Re: FTTH Active vs Passive
Randy; Pricing aside, do you feel the Japanese have a good architecture for the last mile? Would it adapt well from an environment that is mostly multi-dwelling units (MDU) to one which is mostly single-dwelling units? Any thoughts on good places to start for an english language speaker to learn about the Japanese broadband experience? thanks! Fletcher On Wed, Dec 2, 2009 at 2:32 AM, Randy Bush ra...@psg.com wrote: At the risk of sounding like a politician I will actually state that the physical/private interest topology of the fiber network in the United States is incredibly prohibitive of the advances that you guys are talking about. The big picture here is table scraps to equipment manufacturers no matter how crowded the vendor meet is. There are pockets of isolated/niche success and its great to see technology implemented in such ways, RFCs being drafted, etc., but jeez guys, the real issue at stake here is how in the hell we are all going to work past the bureaucratic constraints of our arguably humble positions to transparently superimpose something that will enable the masses to communicate and, at the same time, appease, for lack of a better word, those who would capitalize on the sheer lack of unified infrastructure. This post in itself obviates our incapacity to handle our own infrastructure, and while I believe discussing this is of the utmost importance I have to point out, first and foremost, that the highest priority is a level playing field. I know at least some of you can really understand that and I hope it drive some of your sleeping points home a bit so you can wake up in the morning and get something right. life can be simple. i moved to a first world country, japan. $35/mo for real 100/100, and i could get faster, just don't need it for a couple of laptops. hope y'all are having fun in duopoly jail. randy -- Fletcher Kittredge GWI 8 Pomerleau Street Biddeford, ME 04005-9457 207-602-1134
Re: FTTH Active vs Passive
On Wed, 2 Dec 2009, Fletcher Kittredge wrote: Pricing aside, do you feel the Japanese have a good architecture for the last mile? Would it adapt well from an environment that is mostly multi-dwelling units (MDU) to one which is mostly single-dwelling units? Any thoughts on good places to start for an english language speaker to learn about the Japanese broadband experience? You might look into what's being done in Sweden then, here there are municipality networks who dig up the streets and does fiber to the individual house in suburbia (you have to trench your own land though, 4dm deep, 1-2dm wide, they only dig in the street put down the pipe in your trench). Common cost for the house owner to get this done is in the 2-4kUSD range per house, then you can choose between multiple ISPs to purchase your bw from. 100/100 (symmetric speed) seems to cost 40 USD per month, 10/10 is 5-10 USD/month cheaper. I've been trying to run the text thru google translate, but the web magic seems to prohibit this from working. If someone can figure it out better than me, the URL is here (in swedish): http://www.sollentunaenergi.se/bredband/ansl_villor.asp -- Mikael Abrahamssonemail: swm...@swm.pp.se
Re: FTTH Active vs Passive
On Wed, 02 Dec 2009 00:58:48 CST, Will Clayton said: enable the masses to communicate and, at the same time, appease, for lack of a better word, those who would capitalize on the sheer lack of unified infrastructure. The same way we appeased them the *last* time we gave them incentives to deploy true high-capacity broadband, of course... pgpEphQYMlymo.pgp Description: PGP signature
RE: FTTH Active vs Passive
Given the start up costs, it is not clear what is compelling. Here in Budapest I get Internet access for less than Euros. Roderick S. Beck Director of European Sales Hibernia Atlantic Budapest, New York, and Paris http://www.hiberniaatlantic.com -Original Message- From: Mikael Abrahamsson [mailto:swm...@swm.pp.se] Sent: Wed 12/2/2009 1:35 PM To: Fletcher Kittredge Cc: NANOG list Subject: Re: FTTH Active vs Passive On Wed, 2 Dec 2009, Fletcher Kittredge wrote: Pricing aside, do you feel the Japanese have a good architecture for the last mile? Would it adapt well from an environment that is mostly multi-dwelling units (MDU) to one which is mostly single-dwelling units? Any thoughts on good places to start for an english language speaker to learn about the Japanese broadband experience? You might look into what's being done in Sweden then, here there are municipality networks who dig up the streets and does fiber to the individual house in suburbia (you have to trench your own land though, 4dm deep, 1-2dm wide, they only dig in the street put down the pipe in your trench). Common cost for the house owner to get this done is in the 2-4kUSD range per house, then you can choose between multiple ISPs to purchase your bw from. 100/100 (symmetric speed) seems to cost 40 USD per month, 10/10 is 5-10 USD/month cheaper. I've been trying to run the text thru google translate, but the web magic seems to prohibit this from working. If someone can figure it out better than me, the URL is here (in swedish): http://www.sollentunaenergi.se/bredband/ansl_villor.asp -- Mikael Abrahamssonemail: swm...@swm.pp.se
Re: FTTH Active vs Passive
Mikael Abrahamsson wrote: You might look into what's being done in Sweden then, here there are municipality networks who dig up the streets and does fiber to the individual house in suburbia (you have to trench your own land though, 4dm deep, 1-2dm wide, they only dig in the street put down the pipe in your trench). Sounds good, though I don't see a majority of US consumers paying for the trench, nor do I see a lot of home builders paying for it either (around here they often skimp on putting in a real road, so the city forces the road to be private which leaves it a wonderful unmaintained gravel speed bump, much less wiring housing for data). In addition, I don't see the municipalities paying for plant like they do roads. Then again, I'm glad the city/county doesn't pay for our plant. They can barely maintain their roads. Politics, education, and how money flows in our economy are all probably show stoppers for widespread success. Jack
Re: FTTH Active vs Passive
You might look into what's being done in Sweden then, here there are municipality networks who dig up the streets and does fiber to the individual house in suburbia (you have to trench your own land though, 4dm deep, 1-2dm wide, they only dig in the street put down the pipe in your trench). Common cost for the house owner to get this done is in the 2-4kUSD range per house, then you can choose between multiple ISPs to purchase your bw from. 100/100 (symmetric speed) seems to cost 40 USD per month, 10/10 is 5-10 USD/month cheaper. I've been trying to run the text thru google translate, but the web magic seems to prohibit this from working. If someone can figure it out better than me, the URL is here (in swedish): http://www.sollentunaenergi.se/bredband/ansl_villor.asp I'd look more to what they're doing in Rochester, NY: http://rocwiki.org/Sewer_Fiber_Optic_Network Run it in the sewers. The sewer system runs to every building and household in the municipality. No need to re-trench anything. --Curtis
RE: FTTH Active vs Passive
-Original Message- From: Curtis Maurand [mailto:cmaur...@xyonet.com] SNIP I'd look more to what they're doing in Rochester, NY: http://rocwiki.org/Sewer_Fiber_Optic_Network Run it in the sewers. The sewer system runs to every building and household in the municipality. No need to re-trench anything. --Curtis In the UK more homes have fixed wire telephony than mains sewers or water. Not sure what that means to this discussion :-) ___ Atos Origin and Atos Consulting are trading names used by the Atos Origin group. The following trading entities are registered in England and Wales: Atos Origin IT Services UK Limited (registered number 01245534) and Atos Consulting Limited (registered number 04312380). The registered office for each is at 4 Triton Square, Regents Place, London, NW1 3HG.The VAT No. for each is: GB232327983 This e-mail and the documents attached are confidential and intended solely for the addressee, and may contain confidential or privileged information. If you receive this e-mail in error, you are not authorised to copy, disclose, use or retain it. Please notify the sender immediately and delete this email from your systems. As emails may be intercepted, amended or lost, they are not secure. Atos Origin therefore can accept no liability for any errors or their content. Although Atos Origin endeavours to maintain a virus-free network, we do not warrant that this transmission is virus-free and can accept no liability for any damages resulting from any virus transmitted. The risks are deemed to be accepted by everyone who communicates with Atos Origin by email. ___
Re: FTTH Active vs Passive
Thanks for the pointers, Mikael. unfortunately, my Swedish is not much better than my Japanese... But it is a good start and I am sure I will find some sort of English description somewhere. I should have been a bit more explicit in my question: I am not concerned on the routing of the last mile, sewer, trenching, etc. That is a solved problem for these projects. The big questions for me is PON vs active and, if PON, what are the details: prisms in the CO vs prisms in the field, which xPON to use, etc. How is splicing and interconnection done, etc. thanks! Fletcher On Wed, Dec 2, 2009 at 8:35 AM, Mikael Abrahamsson swm...@swm.pp.se wrote: On Wed, 2 Dec 2009, Fletcher Kittredge wrote: Pricing aside, do you feel the Japanese have a good architecture for the last mile? Would it adapt well from an environment that is mostly multi-dwelling units (MDU) to one which is mostly single-dwelling units? Any thoughts on good places to start for an english language speaker to learn about the Japanese broadband experience? You might look into what's being done in Sweden then, here there are municipality networks who dig up the streets and does fiber to the individual house in suburbia (you have to trench your own land though, 4dm deep, 1-2dm wide, they only dig in the street put down the pipe in your trench). Common cost for the house owner to get this done is in the 2-4kUSD range per house, then you can choose between multiple ISPs to purchase your bw from. 100/100 (symmetric speed) seems to cost 40 USD per month, 10/10 is 5-10 USD/month cheaper. I've been trying to run the text thru google translate, but the web magic seems to prohibit this from working. If someone can figure it out better than me, the URL is here (in swedish): http://www.sollentunaenergi.se/bredband/ansl_villor.asp -- Mikael Abrahamssonemail: swm...@swm.pp.se -- Fletcher Kittredge GWI 8 Pomerleau Street Biddeford, ME 04005-9457 207-602-1134
Re: FTTH Active vs Passive
I'd look more to what they're doing in Rochester, NY: http://rocwiki.org/Sewer_Fiber_Optic_Network Run it in the sewers. The sewer system runs to every building and household in the municipality. No need to re-trench anything. Ahh .. the TISP : http://www.google.com/tisp/install.html Regards, Michael Holstein Cleveland State University
Re: FTTH Active vs Passive
Mackinnon, Ian wrote: snip In the UK more homes have fixed wire telephony than mains sewers or water. Not sure what that means to this discussion :-) In the US as well, but if you're trying to run a new fiber network and you want it uderground, the sewers in metro areas are a good place to start. In the rural areas, however, everything is on poles except for new construction where trenching and conduit are required. I worked briefly for a small ILEC/CLEC here in Maine that does not replace copper trunks with copper any longer. If the copper goes bad, they're running FTTH.
Re: FTTH Active vs Passive
On Wed, 2 Dec 2009, Fletcher Kittredge wrote: Thanks for the pointers, Mikael. unfortunately, my Swedish is not much better than my Japanese... But it is a good start and I am sure I will find some sort of English description somewhere. Here is a cut/paste of the thing run thru google translate. I believe you'll get the meaning. This actually works, people do pay this amount of money to get connected. I believe they would in the US too, given the chance. - Connection villas Can I connect my house? For an answer ang your villa, please complete and submit an Expression of interest. It then goes into an order, provided that the fiber tableware can be connected! Here's how it works! During the period tjälfria is our excavation works in roads and public land for the siting of the optical fiber. Today we have a well-developed fiber network allowing for the vast majority living in Sollentuna to quickly connect their property, and thus have access to a wide range of services. We will contact you Once you have ordered the connection of broadband we will contact you to show where you are digging at the site, from our access point in the street to your house. Excavation of land From a designated point at land border, undermining you to the agreed point at the house's outer wall. Shafts shall be 4 dm deep and 1-2 dm wide along the entire route, and ends with a hole in the foundation. The shaft adds a conduit, as optical fiber to serve in. tube free download at our stores at Knistad farm road 12, Monday-Thursday at 07.30-10.45 and 12.00-15.00 Note: Digging shafts before conduit retrieved, so you know exactly the number of meter tubes you need. Do you want help with digging at the site and the siting of the pipes, you can contact our land contractor for cost data: Ponds Mountain Construction AB, tel. 08-92 02 40th Before you dig If you are going to dig into the ground, you must make sure that you do not dig any cables or pipes for electricity, broadband and heating. We will send you a fitter who find out where the pipes are. That way you can avoid digging of a pipe by mistake. Release are made on weekdays between 08.00 - 15.30 and must be notified at least three days in advance. Cabling is free. Remember that you may be held liable if you have not asked for cabling and undermining of any cables or pipes for electricity, broadband or remote heat! Backhoe course and put tubes in good time before we come to your area. Connecting in the house At the outlet in the house Drill a 12mm hole in the wall / foundation. The hole is drilled obliquely downward (about 45 degrees) from the inside out. This angle is important for optical fiber bend radius should not be too sharp. Need help with piercing, notify our supervisor when he visits you to discuss the excavation work. Connection of optical fiber When the plumbing and piercing are done, please let us know. We then pull up the fiber, and our engineers put a note in your mailbox to make an appointment for a connection. Inside the wall mounted switch to which you connect. This is also our transfer point for all services. Switch must be plugged into an electrical outlet nearby. Inside the house From the switch ensures you install the network cable to the rooms PC or TV to be connected in. You must use the cable type of Category 5 unshielded twisted pair network cable with 4 pairs of conductors and RJ45 connectors, EIA / TIA 568B. Ready for delivery Now you can order any of the services offered in Sollentuna Energi's broadband network. You can choose from several different ISPs, some of which also offer VoIP. When your supplier has informed us about your order, switched services normally within 10 working days. Information on service providers and prices can be found under the Internet link. -- Mikael Abrahamssonemail: swm...@swm.pp.se
Re: FTTH Active vs Passive
Mikael Abrahamsson wrote: On Wed, 2 Dec 2009, Fletcher Kittredge wrote: Thanks for the pointers, Mikael. unfortunately, my Swedish is not much better than my Japanese... But it is a good start and I am sure I will find some sort of English description somewhere. Here is a cut/paste of the thing run thru google translate. I believe you'll get the meaning. This actually works, people do pay this amount of money to get connected. I believe they would in the US too, given the chance. Ay, there's the rub! The question is not if this can be done here in the US but, will it be done? Like many things, whether it is in 'Public Works' or 'Public Policy,' in the US, parties generally choose the easy/cheapest way out. There's no need to do too much. Planning/preparing/accounting for things ahead? What's that?Do not want to take this discussion (more than it already has) to the non-operational front.
Re: FTTH Active vs Passive
Another issue - how far does the technology support open access/infrastructure sharing/wholesaling? Not only are networks that get public funding likely to be expected to provide these, but there is evidence that they are important financially. Benoit Felten's presentation at eComm Europe suggested that the takerate and the presence of wholesale were the biggest sensitivities bearing on the pay off period for a FTTH deployment. signature.asc Description: This is a digitally signed message part.
Re: FTTH Active vs Passive
Very much it depends on the case. In price perspective Active Ethernet is cheaper (for the active equipment) for both CAPEX and OPEX. Also it is reacher in features. Just for comparison 2.5Gbit G-PON solution cost about the same as reasonable 10Gig FTTH active ethernet solution. If you do extremely cheap Active Ethernet with Ethernet BRAS you can go even 5-10 times cheaper than passive, and much more reacher on features. The fiber for Active Ethernet actually costs the same as the fiber for Passive Ethernet. You have the same amount of work to install it the fiber price difference is very small if you have 48 fibers than 12 for example. The number of splices you need to do in fiber for Active Ethernet is slightly higher but it is absolutely and fully compensated by the price of the PON splitter. So if you are looking for any of the price, stability, standartization (both G-PON and GEPON have many issues with the compatibility between the vendors), speed, feature richness, Active Ethernet always win. The best thing for Passive FTTH is written in its name. It is Passive, which means, you don't need to power it except in the subscriber's home. So if you have any issues with the power (or requirements for availability, that can not be reached cheaply because of reasons related to the power), then passive FTTH is your choice. In any other case Active is better. Delian On Tue, Dec 1, 2009 at 4:57 AM, Luke Marrott luke.marr...@gmail.com wrote: I'm wondering what everyones thoughts are in regards to FTTH using Active Ethernet or Passive. I work for a FTTH Provider that has done Active Ethernet on a few networks so I'm always biased in discussions, but I don't know anyone with experience in PON. I've read before that almost all PON technology is proprietary, locking you into a specific hardware vendor. However I think this is changing or has already changed, opening PON up for interoperability. Can anyone confirm this? Thanks in advance. :Luke Marrott
Edge-Core (Accton) switches
Anyone have any experience using Edge-Core switches (or Accton, Edge-Core is a subsidiary)? Good/bad? Pricing/features seem good, but you often get what you pay for . . . Thanks, Todd
Re: FTTH Active vs Passive
Generally Ethernet itself support in the last years natively Openaccess. But first you need to answer to youself what type of Openness you want? Open Access on Layer3 level? As it is made by the ADSL L3 LLU? If so, then both Active and passive FTTH Ethernet are absolutley ready for it. Every Service provider is a single VLAN, DHCP snooping, ARP snooping (to enforce security) are enabled and that is. You can even do the same services as the ADSL providers, you can buy (only for central place, for service control, not for access) BRAS solution as Juniper MX or Ericsson SE1200 (or Alcatel or even the currently slow performing Cisco) and to have radius authentication per session and per vlan. You can even give to your service provides Virtual Logical Router (with its own administrative control) in MX or Logical Context (which is the same, but implemented in more scalable way) into the Ericsson SE1200. You can have integrated L3 Open Access solution from a vendors like Packet Front, but their solution is expensive per subscriber (in large scale) and performs well only on L3. Open Access on Layer2 level? This is the absolutely pure Open Access you can have. Pure Layer2 tunnels from the Service Provider to the subscriber's port. Then the service provider can do whatever it wants and provide L3 and L2 services in absolutely independent and transparent way. Active Ethernet is ready for this today. You can do 802.1ac/ad (Double VLAN Tagging) per port and have 16m combinations (ports) that you can transport transparently to your service providers. You can do it with very expensive equipment (as Cisco, Juniper, etc) or with even really cheap equipment (for about 5$ per port) as well. Ethernet today have many interesting carrier features supported as standards directly by IEEE. You can have security, encryption, control, bandwidh control (even on HQ), filtering, pure transparent transportation. The mac addresses and the VLAN IDs are not limitation anymore for years. You have even Ethernet SNMP, PING, Traceroute, service control. If you need some guides on this, I can tell you, but I don't think is necessary to get deeper on that right now. PON is relatively close to L2 open access. Most of the vendors are almost there where 802.1ac/ad standard is. So here the situation is relativley the same as in the active ethernet. Delian On Wed, Dec 2, 2009 at 7:45 PM, Alexander Harrowell a.harrow...@gmail.comwrote: Another issue - how far does the technology support open access/infrastructure sharing/wholesaling? Not only are networks that get public funding likely to be expected to provide these, but there is evidence that they are important financially. Benoit Felten's presentation at eComm Europe suggested that the takerate and the presence of wholesale were the biggest sensitivities bearing on the pay off period for a FTTH deployment.
Re: ATT SMTP Admin contact?
On Dec 2, 2009, at 12:31 PM, Rich Kulawiec wrote: Because SenderID and SPF have no anti-spam value, and almost no anti-forgery value. Not that this stops a *lot* of people who've drunk the kool-aid from trying to use them anyway, OK, I'll bite--How exactly do you go about forging email from my domain name if the host receiving it is checking SPF? Chris - Chris Owen - Garden City (620) 275-1900 - Lottery (noun): President - Wichita (316) 858-3000 -A stupidity tax Hubris Communications Inc www.hubris.net -
RE: FTTH Active vs Passive
Running fiber in the sewers can lead to many very expensive problems for homeowners. This is so because some municipalities consider the lateral sewer line running from the main sewer line in the street to the homeowners' house the responsibility of the homeowner. If the lateral should get blocked in any way, it is the homeowners' responsibility to fix and/or replace it. Assuming the costs associated with digging a 30 foot long, 15 foot deep trench from the homeowner's property line to tie into the city sewer system can easily cost US $10,000.00 - $15,000.00. This is not usually covered by homeowners' insurance. -Original Message- From: Michael Holstein [mailto:michael.holst...@csuohio.edu] Sent: Wednesday, December 02, 2009 8:34 AM To: Curtis Maurand Cc: NANOG list Subject: Re: FTTH Active vs Passive I'd look more to what they're doing in Rochester, NY: http://rocwiki.org/Sewer_Fiber_Optic_Network Run it in the sewers. The sewer system runs to every building and household in the municipality. No need to re-trench anything. Ahh .. the TISP : http://www.google.com/tisp/install.html Regards, Michael Holstein Cleveland State University
Leaving public peering?
This year I've been seeing what appears to be an increasing trend among service providers.. making the decision to leave public peering. I'm sure others on this list as seeing that trend as well. I have a couple of guesses, but I'm curious , and I wanted to get some other thoughts as to the why. I don't have exact numbers, but off the top of my head, I'd guess somewhere around two dozen of our peers have left various peering exchanges. Quick couple I checked still appear to be operational as a company, so I'm willing to remove death as a valid reason. I realized that paid transit is down at almost obscene levels, but is that enough of a reason to increase hop-count, latencies, etc? Why disconnect from public mostly-free peering? -donn
Re: Leaving public peering?
In a message written on Wed, Dec 02, 2009 at 12:46:46PM -0800, Lasher, Donn wrote: I realized that paid transit is down at almost obscene levels, but is that enough of a reason to increase hop-count, latencies, etc? Why disconnect from public mostly-free peering? Let's look at some economics. I'm going to pick on some folks here, solely because they have prices online and because they are, I feel, representative prices. http://www.cogentco.com/us/ Home of the $4 Megabit! So we have transit prices at $4 per megabit. http://www.de-cix.net/content/services/public-peering.html A 1GE link to the exchange is 1000 euro per month, which is $1505 USD at the moment, let's call it $1500 for round numbers. Now, your 1GE exchange port really shouldn't be run past 60% or so, if you want to provide good service. So it's really $1500 for 600Mbits, or $2.50 per Megabit. If you're an ISP you look at this and go, humm, I take in $4 from my customer, and hand $2.50 of it right back out to an exchange operator if I use public peering, making the exchange 62% of my costs right up front. On the other hand, if I choose wisely where I private peer I can do it at places with a one-time fee for the cable, so there is $0 in MRC. I have to buy a router port, sure, but it's also $0 MRC, just a capital asset that can get written off over many years. This is the math with the $4 megabit advertised price. The halls at Nanog are awash in $2 a megabit rumors if you have large enough commits (say, a few 10GE's). Taking in $2 and paying the exchange operator $2.50 of itwell, that's not so good. :) Transit prices have fallen enough that MRC's for switch ports, and even MRC's for fiber runs (are any of you still in a colo that wants $500 a month for a fiber run, I didn't think so) are eating up huge chunks of the inbound revenue, and thus just don't make sense. Now, before someone points it out, yes, DECIX's rate per megabit is lower on a 10GE and a second port, so if you can move 2 ports of 10GE of traffic you can make it a lot cheaper. Also, Cogents $4 a megabit is probably predicated on you being in the right location and having the right commit, if you need a DS-3 in West Nowhere you'll pay a higher rate, and that helps offset some of the costs. I've oversimplified, and it's a very complex problem for most providers; however I know many are looking at the fees for peering ports go from being in the noise to a huge part of their cost structure and that doesn't work. -- Leo Bicknell - bickn...@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ pgptGqQflvOvY.pgp Description: PGP signature
Re: Leaving public peering?
On Wed, 2 Dec 2009, Lasher, Donn wrote: that enough of a reason to increase hop-count, latencies, etc? In what way is hop-count a valid measurement of network preformance/quality? Today with gigabit links serialisation-delay is a non-issue so hop-count is not important anymore. Regarding your question there, I don't know what size of players you're talking about, but I'd imagine that having 3-4 engineers who knows BGP that can be on-call is actually more expensive compared to less people who needs to know about this and you just buy cheap transit... At least this is true for some small and mid-sized players. -- Mikael Abrahamssonemail: swm...@swm.pp.se
Re: Leaving public peering?
Leo, the DE-CIX pricing is now 500 Euro/month...since 1st october...see end of that page. Both DE-CIX and AMS-IX have decreased their pricing this year..almost at the same time. I guess this is a move to stop company leaving public exchanges...i have seen this trend, too. Regards, Jonas On Wed, 2009-12-02 at 22:20, Leo Bicknell wrote: In a message written on Wed, Dec 02, 2009 at 12:46:46PM -0800, Lasher, Donn wrote: I realized that paid transit is down at almost obscene levels, but is that enough of a reason to increase hop-count, latencies, etc? Why disconnect from public mostly-free peering? Let's look at some economics. I'm going to pick on some folks here, solely because they have prices online and because they are, I feel, representative prices. http://www.cogentco.com/us/ Home of the $4 Megabit! So we have transit prices at $4 per megabit. http://www.de-cix.net/content/services/public-peering.html A 1GE link to the exchange is 1000 euro per month, which is $1505 USD at the moment, let's call it $1500 for round numbers. Now, your 1GE exchange port really shouldn't be run past 60% or so, if you want to provide good service. So it's really $1500 for 600Mbits, or $2.50 per Megabit. If you're an ISP you look at this and go, humm, I take in $4 from my customer, and hand $2.50 of it right back out to an exchange operator if I use public peering, making the exchange 62% of my costs right up front. On the other hand, if I choose wisely where I private peer I can do it at places with a one-time fee for the cable, so there is $0 in MRC. I have to buy a router port, sure, but it's also $0 MRC, just a capital asset that can get written off over many years. This is the math with the $4 megabit advertised price. The halls at Nanog are awash in $2 a megabit rumors if you have large enough commits (say, a few 10GE's). Taking in $2 and paying the exchange operator $2.50 of itwell, that's not so good. :) Transit prices have fallen enough that MRC's for switch ports, and even MRC's for fiber runs (are any of you still in a colo that wants $500 a month for a fiber run, I didn't think so) are eating up huge chunks of the inbound revenue, and thus just don't make sense. Now, before someone points it out, yes, DECIX's rate per megabit is lower on a 10GE and a second port, so if you can move 2 ports of 10GE of traffic you can make it a lot cheaper. Also, Cogents $4 a megabit is probably predicated on you being in the right location and having the right commit, if you need a DS-3 in West Nowhere you'll pay a higher rate, and that helps offset some of the costs. I've oversimplified, and it's a very complex problem for most providers; however I know many are looking at the fees for peering ports go from being in the noise to a huge part of their cost structure and that doesn't work.
Re: Leaving public peering?
On Dec 2, 2009, at 3:46 PM, Lasher, Donn wrote: This year I've been seeing what appears to be an increasing trend among service providers.. making the decision to leave public peering. I'm sure others on this list as seeing that trend as well. I have a couple of guesses, but I'm curious , and I wanted to get some other thoughts as to the why. I don't have exact numbers, but off the top of my head, I'd guess somewhere around two dozen of our peers have left various peering exchanges. Quick couple I checked still appear to be operational as a company, so I'm willing to remove death as a valid reason. I have some hard numbers from LINX. LINX receives 1 new member request per week. There were a handful of cancelations in the last year. Doesn't seem to me like a lot of people are leaving public peering. It is not surprising that some networks turn down their peering - just the opposite. Business models change, special offers pop up, etc. Someone is going to turn down their peering. Instead of looking at the outliers, look at the fact more ASes are peering in more places than ever before. Peering on the Internet is robust, growing, and happy. -- TTFN, patrick I realized that paid transit is down at almost obscene levels, but is that enough of a reason to increase hop-count, latencies, etc? Why disconnect from public mostly-free peering? -donn
Re: Leaving public peering?
Leo Bicknell wrote: rate, and that helps offset some of the costs. I've oversimplified, and it's a very complex problem for most providers; however I know many are looking at the fees for peering ports go from being in the noise to a huge part of their cost structure and that doesn't work. Let's also not forget those who aren't sitting right next to the exchange. I'd love to have better peering, private and public, but there's the additional 300 miles of long haul to consider as well. Then there's the consideration of redundancy. Do I want redundant feeds to the exchange or do I want to consider my local transits to be the redundancy. Will I be purchasing transit via the exchange link to perform redundant functions for my local transits? It's always a difficult financial decision, and I've been battling it for years. I want the option for more direct connectivity and more peering options, but there's additional costs which are hard to justify to the bean counters. Jack (still no dual stacked IPv6 transit due to same issues as above)
RE: Leaving public peering?
Just to chime in on this subject. We're at Equinix in San Jose. For access to the peering at their facility, they charge a $1000 MRC Fee, plus another $250 MRC for a cross-connect for GE port. I believe they also charge a $1000 NRC fee as well. Private peering would be an option if they didn't charge for every cross-connect a monthly fee. That fee is pretty high to small people like us, which really prevents us from entering the peering stages we'd love to have at this point. If we had private peering, we'd have to pay the fee regardless. $250/mo is quite a lot. Especially if you're talking at dollars per meg. It doesn't make sense. -S -Original Message- From: Leo Bicknell [mailto:bickn...@ufp.org] Sent: Wednesday, December 02, 2009 1:20 PM To: nanog@nanog.org Subject: Re: Leaving public peering? In a message written on Wed, Dec 02, 2009 at 12:46:46PM -0800, Lasher, Donn wrote: I realized that paid transit is down at almost obscene levels, but is that enough of a reason to increase hop-count, latencies, etc? Why disconnect from public mostly-free peering? Let's look at some economics. I'm going to pick on some folks here, solely because they have prices online and because they are, I feel, representative prices. http://www.cogentco.com/us/ Home of the $4 Megabit! So we have transit prices at $4 per megabit. http://www.de-cix.net/content/services/public-peering.html A 1GE link to the exchange is 1000 euro per month, which is $1505 USD at the moment, let's call it $1500 for round numbers. Now, your 1GE exchange port really shouldn't be run past 60% or so, if you want to provide good service. So it's really $1500 for 600Mbits, or $2.50 per Megabit. If you're an ISP you look at this and go, humm, I take in $4 from my customer, and hand $2.50 of it right back out to an exchange operator if I use public peering, making the exchange 62% of my costs right up front. On the other hand, if I choose wisely where I private peer I can do it at places with a one-time fee for the cable, so there is $0 in MRC. I have to buy a router port, sure, but it's also $0 MRC, just a capital asset that can get written off over many years. This is the math with the $4 megabit advertised price. The halls at Nanog are awash in $2 a megabit rumors if you have large enough commits (say, a few 10GE's). Taking in $2 and paying the exchange operator $2.50 of itwell, that's not so good. :) Transit prices have fallen enough that MRC's for switch ports, and even MRC's for fiber runs (are any of you still in a colo that wants $500 a month for a fiber run, I didn't think so) are eating up huge chunks of the inbound revenue, and thus just don't make sense. Now, before someone points it out, yes, DECIX's rate per megabit is lower on a 10GE and a second port, so if you can move 2 ports of 10GE of traffic you can make it a lot cheaper. Also, Cogents $4 a megabit is probably predicated on you being in the right location and having the right commit, if you need a DS-3 in West Nowhere you'll pay a higher rate, and that helps offset some of the costs. I've oversimplified, and it's a very complex problem for most providers; however I know many are looking at the fees for peering ports go from being in the noise to a huge part of their cost structure and that doesn't work. -- Leo Bicknell - bickn...@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/
Consumer Grade - IPV6 Enabled Router Firewalls.
We had a discussion today about IPv6 today. During our open thinking the topic of client equipment came up. We all commented that we have not seen any consumer grade IPv6 enable internet gateways (routers/firewalls), a kin to the ever popular Linksys 54G series, DLinks , SMCs or Netgears. Does anyone have any leads to information about such products (In production or planned production)? We are thinking that most vendors are going to wait until Ma and Pa home user are screaming for them. Thoughts? -- Wade Peacock Sun Country Cablevision Ltd attachment: wade_peacock.vcf
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
Wade Peacock wrote: We had a discussion today about IPv6 today. During our open thinking the topic of client equipment came up. We all commented that we have not seen any consumer grade IPv6 enable internet gateways (routers/firewalls), a kin to the ever popular Linksys 54G series, DLinks , SMCs or Netgears. Does anyone have any leads to information about such products (In production or planned production)? We are thinking that most vendors are going to wait until Ma and Pa home user are screaming for them. Thoughts? You're correct, out of the box there aren't many. The first couple that come to mind are the Apple Airport Express and Airport Extreme, but I don't believe Linksys/Netgear/etc. have support out of the box.
RE: Consumer Grade - IPV6 Enabled Router Firewalls.
Biased opinion because we distribute/sell Tilgin related products, but they are supposed to do IPv6 Having said that, we have not lab tested them ourselves and plan to early next year Paul -Original Message- From: Wade Peacock [mailto:wade.peac...@sunwave.net] Sent: December-02-09 6:16 PM To: nanog@nanog.org Subject: Consumer Grade - IPV6 Enabled Router Firewalls. We had a discussion today about IPv6 today. During our open thinking the topic of client equipment came up. We all commented that we have not seen any consumer grade IPv6 enable internet gateways (routers/firewalls), a kin to the ever popular Linksys 54G series, DLinks , SMCs or Netgears. Does anyone have any leads to information about such products (In production or planned production)? We are thinking that most vendors are going to wait until Ma and Pa home user are screaming for them. Thoughts? -- Wade Peacock Sun Country Cablevision Ltd The information transmitted is intended only for the person or entity to which it is addressed and contains confidential and/or privileged material. If you received this in error, please contact the sender immediately and then destroy this transmission, including all attachments, without copying, distributing or disclosing same. Thank you.
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
Matthew Dodd wrote: Apple has been shipping the Airport Extreme and Express (consumer router) with v6 support since 2007, if I recall correctly. They can also create a 4to6 tunnel automatically. By 4to6 to you mean IPv4 on the inside and IPv6 on the outside? Wade Peacock Sun Country Cablevision Ltd attachment: wade_peacock.vcf
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
On 3/12/2009, at 12:44 PM, Wade Peacock wrote: Matthew Dodd wrote: Apple has been shipping the Airport Extreme and Express (consumer router) with v6 support since 2007, if I recall correctly. They can also create a 4to6 tunnel automatically. By 4to6 to you mean IPv4 on the inside and IPv6 on the outside? He is confused, and means 6to4. Also the airport extreme does not do DHCPv6-PD or anything (as far as I know, they certainly did not last time I tried), so I don't know that we'd really call them an IPv6 CPE in the way that I suspect Wade means. -- Nathan Ward
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
I meant to say 6to4, sorry about that. Nothing special there. -Matt On Dec 2, 2009, at 6:44 PM, Wade Peacock wade.peac...@sunwave.net wrote: Matthew Dodd wrote: Apple has been shipping the Airport Extreme and Express (consumer router) with v6 support since 2007, if I recall correctly. They can also create a 4to6 tunnel automatically. By 4to6 to you mean IPv4 on the inside and IPv6 on the outside? Wade Peacock Sun Country Cablevision Ltd wade_peacock.vcf
Re: Leaving public peering?
On Dec 2, 2009, at 4:48 PM, Jonas Frey wrote: the DE-CIX pricing is now 500 Euro/month...since 1st october...see end of that page. Both DE-CIX and AMS-IX have decreased their pricing this year..almost at the same time. I guess this is a move to stop company leaving public exchanges...i have seen this trend, too. That is not why LINX lowers its prices. (I cannot say why AMS-IX lowers its prices.) LINX is a member-based organization. The member _own_ the exchange. They are paying themselves, and they only pay themselves as much as it costs to run the exchange. With more members, more scale, and advances in equipment, unit (i.e. port) costs go down. In a cost-recovery model, that means prices drop. LINX dropped prices mid-year 2009, and are dropping prices again in January 2009. AMS-IX dropped prices once in that time. DE-CIX actually raised its prices for many members, so they could lower their prices for others. Interesting strategy -- TTFN, patrick On Wed, 2009-12-02 at 22:20, Leo Bicknell wrote: In a message written on Wed, Dec 02, 2009 at 12:46:46PM -0800, Lasher, Donn wrote: I realized that paid transit is down at almost obscene levels, but is that enough of a reason to increase hop-count, latencies, etc? Why disconnect from public mostly-free peering? Let's look at some economics. I'm going to pick on some folks here, solely because they have prices online and because they are, I feel, representative prices. http://www.cogentco.com/us/ Home of the $4 Megabit! So we have transit prices at $4 per megabit. http://www.de-cix.net/content/services/public-peering.html A 1GE link to the exchange is 1000 euro per month, which is $1505 USD at the moment, let's call it $1500 for round numbers. Now, your 1GE exchange port really shouldn't be run past 60% or so, if you want to provide good service. So it's really $1500 for 600Mbits, or $2.50 per Megabit. If you're an ISP you look at this and go, humm, I take in $4 from my customer, and hand $2.50 of it right back out to an exchange operator if I use public peering, making the exchange 62% of my costs right up front. On the other hand, if I choose wisely where I private peer I can do it at places with a one-time fee for the cable, so there is $0 in MRC. I have to buy a router port, sure, but it's also $0 MRC, just a capital asset that can get written off over many years. This is the math with the $4 megabit advertised price. The halls at Nanog are awash in $2 a megabit rumors if you have large enough commits (say, a few 10GE's). Taking in $2 and paying the exchange operator $2.50 of itwell, that's not so good. :) Transit prices have fallen enough that MRC's for switch ports, and even MRC's for fiber runs (are any of you still in a colo that wants $500 a month for a fiber run, I didn't think so) are eating up huge chunks of the inbound revenue, and thus just don't make sense. Now, before someone points it out, yes, DECIX's rate per megabit is lower on a 10GE and a second port, so if you can move 2 ports of 10GE of traffic you can make it a lot cheaper. Also, Cogents $4 a megabit is probably predicated on you being in the right location and having the right commit, if you need a DS-3 in West Nowhere you'll pay a higher rate, and that helps offset some of the costs. I've oversimplified, and it's a very complex problem for most providers; however I know many are looking at the fees for peering ports go from being in the noise to a huge part of their cost structure and that doesn't work.
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
On Wed, Dec 2, 2009 at 5:52 PM, Matthew Dodd md...@doddserver.com wrote: I meant to say 6to4, sorry about that. Nothing special there. -Matt 4to6 would be a mighty nice feature on a CPE =) -- Brandon Galbraith Mobile: 630.400.6992 FNAL: 630.840.2141
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
On 12/2/09 7:24 PM, Brandon Galbraith brandon.galbra...@gmail.com wrote: On Wed, Dec 2, 2009 at 5:52 PM, Matthew Dodd md...@doddserver.com wrote: I meant to say 6to4, sorry about that. Nothing special there. -Matt 4to6 would be a mighty nice feature on a CPE =) === If you are thinking about only giving a v6 address to a CPE and still offering a v4 service, there is a technology for that, it is called dual-stack lite. See http://www.ietf.org/id/draft-ietf-softwire-dual-stack-lite-02.txt - Alain.
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
There are specifications for them being developed in the IETF, BBF, and Cable Labs. Basically, all of the usual suspects are interested in having product that meets needs. On Dec 2, 2009, at 3:16 PM, Wade Peacock wrote: We had a discussion today about IPv6 today. During our open thinking the topic of client equipment came up. We all commented that we have not seen any consumer grade IPv6 enable internet gateways (routers/firewalls), a kin to the ever popular Linksys 54G series, DLinks , SMCs or Netgears. Does anyone have any leads to information about such products (In production or planned production)? We are thinking that most vendors are going to wait until Ma and Pa home user are screaming for them. Thoughts? -- Wade Peacock Sun Country Cablevision Ltd wade_peacock.vcf
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
On 03/12/2009, at 11:24 AM, Fred Baker wrote: There are specifications for them being developed in the IETF, BBF, and Cable Labs. Basically, all of the usual suspects are interested in having product that meets needs. I challenge the usual suspects to deliver actual working dual stack IPv6 ADSL CPE rather than feigning interest. None of the major CPE vendors appear to have a v6 plan despite your claims. We have an IPv6 dual stack trial for ADSL going on and not a single CPE from the _major consumer CPE vendors_. Come on CPE vendors - most of your run Linux in your CPEs these days. How hard is it to make it work? Someone got an image working for us with OpenWRT in his spare time in a week, surely you CPE vendors can cobble something together for people to try out in a real piece of ADSL CPE I can buy at a shop? I don't mean 6to4 or pseudo dual stack stuff. I mean real ADSL CPE with dual stack PPP and DHCPv6 in one box. MMC
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
There are specifications for them being developed in the IETF, BBF, and Cable Labs. Basically, all of the usual suspects are interested in having product that meets needs. We had a discussion today about IPv6 today. During our open thinking the topic of client equipment came up. We all commented that we have not seen any consumer grade IPv6 enable internet gateways (routers/firewalls), a kin to the ever popular Linksys 54G series, DLinks , SMCs or Netgears. Does anyone have any leads to information about such products (In production or planned production)? We are thinking that most vendors are going to wait until Ma and Pa home user are screaming for them. fred. check your mail system. it is regurgitating email from 2001, except it is modifying the headers to have current dates. randy
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
Would you consider Juniper SSG5 as a Consumer Grade router? They do IPv6 and they are pretty good in general, and cheap as well. Mehmet On Dec 2, 2009, at 3:16 PM, Wade Peacock wrote: We had a discussion today about IPv6 today. During our open thinking the topic of client equipment came up. We all commented that we have not seen any consumer grade IPv6 enable internet gateways (routers/firewalls), a kin to the ever popular Linksys 54G series, DLinks , SMCs or Netgears. Does anyone have any leads to information about such products (In production or planned production)? We are thinking that most vendors are going to wait until Ma and Pa home user are screaming for them. Thoughts? -- Wade Peacock Sun Country Cablevision Ltd wade_peacock.vcf
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
Wade Peacock wrote: We had a discussion today about IPv6 today. During our open thinking the topic of client equipment came up. We all commented that we have not seen any consumer grade IPv6 enable internet gateways (routers/firewalls), a kin to the ever popular Linksys 54G series, DLinks , SMCs or Netgears. Does anyone have any leads to information about such products (In production or planned production)? We are thinking that most vendors are going to wait until Ma and Pa home user are screaming for them. For ADSL, we've been punting Ovislink gear for a few years. In the past, I've had very good results with having feature requests implemented by the firmware developers (sometimes while I'm on the phone with them, literally). I haven't pushed the v6 thing too hard yet, as our DSL is wholesale'd out, and the wholesaler(s), unlike myself, don't do IPv6. I will gladly rekindle the relationship with the Ovislink dev contacts regarding IPv6, as I'm sure they will respond if there is a show of potential hardware sales to a few ISPs larger than I am. Steve
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
On 03/12/2009, at 12:45 PM, Matthew Moyle-Croft wrote: Come on CPE vendors - most of your run Linux in your CPEs these days. How hard is it to make it work? Someone got an image working for us with OpenWRT in his spare time in a week, surely you CPE vendors can cobble something together for people to try out in a real piece of ADSL CPE I can buy at a shop? The fact that someone got OpenWRT working in less than a week of spare time makes it totally clear why the commercial vendors haven't done anything: They're just simply not interested, nothing more, nothing less. There's obviously no technical barrier whatsoever (otherwise, again, OpenWRT wouldn't work). If it can be done in a week of developer time there's barely even an economic barrier. It's just disinterest. Linksys, being owned by the world's largest router vendor and being confronted with actual independently-developed working code for their hardware platforms, have the least excuse out of any of them. Years and years of talk, and no customer-visible action whatsoever. What an exceptionally ordinary performance. See you in Melbourne next week, Fred :) - mark -- Mark Newton Email: new...@internode.com.au (W) Network Engineer Email: new...@atdot.dotat.org (H) Internode Pty Ltd Desk: +61-8-82282999 Network Man - Anagram of Mark Newton Mobile: +61-416-202-223
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
On 03/12/2009, at 12:53 PM, Mehmet Akcin wrote: Would you consider Juniper SSG5 as a Consumer Grade router? Depends. Can I get one at Frys for $69.95 and set it up with a web browser? - mark -- Mark Newton Email: new...@internode.com.au (W) Network Engineer Email: new...@atdot.dotat.org (H) Internode Pty Ltd Desk: +61-8-82282999 Network Man - Anagram of Mark Newton Mobile: +61-416-202-223
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
On Wed, Dec 2, 2009 at 18:23, Mehmet Akcin meh...@akcin.net wrote: Would you consider Juniper SSG5 as a Consumer Grade router? No. Way too expensive and virtually 100% of consumers would not be able to install it on their own.
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
On 03/12/2009, at 9:51 AM, Dave Temkin wrote: You're correct, out of the box there aren't many. The first couple that come to mind are the Apple Airport Express and Airport Extreme, but I don't believe Linksys/Netgear/etc. have support out of the box. The Apple products do 6to4 out of the box, but don't support v6 natively. Apple seems to have ideological objections to DHCPv6, so at the moment there's little hope at all that prefix delegation will work on any of their CPE products. - mark -- Mark Newton Email: new...@internode.com.au (W) Network Engineer Email: new...@atdot.dotat.org (H) Internode Pty Ltd Desk: +61-8-82282999 Network Man - Anagram of Mark Newton Mobile: +61-416-202-223
Re: Leaving public peering?
On Dec 2, 2009, at 4:00 PM, Patrick W. Gilmore wrote: On Dec 2, 2009, at 4:48 PM, Jonas Frey wrote: the DE-CIX pricing is now 500 Euro/month...since 1st october...see end of that page. Both DE-CIX and AMS-IX have decreased their pricing this year..almost at the same time. I guess this is a move to stop company leaving public exchanges...i have seen this trend, too. That is not why LINX lowers its prices. (I cannot say why AMS-IX lowers its prices.) LINX is a member-based organization. The member _own_ the exchange. They are paying themselves, and they only pay themselves as much as it costs to run the exchange. With more members, more scale, and advances in equipment, unit (i.e. port) costs go down. In a cost-recovery model, that means prices drop. LINX dropped prices mid-year 2009, and are dropping prices again in January 2009. AMS-IX dropped prices once in that time. DE-CIX actually raised its prices for many members, so they could lower their prices for others. Interesting strategy Yeah I have had researched multiple exchange points across the world in recent months and i can say, not only AMS-IX / DE-CIX but pretty much everyone out there is lowering the prices, it might be because of few reasons, lifted regulations from governments regarding laying new fiber, and operations.. economic reasons, operational advantages vs cost... I am sure all Exchange management have considered those and started re-pricing their service offerings. The other thing people also notices that, you really never are able to get to a big network if you are a small one via exchange due to peering requirements of these big ISPs, so they rather go and get transit and don't worry about maintaining peering sessions with something+ number of peers, but simply 2-3 transit providers who have decently been chosen. Also with a good homework, you can practically achieve great results that way... still sad to see a lot departing from public exchange points.. Mehmet
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
On Wed, Dec 2, 2009 at 8:30 PM, Mark Newton new...@internode.com.au wrote: On 03/12/2009, at 12:53 PM, Mehmet Akcin wrote: Would you consider Juniper SSG5 as a Consumer Grade router? Depends. Can I get one at Frys for $69.95 and set it up with a web browser? That would be cool, a nice box running JUNOS for seventy bucks, gimme two !! Cheers Jorge
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
On Dec 2, 2009, at 6:53 PM, Jorge Amodio wrote: On Wed, Dec 2, 2009 at 8:30 PM, Mark Newton new...@internode.com.au wrote: On 03/12/2009, at 12:53 PM, Mehmet Akcin wrote: Would you consider Juniper SSG5 as a Consumer Grade router? Depends. Can I get one at Frys for $69.95 and set it up with a web browser? That would be cool, a nice box running JUNOS for seventy bucks, gimme two !! Noted on the christmas tree for santa ;) let's see if it will happen.. SSG5s are still on ScreenOS and going to be..., SRX series run JunOS but little too pricey for a home router :) Cheers Jorge
RE: Consumer Grade - IPV6 Enabled Router Firewalls.
I think they're (all) listed here: http://www.getipv6.info/index.php/Broadband_CPE Frank -Original Message- From: Wade Peacock [mailto:wade.peac...@sunwave.net] Sent: Wednesday, December 02, 2009 5:16 PM To: nanog@nanog.org Subject: Consumer Grade - IPV6 Enabled Router Firewalls. We had a discussion today about IPv6 today. During our open thinking the topic of client equipment came up. We all commented that we have not seen any consumer grade IPv6 enable internet gateways (routers/firewalls), a kin to the ever popular Linksys 54G series, DLinks , SMCs or Netgears. Does anyone have any leads to information about such products (In production or planned production)? We are thinking that most vendors are going to wait until Ma and Pa home user are screaming for them. Thoughts? -- Wade Peacock Sun Country Cablevision Ltd
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
Bill Fehring wrote: On Wed, Dec 2, 2009 at 18:23, Mehmet Akcin meh...@akcin.net wrote: Would you consider Juniper SSG5 as a Consumer Grade router? No. Way too expensive and virtually 100% of consumers would not be able to install it on their own. If they can't plug it in (that's a huge task on its own for many people) and it just works, it's not consumer grade. Yes, even if that means a billion linksys SSIDs on channel 6. ~Seth
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
I note that a lot of those have IPv6 support because of 3rd party DDWRT images :-) A lot of them support 6to4 only - and often quite poorly. MMC On 03/12/2009, at 1:27 PM, Frank Bulk wrote: I think they're (all) listed here: http://www.getipv6.info/index.php/Broadband_CPE Frank -Original Message- From: Wade Peacock [mailto:wade.peac...@sunwave.net] Sent: Wednesday, December 02, 2009 5:16 PM To: nanog@nanog.org Subject: Consumer Grade - IPV6 Enabled Router Firewalls. We had a discussion today about IPv6 today. During our open thinking the topic of client equipment came up. We all commented that we have not seen any consumer grade IPv6 enable internet gateways (routers/firewalls), a kin to the ever popular Linksys 54G series, DLinks , SMCs or Netgears. Does anyone have any leads to information about such products (In production or planned production)? We are thinking that most vendors are going to wait until Ma and Pa home user are screaming for them. Thoughts? -- Wade Peacock Sun Country Cablevision Ltd -- Matthew Moyle-Croft Peering Manager and Team Lead - Commercial and DSLAMs Internode /Agile Level 5, 162 Grenfell Street, Adelaide, SA 5000 Australia Email: m...@internode.com.auWeb: http://www.on.net Direct: +61-8-8228-2909 Mobile: +61-419-900-366 Reception: +61-8-8228-2999Fax: +61-8-8235-6909
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
A Mikrotik Routerboard supports IPv6. Fairly cheap, under $100. But not easy enough for a novice home user to configure on their own. Could be a good cpe if it was pre-configured from the service provider though. I use a MT box at home which serves as my router, dual stack, and then set's up an IPv6 tunnel to SIXXS. Very stable platform. Only drawback is the lack of support for IPv6 over PPP. -- Chris Gotstein Sr Network Engineer UP Logon/Computer Connection UP Iron Mountain, MI 49801 Wade Peacock wrote: We had a discussion today about IPv6 today. During our open thinking the topic of client equipment came up. We all commented that we have not seen any consumer grade IPv6 enable internet gateways (routers/firewalls), a kin to the ever popular Linksys 54G series, DLinks , SMCs or Netgears. Does anyone have any leads to information about such products (In production or planned production)? We are thinking that most vendors are going to wait until Ma and Pa home user are screaming for them. Thoughts?
Re: ATT SMTP Admin contact?
On Wed, 02 Dec 2009 12:38:54 CST, Chris Owen said: On Dec 2, 2009, at 12:31 PM, Rich Kulawiec wrote: Because SenderID and SPF have no anti-spam value, and almost no anti-forgery value. Not that this stops a *lot* of people who've drunk the kool-aid from trying to use them anyway, OK, I'll bite--How exactly do you go about forging email from my domain name if the host receiving it is checking SPF? It only stops forgery if the SPF record has a -all in it (as hubris.net does). However, a lot of domains (mine included) have a ~all instead. (And before anybody asks, yes ~all is what we want, and no you can't ask us to try -all instead, unless we're allowed to send you all the helpdesk calls about misconfigured migratory laptops.. ;) pgpsDLbUTN0n4.pgp Description: PGP signature
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
Once upon a time, Mehmet Akcin meh...@akcin.net said: Noted on the christmas tree for santa ;) let's see if it will happen.. SSG5s are still on ScreenOS and going to be..., SRX series run JunOS but little too pricey for a home router :) I think the SRX100 is the intended replacement for the SSG5. -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble.
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
I believe that the Fritz box and the Apple Airport series gateways both qualify, although there is a price difference on the Apple gear. I am not sure about the price of the Fritz. Owen On Dec 2, 2009, at 3:16 PM, Wade Peacock wrote: We had a discussion today about IPv6 today. During our open thinking the topic of client equipment came up. We all commented that we have not seen any consumer grade IPv6 enable internet gateways (routers/firewalls), a kin to the ever popular Linksys 54G series, DLinks , SMCs or Netgears. Does anyone have any leads to information about such products (In production or planned production)? We are thinking that most vendors are going to wait until Ma and Pa home user are screaming for them. Thoughts? -- Wade Peacock Sun Country Cablevision Ltd wade_peacock.vcf
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
On Dec 2, 2009, at 6:41 PM, Mark Newton wrote: On 03/12/2009, at 9:51 AM, Dave Temkin wrote: You're correct, out of the box there aren't many. The first couple that come to mind are the Apple Airport Express and Airport Extreme, but I don't believe Linksys/Netgear/etc. have support out of the box. The Apple products do 6to4 out of the box, but don't support v6 natively. What do you mean they don't support v6 native? I am running my Time Capsule in v6 native. Apple seems to have ideological objections to DHCPv6, so at the moment there's little hope at all that prefix delegation will work on any of their CPE products. True none of the apple products support DHCPv6. I think there is some hope Apple will come around on this issue. Owen
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
Probably the same time they'll figure out the over-3-yrs-old IGMP ver3 support (for a *multimedia-oriented* company, multicast seem to still be foreign ... oh, well...) ***Stefan Mititelu http://twitter.com/netfortius http://www.linkedin.com/in/netfortius On Wed, Dec 2, 2009 at 10:56 PM, Owen DeLong o...@delong.com wrote: On Dec 2, 2009, at 6:41 PM, Mark Newton wrote: On 03/12/2009, at 9:51 AM, Dave Temkin wrote: You're correct, out of the box there aren't many. The first couple that come to mind are the Apple Airport Express and Airport Extreme, but I don't believe Linksys/Netgear/etc. have support out of the box. The Apple products do 6to4 out of the box, but don't support v6 natively. What do you mean they don't support v6 native? I am running my Time Capsule in v6 native. Apple seems to have ideological objections to DHCPv6, so at the moment there's little hope at all that prefix delegation will work on any of their CPE products. True none of the apple products support DHCPv6. I think there is some hope Apple will come around on this issue. Owen
Re: Consumer Grade - IPV6 Enabled Router Firewalls.
On 03/12/2009, at 3:26 PM, Owen DeLong wrote: You're correct, out of the box there aren't many. The first couple that come to mind are the Apple Airport Express and Airport Extreme, but I don't believe Linksys/Netgear/etc. have support out of the box. The Apple products do 6to4 out of the box, but don't support v6 natively. What do you mean they don't support v6 native? I am running my Time Capsule in v6 native. Okay, let me rephrase that. I can't run a PPPoE client on an Airport Express which will give me native dual-stack Internet access. Yes, I can talk to the Airport Express with v6, no debate there. And yes, if it sees an RA message it'll configure itself with the appropriate prefix EUI64 itself an address. But unless there's some configuration knob I haven't found, off-LAN v6 access requires either some other v6-capable CPE to act as the interface to the service provider, or it runs over 6to4. True none of the apple products support DHCPv6. I think there is some hope Apple will come around on this issue. Currently the Snow Leopard kernel panics if you turn on the net.inet6.ip6.accept_rtadv sysctl and start a PPPoE session which negotiates IP6CP. (I have a bug open with them, and I'm confident that it'll be fixed... but c'mon...!) - mark -- Mark Newton Email: new...@internode.com.au (W) Network Engineer Email: new...@atdot.dotat.org (H) Internode Pty Ltd Desk: +61-8-82282999 Network Man - Anagram of Mark Newton Mobile: +61-416-202-223
Re: FTTH Active vs Passive
Pricing aside, do you feel the Japanese have a good architecture for the last mile? Would it adapt well from an environment that is mostly multi-dwelling units (MDU) to one which is mostly single-dwelling units? Any thoughts on good places to start for an english language speaker to learn about the Japanese broadband experience? not much help here. what ntt says is mostly gloss and some (miyakawa) runs on the ppt platform, not reality. randy
Re: ATT SMTP Admin contact?
On Dec 2, 2009, at 9:52 PM, valdis.kletni...@vt.edu wrote: It only stops forgery if the SPF record has a -all in it (as hubris.net does). However, a lot of domains (mine included) have a ~all instead. I guess I've never really seen the point of publishing a SPF record if it ends in ~all. What are people supposed to do with that info? Spamassassin assigns it a score of 0.6 but that is low enough it really doesn't have much since it doesn't assign any negative points for SPF_PASS. (And before anybody asks, yes ~all is what we want, and no you can't ask us to try -all instead, unless we're allowed to send you all the helpdesk calls about misconfigured migratory laptops.. ;) I certainly understand that you may not be able to lock down your domain. We don't even try for customers for instance.However, if you can't, I guess I don't really see what good publishing a SPF record is if you tell people not to enforce it. Chris - Chris Owen - Garden City (620) 275-1900 - Lottery (noun): President - Wichita (316) 858-3000 -A stupidity tax Hubris Communications Inc www.hubris.net -
Re: ATT SMTP Admin contact?
On Thu, Dec 3, 2009 at 12:08 AM, Chris Owen ow...@hubris.net wrote: On Dec 2, 2009, at 12:31 PM, Rich Kulawiec wrote: Because SenderID and SPF have no anti-spam value, and almost no anti-forgery value. Not that this stops a *lot* of people who've drunk the kool-aid from trying to use them anyway, OK, I'll bite--How exactly do you go about forging email from my domain name if the host receiving it is checking SPF? Dont let me stop you playing russian roulette with your users' email.
Re: ATT SMTP Admin contact?
I guess I've never really seen the point of publishing a SPF record if it ends in ~all. What are people supposed to do with that info? Get your mail delivered to Hotmail, the last significant outpost of SPF/Sender-ID. Other than that, I agree it's useless. I also agree that any domain with live users (as opposed to mail cannons sending ads or transaction confirmations) is likely to experience pain with -all from all the overenthusiastic little MTAs whose managers imagine that stopping forgery will lessen their spam load rather than losing mail from roaming users. R's, John
Re: ATT SMTP Admin contact?
John Levine wrote: I guess I've never really seen the point of publishing a SPF record if it ends in ~all. What are people supposed to do with that info? Get your mail delivered to Hotmail, the last significant outpost of SPF/Sender-ID. Other than that, I agree it's useless. I also agree that any domain with live users (as opposed to mail cannons sending ads or transaction confirmations) is likely to experience pain with -all from all the overenthusiastic little MTAs whose managers imagine that stopping forgery will lessen their spam load rather than losing mail from roaming users. In all fairness, the roaming users problem isn't a problem when one uses smtp auth and a constant submission point. ~Seth
Re: ATT SMTP Admin contact?
On Dec 3, 2009, at 12:42 AM, John Levine wrote: I also agree that any domain with live users (as opposed to mail cannons sending ads or transaction confirmations) is likely to experience pain with -all from all the overenthusiastic little MTAs whose managers imagine that stopping forgery will lessen their spam load rather than losing mail from roaming users. Again I guess I don't understand. How are these MTA managers being overenthusiastic? Publishing a SPF (with -all) is essentially me requesting that they reject any mail from my domain not coming from one of the approved hosts. I'm the one making the decision to ask them to bounce such mail. Seems to me they are only being responsible in actually enforcing a policy that I set for the domain. Chris - Chris Owen - Garden City (620) 275-1900 - Lottery (noun): President - Wichita (316) 858-3000 -A stupidity tax Hubris Communications Inc www.hubris.net -