FTTH CPE landscape
Dan Armstrong
dan at beanfield.com
Thu Aug 4 23:08:30 UTC 2011
On 2011-08-04, at 6:43 PM, Owen DeLong <owen at delong.com> wrote:
>
> On Aug 4, 2011, at 2:55 PM, Dan White wrote:
>
>> On 04/08/11 14:32 -0700, Owen DeLong wrote:
>>>
>>> On Aug 4, 2011, at 2:08 PM, Jay Ashworth wrote:
>>>
>>>> ----- Original Message -----
>>>>> From: "Owen DeLong" <owen at delong.com>
>>>>
>>>>> On Aug 4, 2011, at 8:35 AM, Jay Ashworth wrote:
>>>>>
>>>>>>> - Generic consumer grade NAT/Firewall
>>>>>>
>>>>>> Hobby horse: please make sure it support bridge mode? Those of us who
>>>>>> want to put our own routers on the wire will hate you otherwise.
>>>>>
>>>>> Why? As long as it can be a transparent router, why would it need to
>>>>> be a bridge?
>>>>
>>>> Ask a Verizon FiOS customer who wants to run IPv4 VPNs.
>>>>
>>>> He didn't say IPv6 only, right?
>>>>
>>>> I have a couple of customers who can't get bridge mode on residence FiOS
>>>> service, and therefore can't run their own routers to terminate IPsec.
>>>>
>>> If they could get routed static IPv4 rather than bridge, why wouldn't they
>>> be able to terminate IPSec VPNs? Note I did say TRANSPARENT router.
>>> That would mean no NAT and routed static IPv4.
>>
>> For residential use, for users currently requesting one public address,
>> that's a waste of a /30 block (sans routing tricks requiring higher end
>> customer equipment). Multiply that by the number of residential customers
>> you have and that's bordering on mismanagement of your address space.
>>
> You say waste, I say perfectly valid use.
>
>> If you're dealing with business customers, then your usage versus wasted
>> ratio is much higher and less of a concern, but what's the point? Are you
>> trying to cut down on a large broadcast domain?
>>
> Why is it less of a waste to allocate a /30 to a business using a single public
> IP than it is to a residence? This makes no sense to me.
>
> I simply prefer the additional troubleshooting and other capabilities given
> to me in a routed environment in most cases.
>
> Owen
>
Realistically, how many home Internet consumers terminate IPSec VPNs?
It seems kind of silly to engineer a network around a tiny fraction of less than 1% of the population, doesn't it?
More information about the NANOG
mailing list