nanog mailing list archives
Re: FTTH CPE landscape
From: PC <paul4004 () gmail com>
Date: Thu, 4 Aug 2011 17:49:48 -0600
IPSEC Not so common. At least it's easy enough for them to be the initiator, in most cases, and IPSEC NAT-T works great. Much more common application would include PC gamers, xbox live, remote desktop, slingbox, windows home server, and torrents. Granted, some of these support UPNP (if your router does too...), but others simply do not do so as easily, or prefer a more static external access solution. On Thu, Aug 4, 2011 at 5:08 PM, Dan Armstrong <dan () beanfield com> wrote:
On 2011-08-04, at 6:43 PM, Owen DeLong <owen () delong com> wrote:On Aug 4, 2011, at 2:55 PM, Dan White wrote:On 04/08/11 14:32 -0700, Owen DeLong wrote:On Aug 4, 2011, at 2:08 PM, Jay Ashworth wrote:----- Original Message -----From: "Owen DeLong" <owen () delong com>On Aug 4, 2011, at 8:35 AM, Jay Ashworth wrote:- Generic consumer grade NAT/FirewallHobby horse: please make sure it support bridge mode? Those of uswhowant to put our own routers on the wire will hate you otherwise.Why? As long as it can be a transparent router, why would it need to be a bridge?Ask a Verizon FiOS customer who wants to run IPv4 VPNs. He didn't say IPv6 only, right? I have a couple of customers who can't get bridge mode on residenceFiOSservice, and therefore can't run their own routers to terminate IPsec.If they could get routed static IPv4 rather than bridge, why wouldn'ttheybe able to terminate IPSec VPNs? Note I did say TRANSPARENT router. That would mean no NAT and routed static IPv4.For residential use, for users currently requesting one public address, that's a waste of a /30 block (sans routing tricks requiring higher end customer equipment). Multiply that by the number of residentialcustomersyou have and that's bordering on mismanagement of your address space.You say waste, I say perfectly valid use.If you're dealing with business customers, then your usage versus wasted ratio is much higher and less of a concern, but what's the point? Areyoutrying to cut down on a large broadcast domain?Why is it less of a waste to allocate a /30 to a business using a singlepublicIP than it is to a residence? This makes no sense to me. I simply prefer the additional troubleshooting and other capabilitiesgivento me in a routed environment in most cases. OwenRealistically, how many home Internet consumers terminate IPSec VPNs? It seems kind of silly to engineer a network around a tiny fraction of less than 1% of the population, doesn't it?
Current thread:
- FTTH CPE landscape Jason Lixfeld (Aug 04)
- Re: FTTH CPE landscape Jay Ashworth (Aug 04)
- Re: FTTH CPE landscape Owen DeLong (Aug 04)
- RE: FTTH CPE landscape Nathan Eisenberg (Aug 04)
- Re: FTTH CPE landscape Jay Ashworth (Aug 04)
- Re: FTTH CPE landscape Owen DeLong (Aug 04)
- Re: FTTH CPE landscape Dan White (Aug 04)
- Re: FTTH CPE landscape Scott Helms (Aug 04)
- Re: FTTH CPE landscape Owen DeLong (Aug 04)
- Re: FTTH CPE landscape Dan Armstrong (Aug 04)
- Re: FTTH CPE landscape PC (Aug 04)
- Re: FTTH CPE landscape Owen DeLong (Aug 04)
- Re: FTTH CPE landscape Scott Helms (Aug 05)
- Re: FTTH CPE landscape Jay Ashworth (Aug 05)
- Re: FTTH CPE landscape PC (Aug 05)
- Re: FTTH CPE landscape Owen DeLong (Aug 04)
- Re: FTTH CPE landscape Jay Ashworth (Aug 04)
- Re: FTTH CPE landscape Cutler James R (Aug 04)
- Re: FTTH CPE landscape Scott Helms (Aug 05)
- Re: FTTH CPE landscape Owen DeLong (Aug 05)
- Re: FTTH CPE landscape Scott Helms (Aug 05)
- RE: FTTH CPE landscape Jamie Bowden (Aug 05)
- Re: FTTH CPE landscape Valdis . Kletnieks (Aug 04)