/agreements/rsa.pdf) clearly state that the services are subject to the terms and conditions stated in the policy manual. There is explicit text in case of lack of payment. Not so clear what to do if there is a policy violation, but it looks like at

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

2019-04-26 Thread JORDI PALET MARTINEZ via NANOG
olicy violation". El 27/4/19 0:08, "Jon Lewis" escribió: On Fri, 26 Apr 2019, JORDI PALET MARTINEZ wrote: > The intent is to clearly state that this is a violation of the policies. > > The membership documents/bylaws or the RSA, your account may be close

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

2019-04-26 Thread JORDI PALET MARTINEZ via NANOG
, etc., etc. Regards, Jordi El 27/4/19 0:03, "NANOG en nombre de JORDI PALET MARTINEZ via NANOG" escribió: The intent is to clearly state that this is a violation of the policies. The membership documents/bylaws or the RSA, your account may be closed. I looked

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

2019-04-26 Thread JORDI PALET MARTINEZ via NANOG
The intent is to clearly state that this is a violation of the policies. The membership documents/bylaws or the RSA, your account may be closed. I looked at it when adapting the policy from RIPE to ARIN, don't have this information right in my mind, but I'm sure it was there. Otherwise, if

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

2019-04-26 Thread JORDI PALET MARTINEZ via NANOG
Not only that. I really think they have not invested enough time to read the proposal, check with the authors and then take a decision. We have got some email exchange, but clearly not sufficient. I also must state that the staff has been very helpful and diligent to clarify and support the

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

2019-04-26 Thread JORDI PALET MARTINEZ via NANOG
El 26/4/19 20:25, "NANOG en nombre de Matt Harris" escribió: On Fri, Apr 26, 2019 at 12:49 PM William Herrin wrote: I personally support the petition. I think the out of scope reasoning is flawed. By enforcing minimum assignment sizes, ARIN has long acted as a gatekeeper to the routing

Re: IPv6 and forensic requests

2019-02-10 Thread JORDI PALET MARTINEZ via NANOG
NANOG en nombre de Max Tulyev Fecha: domingo, 10 de febrero de 2019, 19:21 Para: NANOG Asunto: Re: IPv6 and forensic requests Great, thank you! Did you manage to whitelist APN at Apple so iOS devices can use it too? 10.02.19 20:06, JORDI PALET MARTINEZ пише: > Well, if

Re: IPv6 and forensic requests

2019-02-10 Thread JORDI PALET MARTINEZ via NANOG
6to4 to certain public IPv4. But it seems mobile need a /64, and it uses a lot of random IPv6 inside assigned /64, several addresses together at each time, CLAT uses the most of it (on Android). So direct translation 6->public4 is impossible. 10.02.19 15:51, JORDI PALET MARTI

Re: IPv6 and forensic requests

2019-02-10 Thread JORDI PALET MARTINEZ via NANOG
Do you really mean 6to4 or NAT64? Totally different things ... If that's the case, I will suggest you go for Jool instead of Tayga. Also, if you want the customers are able to use old IPv4 apps and devices, NAT64 is not sufficient, you need also CLAT at the customer premises (so they can run

Re: Auto-configuring IPv6 transition mechanisms on customer devices

2018-12-14 Thread JORDI PALET MARTINEZ via NANOG
Hi Brandon, This may help: https://datatracker.ietf.org/doc/draft-ietf-v6ops-transition-ipv4aas/ It is in last call right now, I need to send a new version today/tomorrow, as the IESG review had some inputs, but nothing that change the document as you can read it now. Regards, Jordi

Re: new(ish) ipv6 transition tech status on CPE

2018-10-10 Thread JORDI PALET MARTINEZ via NANOG
You may use this document, which passed already the last-call and is in the AD/IESG review: https://datatracker.ietf.org/doc/draft-ietf-v6ops-transition-ipv4aas/ My co-authors may help you to get those products … I’ve been using myself OpenWRT for such deployments. Regards, Jordi

Re: Deploying IPv6 XLAT64

2018-09-26 Thread JORDI PALET MARTINEZ via NANOG
apps that use literals, or they don't support IPv6, you still need dual-stack in the LANs, but access IPv6-only is just fine. Regards, Jordi -Mensaje original- De: Matt Hoppes Fecha: miércoles, 26 de septiembre de 2018, 15:22 Para: JORDI PALET MARTINEZ , North American Network

Re: Deploying IPv6 XLAT64

2018-09-26 Thread JORDI PALET MARTINEZ via NANOG
You can use Jool for both 464XLAT and just NAT64. I've done a workshop on this at the LACNIC meeting this week. See slides 43 and next ones: http://www.lacnic.net/innovaportal/file/3139/1/ipv6-only_v11_16-9.pdf Saludos, Jordi -Mensaje original- De: NANOG en nombre de Matt Hoppes

Re: IPv6 faster/better proof? was Re: Need /24 (arin) asap

2018-06-22 Thread JORDI PALET MARTINEZ via NANOG
the LTE interface, but space for it). Regards, Jordi De: Mark Tinka Fecha: viernes, 22 de junio de 2018, 13:23 Para: JORDI PALET MARTINEZ CC: "nanog@nanog.org" Asunto: Re: IPv6 faster/better proof? was Re: Need /24 (arin) asap On 22/Jun/18 12:47, JORDI PALET MART

Re: IPv6 faster/better proof? was Re: Need /24 (arin) asap

2018-06-22 Thread JORDI PALET MARTINEZ via NANOG
The problem with its IPv6 support is that is only supporting 6in4, which by the way, they call it 6to4, so it is very weird and confusing customers ... That "6-to-4 actually means 6-in-4" was quite confusing to me as well. I just enabled it to prove that they had a language moment there. Good

Re: IPv6 faster/better proof? was Re: Need /24 (arin) asap

2018-06-22 Thread JORDI PALET MARTINEZ via NANOG
I've many customers using MikroTik. The problem with its IPv6 support is that is only supporting 6in4, which by the way, they call it 6to4, so it is very weird and confusing customers ... So for native IPv6 or a 6in4 tunnel, is fine, but any other transition mechanism is NOT supported, so

Re: What are people using for IPAM these days?

2018-06-10 Thread JORDI PALET MARTINEZ via NANOG
One more open source option: https://www.gestioip.net/ Regards, Jordi -Mensaje original- De: NANOG en nombre de Job Snijders Fecha: domingo, 10 de junio de 2018, 23:01 Para: Mike Lyon CC: NANOG Asunto: Re: What are people using for IPAM these days? Hey Mike, On

Re: Whois vs GDPR, latest news

2018-05-27 Thread JORDI PALET MARTINEZ via NANOG
r...@invaluement.com> Fecha: domingo, 27 de mayo de 2018, 0:16 Para: <nanog@nanog.org> Asunto: Re: Whois vs GDPR, latest news On 5/26/2018 3:36 PM, JORDI PALET MARTINEZ via NANOG wrote: > Talking from the experience because the previous laws in Spain, LOPD and LS

Re: Whois vs GDPR, latest news

2018-05-26 Thread JORDI PALET MARTINEZ via NANOG
Talking from the experience because the previous laws in Spain, LOPD and LSSI (which basically was the same across the different EU countries). They had "maximum" fines (it was 600.000 Euros). They start for small law infringement with 600 euros, 1.500 euros, unless is something very severe,

Re: Whois vs GDPR, latest news

2018-05-26 Thread JORDI PALET MARTINEZ via NANOG
.@rollernet.us> Fecha: sábado, 26 de mayo de 2018, 16:00 Para: <nanog@nanog.org> Asunto: Re: Whois vs GDPR, latest news On 5/26/18 1:30 PM, JORDI PALET MARTINEZ via NANOG wrote: > I don't think, in general the DPAs need to use lawsuits. > > If they discover

Re: Whois vs GDPR, latest news

2018-05-26 Thread JORDI PALET MARTINEZ via NANOG
I don't think, in general the DPAs need to use lawsuits. If they discover (by their own, or by means of a customer claim) that a company (never mind is from the EU or outside) is not following the GDPR, they will just fine it and the corresponding government authorities are the responsible to

Re: Assigning /64 but using /127 (was Re: Waste will kill ipv6 too)

2017-12-28 Thread JORDI PALET MARTINEZ
This may be useful: https://www.ripe.net/publications/docs/ripe-690/ Regards, Jordi -Mensaje original- De: NANOG en nombre de Octavio Alvarez Responder a: Fecha: jueves, 28 de diciembre de 2017, 19:31 Para:

Re: Waste will kill ipv6 too

2017-12-28 Thread JORDI PALET MARTINEZ
Not really. RFC6164 is meant to make sure routers support /127, but doesn’t mandate or say that you must use that. This is another perspective: https://datatracker.ietf.org/doc/draft-palet-v6ops-p2p-from-customer-prefix/ Regards, Jordi -Mensaje original- De: NANOG

Re: Implementing 464XLAT at a small WISP

2017-12-28 Thread JORDI PALET MARTINEZ
Asunto: Re: Implementing 464XLAT at a small WISP On Thu, Dec 28, 2017 at 2:43 PM, JORDI PALET MARTINEZ <jordi.pa...@consulintel.es> wrote: > I’ve customers with have 1Gbit FTTH link using LEDE with NAT. > > Depending on the hardware (I’m talking about Chinese m

Re: Implementing 464XLAT at a small WISP

2017-12-28 Thread JORDI PALET MARTINEZ
echa: jueves, 28 de diciembre de 2017, 10:52 Para: <jordi.pa...@consulintel.es> CC: <nanog@nanog.org> Asunto: Re: Implementing 464XLAT at a small WISP On Thu, Dec 28, 2017 at 1:11 PM, JORDI PALET MARTINEZ <jordi.pa...@consulintel.es> wrote: > Nice ;-) >

Re: Implementing 464XLAT at a small WISP

2017-12-28 Thread JORDI PALET MARTINEZ
Nice ;-) I’ve been doing this for some time already … and have trials with several customers (tens of thousands of customers). Note that most of the routers that support LEDE (quite a big list), will work by default with a standard stable release. You mention it, but we use something like for

Re: Waste will kill ipv6 too

2017-12-20 Thread JORDI PALET MARTINEZ
This may be useful as well, somehow related, as using /64 has a clear advantage: https://datatracker.ietf.org/doc/draft-palet-v6ops-p2p-from-customer-prefix/ Regards, Jordi -Mensaje original- De: NANOG <nanog-boun...@nanog.org> en nombre de JORDI PALET MARTINEZ <

Re: Waste will kill ipv6 too

2017-12-20 Thread JORDI PALET MARTINEZ
This may be helpful: https://www.ripe.net/publications/docs/ripe-690/ Regards, Jordi -Mensaje original- De: NANOG en nombre de Mike Responder a: Fecha: miércoles, 20 de diciembre de 2017, 19:26

Re: IPv6 migration steps for mid-scale isp

2017-09-25 Thread JORDI PALET MARTINEZ
There are several ISPs doing trials (thousands of users). RFC6877 (464XLAT), section 4. Network Architecture, indicates clearly “Wireline Network Architecture can be used in situations where there are clients behind the CLAT, regardless of the type of access service -- for example, fiber

Re: IPv6 migration steps for mid-scale isp

2017-09-18 Thread JORDI PALET MARTINEZ
Fully agree, 464XLAT is the way to go. We have tested this in many IPv6-only access deployments, non-cellular networks (cellular is well tested by T-Mobile and others, that have got it in production for years). We always have the issue of the CPEs support, but this is the same problem if you

plea for increase participation in v6ops/IETF

2017-06-11 Thread JORDI PALET MARTINEZ
Hello all, At the last LACNIC event, I mentioned on a couple of occasions the need for ISPs in the region, especially small and medium-sized ones, to participate in the decisions taken in the IETF IPv6 Operations Working Group (v6ops). I’m sending this here as well, as I believe the situation

Re: BCP for securing IPv6 Linux end node in AWS

2017-05-15 Thread JORDI PALET MARTINEZ
Just make sure that nothing breaks PTB as it happens if you don’t pay attention to ECMP. RFC7690 1&1 in Germany has this issue since at least 18-24 months ago, so all their customers with IPv6 enabled are *broken* for anyone having a smaller MTU because tunnels or the ISP technology, etc.

Re: pay.gov and IPv6

2016-11-20 Thread JORDI PALET MARTINEZ
l Byington writes: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > On Sun, 2016-11-20 at 10:51 +0100, JORDI PALET MARTINEZ wrote: > > For example, you will not get this working if you have a lower MTU > > than 1.500, which is quite norma

Re: pay.gov and IPv6

2016-11-20 Thread JORDI PALET MARTINEZ
t follow RIPE LABS site: https://labs.ripe.net/Members/jordipaletm/results-of-the-ipv6-deployment-survey Regards, Jordi -Mensaje original- De: NANOG <nanog-boun...@nanog.org> en nombre de JORDI PALET MARTINEZ <jordi.pa...@consulintel.es> Responder a: <jordi.pa...@consuli

Re: pay.gov and IPv6

2016-11-18 Thread JORDI PALET MARTINEZ
I tested from my home and happy eyeballs is not falling back to IPv4. So, I tend to suspect that is not ICMPv6 filtering, but something else, such as wrong load balancer or ECMP configuration. Regards, Jordi -Mensaje original- De: NANOG en nombre de Carl

Re: pay.gov and IPv6

2016-11-16 Thread JORDI PALET MARTINEZ
I think it is not just a matter of testing behind a 1280 MTU, but about making sure that PMTUD is not broken, so it just works in any circumstances. Regards, Jordi -Mensaje original- De: NANOG en nombre de Mark Andrews Responder a:

Re: pay.gov and IPv6

2016-11-16 Thread JORDI PALET MARTINEZ
It happens too often, unfortunately. People deploying IPv6 at web sites and other services, don’t check if PMTUD is broken by filtering, ECMP, load balancers, etc. This is the case here: tbit from 2001:df0:4:4000::1:115 to 2605:3100:fffd:100::15 server-mss 1440, result: pmtud-fail app: http,

Re: Spitballing IoT Security

2016-10-26 Thread JORDI PALET MARTINEZ
Exactly, I was arguing exactly the same with some folks this week during the RIPE meeting. The same way that certifications are needed to avoid radio interferences, etc., and if you don’t pass those certifications, you can’t sell the products in some countries (or regions in case of EU for

Re: IPv6 Residential Deployment Survey

2016-05-23 Thread JORDI PALET MARTINEZ
This is done so if you are part of a trial can keep answering. Otherwise, no sense to keep going, I guess … In other words, if you don’t offer IPv6 you must not answer to the survey … Saludos, Jordi -Mensaje original- De: NANOG en nombre de Christopher Morrow

Re: IPv6 Residential Deployment Survey

2016-05-23 Thread JORDI PALET MARTINEZ
Hi, The intend is to make the survey simple, so in that case, you have two choices: 1) The same IPv6 services by means of DSL and FTTH (example), then you can use “other” and indicate that. 2) Different IPv6 services with different access technology, then you better fill one survey for each

  1   2   >