[ppml] Re: 2005-1:Multi-national Business Enablement

Jeroen Massar jeroen at unfix.org
Tue May 3 16:05:20 EDT 2005


On Tue, 2005-05-03 at 13:38 -0500, Stephen Sprunk wrote:
> Thus spake "Daniel Roesen" <dr at cluenet.de>
> > On Thu, Apr 28, 2005 at 06:56:04AM -0500, Stephen Sprunk wrote:
> > > IPv6 mandates a particular topology and disallows others
> > > which happen to be in widespread use by IPv4 ISPs.
> >
> > I have problems imagining both. Can you give me an example?
> 
> IPv6 mandates that users must be given a subnet of their own; it is common
> practice with IPv4 to issue individual addresses on a shared subnet to
> reduce waste.  These methods are incompatible.

First thing you should remember: IPv6 is not IPv4, IPv4 is not IPv6.
They look the same they taste the same but they are not the same.

As to your problem: the medium (cable or ethernet) is a shared space, on
which the user in IPv4 land gets an address, statically, or DHCP.
In IPv6 you do the same, assign a /64 to that L2, every user gets an IP
using DHCPv6 or RA's.

Nothing changed here. Upto here you simply expect the endsite to have 1
endpoint.

Now because you are routing to endusers, you must actually expect them
to have more than one device, thus to every endpoint you also route a
separate /48.

Now what is the problem with this again?

> > > It's common for cable, DSL, wireless, and other technologies.
> > > For instance, my landlord provides a straight ethernet connection
> > > into my residence (which is connected to a T1); with DHCP, I
> > > consume only one IP per PC.  For them to offer me an IPv6 /48
> > > or even /64, they'd need to change their IPv4 addressing to a
> > > /30 or shorter for each customer, wasting four addresses for a
> > > customer with one PC.
> >
> > But that's considered perfectly fine use of those addresses, not
> > "waste". Sure, the result are unused addresses, but the way of usage
> > if sound.
> 
> I sincerely hope that ARIN would not approve any request for IPv4 space that
> was based on 80% addressing overhead.  I'm pretty sure that's a policy
> violation; if not, it should be.  We're short enough on IPv4 addresses as it
> is; pissing 80% of them away for aesthetics is irresponsible.

IPv6 is not IPv4. IPv4 is not IPv6.

Or do you consider 48-bit mac addresses also a waste because they will
never all pop up on the same L2 segment? Think about that analogy.

<SNIP>

> > > If that's the topology, then that makes sense.  However, it's not the
> > > dominant topology in the US today.
> >
> > And global IPv6 policies should adapt to US legacy? Or what are you
> > asking for?
> 
> I'm asking that IPv6 policies allow ISPs to roll out IPv6 without having to
> completely reengineer existing IPv4 networks as well as quintuple IPv4
> address requirements.

If you need to reengineer your network because of that, I suggest you go
to some IPv6 class and learn how to do it there, not that you learn
much, because you already know how to solve this problem, you just don't
see it at the moment.

The real problem you seem to be having is that you do not want to give
address space to endusers. Because then you can't have a 'business case'
and letting them pay for more addresses.

Think about this for a second: charge them based on traffic usage, just
like your transits do. They do not charge you based on the number of
IP's you are routing either now are they.

> > [my presumption is that we want to reach global policies, not regional
> > ones for that]
> 
> I thought one of the reasons we have RIRs is that different regions may need
> different policies.  If the RIRs are going to consider themselves hostage to
> decisions made a decade ago by the IETF, there's not much point in having
> RIRs at all; let's give worldwide address allocation back to the goons at
> NSI.

RIRs exist in those regions to be able to help out their local members
better. Never realized that it is easier for Japanese/Korean/Chinese
organizations to be able to talk in their own tongue to their RIR, or do
you want everything to be 'owned & regulated by the US', if you want
that, please sign up with the ITU, they want that too.

> > > > The mantra is "/48, no questions asked, and by default".
> > >
> > > When you consider how that affects the IPv4 topology, that
> > > doesn't make sense in many cases.  If we're going to share
> > > subnets across customers in IPv4, we need to do the same
> > > for IPv6.
> >
> > Not necessarily. You might take it as a starting point to migrate
> > your legacy setup to a possibly better one. :-)
> 
> This is not legacy -- it's current practice for IPv4 and arguably better
> than the alternative for several reasons.  For that matter, I'm willing to
> bet you'd find the same topology in other countries if you looked.
> 
> > But well, I don't care if US ISPs are giving only /64s to their
> > customers. I do enjoy living in EU where I hope that /48s will be the
> > default (a man needs to dream once in a while). *g*
> 
> I also hope that /64s and /48s will be available in the US to those who want
> them, but I'd be much happier getting a few /128s (one per host, via
> autoconfig).  And I say that as a "power user".

And then you change provider and you have to renumber your house, host
per host, fridge by fridge, toy by toy. What kind of poweruser are you?
I am not going to renumber every device individually, I just change my
RA setup on the routers, fix up the firewall rules, fixup DNS and done
in my case. Oh and I changed IPv4 providers twice already and IPv6
blocks three times. 3ffe:8114:2000:240::/60 (tunnel) ->
2001:7b8:300::/48 (tunnel) -> 2001:7b8:20d::/48 (native IPv6 over DSL :)

But because the latter two are both the same size, I did not have to
redo any network numbering, and I could very easily reconfig my routers
to, at first, announce the new prefix, and a week or so later I removed
that prefix, and everything moved on seamlessly ;)

Now if I had /128's, of which I then would have needed 50 separate ones,
really handy for maintaining, I would need to fix up every single toy,
change a lot of firewall rules, not the easy sed script, and other
annoyances.

Also the upstream ISP would have a lot of fun sticking all the reverse
delegations into their nameservers. Not even thinking about RPF and
other such tools.

> Without sensible policies, I won't be getting IPv6 at home (or at work, if
> 2005-1 doesn't pass) at all.  It's not routing or transit in the core that
> we're waiting on now -- it's address policies at the edge.

2005-1 is not for the home. 2005-1 is for organizations (read:
businesses) that have a need for multihoming, that means multiple
separate physical upstreams and a vast userbase and LIR membership.
Or are you going to polute BGP with /128's ?

Greets,
 Jeroen

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 240 bytes
Desc: This is a digitally signed message part
URL: <https://lists.arin.net/pipermail/arin-ppml/attachments/20050503/8c717947/attachment-0001.sig>


More information about the ARIN-PPML mailing list