Re: who gets a /32 [Re: IPV6 renumbering painless?]
you are drastically misunderstanding my hopes, my goals, and my role.
Please explain them then.
briefly, because i consider myself off-topic and sue probably does also. the problem statement answered by the ipngwg was wrong. they thought they were supposed to "solve the shortage of address space problem", but that wasn't the most serious problem then (and is not now). the right problem statement would be to "solve the shortage of PORTABLE address space problem". note the insertion of the word "portable" before "address space". the big problem in 1992 and the big problem now is that a wal-mart corporate desktop will either have an ambigious address (behind a NAT), or a hard-to-renumber isp-price-locked address (provider assigned), or a takes-a-slot-in-the-global routing-table address (provider independent). three strikes and you're out! none of those three things is acceptable, not even as a compromise. i have not looked in on the multi6 wg this year. my bad. perhaps you've come up with a fourth alternative, or a way of softening one of the three existing alternatives to the point where its benefits outweigh its costs. but everything i've actually looked at either resolves the cost/benefit in favour of some minority of which neither isc nor wal-mart is a part, or which would have been equally applicable to ipv4 such that all we needed was the gimmick itself, not 128-bit addresses, if only we'd been willing to pay this much pain back before ipngwg's work was complete. ipng needed rapid renumbering, including renumbering tcp endpoints realtime and including multihoming where you can add and delete PA interface addresses whe way commercial RAID vendors add and delete disk drives. the people in putative "charge" of this said either (a) they didn't agree, (b) they didn't understand, or (c) they didn't have time to add more requirements. now it's 2004 and lo and behold, the problems of 1992 are still with us, but now we have better terminology to describe them. you can be locked into a provider's pricing and service quality; or you can run NAT; or you can find a way to get your own slot in the global routing table. we have the same shortage of portable addresses now that we had in 1992, even though we have increased the overall supply of address space by a factor of 2**96. if multi6 offers a fourth alternative, it would probably also have worked with ipv4, in which case why did we spend years working on 128-bit addressing? i strongly believe that the isp community who pays ARIN's bills will decide that the best way to grow the industry is to let folks like ford and wal-mart have their own /32's, and that there will be a spectrum of r e n u m b e r i n g d i f f i c u l t y easy--------------------------moderate------------------------impossible with PA+NAT on the left (home dsl, cable); wal-mart and ford on the right with endsystem PI, and folks like isc in the middle, doing some kind of multi6 thing, whose costs while high will be lower than the renumbering penalty. since the arin BoT has no policy formation role, i'm expecting to be able to voice an opinion that weighs exactly as much as everybody else's, and to vote ultimately on whatever the policy formation function comes up with. so there. those are my views. aren't you glad you asked?
It's wrong if these issues that have global impact are decided regionally.
yes. i understand that the acid rain people, the ozone layer people, the ice cap people, the whale people, and the ocean oxygen level people, all have that same complaint. human nature on a grand scale isn't always pretty.
On Mon, 2004-11-22 at 16:53 +0000, Paul Vixie wrote:
you are drastically misunderstanding my hopes, my goals, and my role.
Please explain them then.
briefly, because i consider myself off-topic and sue probably does also.
The off-topicness is most likely only as this is an enduser/site problem.
the problem statement answered by the ipngwg was wrong. they thought they were supposed to "solve the shortage of address space problem", but that wasn't the most serious problem then (and is not now). the right problem statement would be to "solve the shortage of PORTABLE address space problem". note the insertion of the word "portable" before "address space". the big problem in 1992 and the big problem now is that a wal-mart corporate desktop will either have an ambigious address (behind a NAT), or a hard-to-renumber isp-price-locked address (provider assigned), or a takes-a-slot-in-the-global routing-table address (provider independent). three strikes and you're out! none of those three things is acceptable, not even as a compromise.
The current solution I see for this is still IPv6. Except that one moves the complete 'Independence' problem a layer higher. Enter: HIP: Host Identity Protocol: http://www.ietf.org/html.charters/hip-charter.html I've looked quite a bit at the various 'solutions' that got offered by folks and came to the conclusion that HIP, and don't mind any related protocols, are one of the very plausible solutions. Say we have 50k ISP's worldwide, they get a /32 or so from the RIR's and announce it. ISP is here 'a network not used by users' aka 'only routers', the ISP could of course take a /48 out of their /32 and be a client of themselves. Any organization can then use one or more /48's from one or more (upstream) ISP's in combination with HIP. Problem solved. There is one issue though that comes forth: a large organization, say Shell, will get quite a number of /48's. An /48 per site as allocated from the ISP that is serving them at that moment. If one wants to do firewalling or make other assumptions based on the prefix you will have quite a hell of a time updating them, certainly in such a large organization. Then again, what are those folks doing who are being called managers ? :) No connectivity to the internet? -> use ULA, quick, easy, cheap. Greets, Jeroen
No connectivity to the internet? -> use ULA, quick, easy, cheap.
ULA leaves a bad taste for a number of reasons, some of which have seen some discussion. What has not occured, and seems to be a major tenent of the ULA zelots, is how conflict resolution is to be done. if ULA is sufficent, in and of itself, then why do we need to have all the rest of the 128bits of space? if ULA users ever have a conflict (and yes, they will) how will the conflict be resolved? and then there is the nasty delusion of "Internet"... protestations to the contrary, the VSNL view of the "Internet" is vastly different than the US DOD view of the "Internet", is vastly different than the GE view, is different than the AS 701 view, is different than the Chinese R&E Network (CERN) view.... which one(s) count? Policy routing dictates that there is no such thing as a "global" routing table... For me, as long as I have IP reachability to those folks whom I want or need to talk to, I could care less about the "rest" of the folks using IP to move datagrams about ...
Greets, Jeroen
Thus spake <bmanning@vacation.karoshi.com>
No connectivity to the internet? -> use ULA, quick, easy, cheap.
ULA leaves a bad taste for a number of reasons, some of which have seen some discussion. What has not occured, and seems to be a major tenent of the ULA zelots, is how conflict resolution is to be done.
if ULA is sufficent, in and of itself, then why do we need to have all the rest of the 128bits of space?
You need some bits at the top to denote the ULA portion of the address space, you need bits at the bottom for the host address, and you need bits in the middle for internal network structure. Consensus was that 40 bits was enough for the "unique" portion of the prefix. ULAs were not intended to solve all problems, just like neither link-local, PA, or PI addresses do not solve all problems by themselves.
if ULA users ever have a conflict (and yes, they will) how will the conflict be resolved?
There is negligible chance of conflict between any two parties thanks to the 40-bit prefix space, and the odds of collision are still neglibigble even when hundreds of networks are interconnected. Sure, sooner or later two networks will happen to generate the same prefix. When that happens -- and assuming those networks want to talk to each other, one of them simply generates a new prefix and renumbers. This is a significantly better situation than with RFC1918 (or SLAs) where a collision is _guaranteed_.
and then there is the nasty delusion of "Internet"... protestations to the contrary, the VSNL view of the "Internet" is vastly different than the US DOD view of the "Internet", is vastly different than the GE view, is different than the AS 701 view, is different than the Chinese R&E Network (CERN) view.... which one(s) count? Policy routing dictates that there is no such thing as a "global" routing table...
There are clearly many parts of the Internet that are "private" and one large part in the middle that is clearly "public". ULAs are intended to only be used within the "private" parts or even totally disconnected IP networks.
For me, as long as I have IP reachability to those folks whom I want or need to talk to, I could care less about the "rest" of the folks using IP to move datagrams about ...
Exactly. However, the scope of who you want/need to talk to dictates what sort of addresses you need (with the current routing architecture) and where you get them. S Stephen Sprunk "Stupid people surround themselves with smart CCIE #3723 people. Smart people surround themselves with K5SSS smart people who disagree with them." --Aaron Sorkin
Sure, sooner or later two networks will happen to generate the same prefix. When that happens -- and assuming those networks want to talk to each other, one of them simply generates a new prefix and renumbers. This is a significantly better situation than with RFC1918 (or SLAs) where a collision is _guaranteed_.
unmanaged delegations _will_ create collisions. and the problem is not when these sites want to talk w/ each other, its when your packets go to (one) of the other places using the identical prefix.
and then there is the nasty delusion of "Internet"... protestations to the contrary, the VSNL view of the "Internet" is vastly different than the US DOD view of the "Internet", is vastly different than the GE view, is different than the AS 701 view, is different than the Chinese R&E Network (CERN) view.... which one(s) count? Policy routing dictates that there is no such thing as a "global" routing table...
There are clearly many parts of the Internet that are "private" and one large part in the middle that is clearly "public". ULAs are intended to only be used within the "private" parts or even totally disconnected IP networks.
that model -might- have been accurate once, but has not been an accurate representation for several years. there is no middle,
For me, as long as I have IP reachability to those folks whom I want or need to talk to, I could care less about the "rest" of the folks using IP to move datagrams about ...
Exactly. However, the scope of who you want/need to talk to dictates what sort of addresses you need (with the current routing architecture) and where you get them.
the "scope" of who I want to talk to varies over time. just because the list of folks I want to talk to does not intersect w/ yours does not give you the right to tell me that I must use "private" or ULA or site-local addresses. we should each be able to be delegated address space which has -zero- chance of collison w/o a means to arbitrate. ULAs have no defined arbitration technique defined, other than through the legal system. RIR managed space has the arbitration technique as an intergral component of the delegation process. roughly - ULA == the lawless west RIR == civilized society -IF- ula space is ever approved, my advice to all transit providers is to never filter it.
S
Stephen Sprunk "Stupid people surround themselves with smart CCIE #3723 people. Smart people surround themselves with K5SSS smart people who disagree with them." --Aaron Sorkin
On 22-nov-04, at 17:53, Paul Vixie wrote:
so there. those are my views. aren't you glad you asked?
Sure. It seems to me though, that if renumbering is such a problem, maybe we should deal with it directly rather than dump the fallout in the three most critical parts of the internet machinery.
It's wrong if these issues that have global impact are decided regionally.
yes. i understand that the acid rain people, the ozone layer people, the ice cap people, the whale people, and the ocean oxygen level people, all have that same complaint. human nature on a grand scale isn't always pretty.
Well if you feel you need to take your cues from environmental semi-criminals, obviously there isn't much that I can say to stop you. I'm thoroughly unhappy with the way this is handled at RIPE (regardless of the outcome) and I'm not about to go sponsor the airline industry some more in order to experience the same frustration in APNIC, LACNIC and ARIN meetings. If we're going to make stupid decisions we might as well streamline the process to make them as efficiently as possible...
participants (5)
-
bmanning@vacation.karoshi.com -
Iljitsch van Beijnum -
Jeroen Massar -
Paul Vixie -
Stephen Sprunk