who gets a /32 [Re: IPV6 renumbering painless?]

Paul Vixie vixie at vix.com
Sat Nov 20 20:45:34 UTC 2004


> > the internet endpoint type trend is toward SOHO and dsl/cable, and the
> > provider trend is toward gigantic multinational.  companies who build
> > their own networks tend to find that the cheapest interoffice backhaul
> > is IP-in-IP VPN's.  thus is the old model of a 1000-person company buying
> > a T1 transit connection moving toward the margins.
> 
> I'm not experienced with the 1000-person companies; the work I've done is 
> for companies 20 to 100 times that size, so maybe my perception is skewed.

i think all oldtimers are skewed.  growth in number of enterprises will be of
the small kind where renumbering isn't so painful.  exceptions where there
is enough size to make renumbering painful won't overflow the routing table
the way the ipv4 "swamp" threatened to do back in the days of 64MB RP cards.

> ... Enterprises can have tens or hundreds of thousands of hosts behind a
> single T1 or T3, and may expose only a handful of PA addresses due to
> NAT.  Large universities are similar, except legacy allocations mean they
> usually don't need NAT.

right.  for all these reasons, large or multihoming endsystems will need V6
PI allocations and at some point the RIRs are going to have to define/allow
this.  (note that i'm not speaking for arin, nor as a member-elect of arin's
board of trustees, i'm just another bozo on this bus.)

> > as i continue to research my own premises, i find that the style of
> > internetworking practiced at isc, which precludes PA space due to
> > multihoming and due to possible renumbering penalties,
> 
> So are you saying that if ISC had not gotten a legacy PI allocation, you
> wouldn't be using IPv6?  Or that you wouldn't be able to design your
> network the way you'd want to, but would still use IPv6 anyways?

the second.  we'd have built a v6 bastion network and put our public
services there and done some kind of overlay thing.  for things like my
desktop, we'd've stuck with ipv4, or we'd've pirated some "site local" ipv6
space.  there is no possibility that any enterprise where i am responsible
for planning or design will ever run PA addresses out to the desktop -- it
makes multihoming impossible, which would leave me at the mercy of a single
provider's uptime, and a single provider's pricing.  no, no, no, and again
i say, "no, that will not be done on my watch."

> > ... it's sad but it's true and it gives cause to ponder the future of
> > enabling technologies like internet exchange points.
> 
> I've run into very few enterprises that know they'd even be allowed to
> join an IX, much less actually interested in doing so.  They'd rather pay
> one or two companies to drop big, fat pipes into their datacenter and
> collect on SLAs when something goes wrong.  Very few, even in the Fortune
> 100, have the staff to handle their own BGP configs and keep things
> running smoothly.  Humans cost more money than they'd probably save on
> transit, and the money often comes out of different pockets anyways.

during my time as president of paix, microsoft and yahoo and google all
decided to try their hand at BGP, and all of them found that they could
manage both risks and costs better by doing it in-house than by buying
transit.  if i were still at paix i'd no doubt have sold a few big banks
and insurance companies on the concept by this time, as equinix is now
doing quite successfully.  i thought this was, and still think this is,
the best possible direction for the ip connectivity community to grow in.
it increases diversity, price pressure, and overall competitiveness.  but
without endsystem PI's for these large multihomers, it's only going to be
the public servers and not the desktops who benefit from this.  treating
enterprise desktops as being "just like the DSL market" is a big mistake,
and if it's not corrected, then equinix and paix/s&d and others like them
are going to see a flattening of their growth.

> I see IXes (IXen?) as a solution for providers, not end-sites.  With the
> relatively lax IPv6 PI policies for providers, the threat to IXes is
> minimal.

i used to love it when people would say that, because it meant i could walk
right past them and take their customers simply by offering an alternative
that the incumbants couldn't even see.
-- 
Paul Vixie



More information about the NANOG mailing list