large multi-site enterprises and PI prefix [Re: who gets a /32 [Re: IPV6 renumbering painless?]]

• Previous message (by thread): large multi-site enterprises and PI prefix [Re: who gets a /32 [Re: IPV6 renumbering painless?]]
• Next message (by thread): who gets a /32 [Re: IPV6 renumbering painless?]
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I have worked for multiple enterprises where both of the statements below
were false.  There are many enterprises which run their own backbones,
have internet access at some subset of their sites, and, backhaul all
traffic on their own backbone to enforce policy at the internet borders.
Some of them use internet based VPNs as part of their backbone, but, in
those cases, most have forced ALL traffic leaving the site through the VPN,
so, users at the site have no direct or independent internet access.  The
VPN terminators are, in those cases, usually on PA space.  The office 
network
is usually either RFC-1918 or PI space depending on the enterprise.
All of the enterprises with which I am familiar would prefer PI space to
RFC-1918, but, because of IPv4 limitations, some accepted 1918.  Most will
not accept a 1918-like solution in v6.

I cannot name the enterprises because of NDA issues, but, there are at least
10 that I know of that expect to go to PI space in v6.

Owen


--On Monday, November 22, 2004 8:24 PM +0200 Pekka Savola 
<pekkas at netcore.fi> wrote:

>
> On Sun, 21 Nov 2004 bmanning at vacation.karoshi.com wrote:
>>> This seems to imply several things:
>>>  - when having lots of sites, you typically want to obtain local
>>>    Internet connectivity, because transporting all the traffic over
>>>    links or VPNs is a pretty heavy business
>>
>> 	this is an assertion which many have claimed is false.
>> 	based on empericial evidence.
>>
>>>  - you don't want to backhaul all the traffic in the internal network
>>>    / VPNs, so you'll either need to announce a lot of more specifics
>>>    or use IP addresses from local internet providers
>>
>> 	this is also an assertion based on false premise.
>
> Care to offer a couple of examples of this empirical evidence ?
>
> --
> Pekka Savola                 "You each name yourselves king, yet the
> Netcore Oy                    kingdom bleeds."
> Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings



-- 
If it wasn't crypto-signed, it probably didn't come from me.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20041122/a64b7c90/attachment.sig>

• Previous message (by thread): large multi-site enterprises and PI prefix [Re: who gets a /32 [Re: IPV6 renumbering painless?]]
• Next message (by thread): who gets a /32 [Re: IPV6 renumbering painless?]
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]