IPv6 Multicast Routing

2021-03-02 Thread Nicholas Warren
Does IANA 
(https://www.iana.org/assignments/ipv6-multicast-addresses/ipv6-multicast-addresses.xml#variable)
 run the registry for IPv6 Multicast groups? "We do not make allocations 
directly to ISPs or end users except in specific circumstances, such as 
allocations of multicast addresses"

There are only 112 registered multicast addresses? That seems low.

Are some IPv6 multicast packets globally routable? Wikipedia says both yes and 
no.
Should we be allowing packets with multicast addresses in/out of our network?


microsoft mail contact

2020-09-15 Thread Nicholas Warren
We recently acquired some IP space, but it seems outlook does not want to 
receive email from that space.

If there's someone that knows what we need to do, we would be grateful for any 
pointers in the right direction.

nich


100g PCS Errors

2020-08-19 Thread Nicholas Warren
We've got a 100g qsfp in an mx204 that has 1207 bit errors and 29666 errored 
blocks after 24 hours of just being linked up...
I would assume this is not normal behavior, but I haven't used 100g before. Do 
others see high error rates on their 100g optics?


MX204 Rails

2020-07-16 Thread Nicholas Warren
We're having a ton of problems trying to find a part number for juniper rails 
(for an mx204) or even finding something that's compatible. I suppose we can 
just put the router on a rack mount shelf, but man... it's like pulling teeth 
to get this part number...

Does anyone know of where I can find this part number? (no, our distributer 
can't find the part number, and communication problems with juniper tac is 
making them think that we're talking about the rack)

nic


Re: favorite network troubleshooting tools (online)

2020-07-15 Thread Nicholas Warren
http://www.traceroute6.net/

Nic

On Jul 15, 2020, at 12:38 PM, Mehmet Akcin  wrote:


hey there,

I recently have come across this http://ping.pe/ website, I have no association 
with this but it's pretty awesome. This made me wonder what other tools out 
there which I do not know about it.

what are your favorite network troubleshooting tools?

In addition to ping.pe, I like https://bgp.he.net but would 
love to hear your thought about other tool recommendations as especially the 
ones that are distributed.

Mehmet


RE: RIPE our of IPv4

2019-11-25 Thread Nicholas Warren
I think the context was referring to RIPE's v4 space being dead.

> 
> Hard to say that something that is in full implementation and use is dead.
> 
> >
> > RIPE isn’t dead… Just IPv4.
> >
> > Owen
> >
> > >
> > > RIP RIPE
> > >>
> > >> Just received a mail that RIPE is out of IPv4:


Provider IPv6 Deployment

2019-10-16 Thread Nicholas Warren
Can anyone share resources on deploying IPv6 in a provider network?
Most all documentation I find is from the customer perspective; which is great 
and all, but what about setting up dhcpv6-pd, what about the relay agent, or 
what about an equivalent of dhcp option 82?

Nich


Re: IPv6 Pain Experiment

2019-10-08 Thread Nicholas Warren
Sweet deals, would you kindly share your vendor?


It's not 1990 any more, a TB of RAM now costs a few thousand dollars
and is dropping rapidly (similar for fancy router RAM), we have
processor chips with 64 cores available practically off the shelf for
under $10K (32-core literally off the shelf, try any Microcenter),
etc. etc. etc.


Sales Contact Opt-out?

2019-09-20 Thread Nicholas Warren
Is it possible to opt out of sales contact from those on the list?
Or is this simply the price to pay for seeking the list's wisdom?

> -Original Message-
> From: Jason Barrette 
> Sent: Friday, September 20, 2019 11:28 AM
> To: Gary A Mumphrey ; Nicholas Warren 
> 
> Subject: RE: sfps from fs dot com
> 
> Hi Gary,
> 
[snip...]
> 
> Jason M. Barrette 
> President
> 
> D (949) 242-8077 M (714) 357-6295
> 
> Email: ja...@enetusa.com <mailto:ja...@enetusa.com>
> Visit us at: www.enetusa.com <http://www.enetusa.com/>
> 
> From: Gary A Mumphrey 
> Sent: Friday, September 20, 2019 7:44 AM
> To: nwar...@barryelectric.com
> Cc: Jason Barrette 
> Subject: RE: sfps from fs dot com
> 
> Nicholas,
> 
[snip...]



sfps from fs dot com

2019-09-20 Thread Nicholas Warren
Anyone have experience with fs.com's lasers? Are they reliable?


Access to Level3 PoP?

2019-08-14 Thread Nicholas Warren
We are needing access into Level3/Centurylink's PoP at Monett Missouri to test 
our fiber. Does anyone have an email, phone number, or smoke signal we could 
use to get access to test fiber?

Support is, sadly, not being very helpful.

Nich Warren


RE: IPv6 Unique Local Addresses

2018-03-02 Thread Nicholas Warren
Please don't take away ULA.

>> You really think that doing ULA according to the RFCs (collision 
>> avoidance algorithm and all) is easier than filling out a form at HE?
>> REALLY?
> 
> Yes.

It's hard enough to sell ipv6 for LAN without adding having to get a tunnel, 
register with a RIR, whatever else.

ULA gives us the option to spin up ipv6 networks without anyone else being 
involved. We have to be able to make private networks without contacting 
anyone, and we will go back to ipv4 if that's our only option.


Site-Local/Unique-Local Addressing (IPv6)

2018-01-08 Thread Nicholas Warren
Layman here, I was reviewing RFCs for a local address for IPv6. I came across 
two RFCs that seem interesting.

3879 Which deprecates Site Local Addresses.
4193 Which seems to add Unique Local Addresses.

What is the main difference here? Why was this standard removed then added back?

Thanks,
Nich Warren


RE: DHCPv6-PD -> Lack of route injection in RFC

2017-09-22 Thread Nicholas Warren
Which method would you recommend as an alternative?

-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Baldur Norddahl
Sent: Friday, September 22, 2017 11:52 AM

This method is lacking because you might have several routers eg. using VRRP 
and the backup router will not learn anything from a relay on the primary.


Den 22. sep. 2017 14.02 skrev "Steve Teusch" :

I am running into venders that do not support injection of a delegated route 
when operating as a DHCPv6 relay (or server for that matter).
Brocade supports this, but I am not finding this as part of any of the RFC's.  
This is to deliver home ISP service, so it is very important or return packets 
won't go to the client unless the route is manually added as a routing protocol 
is not an option.  There should be a MUST activity for this somewhere.

Anyone know what gives?


RE: IPv6 is better than ipv4

2016-06-02 Thread Nicholas Warren
CenturyTel in this area provides IPv6 to DSL customers.

Thank you,
- Nich

> -Original Message-
> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Josh Luthman
> Sent: Thursday, June 2, 2016 10:43 AM
> To: Christopher Morrow
> Cc: nanog@nanog.org
> Subject: Re: IPv6 is better than ipv4
> 
> Just a thought - ipv4 includes older more rural connections such as 1M
> DSL out in the sticks.  That weighs the average connection time down.
> v6 being capable on modern 4G wireless and fiber connections makes the
> average faster.
> 
> 
> Josh Luthman
> Office: 937-552-2340
> Direct: 937-552-2343
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
> 
> On Thu, Jun 2, 2016 at 11:39 AM, Christopher Morrow
>  > wrote:
> 
> > On Thu, Jun 2, 2016 at 10:47 AM, Ca By  wrote:
> >
> > >
> > >
> > https://blogs.akamai.com/2016/06/preparing-for-ipv6-only-mobile-
> networ
> > ks-why-and-how.html
> > >
> > > Wherein akamai explains a detailed study showing ipv6 is "well over
> > > 10%" faster than ipv4 on mobile, and they reference corroborating
> > > studies from Linkedin and Facebook.
> > >
> > > Fair to ask your business 1) does mobile performance matter 2) are
> > > you taking advantage of this 10% page load speedup that ipv6
> provides?
> > >
> >
> > ​srs question: "What percentage of the mobile world prefers v6 over
> v4?"
> >
> > I ask because perhaps the market for your app is such that v6 is
> > actually a hinderance to the userbase... (or is slower in your
> market)
> >
> > Are there more holistic studies about this?​
> >


smime.p7s
Description: S/MIME cryptographic signature


SFP Cost Variation

2016-03-12 Thread Nicholas Warren
Quick question for the experts.

Why when looking at SFPs, some sites list them as $800 when the same part
number can be found on places like amazon for $30-$40. What is the
difference in them? Why would I buy them from a place like CDW with what
appears to be a 2,000% markup.

https://www.cdw.com/shop/products/Brocade-SFP-mini-GBIC-transceiver-module-G
igabit-Ethernet/1411743.aspx

http://www.amazon.com/gp/product/B0076Q1CTY

Thanks,
Nich


smime.p7s
Description: S/MIME cryptographic signature


RE: Google Captcha on web searches

2015-11-10 Thread Nicholas Warren
We had that problem too, it was only happening to computers with a NATed v4
address. Connecting to Google over IPv6 made the problems go away.

Thank you,
- Nich


> -Original Message-
> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Joseph Jenkins
> Sent: Tuesday, November 10, 2015 11:28 AM
> To: nanog@nanog.org
> Subject: Google Captcha on web searches
> 
> We started getting a Google Captcha for our web searches this morning.
> Does anyone have contact info for Google so that I can contact them and
> figure out where the traffic is coming from on my side or what service it
> is going to so that I can track down the users?
> 
> Thanks,
> 
> Joe Jenkins
> 909.636.2097



smime.p7s
Description: S/MIME cryptographic signature


RE: IPv6 Irony.

2015-10-22 Thread Nicholas Warren
Can anyone tell me if the document he linked is work reading? I am currently
connected to an IPv6 only network and can't get to it.

Thank you,
- Nich Warren

> -Original Message-
> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Masataka Ohta
> Sent: Thursday, October 22, 2015 1:43 AM
> To: Mark Andrews
> Cc: nanog@nanog.org
> Subject: Re: IPv6 Irony.
> 
> Mark Andrews wrote:
> 
> >>> Customer support, especially network troubleshootings and so on...
> >>
> >> Customer support for IPv6 costs a lot, at least because of:
> >>
> >> 1) Unnecessarily lengthy IP addresses, not recognized by most, if
> not
> >>all, customers
> >>
> >> 2) Lack of so promised automatic renumbering
> >
> > Upgrade the vendors.  Nodes already renumber themselves automatically
> > when a new prefix appears.
> 
> Can the nodes treat multiple prefixes on multiple (virtual) interfaces for
> smooth ISP handover?
> 
> > Nodes can update their addresses in the DNS if the want to securely
> > using DNS UPDATE and TSIG / SIG(0).
> 
> How much is the customer support cost for the service?
> 
> > This isn't rocket science.  Firewall vendors could supply tools to
> > allow nodes to update their addresses in the firewall.  They could
> > even co-ordinate through a standards body.  It isn't that hard to take
> > names, turn them into addresses and push out new firewall rules on
> > demand as address associated with those names change.
> 
> As I and my colleague developed protocol suites to automatically renumber
> multihomed hosts and routers
> 
> The Basic Procedures of Hierarchical Automatic Locator Number Allocation
> Protocol HANA
> http://delivery.acm.org/10.1145/209/2089037/p124-
> kenji.pdf?ip=131.112.32.134=2089037=ACTIVE%20SERVICE=D2341B890A
> D12BFE.E857D5F645C75AE5.4D4702B0C3E38B35.4D4702B0C3E38B35=723424660
> FTOKEN=36506659&__acm__=1445495785_e3533480d8843be13ab34593a1faf194
> 
> which is now extended for DNS update including glue, I know it is doable.
> 
> But, as it is a lot more simpler to do so with IPv4 with NAT, 48 bit
> address space by NAT is large enough and NAT can enjoy end to end
> transparency, I see no point to use IPv6 here.
> 
> Automatic renumbering of IPv6 *WAS* promising, because it was not
> necessary to replace existing IPv4-only boxes.
> 
>   Masataka Ohta



smime.p7s
Description: S/MIME cryptographic signature


RE: IPv6 Irony.

2015-10-22 Thread Nicholas Warren
Worth*

Thank you,
- Nich Warren


> -Original Message-
> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Nicholas Warren
> Sent: Thursday, October 22, 2015 7:26 AM
> To: Masataka Ohta
> Cc: nanog@nanog.org
> Subject: RE: IPv6 Irony.
> 
> Can anyone tell me if the document he linked is work reading? I am
> currently
> connected to an IPv6 only network and can't get to it.
> 
> Thank you,
> - Nich Warren
> 
> > -Original Message-
> > From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Masataka Ohta
> > Sent: Thursday, October 22, 2015 1:43 AM
> > To: Mark Andrews
> > Cc: nanog@nanog.org
> > Subject: Re: IPv6 Irony.
> >
> > Mark Andrews wrote:
> >
> > >>> Customer support, especially network troubleshootings and so on...
> > >>
> > >> Customer support for IPv6 costs a lot, at least because of:
> > >>
> > >> 1) Unnecessarily lengthy IP addresses, not recognized by most, if
> > not
> > >>all, customers
> > >>
> > >> 2) Lack of so promised automatic renumbering
> > >
> > > Upgrade the vendors.  Nodes already renumber themselves automatically
> > > when a new prefix appears.
> >
> > Can the nodes treat multiple prefixes on multiple (virtual) interfaces
> for
> > smooth ISP handover?
> >
> > > Nodes can update their addresses in the DNS if the want to securely
> > > using DNS UPDATE and TSIG / SIG(0).
> >
> > How much is the customer support cost for the service?
> >
> > > This isn't rocket science.  Firewall vendors could supply tools to
> > > allow nodes to update their addresses in the firewall.  They could
> > > even co-ordinate through a standards body.  It isn't that hard to take
> > > names, turn them into addresses and push out new firewall rules on
> > > demand as address associated with those names change.
> >
> > As I and my colleague developed protocol suites to automatically
> renumber
> > multihomed hosts and routers
> >
> > The Basic Procedures of Hierarchical Automatic Locator Number Allocation
> > Protocol HANA
> > http://delivery.acm.org/10.1145/209/2089037/p124-
> >
> kenji.pdf?ip=131.112.32.134=2089037=ACTIVE%20SERVICE=D2341B890A
> >
> D12BFE.E857D5F645C75AE5.4D4702B0C3E38B35.4D4702B0C3E38B35=723424660
> > FTOKEN=36506659&__acm__=1445495785_e3533480d8843be13ab34593a1faf194
> >
> > which is now extended for DNS update including glue, I know it is
> doable.
> >
> > But, as it is a lot more simpler to do so with IPv4 with NAT, 48 bit
> > address space by NAT is large enough and NAT can enjoy end to end
> > transparency, I see no point to use IPv6 here.
> >
> > Automatic renumbering of IPv6 *WAS* promising, because it was not
> > necessary to replace existing IPv4-only boxes.
> >
> > Masataka Ohta



smime.p7s
Description: S/MIME cryptographic signature


RE: Static IPs

2015-10-19 Thread Nicholas Warren
If not to solve problems or as a technical resource, what is the NANOG for?

Thank you,
- Nich

> Hey, Hey Hey, Let's not propagate this more.
> NANOG is the wrong place for this - it's not technical or problem solving
> in nature nor is it community based concerns about industry resources and
> legislation. It's sale-ish.
> Thank You
> Bob Evans
> CTO 



smime.p7s
Description: S/MIME cryptographic signature


RE: Static IPs

2015-10-19 Thread Nicholas Warren
Sorry everyone; didn't mean for this to happen.

Thank you,
- Nich Warren

> >> Here's your answerIt's in the charter - join a sales forum



smime.p7s
Description: S/MIME cryptographic signature


RE: Android and DHCPv6 again

2015-10-15 Thread Nicholas Warren
Excuse my ignorance, but can DHCPv6 and SLAAC be run in parallel?

Thank you,
- Nich

> -Original Message-
> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Dave Bell
> Sent: Thursday, October 15, 2015 9:52 AM
> To: Ray Soucy
> Cc: nanog@nanog.org
> Subject: Re: Android and DHCPv6 again
> 
> On 15 October 2015 at 13:22, Ray Soucy  wrote:
> > Android does not have a complete IPv6 implementation and should not be
> > IPv6 enabled.  Please do your part and complain to Google that Android
> > does not support DHCPv6 for address assignment.
> I use android devices on my network with IPv6 connectivity, and no issues
> at all. It gets an address. Does DNS via IPv6, and can send packets over
> IPv6. I don't use or need DHCPv6.
> 
> You may not be able to roll out IPv6 to them because you need DHCPv6.
> In this case I suggest you complain to Google. Other people may not be
> able to roll out IPv6 to them because they need DHCPv6. They should also
> complain to Google. Suggesting that nobody rolls out IPv6 on them because
> they don't support one feature they may not even need is absurd. DHCPv6 is
> not a prerequisite for IPv6.
> 
> Regards,
> Dave


smime.p7s
Description: S/MIME cryptographic signature


BCOP Wiki Logo Missing

2015-10-08 Thread Nicholas Warren
http://nabcop.org/index.php

For me the logo is a flower and it says "Set $wgLogo to the URL path to your
own logo image."
Am I the only one?

- Thanks,
Nich 




smime.p7s
Description: S/MIME cryptographic signature


RE: BCOP Wiki Logo Missing

2015-10-08 Thread Nicholas Warren
Doesn't the NANOG maintain that wiki? I remember the NANOG logo being on
there at one time.

Thank you,
- Nich


> -Original Message-
> From: mikea [mailto:mi...@mikea.ath.cx]
> Sent: Thursday, October 8, 2015 10:00 AM
> To: Nicholas Warren
> Cc: nanog@nanog.org
> Subject: Re: BCOP Wiki Logo Missing
> 
> On Thu, Oct 08, 2015 at 01:27:32PM +, Nicholas Warren wrote:
> > http://nabcop.org/index.php
> >
> > For me the logo is a flower and it says "Set $wgLogo to the URL path
> > to your own logo image."
> > Am I the only one?
> 
> Same here. I suspect that the page has not been fully customized.
> 
> --
> Mike Andrews, W5EGO
> mi...@mikea.ath.cx
> Tired old sysadmin


smime.p7s
Description: S/MIME cryptographic signature


IPv6 Search Engine

2015-10-08 Thread Nicholas Warren
Not sure where to find this at... But is there a search engine out there
that only returns sites which can be accessed via IPv6? Duel-stack or IPv6
only. Google results are all just dead links.

- Thanks,
Nich



smime.p7s
Description: S/MIME cryptographic signature


RE: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours

2015-07-23 Thread Nicholas Warren
How will the customer know the ISP is blocking the traffic? Does the FCC make 
ISPs disclose this information?

Thank you,
- Nich Warren


On 07/22/2015 09:01 PM, Justin M. Streiner wrote:
 You're certainly free to block whatever traffic you wish, but your 
 customers might not appreciate a heavy-handed approach to stopping bad 
 traffic at the gates.


'gray' market IPv4

2015-07-14 Thread Nicholas Warren
Where is one of these v4 markets that we can buy some IPv4 space from?
I would prefer to have a place where we could see recent transactions, 
something along the lines of x amount of addresses for y amount of monies.

Google search is failing me for some reason..

- Thanks,
Nich



M$ no v6 or just me?

2015-07-14 Thread Nicholas Warren
Surely Microsoft has IPv6 connectivity? Is there a problem with my dns, or is 
Microsoft not available over v6?

Thanks,
Nich



RE: Greenfield ISP (In January)

2015-06-16 Thread Nicholas Warren
Does anyone beside Cisco do MAP? Brocade, Juniper, Huawei?

Thank you,
- Nich Warren


-Original Message-
From: Tore Anderson [mailto:t...@fud.no]
Sent: Friday, June 12, 2015 12:15 AM
To: Baldur Norddahl
Cc: Nicholas Warren; nanog@nanog.org
Subject: Re: Greenfield 464XLAT (In January)

* Baldur Norddahl baldur.nordd...@gmail.com

 The high tech solution is stuff like MAP where you move the cost out 
 to the CPE. But then you need to control the CPE - if you have that 
 then great. You would still want to sell a non-NAT (and MAP is NAT) to 
 users that require a public IPv4 address, so you still need to go dual 
 stack or use some tunnelling for that.

Hi Baldur,

MAP is *not* NAT; that's what's so neat about it. The users do get a public 
IPv4 address (or prefix!) routed to their CPE's WAN interface, towards which 
they can accept inbound unsolicited connections.

The public IPv4 address could be port-restricted if the operator wants address 
sharing, but it does not have to be. You could do both at the same time, e.g., 
giving your premium users a /32 or /28, while the standard subscription 
includes a /32 with 4k ports.

I will grant you that MAP-T performs NAT (i.e., protocol translation) 
internally, but the translations that happens when a packet enters the MAP 
domain are reversed when it exits. So the IPv4 addresses are transparent 
end-to-end.

MAP-E (and lw4o6 for that matter), on the other hand, has no form of NAT 
anywhere. (Unless you count the NAPT44 that sits between the subscriber's 
RFC1918 LAN segment and the CPE's WAN interface, but that's not exactly 
something that's unique to MAP.)

Nicholas: If I were you, before going down the 464XLAT route, I'd first look 
closely at these technologies, in the order given:

1) MAP (because it is fully stateless)
2) lw4o6 (because it is mostly stateless, i.e., no session tracking)
3) DS-Lite (which, like 464XLAT, is stateful, but you'll have way more
   CPEs to choose from than with 464XLAT, which is mostly for mobile)

Tore


RE: Greenfield 464XLAT (In January)

2015-06-11 Thread Nicholas Warren
A network needs users or it is useless. I am curious as to how your native IPv6 
network communicated with (if at all) the v4 world. Has anyone confronted you 
about your network being IPv6? I might have problems with reading 
comprehension, but in your statement  So you might position to pitch upfront 
your new world Internet service from day one., do you mean pitch as in, setup; 
or pitch as, into the trash.

Thank you,
- Nich Warren


-Original Message-
From: Bob Evans [mailto:b...@fiberinternetcenter.com] 
Sent: Thursday, June 11, 2015 9:20 AM
To: Nicholas Warren
Cc: nanog@nanog.org
Subject: Re: Greenfield 464XLAT (In January)

Actually , there is no better audience that I know of to ask this
question. And my information might be more marketing related and hardware
skeptical.

My IPv6 direction choice was much easier than yours. You need to figure
out how to build an IPv4 network today from scratch in a world where the
IPv4 bus ride seats have largely assigned.

When we setup our IPv6 ability, I chose to build a native IPv6 network.
Tunneling and translation devices left me wondering about packet flow at
those gateway points. Aside from verbal sales assurances, I still had the
feeling that under loads these devices would break momentarily or cause
latency issues. For web and email services it's not a big issue. Sure
everyone could show me a twitch game playing well or a video conference
call, but what happens when the device is under load or attacked ? Will
service latency be detected by a cleaver well known gamer ? One that
points to the issue as a flaw that makes others think our network is
unusable for all kinds of services ? Overcome issues like this ISP forces
you to use IPv6 ? The hardware costs can be small compared to consumer
perceptions marketing dollars. So you might position to pitch upfront your
new world Internet service from day one.

European and Comcast has been implementing NAT 6 related things for years.
My son made me move his connection to the smallest bandwidth DSL on ATT
for his games. However, our Comcast has been fine perfectly for watching
Amazon and Netflix streaming (most of the time).

Thank You
Bob Evans
CTO




 Sincere apologies if this e-mail is inappropriate for this audience,
 We are (going to be) a startup ISP building a new network from the ground
 up. I was hoping I could get an opinion, or two, on how everyone feels
 about 464XLAT. I saw what everyone was saying about it in the 'Android
 doesn't support DHCPv6' discussion, but what about in the wireline side of
 things? The main reason we are even considering 464XLAT as opposed to
 dual-stack (the latter is, in my ignorant opinion, the better option.) is
 the fear of IPv4 depletion that we think might hit ARIN between now and
 the start of next year; causing us to pay a premium for IPv4 in the gray
 market. So I guess the real question here would be: is our fear real, or
 is it just bug on the wall? If our fear is real, what should we implement
 so that our users can still get to the v4 internet, are we even thinking
 soberly by suggesting 464XLAT?
 Thanks,
 - Nich






RE: Greenfield 464XLAT (In January)

2015-06-11 Thread Nicholas Warren
I figured that duel-stack would be the way to go, but I worry that ARIN might 
not give us space for duel stack out of their reserved pool 
(https://www.arin.net/policy/nrpm.html#four10), and that this .13 of a /8 won't 
make it to next year. I suppose that would be a question for the ARIN mailing 
list?

Thank you,
- Nich Warren


-Original Message-
From: William Herrin [mailto:b...@herrin.us] 
Sent: Thursday, June 11, 2015 12:13 PM
To: Nicholas Warren
Cc: nanog@nanog.org
Subject: Re: Greenfield 464XLAT (In January)

On Wed, Jun 10, 2015 at 4:22 PM, Nicholas Warren nwar...@barryelectric.com 
wrote:
 Sincere apologies if this e-mail is inappropriate for this audience,

Hi Nich,

Looks like the correct audience to me.


 We are (going to be) a startup ISP building a new network from the 
 ground up. [...] The main reason we are even considering 464XLAT as 
 opposed to dual-stack (the latter is, in my ignorant opinion, the 
 better option.) is the fear of IPv4 depletion that we think might hit 
 ARIN between now and the start of next year; causing us to pay a 
 premium for IPv4 in the gray market.

Your customers will require end-to-end IPv4 for the foreseeable future.

464XLAT can provide natted IPv4 using an internal IPv6 infrastructure in 
special circumstances. Specifically: you must have sufficient control of the 
customer equipment to compel it to employ 464XLAT to provide IPv4 services to 
the customer. If your customers lease phones from you and your phone vendors 
build in 464XLAT support, T-Mobile has demonstrated that this is practical. If 
your customers bring generic Macs and PCs with the odd Linux user in the mix 
(their equipment, not yours), you may be asking for extensive support headaches 
with 464XLAT.

Dual stack with carrier NAT would also handle your IPv4 needs. You'll have an 
additional expense maintaining both protocols within your infrastructure. 
Nevertheless, this approach alleviates the need to control the customer 
premises equipment.

Regardless of your approach, DS+NAT or 464XLAT, you will require a comparable 
number of global IPv4 addresses. Neither technology eliminates your need for 
IPv4 addresses facing the public Internet.

Regardless of your approach, you will need to make provisions to support 
customers who require a global and/or static IPv4 address without NAT. It need 
not be part of your basic package, but if it's unavailable at any price you can 
be sure of getting a PR black eye at some point.

Regards,
Bill Herrin


--
William Herrin  her...@dirtside.com  b...@herrin.us Owner, 
Dirtside Systems . Web: http://www.dirtside.com/


RE: Greenfield 464XLAT (In January)

2015-06-11 Thread Nicholas Warren
I am thinking now that our best option would be to go duel-stack lite 
(RFC6333), after reading what you fellows have to say about 464XLAT. I feel as 
though I should add that our peer networks (one was started at the end of 2013) 
are implementing IPv4 only networks; they are pressuring management into 
thinking that IPv6 is too experimental to deploy, and that IPv4 (only) is the 
only way to go.

Thank you,
- Nich Warren


-Original Message-
From: William Herrin [mailto:b...@herrin.us] 
Sent: Thursday, June 11, 2015 12:13 PM
To: Nicholas Warren
Cc: nanog@nanog.org
Subject: Re: Greenfield 464XLAT (In January)

On Wed, Jun 10, 2015 at 4:22 PM, Nicholas Warren nwar...@barryelectric.com 
wrote:
 Sincere apologies if this e-mail is inappropriate for this audience,

Hi Nich,

Looks like the correct audience to me.


 We are (going to be) a startup ISP building a new network from the 
 ground up. [...] The main reason we are even considering 464XLAT as 
 opposed to dual-stack (the latter is, in my ignorant opinion, the 
 better option.) is the fear of IPv4 depletion that we think might hit 
 ARIN between now and the start of next year; causing us to pay a 
 premium for IPv4 in the gray market.

Your customers will require end-to-end IPv4 for the foreseeable future.

464XLAT can provide natted IPv4 using an internal IPv6 infrastructure in 
special circumstances. Specifically: you must have sufficient control of the 
customer equipment to compel it to employ 464XLAT to provide IPv4 services to 
the customer. If your customers lease phones from you and your phone vendors 
build in 464XLAT support, T-Mobile has demonstrated that this is practical. If 
your customers bring generic Macs and PCs with the odd Linux user in the mix 
(their equipment, not yours), you may be asking for extensive support headaches 
with 464XLAT.

Dual stack with carrier NAT would also handle your IPv4 needs. You'll have an 
additional expense maintaining both protocols within your infrastructure. 
Nevertheless, this approach alleviates the need to control the customer 
premises equipment.

Regardless of your approach, DS+NAT or 464XLAT, you will require a comparable 
number of global IPv4 addresses. Neither technology eliminates your need for 
IPv4 addresses facing the public Internet.

Regardless of your approach, you will need to make provisions to support 
customers who require a global and/or static IPv4 address without NAT. It need 
not be part of your basic package, but if it's unavailable at any price you can 
be sure of getting a PR black eye at some point.

Regards,
Bill Herrin


--
William Herrin  her...@dirtside.com  b...@herrin.us Owner, 
Dirtside Systems . Web: http://www.dirtside.com/


Greenfield 464XLAT (In January)

2015-06-10 Thread Nicholas Warren
Sincere apologies if this e-mail is inappropriate for this audience,
We are (going to be) a startup ISP building a new network from the ground up. I 
was hoping I could get an opinion, or two, on how everyone feels about 464XLAT. 
I saw what everyone was saying about it in the 'Android doesn't support DHCPv6' 
discussion, but what about in the wireline side of things? The main reason we 
are even considering 464XLAT as opposed to dual-stack (the latter is, in my 
ignorant opinion, the better option.) is the fear of IPv4 depletion that we 
think might hit ARIN between now and the start of next year; causing us to pay 
a premium for IPv4 in the gray market. So I guess the real question here would 
be: is our fear real, or is it just bug on the wall? If our fear is real, what 
should we implement so that our users can still get to the v4 internet, are we 
even thinking soberly by suggesting 464XLAT?
Thanks,
- Nich