I have worked for multiple enterprises where both of the statements below were false. There are many enterprises which run their own backbones, have internet access at some subset of their sites, and, backhaul all traffic on their own backbone to enforce policy at the internet borders. Some of them use internet based VPNs as part of their backbone, but, in those cases, most have forced ALL traffic leaving the site through the VPN, so, users at the site have no direct or independent internet access. The VPN terminators are, in those cases, usually on PA space. The office network is usually either RFC-1918 or PI space depending on the enterprise. All of the enterprises with which I am familiar would prefer PI space to RFC-1918, but, because of IPv4 limitations, some accepted 1918. Most will not accept a 1918-like solution in v6. I cannot name the enterprises because of NDA issues, but, there are at least 10 that I know of that expect to go to PI space in v6. Owen --On Monday, November 22, 2004 8:24 PM +0200 Pekka Savola <pekkas@netcore.fi> wrote:
On Sun, 21 Nov 2004 bmanning@vacation.karoshi.com wrote:
This seems to imply several things: - when having lots of sites, you typically want to obtain local Internet connectivity, because transporting all the traffic over links or VPNs is a pretty heavy business
this is an assertion which many have claimed is false. based on empericial evidence.
- you don't want to backhaul all the traffic in the internal network / VPNs, so you'll either need to announce a lot of more specifics or use IP addresses from local internet providers
this is also an assertion based on false premise.
Care to offer a couple of examples of this empirical evidence ?
-- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
-- If it wasn't crypto-signed, it probably didn't come from me.