From: Masataka Ohta Sent: Saturday, September 09, 2000 10:41 PM
Batz;
:Are you saying that there has been some studies done on IPv6 that it :does offer dynamic addressing, authentication and improved security? : :Where can I find it?
I'm assuming you're being facetious.
I* (including but not limited to "I" and "IPv6") are facetious, of course.
??? please clarify ...
If not, how long should we expect to have to tolerate vendor hubris and bad hacks to get around depleted address space?
First, vendors of IPv6 address space should seriously tell vendors of Internet service supply IPv6 service.
Then, vendors of Internet service should seriously tell vendors of routers that they really supply IPv6 capable routers.
And there will be a v6-capable Internet, only after which there will be some good reason, beyond curiosity, to deploy v6 on private production networks.
And then, we can get around depleted address space.
This appears to be a classic chicken and egg issue. Which comes first? I am perfectly willing to deploy private-side IPv6, if I had a reason to do so. Without IPv6 support in the core, there seems little reason to do so. Perhaps, IPv6 substituting for NAT'd space? I don't know if it's even possible. The bottom-line appears that everyone is waiting for everyone else to twitch first, then the shoot-out starts. However, no one is all that interested in twitching. It also appears that everyone seems to be pointing at the legacy /8's whenever the subject of IP allocation shortages come up (with some possible justification). IPv6 seems to be a means of ignoring that problem and everyone knows it. The issue seems to be whether the consensus will allow us to ignore that problem and move on, or rat-hole on that problem while we live with IP rationing. The real question is whom is benefiting from sustaining the current situation?
Roeland;
I'm assuming you're being facetious.
I* (including but not limited to "I" and "IPv6") are facetious, of course.
??? please clarify ...
A '*' character in a regular expression matches anything including a null string, in this case, "", "Pv6" and maybe more.
First, vendors of IPv6 address space should seriously tell vendors of Internet service supply IPv6 service.
Then, vendors of Internet service should seriously tell vendors of routers that they really supply IPv6 capable routers.
And there will be a v6-capable Internet, only after which there will be some good reason, beyond curiosity, to deploy v6 on private production networks.
And then, we can get around depleted address space.
This appears to be a classic chicken and egg issue. Which comes first?
The first one. For the definition of "serious", see draft-ohta-address-allocation-00.txt.
I am perfectly willing to deploy private-side IPv6, if I had a reason to do so.
I am not, because I know I have no reason.
The real question is whom is benefiting from sustaining the current situation?
Good question. Perpaps, the answer includes some people in NIC who want to keep their current power on ISPs. However, if their attempt is successful, NICs will soon be overridden by ITU-T (or its domestic committees) and ISPs by telephone network providers. Masataka Ohta
On Sun, Sep 10, 2000 at 09:03:23PM +0859, Masataka Ohta wrote:
I'm assuming you're being facetious.
I* (including but not limited to "I" and "IPv6") are facetious, of course.
??? please clarify ...
A '*' character in a regular expression matches anything including a null string, in this case, "", "Pv6" and maybe more.
A '*' character in a regular expression makes the preceding item match zero or more times including a null string, in this case, "I". A '*' character in a *shell glob* will match anything including a null string, in this case , "", "Pv6" and maybe more. -- |-----< "CODE WARRIOR" >-----| codewarrior@daemon.org * "ah! i see you have the internet twofsonet@graffiti.com (Andrew Brown) that goes *ping*!" andrew@crossbar.com * "information is power -- share the wealth."
On Sun, 10 Sep 2000, Masataka Ohta wrote: :> I am perfectly willing to deploy private-side IPv6, if I had a reason to :> do so. : :I am not, because I know I have no reason. Thus the reason for the initial question. Something along the lines of whether there would be performance or other incentives to deploy it. :Perpaps, the answer includes some people in NIC who want to keep :their current power on ISPs. Thankyou Noam Chomsky. -- batz Chief Reverse Engineer Superficial Intelligence Research Defective Technologies
Batz;
:> I am perfectly willing to deploy private-side IPv6, if I had a reason to :> do so. : :I am not, because I know I have no reason.
Thus the reason for the initial question. Something along the lines of whether there would be performance or other incentives to deploy it.
There is none. That's why IPv6 deployment should occur first in the public-side with the incentive of an allocation of a lot of (e.g. 16 times the number of subscribers without any usage required) IPv4 addresses as proposed in draft-ohta-address-allocation-00.txt. Masataka Ohta
Batz;
Thus the reason for the initial question. Something along the lines of whether there would be performance or other incentives to deploy it.
As for the performance issue, can someone give me a pointer to *INEXPENSIVE* NAT box which can operate at 100Mbps, or better, 1Gbps? I was asked by ISPs which are beginning to offer 100Mbps Ethernet service to subscribers. My guess is that there is none. Masataka Ohta
On Wed, 13 Sep 2000, Masataka Ohta wrote:
As for the performance issue, can someone give me a pointer to *INEXPENSIVE* NAT box which can operate at 100Mbps, or better, 1Gbps?
Inexpensive can be a pretty loose term.
I was asked by ISPs which are beginning to offer 100Mbps Ethernet service to subscribers.
They probably have a little cash then...
My guess is that there is none.
This product, while primarily a firewall, demonstrates that doing NAT and firewalling (lots of shared code there, see IPFilter) on an ASIC makes for a much cheaper solution than FW-1 on a big Sun Ultra-something... Anyhow they claim lots of sessions: http://www2.netscreen.com/pub/products/ns1000.html I'm sure there are others riding this bandwagon as well... Charles
Masataka Ohta
Charles and others; Thank you very much for the information.
As for the performance issue, can someone give me a pointer to *INEXPENSIVE* NAT box which can operate at 100Mbps, or better, 1Gbps?
Inexpensive can be a pretty loose term.
Oops, sorry. As you might know, with Ethernet, the cost of a 100Mbps OE is about $200, pair of which will be used for each subscriber. (I'm overestimating the cost of OE by not assuming a dedicated hardware) So, a 100Mbps NAT box should costs $100 or, maybe, $200. Actually, 100Mbps case is not very realistic, because of the management cost. A 1Gbps NAT box may be shared by 100 subscribers and may cost $10000 or, maybe, $20000.
I was asked by ISPs which are beginning to offer 100Mbps Ethernet service to subscribers.
They probably have a little cash then...
They have little cash to be spent on equipments provided for each subscriber and replaced two years later.
My guess is that there is none.
This product, while primarily a firewall, demonstrates that doing NAT and firewalling (lots of shared code there, see IPFilter) on an ASIC makes for a much cheaper solution than FW-1 on a big Sun Ultra-something...
Hmmmm, $109,000 seems to be too expensive.
Anyhow they claim lots of sessions:
Each subscriber won't need so many sessions. Masataka Ohta
participants (5)
-
Andrew Brown
-
batz
-
Charles Sprickman
-
Masataka Ohta
-
Roeland M.J. Meyer