North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: large multi-site enterprises and PI prefix [Re: who gets a /32[Re: IPV6 renumbering painless?]]

  • From: Owen DeLong
  • Date: Mon Nov 22 13:59:53 2004

I have worked for multiple enterprises where both of the statements below
were false. There are many enterprises which run their own backbones,
have internet access at some subset of their sites, and, backhaul all
traffic on their own backbone to enforce policy at the internet borders.
Some of them use internet based VPNs as part of their backbone, but, in
those cases, most have forced ALL traffic leaving the site through the VPN,
so, users at the site have no direct or independent internet access. The
VPN terminators are, in those cases, usually on PA space. The office network
is usually either RFC-1918 or PI space depending on the enterprise.
All of the enterprises with which I am familiar would prefer PI space to
RFC-1918, but, because of IPv4 limitations, some accepted 1918. Most will
not accept a 1918-like solution in v6.

I cannot name the enterprises because of NDA issues, but, there are at least
10 that I know of that expect to go to PI space in v6.

Owen


--On Monday, November 22, 2004 8:24 PM +0200 Pekka Savola <[email protected]> wrote:

On Sun, 21 Nov 2004 [email protected] wrote:
This seems to imply several things:
 - when having lots of sites, you typically want to obtain local
   Internet connectivity, because transporting all the traffic over
   links or VPNs is a pretty heavy business
	this is an assertion which many have claimed is false.
	based on empericial evidence.

 - you don't want to backhaul all the traffic in the internal network
   / VPNs, so you'll either need to announce a lot of more specifics
   or use IP addresses from local internet providers
	this is also an assertion based on false premise.
Care to offer a couple of examples of this empirical evidence ?

--
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

--
If it wasn't crypto-signed, it probably didn't come from me.

Attachment: pgp00063.pgp
Description: PGP signature