dsl providers that will route /24

Adrian Chadd adrian at creative.net.au
Fri Mar 30 10:00:07 UTC 2001


On Fri, Mar 30, 2001, David Schwartz wrote:
> 	'Unidirectional VPN' is not an oxymoron. A VPN emulates a private pipe by
> using a public network. A unidirectional VPN emulates a unidirectional
> private pipe using a public network. Sometimes, that's all you need.
> 
> 	For example, suppose you have two offices that each have a /24 from
> different ISPs. You have no private link between them. For some reason, you
> need to have a machine at one location with an IP address from the 'wrong'
> /24. What you'd like to have is a private network between them. Since you
> don't have one, you use a virtual private network.
> 
> 	Obviously, inbound packets to this IP will arrive at the 'wrong' place, so
> you need to tunnel them to the right place. However, outbound packets have
> both source and destination addresses that are valid on the public Internet.
> You could tunnel them, but that would result in increased bandwidth
> consumption and gain you basically nothing.

Having to setup and use your own servers for your customer outbound mail
must be hard. I mean, wouldn't it be much easier just to point
smtp.yourisp at some other large ISP who already have spent the money?

Or news? Heaven forbid if your NNTP server went down, couldn't you
quickly point nntp.yourisp at a large / close ISP so your customers
still had NNTP access? Wouldn't it be nice for ISPs to do that?

AHAHAHAHAHAHAHAHA. Not in todays Internet.

Why isn't it the same with IP? Why does IP have to be unfiltered?
So you have to run a bi-directional VPN in order to get the traffic
*properly encapsulated*. Jesus, if the internet was built by people
like you, we'd have a haphazard, chaotic routing core continuously
flapping and changing topology..

.. oh wait. We do. See what happens when you don't assume everyone
is evil[0] ?



Adrian

[0] This wasn't a poke at the internet pioneers. I just don't think they
    saw the internet being overrun by script kiddies, thats all.

-- 
Adrian Chadd		"The fact you can download a 100 megabyte file
<adrian at creative.net.au>  from half way around the world should be viewed
			    as an accident and not a right."
					-- Adrian Chadd and Bill Fumerola




More information about the NANOG mailing list