who gets a /32 [Re: IPV6 renumbering painless?]

Sat Nov 20 18:05:28 UTC 2004

Thus spake "Paul Vixie" <vixie at vix.com>
> stephen at sprunk.org ("Stephen Sprunk") writes:
>> > isc is multihomed, so it's difficult to imagine what isp we could have
>> > taken address space from then, or now.
...
>> Some fear that you would more likely just generate a ULA, use that
>> internally, and NAT at the borders.  Or maybe you'd stick with IPv4
>> RFC1918 space internally and NAT to IPv6 PA space at your borders.
>
> the internet endpoint type trend is toward SOHO and dsl/cable, and the
> provider trend is toward gigantic multinational.  companies who build
> their own networks tend to find that the cheapest interoffice backhaul
> is IP-in-IP VPN's.  thus is the old model of a 1000-person company buying
> a T1 transit connection moving toward the margins.

I'm not experienced with the 1000-person companies; the work I've done is 
for companies 20 to 100 times that size, so maybe my perception is skewed.

SoHo and residential users are definitely a growing percentage of the 
Internet connection count, but I think they're still a minority of _hosts_ 
which have Internet connectivity.  Enterprises can have tens or hundreds of 
thousands of hosts behind a single T1 or T3, and may expose only a handful 
of PA addresses due to NAT.  Large universities are similar, except legacy 
allocations mean they usually don't need NAT.

I've also seen a strong tendency in enterprises to backhaul even external 
traffic on IP VPNs, so that even users with a "local" Internet pipe have to 
go through the corporate firewalls to reach the outside world (if that's 
even allowed).

> as i continue to research my own premises, i find that the style of
> internetworking practiced at isc, which precludes PA space due to
> multihoming and due to possible renumbering penalties,

So are you saying that if ISC had not gotten a legacy PI allocation, you 
wouldn't be using IPv6?  Or that you wouldn't be able to design your network 
the way you'd want to, but would still use IPv6 anyways?

> is becoming quite rare as a percentage
> of the total number of network owners and the total number of endpoints
> thus interconnected.  it's sad but it's true and it gives cause to ponder
> the future of enabling technologies like internet exchange points.

I've run into very few enterprises that know they'd even be allowed to join 
an IX, much less actually interested in doing so.  They'd rather pay one or 
two companies to drop big, fat pipes into their datacenter and collect on 
SLAs when something goes wrong.  Very few, even in the Fortune 100, have the 
staff to handle their own BGP configs and keep things running smoothly. 
Humans cost more money than they'd probably save on transit, and the money 
often comes out of different pockets anyways.

I see IXes (IXen?) as a solution for providers, not end-sites.  With the 
relatively lax IPv6 PI policies for providers, the threat to IXes is 
minimal.

> this may yet lead to a mechanism for qualifying multihomed network 
> builders
> to get PI space, since they'll be rare enough to have a low impact on the
> global routing table.

We'll see what the reaction is on PPML.  Based on the number of origin-only 
ASes in yesterday's Routing Table Report, we should expect to see about 16k 
prefixes from multihomed end-sites if adoption in IPv6 matches that in IPv4.

> on the other hand, transit-provider lock-in is not officially recognized 
> as
> having any bearing on any RIR policy in any region; if that continues to
> be the case, the rare kind of network i'm most familiar with will continue
> to use ipv4 or will only use ipv6 via something like ULA's.  what this
> may mean is that approving ULA's will make the situation better, since
> network owners will otherwise just pirate unused space at random.  with
> ULA's we'll at least have a chance to trace leaks and try to make
> BCP38 happen in more places.

Agreed.

S

Stephen Sprunk         "God does not play dice."  --Albert Einstein
CCIE #3723         "God is an inveterate gambler, and He throws the
K5SSS        dice at every possible opportunity." --Stephen Hawking 