This 'get a /32' BAD ADVICE has got to stop. There are way too many people
trying to force fit their customers into a block that is intended for a
start-up with ZERO customers.
Develop a plan for /48 per customer, then go to ARIN and get that size
block. Figure out exactly what you are going to
Owen DeLong wrote:
...
It's really unfortunate that most people don't understand the
distinction.
If they did, it would help them to realize that NAT doesn't actually do
anything for security, it just helps with address conservation
(although
it has some limits there, as well).
Actually
John Curran wrote:
On Oct 20, 2010, at 11:35 AM, Christopher Morrow wrote:
yes, sorry.. since this was returned to ARIN, I assumed the ARIN
region drain rate.
Ah, good point. It may end up in the global pool, so comparison to
either drain rate is quite reasonable.
For what it's worth,
You didn't miss anything, past ARIN practice has been broken, though using
sparse allocation it is not quite as bad as you project. In any case, ISP's
with more than 10k customers should NEVER get a /32, yet that is what ARIN
insisted on giving even the largest providers in the region. Every ISP
No idea where this came from, and no I didn't have any part in it. If I had,
the rental rates on addresses would have been much more in the range of
extortion... ;)
-Original Message-
From: Kevin Oberman [mailto:ober...@es.net]
Sent: Thursday, October 28, 2010 1:59 PM
To: Zaid Ali
... yes I know you understand operational issues.
While managed networks can 'reverse the damage', there is no way to fix that
for consumer unmanaged networks. Whatever gets deployed now, that is what
the routers will be built to deal with, and it will be virtually impossible
to change it due to
*requested anonymous* wrote:
(I don't post on public mailing lists, so, please consider this
private.
That is, I don't care if the question/reply are public, just, not the
source.)
On 1/10/11 11:46 AM, Tony Hain wrote:
... yes I know you understand operational issues.
While managed
Owen DeLong wrote:
..
I suspect that there are probably somewhere between 30,000
and 120,000 ISPs world wide that are likely to end up with a /32
or shorter prefix.
A /32 is the value that a start-up ISP would have. Assuming that there is a
constant average rate of startups/failures per
The individual RIR graphs won't be around long enough to be worth the
effort... ;)
FWIW: the Jan. 2011 global burn rate (outbound from the RIRs) for
/24-equivlents was 18.97 seconds. At the Jan. rate, APnic won't last to June
and Ripe might make to the end of August, then chaos ensues. Is there
So in the interest of 'second opinions never hurt', and I just can't get my
head around APnic sitting at 3 /8's, burning 2.3 /8's in the last 2 months
and the idea of a 50% probability that their exhaustion event occurs Aug.
2011, here are a couple other graphs to consider.
-Original Message-
From: Vincent Hoffman [mailto:jh...@unsane.co.uk]
Sent: Wednesday, February 02, 2011 9:44 AM
To: nanog@nanog.org
Subject: Re: ipv4's last graph
On 02/02/2011 17:22, Matthew Petach wrote:
On Wed, Feb 2, 2011 at 9:01 AM, Tony Hain alh-i...@tndh.net wrote:
So
-Original Message-
From: Richard Barnes [mailto:richard.bar...@gmail.com]
Sent: Wednesday, February 02, 2011 10:44 AM
To: Tony Hain
Cc: Vincent Hoffman; nanog@nanog.org
Subject: Re: ipv4's last graph
Note that the ARIN, APNIC, and RIPE lines should all basically level
out
Franck Martin wrote:
This is dual stack, my recommendation is disable IPv6 on your servers
(so your clients will still talk to them on IPv4 only), and let your
client goes IPv6 first. Once you understand what is happening, get on
IPv6 on your servers.
You don't have to disable IPv6 on the
Tomas Podermanski wrote:
Hi,
It seems that today is a big day for IPv6. It is the very first time
when
native IPv6 on google statistics
(http://www.google.com/intl/en/ipv6/statistics.html) reached 1%. Some
might say it is tremendous success after 16 years of deploying IPv6 :-)
T.
Mike Jones wrote:
On 20 November 2012 16:05, Patrick W. Gilmore patr...@ianai.net wrote:
On Nov 20, 2012, at 08:45 , Owen DeLong o...@delong.com wrote:
It is entirely possible that Google's numbers are artificially low
for a number of reasons.
AMS-IX publishes stats too:
Dobbins, Roland wrote:
On Nov 26, 2012, at 10:36 PM, Cameron Byrne wrote:
Ipv6 is not important for users, it is important for network operators
who
want to sustain their business.
I agree with the first part; not sure I agree with the second part.
Operators are all free to choose their
Dobbins, Roland wrote:
On Nov 28, 2012, at 11:18 AM, Andrew Sullivan wrote:
If the entire deployment path automatically requires 84 layers of NAT
sludge, that's what gets tested, cause it works for everybody.
Hence my questions regarding the actual momentum behind end-to-end
native IPv6
IMHO: level of clue is a minor point, as that can be bought. The fundamental
issues for a project like this are funding, and intent. Well-funded
organizations that lack intent are just problem children that like to tie up
the courts to keep others from making progress. The target for a
Lee Howard wrote:
On 4/23/13 7:44 PM, Geoff Huston g...@apnic.net wrote:
On 24/04/2013, at 8:10 AM, Andrew Latham lath...@gmail.com wrote:
On Tue, Apr 23, 2013 at 5:41 PM, Valdis Kletnieks
valdis.kletni...@vt.edu wrote:
I didn't see any mention of this Tony Hain paper:
http
Merike Kaeo wrote:
...
ESP-Null came about when folks
realized AH could not traverse NATs.
Thus the absolute reason why people should promote AH to kill off the 66nat
nonsense. Just because you can't use it for IPv4 is no reason to avoid using
it for IPv6 now and let its momentum suppress the
Doug Barton wrote:
[ I normally don't say this, but please reply to the list only, thanks.
]
I've been a member of the let's not assume the IPv6 space is
infinite school from day 1, even though I feel like I have a pretty
solid grasp of the math. Others have alluded to some of the reasons
David Conrad wrote:
Ok, lets start with not breaking the functionality we have today
in IPv4. Once you get that working again we can look at new
ideas (like RA) that might have utility. Let the new stuff live/die
on
it's own merits. The Internet is very good at sorting out the useful
Masataka Ohta wrote:
Karl Auer wrote:
: I've seen links with up to 15k devices where ARP represented
: a significant part of the link usage, but most weren't (yet) IPv6.
MLD noise around a router is as bad as ARP/ND noise.
Possibly true, but that's another discussion.
Then, you
Masataka Ohta
Tony Hain wrote:
It is because you avoid to face the reality of MLD.
MLD != ND
MLD == IGMP
OK.
ND ~= ARP
Wrong, because ND requires MLD while ARP does not.
Note the ~ ... And ARP requires media level broadcast, which ND does not.
Not all media support broadcast
Randy Bush wrote:
The fact that your prefix is a Secret Sauce that isn't known to the
rest of the world won't matter much to an attacker. One 'ifconfig' on
whatever beachhead machine the attacker has inside your net, and it's
not Secret Sauce anymore, it's just another bottle of Thousand
-Original Message-
From: Masataka Ohta [mailto:mo...@necom830.hpcl.titech.ac.jp]
Sent: Wednesday, September 19, 2012 11:21 PM
To: David Miller
Cc: nanog@nanog.org
Subject: Re: Big Temporary Networks
David Miller wrote:
So, a single example of IPv4 behaving in a suboptimal
-Original Message-
From: Joe Maimon [mailto:jmai...@ttec.com]
Sent: Thursday, September 20, 2012 7:11 AM
To: George Herbert
Cc: nanog@nanog.org
Subject: Re: The Department of Work and Pensions, UK has an entire /8
...
Baking in bogonity is bad.
Really ??? If stack vendors had
-Original Message-
From: Nick Hilliard [mailto:n...@foobar.org]
Sent: Thursday, September 20, 2012 2:37 PM
To: Tony Hain
Cc: nanog@nanog.org
Subject: Re: The Department of Work and Pensions, UK has an entire /8
On 20/09/2012 20:14, Tony Hain wrote:
Once the shift starts
-Original Message-
From: Nick Hilliard [mailto:n...@foobar.org]
Sent: Friday, September 21, 2012 9:13 AM
To: Tony Hain
Cc: nanog@nanog.org
Subject: Re: The Department of Work and Pensions, UK has an entire /8
On 21/09/2012 00:47, Tony Hain wrote:
You are comparing IPv6
Sadiq Saif [mailto:sa...@asininetech.com] wrote:
On Wed, Oct 3, 2012 at 12:13 PM, Chris Campbell ch...@ctcampbell.com
wrote:
Is anyone aware of any historical documentation relating to the choice of 32
bits for an IPv4 address?
Cheers.
I believe the relevant RFC is RFC 791 -
Nathan Ward wrote:
...
2) If Teredo relays are deployed close to the service (ie. content,
etc.) then performance is almost equivalent to IPv4. 6to4 relies on
relays being close to both the client and the server, which requires
end users' ISPs to build at least *some* IPv6 infrastructure,
Jack Bates wrote:
.
Yes and no. The test that was being run used 6to4 addresses, so every
6to4 capable device did try to reach it via 6to4, since that is
preferred over IPv4. If it had used non-6to4 addressing, then IPv4
would
had been preferred on those hosts that didn't have non-6to4
While people frequently claim that auto-config is optional, there are
implementations (including OS-X) that don't support anything else at this
point. The basic message is that you should not assume that the host
implementations will conform to what the network operator would prefer, and
you need
Owen DeLong wrote:
On Feb 17, 2009, at 11:28 AM, Tony Hain wrote:
While people frequently claim that auto-config is optional, there are
implementations (including OS-X) that don't support anything else at
this
point. The basic message is that you should not assume that the host
David Conrad wrote:
On Feb 17, 2009, at 11:28 AM, Tony Hain wrote:
Approach IPv6 as a new and different protocol.
Unfortunately, I gather this isn't what end users or network operators
want or expect. I suspect if we want to make real inroads towards
IPv6 deployment, we'll need to spend
Joe Provo wrote:
This is highly amusing, as for myself and many folks the experience
of these 'other protocols', when trying to run in open, scalable,
and commercially-viable deployments, was to encapsulate in IP(v4)
at the LAN/WAN boundary. It is no wonder that is the natural reaction
to
David Conrad wrote:
Tony,
On Feb 17, 2009, at 12:17 PM, Tony Hain wrote:
This being a list of network engineers, there is a strong bias
toward tools
that allow explicit management of the network. This is a fine
position, and
those tools need to exist. There are others that don't want
Justin Shore wrote:
...
At this point I'm looking at doing 6to4 tunnels far into the future.
You can forget that, as CGN will break 6to4. Get used to teredo (miredo),
and if that is impeded don't be surprised when IPv6 over SOAP shows up.
Tony
Owen DeLong wrote:
...
If you want SLAAC or RA or whatever, more power to you. Some
installations
do not. They want DHCP equivalent functionality with the same
security model.
It is always amusing when people equate DHCP with security... Outside of
that, I do agree with you that the
Leo Bicknell wrote:
...
But, when DHCPv6 was developed the great minds of the world decided
less functionality was better. There /IS NO OPTION/ to send a default
route in DHCPv6, making DHCPv6 fully dependant on RA's being turned on!
So the IETF and other great minds have totally removed the
Daniel Senie wrote:
...
No, the decision was to not blindly import all the excess crap from
IPv4. If
anyone has a reason to have a DHCPv6 option, all they need to do is
specify
it. The fact that the *nog community stopped participating in the
IETF has
resulted in the situation where
Leo Bicknell wrote:
...
The last time I participated a working group chair told me operators
don't know what they are talking about and went on to say they should
be ignored.
So did you believe him and stop participating? Seriously, the -ONLY- way
the IETF can be effective is for the ops
Randy Bush wrote:
The fact that the *nog community stopped participating in the IETF
has
resulted in the situation where functionality is missing, because
nobody
stood up and did the work to make it happen.
the ops gave up on the ietf because it did no good to participate. so
the
While I appreciate Bill's attempt to raise attention to the draft, I needed
to update it anyway with the intent to greatly simplify things and hopefully
clarify at the same time. Given the interest level in this thread, I will
ask for comments here before publishing the updated I-D.
Replace intro
-Original Message-
From: Doug Barton [mailto:do...@dougbarton.us]
Sent: Monday, May 09, 2011 12:11 PM
To: Jared Mauch
Cc: nanog@nanog.org; Arie Vayner
Subject: Re: Yahoo and IPv6
On 05/09/2011 10:27, Jared Mauch wrote:
I do feel the bar that Yahoo is setting is too high. There
Igor Gashinsky wrote:
:: In any case, the content side can mitigate all of the latency
related issues
:: they complain about in 6to4 by putting in a local 6to4 router and
publishing
:: the corresponding 2002:: prefix based address in DNS for their
content. They
:: choose to hold their
John Levine wrote:
Right. Spam filtering depends on heuristics. Mail from hosts without
matching forward/reverse DNS is overwhelmingly bot spam, so checking for
it is a very effective heuristic.
Leading digit is clearly in widespread use beyond 3com 1and1. One of the most
effective
Lee Howard wrote:
...
There is obviously a long tail of ip4 destinations, but nearly all
of 500 of the Alexa global 500 have ip6 listeners,
Do you have a data source for that? I see no indication of IPv6
listeners on 85% of the top sites.
A slightly different metric, 44% of USA
-Original Message-
From: Owen DeLong [mailto:o...@delong.com]
Sent: Friday, November 22, 2013 12:16 PM
To: joel jaeggli
Cc: valdis.kletni...@vt.edu; Tony Hain; NANOG List
Subject: Re: NAT64 and matching identities
It would be way more than 2 if it were CNAME, methinks.
Owen
On Nov 22
. In other words, there are more dead names than there are
records, and there are not any IPv6-only sites in that group.
Tony
-Original Message-
From: Owen DeLong [mailto:o...@delong.com]
Sent: Friday, November 22, 2013 1:48 PM
To: Tony Hain
Cc: joel jaeggli; valdis.kletni...@vt.edu
file points to names that do not serve web content, so the entire 'top
1M' list is suspect.
Tony
-Original Message-
From: Tony Hain [mailto:alh-i...@tndh.net]
Sent: Friday, November 22, 2013 3:50 PM
To: 'Owen DeLong'
Cc: sherfe...@amazon.com; 'NANOG List'
Subject: RE: NAT64
Ricky Beam wrote:
On Fri, 29 Nov 2013 08:39:59 -0500, Rob Seastrom r...@seastrom.com
wrote:
So there really is no excuse on ATT's part for the /60s on uverse
6rd...
Except for a) greed (we can *sell* larger slices) and b) demonstrable
user
want/need.
How many residential, home networks,
Brian Dickson wrote:
And root of the problem was brought into existence by the insistence
that every network (LAN) must be a /64.
Get your history straight. The /64 was an outcome of operators deciding
there was not enough room for hierarchy in the original proposal for the
IPv6 address as 64
(Yes this is a top post ... get over it)
Thank you Leo for doing such a great job in this scenario of explaining why
acronym familiarity has much more to do with people's entrenched positions,
than the actual network manageability they claim to be worried about. The
hyperbolic nonsense in
Ryan Harden wrote:
...
IMO, being able to hand out gateway information based on $criteria via
DHCPv6 is a logical feature to ask for. Anyone asking for that isn't
trying to tell
you that RA is broken, that you're doing things wrong, or that their way
of
thinking is more important that yours.
-Original Message-
From: Notify Me [mailto:notify.s...@gmail.com]
Sent: Thursday, February 06, 2014 4:54 AM
To: Aled Morris
Cc: nanog@nanog.org; Martin Hotze
Subject: Re: Need trusted NTP Sources
Raspberries! Not common currency here either, but let's see!
While I would be using
I have found the scaling is better if you make it the abusing providers problem
to contact you. Whenever a range gets blocked, the bounce message tells the
mail originator to take their money and find a new hosting provider that does
not support/tolerate spam. When legitimate originators have
Randy wrote:
I've enjoyed kernel hot patches (ksplice) until now.
So my primary concern is that updates to systemd appears to require a full
reboot:
http://forums.fedoraforum.org/showthread.php?t=300166
Is systemd really like a 2nd 'kernel' -- demanding mass reboots every time
a
-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Bob Evans
Sent: Thursday, December 11, 2014 7:30 AM
To: nanog@nanog.org
Subject: Re: Comcast thinks it ok to install public wifi in your house
I think it's more than AC power issuewho knows what
Randy Bush wrote:
but you can't move packets on pieces of paper.
Or can you? RFC's 6214 2549 1149
;)
From: Lorenzo Colitti [mailto:lore...@colitti.com]
Sent: Tuesday, June 09, 2015 11:47 PM
To: Tony Hain
Cc: Mikael Abrahamsson; Chris Adams; NANOG
Subject: Re: Android (lack of) support for DHCPv6
On Wed, Jun 10, 2015 at 3:38 PM, Tony Hain alh-i...@tndh.net wrote:I claim
-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Mikael
Abrahamsson
Sent: Tuesday, June 09, 2015 10:39 PM
To: Chris Adams
Cc: nanog@nanog.org
Subject: Re: Android (lack of) support for DHCPv6
On Tue, 9 Jun 2015, Chris Adams wrote:
Android devices
Bob Evans wrote:
Our fundamental issue is that an IPv4 address has no real value as
networks
still give them away, it's pennies in your pocket. Everything of use needs
to
have a cost to motivate for change. Establishing that now won't create
change it will first create greater conservation.
Ray Soucy wrote:
Respectfully disagree on all points.
The statement that Android would still not implement DHCPv6 NA, but it would
implement DHCPv6 PD. is troubling because you're not even willing to
entertain the idea for reasons that are rooted in idealism rather than
pragmatism.
In
Ray Soucy wrote:
I don't really feel I was trying to take things out of context, but the full
quote
would be:
If there were consensus that delegating a prefix of sufficient size via
DHCPv6 PD of a sufficient size is an acceptable substitute for stateful
IPv6 addressing in the environments
-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of
Christopher Morrow
Sent: Monday, June 01, 2015 7:24 AM
To: Matt Palmer
Cc: nanog list
Subject: Re: AWS Elastic IP architecture
On Mon, Jun 1, 2015 at 1:19 AM, Matt Palmer mpal...@hezmatt.org
wrote:
snip
What I read in your line of comments to Owen is that the service only does
a header swap once and expects the application on the VM to compensate.
In that case there is an impact on the cost of deployment and overall utility.
'compensate' ? do you mean 'get some extra information
Hugo Slabbert wrote:
snip
On this given point, though: Facebook -ne generic hosting platform
True, but it does represent a business decision to choose IPv6. The relevant
point here is that the NEXT facebook/twitter/snapchat/... is likely being
pushed by clueless investors into outsourcing
David,
While I agree with you that there is no excuse for the general IPv6 brokenness
across all vendors, they are just doing what participants on lists like this
one tell them. NameShame may help a little, but until a large number of people
get serious and stop prioritizing IPv4 in their
-Original Message-
From: christopher.mor...@gmail.com
[mailto:christopher.mor...@gmail.com] On Behalf Of Christopher Morrow
Sent: Monday, June 01, 2015 5:10 PM
To: Tony Hain
Cc: Hugo Slabbert; Matt Palmer; nanog list
Subject: Re: AWS Elastic IP architecture
On Mon, Jun 1, 2015
There is prior art here, and likely patents held by HP
http://tools.ietf.org/html/draft-bound-dstm-exp-04
-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Baldur
Norddahl
Sent: Monday, July 13, 2015 10:10 AM
To: nanog@nanog.org
Subject: Fwd: Overlay
Owen DeLong wrote:
I vote for a /24 lotto to get rid of the rest!
That would take too long to get organized. Just suspend fees and policy
requirements and give one to each of the first 400 requestors. Overall it
would reduce costs related to evaluating need, so the lack of fee income
would not
Joe Maimon wrote:
Jared Mauch wrote:
This isn’t really a giant set of naysayers IMHO, but there is enough
embedded logic in devices that it doesn’t make that much sense.
Enough to scuttle all previous drafts.
linux
a little google comes up with this
Randy Bush wrote:
I am not ... It is long past time to move on, so getting rid of the
distraction might help with those still holding out hope.
i think that is unfair to the ipv6 fanboys (and girls). ipv6 use is
increasing
slowly. i bet it hits 10% by the time we retire.
Are you
George Metz wrote:
snip
Split the difference, go with a /52
That's not splitting the difference. :) A /56 is half way between a
/48 and a /64. That's 256 /64s, for those keeping score at home.
It's splitting the difference between a /56 and a /48. I can't imagine short
of
I have had a consistent 10ms offset on a set of servers for the last 5 years.
After extensive one-way tracing, it turns out there is a 20ms asymmetry
within the Seattle Westin colo between HE Comcast, causing all the IPv6
peers appearing over the HE tunnel to be 10ms offset from everything
Ricky Beamwrote:
On Wed, 15 Jul 2015 22:32:19 -0400, Mark Andrews ma...@isc.org wrote:
You can blame the religious zealots that insisted that everything DHCP
does has to also be done via RA's.
I blame the anti-DHCP crowd for a lot of things. RAs are just dumb.
There's a reason IPv4 can do
Mel Beckman wrote:
Owen,
By the same token, who 30 years ago would have said there was anything
wrong with giving single companies very liberal /8 allocations?
Actually 30 years ago it was very difficult to get a /8 even for a US Gov
organization. I have firsthand experience with being
Dovid Bender wrote:
> I would. Once I see legal stuff I know to stop reading. It does not hurt
> anyone. Not sure why this hurts so much. Some things will remain a
> mystery.
>
No mystery ... It wastes bits that could otherwise be used to watch cat videos.
;)
Tony
Keenan Tims wrote:
> To: nanog@nanog.org
> Subject: Re: Binge On! - And So This is Net Neutrality?
>
> I'm surprised you're supporting T-Mob here Owen. To me it's pretty
> clear: they are charging more for bits that are not streaming video.
> That's not neutral treatment from a policy
Ca By wrote:
> On Tuesday, June 7, 2016, chris wrote:
>
> > it really feels alot like what net neutrality was supposed to avoid.
> > making a policy where there is different treatment of one set of bits
> > over another
> >
> > "your ipv6 bits are bad but if you turn it off
Matthew,
I was not complaining about the business model, or the need to comply with
content provider requirements. The issue is the pathetic implementation choice
that Netflix made when a trivial alternative was available. I agree that
setting up rwhois and trusting the 3rd party tunnel
Matt Palmer wrote:
> On Thu, Jul 07, 2016 at 06:36:23PM -0700, Ca By wrote:
> > On Thursday, July 7, 2016, Spencer Ryan wrote:
> >
> > > Dotted-quad notation is completely valid, and works fine.
> > >
> > > https://en.wikipedia.org/wiki/IPv6_address#Presentation
> > >
> > >
83 matches
Mail list logo