Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83)
Hi Eduard, On Thu, Dec 23, 2021 at 11:55 PM Vasilenko Eduard wrote: > > Hi Leo, > I did not say anything about "registered ULAs". Registration initiative has a > lot of pros and cons. I am not sure. > > I did react to the claim that ULA is not needed. Because I am sure that ULA > is very much needed. Ah, I misunderstood you. Sorry. Kind regards, Leo -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/ipv6-wg
Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83)
Hi Nico, I agree that ordinary subscribers would probably not request Internet redundancy. Hence, no need for PI. But just small businesses could drive the Internet table well beyond what is possible for hardware in this century. Unfortunately, Nobody is interested in the 3rd alternative: to fix current protocols (primarily ND and Source Address Selection on the host) to support PAs from many Carriers at the same time. Eduard -Original Message- From: Nico Schottelius [mailto:nico.schottel...@ungleich.ch] Sent: Friday, December 24, 2021 12:20 AM To: Vasilenko Eduard Cc: Leo Vegoda ; Nico Schottelius ; Marco Hogewoning ; ipv6-wg@ripe.net Subject: Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83) Hey Eduard, Vasilenko Eduard writes: > There is a much bigger problem than the hassle with RIPE formalities and fees. > It is the size of the Internet table. While the size of the global table is a concern, using it as an argument for reducing access to global IPv6 addresses feels wrong to me. For the sake of the routing table, it would be best if only a handful of companies are in the Internet, the best would be very centralised Internet at a single location. >From my perspective, this is the opposite of how the Internet is supposed to >work - in a robust and decentralised fashion. Keeping the global routing table manageable is a valid concern, but I don't think it's a good argument for preventing organisations to get their own /48 and connect to the Internet. Aside from that, it is probably not realistic that billions of users are opting in for getting a) their unique address space and b) getting and connected to the global Internet. Best regards, Nico -- Sustainable and modern Infrastructures by ungleich.ch -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/ipv6-wg
Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83)
Hi Leo, I did not say anything about "registered ULAs". Registration initiative has a lot of pros and cons. I am not sure. I did react to the claim that ULA is not needed. Because I am sure that ULA is very much needed. It is the only way to keep Internet table at reasonable size. Or else businesses would blow it up by PI. Eduard -Original Message- From: Leo Vegoda [mailto:l...@vegoda.org] Sent: Thursday, December 23, 2021 6:18 PM To: Vasilenko Eduard Cc: Nico Schottelius ; Marco Hogewoning ; ipv6-wg@ripe.net Subject: Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83) Hi Eduard, While I'm sure we can all agree that resilient and reliable Internet access is a good thing, I think it is quite a leap from that to most small businesses both wanting it and having a realistic option. And then needing not just a ULA with a ridiculously low probability of prefix clashes on site merger events to needing a registered prefix that offers everything available from an RIR except for Internet routability. I'm not convinced that the market either desires or needs registered ULAs. Regards, Leo On Thu, Dec 23, 2021 at 1:02 AM Vasilenko Eduard wrote: > > Hi Leo, > Real resiliency is possible only if everything is redundant, including the > last mile. > What is the point to rent 2 fiber strands or 2 copper pairs in one cable? > This cable would be cut at the same time. The non-redundant L2 device that > has been used to connect this fiber may fail at the same time. > No one carrier in the world could double last-mile infrastructure. Access is > 70% of their cost. Access is always non-redundant. > Moreover, access itself is typically non-redundant (just aggregation > switches) couple of hops from the last mile. Well, some Carriers have > redundancy on the next nodes upstream. > > I am long enough on this market. I have seen many cases when different types > of businesses were trying to do redundancy for the Internet. > Of course, they prefer 2 different wireline providers, but in the majority of > cases, they do not have a choice between wireline providers. > Hence, the second link was 3GPP in most cases. > 3GPP could be from the same Carrier as PON, but I have never heard about good > coordination between wireline and wireless departments - they act as > independent Carriers. > > PS: In regards to anecdotes: > I am not hired/paid to collect proper information and prove anything here. > It is just my opinion based on my 25 years of experience. > > The real anecdote in the industry is that there is only ULA+NPT that works > for Internet site resiliency. > Everything else is broken for some reason. > Not many people know this anecdote. > > Eduard > -Original Message- > From: Leo Vegoda [mailto:l...@vegoda.org] > Sent: Wednesday, December 22, 2021 5:39 PM > To: Vasilenko Eduard > Cc: Nico Schottelius ; Marco Hogewoning > ; ipv6-wg@ripe.net > Subject: Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] > (was: Minutes from the IPv6 WG @ RIPE 83) > > Hi Eduard, > > On Wed, Dec 22, 2021 at 12:10 AM Vasilenko Eduard > wrote: > > > > Hi Leo, > > Almost any business (even small) would like to have Internet resiliency in > > the form of redundant connections through the different Carriers. > > That is not my experience. In my experience, small and medium sized business > owners would prefer to pay a little extra for a more resilient service from a > single provider than double up on the procurement, accounting, and equipment > needed when taking service from two different providers. I think my > experience is most true in areas where IP services tend to be provided over > infrastructure owned by a monopoly provider. > > Is there any research that can take us out of the realm of anecdote? > > Kind regards, > > Leo -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/ipv6-wg
Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83)
On Thu, Dec 23, 2021 at 1:40 PM Nico Schottelius wrote: [...] > > ULA does not have a registry because it is highly improbable that > > there will be prefix clashes because the available space is so vast. > > ... if generated truly randomly and people would not tend towards using > "feed", "f00d", "cafe" or other words [0] in their IPv6 networks, yes. > However even if you check the original sixxs registry or our import > of it or if you check the DN42 registry, both contain "not so random > values". In those cases where the network is managed but a basic error like this has been made there is little that can be done to save the organisation from its own people. There are plenty of web pages that will generate a prefix for you based on the process described in the RFC e.g. https://cd34.com/rfc4193/ along with lots of open sourced code to do the same. Also, as Jeroen noted [0] on 9 December, the SixXS ULA registry was intended as a joke and we can assume that a good number of the registrations in it were jokes, too. [...] > > Who should pay and why would they do so? > > For the who: individuals and organisations who think that everyone > should have access to GUA. > > > And why would this commitment to fund a registry over multiple > > decades be considered reliable enough that the users who pay nothing > > should put their trust in it? > > That is a very good question and the only correct answer I have at the > moment is: time has to tell. I think the IETF will need a more convincing argument if it is to register a /8 of IPv6 space to a speculative registry with an unproven business model. Regards, Leo [0] https://www.ripe.net/ripe/mail/archives/ipv6-wg/2021-December/003751.html -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/ipv6-wg
Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83)
>> The status quo is: >> >> - Community projects use ULA, because it's easy and free >> <-| >> - ULA does not have an official registry (and seems to be unlikely that we >> go there)| >> - GUA might be an easy way out of this >>| >> - However GUA costs real money >> -| >> > > ULA does not have a registry because it is highly improbable that > there will be prefix clashes because the available space is so vast. ... if generated truly randomly and people would not tend towards using "feed", "f00d", "cafe" or other words [0] in their IPv6 networks, yes. However even if you check the original sixxs registry or our import of it or if you check the DN42 registry, both contain "not so random values". > That is why it can be free and users can feel comfortable that their > prefix is unique. I think the reality is somewhat different, as users "want to be sure" and thus registries are requested, born and filled - for ULA. Whether or not the actually collision probability is higher or lower than the chance of everyone adding to a registry, which is a different risk to calculate. >> And the motivation is to reach: >> >> - Community projects can use GUA for free <--| >> \--| >> >> Does it make sense? > > You suggest that the users should get registration and DNS for free > but someone else should pay for it. Yes and no: - registration: yes - dns, connectivity, routing, associated services: not for free I think the former is mostly a case of "support", while the latter causes real costs and thus costs need to be forwarded. > Who should pay and why would they do so? For the who: individuals and organisations who think that everyone should have access to GUA. > And why would this commitment to fund a registry over multiple > decades be considered reliable enough that the users who pay nothing > should put their trust in it? That is a very good question and the only correct answer I have at the moment is: time has to tell. Thanks a lot for your input, much appreciated. Best regards, Nico [0] https://redmine.ungleich.ch/projects/ipv6/wiki/IPv6_words_-_name_your_networks -- Sustainable and modern Infrastructures by ungleich.ch -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/ipv6-wg
Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83)
Hey Eduard, Vasilenko Eduard writes: > There is a much bigger problem than the hassle with RIPE formalities and fees. > It is the size of the Internet table. While the size of the global table is a concern, using it as an argument for reducing access to global IPv6 addresses feels wrong to me. For the sake of the routing table, it would be best if only a handful of companies are in the Internet, the best would be very centralised Internet at a single location. >From my perspective, this is the opposite of how the Internet is supposed to work - in a robust and decentralised fashion. Keeping the global routing table manageable is a valid concern, but I don't think it's a good argument for preventing organisations to get their own /48 and connect to the Internet. Aside from that, it is probably not realistic that billions of users are opting in for getting a) their unique address space and b) getting and connected to the global Internet. Best regards, Nico -- Sustainable and modern Infrastructures by ungleich.ch -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/ipv6-wg
Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83)
Hi Nico, On Thu, Dec 23, 2021 at 1:12 PM Nico Schottelius wrote: [...] > The status quo is: > > - Community projects use ULA, because it's easy and free > <-| > - ULA does not have an official registry (and seems to be unlikely that we go > there)| > - GUA might be an easy way out of this > | > - However GUA costs real money > -| > ULA does not have a registry because it is highly improbable that there will be prefix clashes because the available space is so vast. That is why it can be free and users can feel comfortable that their prefix is unique. > And the motivation is to reach: > > - Community projects can use GUA for free <--| > \--| > > Does it make sense? You suggest that the users should get registration and DNS for free but someone else should pay for it. Who should pay and why would they do so? And why would this commitment to fund a registry over multiple decades be considered reliable enough that the users who pay nothing should put their trust in it? Kind regards, Leo -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/ipv6-wg
Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83)
Hey Leo, Leo Vegoda writes: >> ## Motivation >> >> The Motivation is: >> >> - with GUA, potential connectivity to the Internet later does not >> require renumbering >> - with GUA, reverse DNS is easily possible > > I don't understand the motivation. What kind of organisation would > have so much "not Internet connected" infrastructure that renumbering > would be a significant burden but not be able to afford the RIPE NCC's > annual membership fee? This is basically any community driven organisation which consist of volunteers. > Looking at the fees published at > https://www.ripe.net/publications/ripe-ncc-organisational-documents/charging-schemes > they appear to have gone down over the last decade. Is there a class > of organisation that has lots of infrastructure but can't budget for > these relatively modest annual fees? While I am not arguing against RIPE's (or ARIN or any RIR) fee, we are talking about 1400 Euro yearly, or roughly 100 Euro/month. Doesn't sounds a lot, but is quite a committment from what I can see. I am aware of clubs or organisations which are barely making a 0 at the end of the month or year in terms of finances. But I think you have a point, the question is who cannot afford it and who would actually be interested in it. To clarify this question, I've setup a small survey on https://ungleich.ch/u/blog/2021-12-23-ipv6-addresses-for-free/ > And if the registry or registries you propose are charging so much > less, or even free at the point of use, how can they provide a > resilient and robust set of registry and DNS services that will last > for as long as the users need? The idea would be to go with a sponsored (companies/organisations) or volunteer based service matching the target audience. > I'd love to get a better understanding of the needs of the anticipated > user base and the risks that they need to protect themselves from. The status quo is: - Community projects use ULA, because it's easy and free <-| - ULA does not have an official registry (and seems to be unlikely that we go there)| - GUA might be an easy way out of this | - However GUA costs real money -| And the motivation is to reach: - Community projects can use GUA for free <--| \--| Does it make sense? Cheers, Nico -- Sustainable and modern Infrastructures by ungleich.ch -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/ipv6-wg
Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83)
Hi Eduard, While I'm sure we can all agree that resilient and reliable Internet access is a good thing, I think it is quite a leap from that to most small businesses both wanting it and having a realistic option. And then needing not just a ULA with a ridiculously low probability of prefix clashes on site merger events to needing a registered prefix that offers everything available from an RIR except for Internet routability. I'm not convinced that the market either desires or needs registered ULAs. Regards, Leo On Thu, Dec 23, 2021 at 1:02 AM Vasilenko Eduard wrote: > > Hi Leo, > Real resiliency is possible only if everything is redundant, including the > last mile. > What is the point to rent 2 fiber strands or 2 copper pairs in one cable? > This cable would be cut at the same time. The non-redundant L2 device that > has been used to connect this fiber may fail at the same time. > No one carrier in the world could double last-mile infrastructure. Access is > 70% of their cost. Access is always non-redundant. > Moreover, access itself is typically non-redundant (just aggregation > switches) couple of hops from the last mile. Well, some Carriers have > redundancy on the next nodes upstream. > > I am long enough on this market. I have seen many cases when different types > of businesses were trying to do redundancy for the Internet. > Of course, they prefer 2 different wireline providers, but in the majority of > cases, they do not have a choice between wireline providers. > Hence, the second link was 3GPP in most cases. > 3GPP could be from the same Carrier as PON, but I have never heard about good > coordination between wireline and wireless departments - they act as > independent Carriers. > > PS: In regards to anecdotes: > I am not hired/paid to collect proper information and prove anything here. > It is just my opinion based on my 25 years of experience. > > The real anecdote in the industry is that there is only ULA+NPT that works > for Internet site resiliency. > Everything else is broken for some reason. > Not many people know this anecdote. > > Eduard > -Original Message- > From: Leo Vegoda [mailto:l...@vegoda.org] > Sent: Wednesday, December 22, 2021 5:39 PM > To: Vasilenko Eduard > Cc: Nico Schottelius ; Marco Hogewoning > ; ipv6-wg@ripe.net > Subject: Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: > Minutes from the IPv6 WG @ RIPE 83) > > Hi Eduard, > > On Wed, Dec 22, 2021 at 12:10 AM Vasilenko Eduard > wrote: > > > > Hi Leo, > > Almost any business (even small) would like to have Internet resiliency in > > the form of redundant connections through the different Carriers. > > That is not my experience. In my experience, small and medium sized business > owners would prefer to pay a little extra for a more resilient service from a > single provider than double up on the procurement, accounting, and equipment > needed when taking service from two different providers. I think my > experience is most true in areas where IP services tend to be provided over > infrastructure owned by a monopoly provider. > > Is there any research that can take us out of the realm of anecdote? > > Kind regards, > > Leo -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/ipv6-wg
Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83)
Hi Leo, Real resiliency is possible only if everything is redundant, including the last mile. What is the point to rent 2 fiber strands or 2 copper pairs in one cable? This cable would be cut at the same time. The non-redundant L2 device that has been used to connect this fiber may fail at the same time. No one carrier in the world could double last-mile infrastructure. Access is 70% of their cost. Access is always non-redundant. Moreover, access itself is typically non-redundant (just aggregation switches) couple of hops from the last mile. Well, some Carriers have redundancy on the next nodes upstream. I am long enough on this market. I have seen many cases when different types of businesses were trying to do redundancy for the Internet. Of course, they prefer 2 different wireline providers, but in the majority of cases, they do not have a choice between wireline providers. Hence, the second link was 3GPP in most cases. 3GPP could be from the same Carrier as PON, but I have never heard about good coordination between wireline and wireless departments - they act as independent Carriers. PS: In regards to anecdotes: I am not hired/paid to collect proper information and prove anything here. It is just my opinion based on my 25 years of experience. The real anecdote in the industry is that there is only ULA+NPT that works for Internet site resiliency. Everything else is broken for some reason. Not many people know this anecdote. Eduard -Original Message- From: Leo Vegoda [mailto:l...@vegoda.org] Sent: Wednesday, December 22, 2021 5:39 PM To: Vasilenko Eduard Cc: Nico Schottelius ; Marco Hogewoning ; ipv6-wg@ripe.net Subject: Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83) Hi Eduard, On Wed, Dec 22, 2021 at 12:10 AM Vasilenko Eduard wrote: > > Hi Leo, > Almost any business (even small) would like to have Internet resiliency in > the form of redundant connections through the different Carriers. That is not my experience. In my experience, small and medium sized business owners would prefer to pay a little extra for a more resilient service from a single provider than double up on the procurement, accounting, and equipment needed when taking service from two different providers. I think my experience is most true in areas where IP services tend to be provided over infrastructure owned by a monopoly provider. Is there any research that can take us out of the realm of anecdote? Kind regards, Leo -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/ipv6-wg
Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83)
Hi Gert, >How can a NPT based solution know that "ISP A" is a walled garden? By DNS. I did stress below that host has the same ULA in all cases (no need for the choice of proper GUA). Wherever routing or source routing would push the traffic, it would be the possibility for the last CPE (in front of Carrier) to NPT to proper GUA. >How will a NPT based solution create proper router redundancy? Terminating >both ISPs on the same router is not what I'd call "redundant connections". It is not mandatory. NPT Routers could be different. Like it was for NAT44. The design could be simple with uncontrolled load balancing between CPEs or it could be source-routing - it is up to the Admin. > This has been addressed independent of Homenet, because it affects ISP flash > renumbering as well. The current solution that is accepted in 6man is to cut the preferred lifetime from 1 week to 2h. IMHO: there is no solution in the discussion for "flash renumbering". I have heard from many people that "it is not important" problem. I do believe it is important: https://datatracker.ietf.org/doc/html/draft-vv-6man-nd-prefix-robustness-01 Eduard -Original Message- From: Gert Doering [mailto:g...@space.net] Sent: Wednesday, December 22, 2021 11:37 AM To: Vasilenko Eduard Cc: Gert Doering ; Leo Vegoda ; Marco Hogewoning ; ipv6-wg@ripe.net Subject: Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83) Hi, On Wed, Dec 22, 2021 at 08:33:40AM +, Vasilenko Eduard wrote: > 3. use proper source based routing on the ISP routers -> see homenet WG. > > a) homenet is not available on real products Your employer is in a situation to fix that. > b) if a particular resource is in the walled garden of one Carrier (access > from other carriers are filtered), then source routing would not help, proper > source address should be chosen first on the host. Only NPT resolves this > situation now. How can a NPT based solution know that "ISP A" is a walled garden? How will a NPT based solution create proper router redundancy? Terminating both ISPs on the same router is not what I'd call "redundant connections". > c) homenet did not try to resolve ND problems of proper withdrawal for stale > prefixes. If uplink to one carrier would be lost - it does not discuss how it > would be informed to the hosts on the first hop. This has been addressed independent of Homenet, because it affects ISP flash renumbering as well. > Hence, no - solution 3 does not exist. If phrased that way, neither do "solution 1" or "solution 2" today. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer Joseph-Dollinger-Bogen 14Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/ipv6-wg
Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83)
Hi Eduard, On Wed, Dec 22, 2021 at 12:10 AM Vasilenko Eduard wrote: > > Hi Leo, > Almost any business (even small) would like to have Internet resiliency in > the form of redundant connections through the different Carriers. That is not my experience. In my experience, small and medium sized business owners would prefer to pay a little extra for a more resilient service from a single provider than double up on the procurement, accounting, and equipment needed when taking service from two different providers. I think my experience is most true in areas where IP services tend to be provided over infrastructure owned by a monopoly provider. Is there any research that can take us out of the realm of anecdote? Kind regards, Leo -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/ipv6-wg
Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83)
Hi, On Wed, Dec 22, 2021 at 08:33:40AM +, Vasilenko Eduard wrote: > 3. use proper source based routing on the ISP routers -> see homenet WG. > > a) homenet is not available on real products Your employer is in a situation to fix that. > b) if a particular resource is in the walled garden of one Carrier (access > from other carriers are filtered), then source routing would not help, proper > source address should be chosen first on the host. Only NPT resolves this > situation now. How can a NPT based solution know that "ISP A" is a walled garden? How will a NPT based solution create proper router redundancy? Terminating both ISPs on the same router is not what I'd call "redundant connections". > c) homenet did not try to resolve ND problems of proper withdrawal for stale > prefixes. If uplink to one carrier would be lost - it does not discuss how it > would be informed to the hosts on the first hop. This has been addressed independent of Homenet, because it affects ISP flash renumbering as well. > Hence, no - solution 3 does not exist. If phrased that way, neither do "solution 1" or "solution 2" today. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer Joseph-Dollinger-Bogen 14Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 signature.asc Description: PGP signature -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/ipv6-wg
Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83)
3. use proper source based routing on the ISP routers -> see homenet WG. a) homenet is not available on real products b) if a particular resource is in the walled garden of one Carrier (access from other carriers are filtered), then source routing would not help, proper source address should be chosen first on the host. Only NPT resolves this situation now. c) homenet did not try to resolve ND problems of proper withdrawal for stale prefixes. If uplink to one carrier would be lost - it does not discuss how it would be informed to the hosts on the first hop. Hence, no - solution 3 does not exist. Ed/ -Original Message- From: Gert Doering [mailto:g...@space.net] Sent: Wednesday, December 22, 2021 11:18 AM To: Vasilenko Eduard Cc: Leo Vegoda ; Marco Hogewoning ; ipv6-wg@ripe.net Subject: Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83) Hi, On Wed, Dec 22, 2021 at 08:09:59AM +, Vasilenko Eduard via ipv6-wg wrote: > Almost any business (even small) would like to have Internet resiliency in > the form of redundant connections through the different Carriers. > Then hosts should have PA addresses from different carriers. > > Hosts are not capable to choose properly which one address to choose for the > particular flow. > If the address of Carrier 1 would be used as the source for the packet going > to Carrier2 then Carrier2 would drop the packet as a result of spoofing > protection (uRPF check). > > If the connection to the carrier is lost then the respective PA address > should be withdrawn (by the way, not resolved problem in IETF). > > There are only 2 currently available solutions for Internet connections > resiliency: > 1. Request PI from RIR. Then the Internet table would be the size of all > businesses in the world. > 2. Use ULA internally and NPT (prefix translation to proper PA) on the CPEs > connecting to the Carrier. 3. use proper source based routing on the ISP routers -> see homenet WG. Of course NAT is good (https://www.youtube.com/watch?v=v26BAlfWBm8) but not really needed here. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer Joseph-Dollinger-Bogen 14Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/ipv6-wg
Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83)
Hi, On Wed, Dec 22, 2021 at 08:09:59AM +, Vasilenko Eduard via ipv6-wg wrote: > Almost any business (even small) would like to have Internet resiliency in > the form of redundant connections through the different Carriers. > Then hosts should have PA addresses from different carriers. > > Hosts are not capable to choose properly which one address to choose for the > particular flow. > If the address of Carrier 1 would be used as the source for the packet going > to Carrier2 then Carrier2 would drop the packet as a result of spoofing > protection (uRPF check). > > If the connection to the carrier is lost then the respective PA address > should be withdrawn (by the way, not resolved problem in IETF). > > There are only 2 currently available solutions for Internet connections > resiliency: > 1. Request PI from RIR. Then the Internet table would be the size of all > businesses in the world. > 2. Use ULA internally and NPT (prefix translation to proper PA) on the CPEs > connecting to the Carrier. 3. use proper source based routing on the ISP routers -> see homenet WG. Of course NAT is good (https://www.youtube.com/watch?v=v26BAlfWBm8) but not really needed here. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer Joseph-Dollinger-Bogen 14Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 signature.asc Description: PGP signature -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/ipv6-wg
Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83)
Hi Leo,
Almost any business (even small) would like to have Internet resiliency in the
form of redundant connections through the different Carriers.
Then hosts should have PA addresses from different carriers.
Hosts are not capable to choose properly which one address to choose for the
particular flow.
If the address of Carrier 1 would be used as the source for the packet going to
Carrier2 then Carrier2 would drop the packet as a result of spoofing protection
(uRPF check).
If the connection to the carrier is lost then the respective PA address should
be withdrawn (by the way, not resolved problem in IETF).
There are only 2 currently available solutions for Internet connections
resiliency:
1. Request PI from RIR. Then the Internet table would be the size of all
businesses in the world.
2. Use ULA internally and NPT (prefix translation to proper PA) on the CPEs
connecting to the Carrier.
We are pushing to fix ND to open the opportunity for other solutions:
https://datatracker.ietf.org/doc/html/draft-vv-6man-nd-prefix-robustness-01
But looks like nobody cares.
Even for the non-redundant site,
ULA is needed to preserve the local communication when the site is disconnected.
Eduard
-Original Message-
From: Leo Vegoda [mailto:l...@vegoda.org]
Sent: Tuesday, December 21, 2021 5:04 PM
To: Vasilenko Eduard
Cc: Nico Schottelius ; Marco Hogewoning
; ipv6-wg@ripe.net
Subject: Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was:
Minutes from the IPv6 WG @ RIPE 83)
Hi Eduard,
On Tue, Dec 21, 2021 at 1:18 AM Vasilenko Eduard
wrote:
>
> There is a much bigger problem than the hassle with RIPE formalities and fees.
> It is the size of the Internet table.
> If just businesses would get PA addresses (GUA) then all routers on
> the Internet would need a 30M routing table (30x from now, routers now have
> 1-4M now) If subscribers would join this club then the Internet table should
> grow to 2B. It is impossible even for 2100 year.
> Good chances that the world would revert back to IPv4 NAT under such
> circumstances because IPv6 would just crash.
>
> Stability ("no renumbering") should be achieved by ULA. No choice.
Can you explain why so many small and medium sized businesses would want unique
stable addresses?
I can see the need in large, managed networks but my experience of networks in
small and medium sized organisations is that there is no systematic management
of any kind at all. They just plug stuff in and expect it to work.
Regards,
Leo
--
To unsubscribe from this mailing list, get a password reminder, or change your
subscription options, please visit:
https://lists.ripe.net/mailman/listinfo/ipv6-wg
Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83)
> On 20 Dec 2021, at 14:29, Nico Schottelius > wrote: [..] > ## Running / Maintenance / Support > > Now in the spirit of GUA space for community projects, I would envision > not *one*, but potentially *many* free GUA registries, potentially using > the same code base, but offering different policies. This would allow > registries with different objectives: > > * A free GUA registry for a particular territory (f.i. "North of Swiss Alps") > * A free GUA registry for a particular target group (f.i. "Only for hackers") [..] See https://dn42.dev Hackers already solved their problem by using a chunk of ULA with their own registry. I really do not see who would be using it. But any LIR can just offer a chunk of their space up for 'non routed purposes' that is up to the LIR. Of course, when the LIR folds there is an issue for the user's but if you want independence, become a LIR of use a big one that cannot fold (too big to fail! :) Greets, Jeroen -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/ipv6-wg
Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83)
Hi Eduard,
On Tue, Dec 21, 2021 at 1:18 AM Vasilenko Eduard
wrote:
>
> There is a much bigger problem than the hassle with RIPE formalities and fees.
> It is the size of the Internet table.
> If just businesses would get PA addresses (GUA) then all routers on the
> Internet would need a 30M routing table (30x from now, routers now have 1-4M
> now)
> If subscribers would join this club then the Internet table should grow to
> 2B. It is impossible even for 2100 year.
> Good chances that the world would revert back to IPv4 NAT under such
> circumstances because IPv6 would just crash.
>
> Stability ("no renumbering") should be achieved by ULA. No choice.
Can you explain why so many small and medium sized businesses would
want unique stable addresses?
I can see the need in large, managed networks but my experience of
networks in small and medium sized organisations is that there is no
systematic management of any kind at all. They just plug stuff in and
expect it to work.
Regards,
Leo
--
To unsubscribe from this mailing list, get a password reminder, or change your
subscription options, please visit:
https://lists.ripe.net/mailman/listinfo/ipv6-wg
Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83)
Hi,
On Tue, Dec 21, 2021 at 09:18:16AM +, Vasilenko Eduard via ipv6-wg wrote:
> Stability ("no renumbering") should be achieved by ULA. No choice.
Renumbering a SoHo network (= mostly unmanaged, there is some sort
of plastic router and a cable + wifi, no DNS records beyond mDNS / AD,
etc) is not actually hard.
Now, multihoming a SoHo network with homenet and Dual-/48s, *that*
would have been some great stuff...
Gert Doering
-- NetMaster
--
have you enabled IPv6 on something today...?
SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer
Joseph-Dollinger-Bogen 14Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen HRB: 136055 (AG Muenchen)
Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
signature.asc
Description: PGP signature
--
To unsubscribe from this mailing list, get a password reminder, or change your
subscription options, please visit:
https://lists.ripe.net/mailman/listinfo/ipv6-wg
Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83)
There is a much bigger problem than the hassle with RIPE formalities and fees.
It is the size of the Internet table.
If just businesses would get PA addresses (GUA) then all routers on the
Internet would need a 30M routing table (30x from now, routers now have 1-4M
now)
If subscribers would join this club then the Internet table should grow to 2B.
It is impossible even for 2100 year.
Good chances that the world would revert back to IPv4 NAT under such
circumstances because IPv6 would just crash.
Stability ("no renumbering") should be achieved by ULA. No choice.
Eduard
-Original Message-
From: ipv6-wg [mailto:ipv6-wg-boun...@ripe.net] On Behalf Of Leo Vegoda
Sent: Monday, December 20, 2021 6:04 PM
To: Nico Schottelius
Cc: Marco Hogewoning ; ipv6-wg@ripe.net
Subject: Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was:
Minutes from the IPv6 WG @ RIPE 83)
Hi Nico,
On Mon, Dec 20, 2021 at 6:24 AM Nico Schottelius via ipv6-wg
wrote:
>
>
> Good morning everyone,
>
> a follow up from the RIPE83 IPv6 WG meeting: I had a few talk
> afterwards and at I got the feeling that "not to ULA, but to GUA"
> would be the most sustainable way forward.
>
> ## Motivation
>
> The Motivation is:
>
> - with GUA, potential connectivity to the Internet later does not
> require renumbering
> - with GUA, reverse DNS is easily possible
I don't understand the motivation. What kind of organisation would have so much
"not Internet connected" infrastructure that renumbering would be a significant
burden but not be able to afford the RIPE NCC's annual membership fee? Looking
at the fees published at
https://www.ripe.net/publications/ripe-ncc-organisational-documents/charging-schemes
they appear to have gone down over the last decade. Is there a class of
organisation that has lots of infrastructure but can't budget for these
relatively modest annual fees?
And if the registry or registries you propose are charging so much less, or
even free at the point of use, how can they provide a resilient and robust set
of registry and DNS services that will last for as long as the users need?
I'd love to get a better understanding of the needs of the anticipated user
base and the risks that they need to protect themselves from.
Many thanks,
Leo
--
To unsubscribe from this mailing list, get a password reminder, or change your
subscription options, please visit:
https://lists.ripe.net/mailman/listinfo/ipv6-wg
--
To unsubscribe from this mailing list, get a password reminder, or change your
subscription options, please visit:
https://lists.ripe.net/mailman/listinfo/ipv6-wg
Re: [ipv6-wg] Free GUA space for community projects [CfP/RFC] (was: Minutes from the IPv6 WG @ RIPE 83)
Hi Nico, On Mon, Dec 20, 2021 at 6:24 AM Nico Schottelius via ipv6-wg wrote: > > > Good morning everyone, > > a follow up from the RIPE83 IPv6 WG meeting: I had a few talk afterwards > and at I got the feeling that "not to ULA, but to GUA" would be the most > sustainable way forward. > > ## Motivation > > The Motivation is: > > - with GUA, potential connectivity to the Internet later does not > require renumbering > - with GUA, reverse DNS is easily possible I don't understand the motivation. What kind of organisation would have so much "not Internet connected" infrastructure that renumbering would be a significant burden but not be able to afford the RIPE NCC's annual membership fee? Looking at the fees published at https://www.ripe.net/publications/ripe-ncc-organisational-documents/charging-schemes they appear to have gone down over the last decade. Is there a class of organisation that has lots of infrastructure but can't budget for these relatively modest annual fees? And if the registry or registries you propose are charging so much less, or even free at the point of use, how can they provide a resilient and robust set of registry and DNS services that will last for as long as the users need? I'd love to get a better understanding of the needs of the anticipated user base and the risks that they need to protect themselves from. Many thanks, Leo -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/ipv6-wg
