Re: IPv6 will never fly: ARIN continues to kill it
On Sat, Sep 15, 2007 at 12:06:26PM +1000, Mark Andrews wrote: Mark, I get renumbered in IPv4 today. I suspect there is probably a question of scale here. I wouldn't be surprised that a small home network with a limited number of subnets and systems could be automatically renumbered. I would be surprised if a network of any appreciable size could be. Particularly one that has non-trivial relationships with other networks. How many subnets and devices are there on the network you automatically renumber? Regards, -drc The point was to demonstrate that it can be done. It just requires people to be willing to do this. On a home network you do most of the things by hand. In a enterprise you use a network management station to do the work for you. Having that management station send out notifications to third parties is really not a big ask. Mark interestingly, some software vendors ship w/ license keys tied to IP addresses... particularly for enterprise level stuff. not so easy to update in my experience. then there is the thorny DNS problem of updating the root hints file. If DNS is so automated, why is this still a big problem? (noting that the legacy address for B is still getting 300qps, nearly three YEARS after it was turned down) David is correct, scale does have its own set of renumbering problems. While i believe you, i think your confidence is based on some naieve assumptions. --bill -- --bill Opinions expressed may not even be mine by the time you read them, and certainly don't reflect those of any other entity (legal or otherwise). ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
T-shirt
ok... enough conversation about DHCP and stuff... there are ways to express opinions other than writing up a draft, so here goes. http://www.shirtcity.com/shop/index.php?file_merchandising=largeactual_merchant_article_serial_number=12backjump_page=3PHPSESSID=7cf26a35a9ca3e0428f610587232e21b itojun ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
Re: IPv6 will never fly: ARIN continues to kill it
interestingly, some software vendors ship w/ license keys tied to IP addresses... particularly for enterprise level stuff. not so easy to update in my experience. I've always thought that practice to be STUPID. It was stupid 15 years ago and it is still stupid today. Yes I've had to renumber sites with keys tied to IP addresses. then there is the thorny DNS problem of updating the root hints file. If DNS is so automated, why is this still a big problem? (noting that the legacy address for B is still getting 300qps, nearly three YEARS after it was turned down) Once we get the root, net and root-server.net signed, writing out new hints is can be done with a high degree of assurance that the contents reflect reality. Sure there will still be old boxes that continue to try to talk to B but the new boxes won't and eventually all the old boxes will go, due to component failure if nothing else. David is correct, scale does have its own set of renumbering problems. While i believe you, i think your confidence is based on some naieve assumptions. I'm not saying scale doesn't have problems. Automation however is the solution to those problems. That's why management stations were invented. Mark --bill -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [EMAIL PROTECTED] ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
Re: IPv6 will never fly: ARIN continues to kill it
At 12:08 AM +1000 9/16/07, Mark Andrews wrote: interestingly, some software vendors ship w/ license keys tied to IP addresses... particularly for enterprise level stuff. not so easy to update in my experience. I've always thought that practice to be STUPID. It was stupid 15 years ago and it is still stupid today. The fact that you as an individual thing it is stupid (in uppercase or lowercase) is irrelevant. Several large vendors disagree with you. Their customers have gotten used to dealing with this and do not consider it so onerous as to change to the other large vendors who use a different licensing scheme. --Paul Hoffman, Director --VPN Consortium ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
Re: IPv6 will never fly: ARIN continues to kill it
On 15-sep-2007, at 16:51, Paul Hoffman wrote: keys tied to IP addresses... particularly for enterprise level stuff. not so easy to update in my experience. I've always thought that practice to be STUPID. It was stupid 15 years ago and it is still stupid today. The fact that you as an individual thing it is stupid (in uppercase or lowercase) is irrelevant. Several large vendors disagree with you. Their customers have gotten used to dealing with this and do not consider it so onerous as to change to the other large vendors who use a different licensing scheme. If we can't agree that this practice is stupid, can we at least agree that we can't let this impose restrictions on what we can and can't do within the IETF? ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
Re: IPv6 will never fly: ARIN continues to kill it
At 5:08 PM +0200 9/15/07, Iljitsch van Beijnum wrote: On 15-sep-2007, at 16:51, Paul Hoffman wrote: keys tied to IP addresses... particularly for enterprise level stuff. not so easy to update in my experience. I've always thought that practice to be STUPID. It was stupid 15 years ago and it is still stupid today. The fact that you as an individual thing it is stupid (in uppercase or lowercase) is irrelevant. Several large vendors disagree with you. Their customers have gotten used to dealing with this and do not consider it so onerous as to change to the other large vendors who use a different licensing scheme. If we can't agree that this practice is stupid, can we at least agree that we can't let this impose restrictions on what we can and can't do within the IETF? Certainly. Every vendor who ties a license to an IP address has already had to deal with customers who change IP addresses. I doubt that Bill's mentioning of this practice was meant to say therefore we can never do anything that would cause renumbering. --Paul Hoffman, Director --VPN Consortium ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
Re: IPv6 will never fly: ARIN continues to kill it
On Sat, 15 Sep 2007, Paul Hoffman wrote: Certainly. Every vendor who ties a license to an IP address has already had to deal with customers who change IP addresses. I doubt that Bill's mentioning of this practice was meant to say therefore we can never do anything that would cause renumbering. On the other hand, if you develop a system that forces enterprises to renumber, then you GUARANTEE that a large set of them will find a way to avoid (or at least take control of their own) renumbering, e.g. NAT --for many reasons that have already been cited in this thread, and some that have not been. Example: Fred mentioned that it would be nice to just use some form of host names, instead of addresses, but in the world I live in, MANY groups are geographically dispersed and want Traffic Disruption Appliances on each of their subnets to allow unrestricted flow among their *blocks* of addresses --they certainly would not want to either a) manage large lists of explicit host addresses *or* names, or b) change their complex firewall rules whenever someone sez let's do the Renumber Drill! (Is that perimeter protection model fundamentally flawed? Of course it is, just like NAT is. Both observations will not change the reality of their continued use. The question should be: what will? Note also, for fans of homogeneous networks and single network management stations, that a single AS may have hundreds of autonomous management domains within it. As others have said, this is not entirely a technology problem. -teg ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
Re: IPv6 will never fly: ARIN continues to kill it
On 15-sep-2007, at 18:42, Terry Gray wrote: Example: Fred mentioned that it would be nice to just use some form of host names, instead of addresses, but in the world I live in, MANY groups are geographically dispersed and want Traffic Disruption Appliances on each of their subnets to allow unrestricted flow among their *blocks* of addresses --they certainly would not want to either a) manage large lists of explicit host addresses *or* names, or b) change their complex firewall rules whenever someone sez let's do the Renumber Drill! [...] As others have said, this is not entirely a technology problem. Usually the reason for that is that the technology isn't good enough to solve the problem fully, which may or may not be a fundamental, unsolvable issue. As far as making IP addresses less visible than they are today, I think there is a lot we can do. My day job involves creating router configurations (in networks that aren't large enough to have sophisticated management systems). I have to put addresses rather than names in router configurations because when there is trouble with the network, it may not be possible to ask the DNS to translate a name into an address. (And there's the security issues.) The way the DNS works today is that you ask it for a mapping, and it returns you that mapping along with a time to live value. After that, you need to forget the mapping and consult the DNS again. A system that would work much better in router/firewall/etc configurations is a system where you may ask the name resolving system for a mapping to get you started, but once you have your mapping, you get to keep it until the name resolving system contacts YOU and tells you something has changed. Such a name resolving system would have to be under explicit administrative control, so that when my vendor that needs access to something deep inside the firewalled core of my network changes his/ her address I as an administrator get to see that and execute a policy (verify certificates, make a phone call, change vendors). The issue of unreachable root servers etc becomes moot because in that case you just keep running with the existing mapping information. Working with names is much easier than with addresses because you can easily allow *.example.com rather than all the individual addresses/ prefixes that Example, Inc uses around the world. blah.vendors.example.com could also point to mothership.blah.com so you only need to allow *.vendors.example.com rather than a long list of vendors. ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
Hello IETF!
HI! I'm 81duz1d0, programmer. Today I've joined to IETF Mail List, I hope that my texts be useful to this community. ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
Re: IPv6 will never fly: ARIN continues to kill it
On Sun, Sep 16, 2007 at 12:08:30AM +1000, Mark Andrews wrote: interestingly, some software vendors ship w/ license keys tied to IP addresses... particularly for enterprise level stuff. not so easy to update in my experience. I've always thought that practice to be STUPID. It was stupid 15 years ago and it is still stupid today. Yes I've had to renumber sites with keys tied to IP addresses. stupid or not, it exists and is not ammenable to automation. David is correct, scale does have its own set of renumbering problems. While i believe you, i think your confidence is based on some naieve assumptions. I'm not saying scale doesn't have problems. Automation however is the solution to those problems. That's why management stations were invented. automation can augment renumbering events, but until we have a fundamental change in architecture, renumbering will require human intervention and will always be disruptive. --bill Opinions expressed may not even be mine by the time you read them, and certainly don't reflect those of any other entity (legal or otherwise). ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
Re: Hello IETF!
[EMAIL PROTECTED] wrote: HI! I'm 81duz1d0, programmer. Today I’ve joined to IETF Mail List, I hope that my texts be useful to this community. tell us more. and welcome regards joe baptista -- Joe Baptistawww.publicroot.org PublicRoot Consortium The future of the Internet is Open, Transparent, Inclusive, Representative Accountable to the Internet community @large. Office: +1 (202) 517-1593 Fax: +1 (509) 479-0084 begin:vcard fn:Joe Baptista n:Baptista;Joe org:PublicRoot Consortium adr:;;963 Ford Street;Peterborough;Ontario;K9J 5V5 ;Canada email;internet:[EMAIL PROTECTED] title:PublicRoot Representative tel;fax:+1 (509) 479-0084 tel;cell:+1 (416) 912-6551 x-mozilla-html:FALSE url:http://www.publicroot.org version:2.1 end:vcard ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
Re: Hello IETF!
HI! I'm 81duz1d0, programmer. Today I’ve joined to IETF Mail List, I hope that my texts be useful to this community. welcome 81duz1d0 your site ? http://progzzz.blogspot.com/ greetings from germany marc -- there's no place like 127.0.0.1 until we found ::1 -- which is even bigger web: http://www.let.de ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
Re: IPv6 will never fly: ARIN continues to kill it
On Sun, Sep 16, 2007 at 12:08:30AM +1000, Mark Andrews wrote: interestingly, some software vendors ship w/ license keys tied to IP addresses... particularly for enterprise level stuff. not so easy to update in my experience. I've always thought that practice to be STUPID. It was stupid 15 years ago and it is still stupid today. Yes I've had to renumber sites with keys tied to IP addresses. stupid or not, it exists and is not ammenable to automation. Why isn't it? It's just one more message for the management station to push out. David is correct, scale does have its own set of renumbering problems. While i believe you, i think your confidence is based on some naieve assumptions. I'm not saying scale doesn't have problems. Automation however is the solution to those problems. That's why management stations were invented. automation can augment renumbering events, but until we have a fundamental change in architecture, renumbering will require human intervention and will always be disruptive. It doesn't take a change in architecture. We have the technology today to remove the need to tie anything to specific IP addresses. It just requires the willingness to use it. Mark --bill Opinions expressed may not even be mine by the time you read them, and certainly don't reflect those of any other entity (legal or otherwise). -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [EMAIL PROTECTED] ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
Re: IPv6 will never fly: ARIN continues to kill it
On Sun, Sep 16, 2007 at 12:17:21PM +1000, Mark Andrews wrote: On Sun, Sep 16, 2007 at 12:08:30AM +1000, Mark Andrews wrote: interestingly, some software vendors ship w/ license keys tied to IP addresses... particularly for enterprise level stuff. not so easy to update in my experience. I've always thought that practice to be STUPID. It was stupid 15 years ago and it is still stupid today. Yes I've had to renumber sites with keys tied to IP addresses. stupid or not, it exists and is not ammenable to automation. Why isn't it? It's just one more message for the management station to push out. notifcation sure... getting the other side to re-issue the license with the new IP's (which the MS has to figure out what they are on its own, wiht the kewl AI-based smarts that it has) - and then getting the new code installed/configured ... all under the automated hands of master control is a different set of considerations. David is correct, scale does have its own set of renumbering problems. While i believe you, i think your confidence is based on some naieve assumptions. I'm not saying scale doesn't have problems. Automation however is the solution to those problems. That's why management stations were invented. automation can augment renumbering events, but until we have a fundamental change in architecture, renumbering will require human intervention and will always be disruptive. It doesn't take a change in architecture. We have the technology today to remove the need to tie anything to specific IP addresses. It just requires the willingness to use it. simple assertion does not make it so. perhaps we should make a checklist and see which things meet your criteria. (my assertion that location/ID overload is built in to both IPv4 and IPv6 seems to be born out by the specs, documentation, and commentary over the past 25 years ... and that until one can cleanly seperate the two, that renumbering will be difficult should also be tested) I have provided TWO cases where renumbering is is difficult to automate - i'm sure i can find others. I beleive your claim (oblique as it may be) is that the DNS name is the long-term persistant identifier... I tried to make that claim a decade ago and was persuaded (eventually) otherwise. Time to dig through the archives to see if that logic still holds true. Mark --bill Opinions expressed may not even be mine by the time you read them, and certainly don't reflect those of any other entity (legal or otherwise). -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [EMAIL PROTECTED] -- --bill Opinions expressed may not even be mine by the time you read them, and certainly don't reflect those of any other entity (legal or otherwise). ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
RE: Renumbering
I have to say that this latest thread about renumbering has been entertaining; besides the usual trolls I have never seen as many un-experienced, incompetent, or both, contributors who think just because they have read something about it in a magazine while waiting at the dentist entitles them to an opinion. And no, I don't have to be politically correct. Unlike most of the bozos mentioned above, I have actually been in the trenches renumbering real-world networks. Michel. ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
Re: Subscribtion and qustion
On 9/14/07, Natasha Petrovska [EMAIL PROTECTED] wrote: Dear Sir/Madam, I am a postgraduate student from Macedonia. I would like to attend some of your meetings, since my thesis is connected with GPS and I work in a Public transport enterprise. Can I be your member or atendee or receive any information (news) conected with these themes? Thank you very much in advance. Looking forward to hearing from you soon. Sincerely yours, Petrovska Natasa https://www1.ietf.org/mailman/listinfo/ietf *whew*, was just about to mark this email as spam :D (because gmail has the email preview deal and the dear sir/madam I am a... starter is typical for scam spam emails) ___ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf