Re: who gets a /32 [Re: IPV6 renumbering painless?]

[Nils Ketelsen <nils.ketelsen () kuehne-nagel com>]

On Sat, Nov 20, 2004 at 11:34:07AM -0600, Stephen Sprunk wrote:

> > That's right. If you need internet access, you need it to be faster than 
> > 16 kbps.
>
> Who said the only purpose of IP was to connect to the Internet?  16kbps is 
> the lowest I've seen only because that's the smallest you can buy in the FR 
> world (Sprint's 0kbps PVCs aside).  Many businesses were fine (and still 

4k and 8k PVCs are available (and in use) in some regions. I have seen
them in Africa and southern Asia mainly.


> > As far as I can tell, it's pretty rare for an organization of this size to 
> > have
> > their own IP network that they use to connect all their sites to the 
> > global
> > internet, for the simple reason that leased lines, framerelay or ATM

It is quite possible to use these links to connect sites
to the internet. Not for surfing mp3-sites maybe, but having a
terminal session to some other business partners
machine. The corporate mainframe world allows for many things on small
bandwidth, even if some providers don't like it. ;-)

> > capacity is generally more expensive than IP connectivity.
>
> At higher bw levels, that might be true, but at sub-T1 rates FR/ATM are 
> often cheaper to build your own network and certainly offer lower latency 
> and higher reliability; ditto for outside major cities, where FR/ATM 
> typically offers a zero-mile loop whereas IP connections may need to be 
> backhauled a hundred miles or more.  If T1 Internet pipes are cheaper at a 

Servicelevels on the Internet suck. Thats the main reason not to use
it for anything important. If my frame-connection fails I open my hand and
my provider pays a lot until it works again. If "the Internet fails", I
have no one I can squeeze the money out of.

That massively increases a FR-Providers motivation to have their network
running. Penalties can never make up for a lost connection (no
provider has enough cash at hand) but it is a nice PART (P=Provider).

> particular location, some people may choose to tunnel their corporate 
> network over it, but that is typically _all_ traffic, not just internal 
> traffic.

Centralized Internetgateways are common practice. Everything has to go
through these (and their filters, Virus Scanners, whatnot). 

> There's also a security motivation as well: it's much simpler to maintain a 
> couple firewalls at central sites (with technical staff present) than to 
> manage thousands out at every site with a handful or even zero human users 
> which may not even be allowed Internet access in the first place.

Especially with users having physical access to the firewalls.
Securitywise you do not want that, but if you have internetaccess in
each location users can just bypass the firewall too easily. 

With a framerelay network they can plug in something else to the
wall but won't get anywhere else then with their normal equipment, so they
do not do it due to the lack of advantage.


Nils