Re: OMB: IPv6 by June 2008

randy already asked for a kibosh on the lunacy here... I agree, it'd be nice, but... On Fri, 8 Jul 2005, Alexei Roudnev wrote: > > You do not need to - any router have only `1 - 10% of all routing table > active, and it is always possible to optimize these alghoritms. > and routing vendor's ha

Re: OMB: IPv6 by June 2008

On 8 Jul 2005, at 19:26, Daniel Roesen wrote: On Sat, Jul 09, 2005 at 12:52:35AM +0200, Andre Oppermann wrote: Multihomed end sites usually get away with receiving only default route or some partial routes from their upstreams. So technically you can BGP multihome with Cisco 1600 or even sma

Re: OT? /dev/null 5.1.1 email

On Wed, Jul 06, 2005 at 12:08:23AM -0400, [EMAIL PROTECTED] wrote: > > What about setting your highest order MX and lowest order MX to point to > > the same set of mail servers, and hide your backup servers in the > > middle. > Devious. ;) Another: highest MX pointing to server which only respond

Re: OMB: IPv6 by June 2008

Small detail: On 6 Jul, 2005, at 16:30, David Conrad wrote: If IPv6 had actually addressed one or more of routing scalability, multi-homing, or transparent renumbering These are the same problem, looked at in different ways. The issue is: graph-sorting scalability demands abstraction; a

Re: OMB: IPv6 by June 2008

On Sat, Jul 09, 2005 at 12:52:35AM +0200, Andre Oppermann wrote: > >Multihomed end sites usually get away with receiving only default route > >or some partial routes from their upstreams. So technically you can > >BGP multihome with Cisco 1600 or even smaller easily (dunno where BGP > >support is

Re: OMB: IPv6 by June 2008 (OT reminder)

At 9:46 AM -0400 7/8/05, Someone wrote: >We can morph the RIRs into ... As a slight aside and w/o any comment on the particular morph'ing proposed, I'd like to remind folks that 2 seats on the ARIN Board of Trustees, and 5 seats on ARIN Advisory Council will be filled later this year, and one of

Re: OMB: IPv6 by June 2008

At the risk of continuing this bad flashback... > A Cisco "CRS-1 16-SLOT LINE-CARD CHASSIS ROUTE PROCESSOR" comes with > 4 GB of route memory default size. Juniper's T320 and T640 come with > 2 GB of main memory default size. That should take them to some higher > number of routes. No, sorry,

Re: OMB: IPv6 by June 2008

Daniel Roesen wrote: On Sat, Jul 09, 2005 at 12:08:08AM +0200, Andre Oppermann wrote: On the other hand a large DFZ routing table would simply dampen its growth by itself. If it gets to costly to multihome because of the hardware requirements only few would be able to so. Ergo we have a nega

Re: OMB: IPv6 by June 2008

At 12:08 AM +0200 2005-07-09, Andre Oppermann wrote: The biggest routers are being upgraded anyway because of even higher link speeds and port desities. I'm not surprised. After all, time does march on. But it doesn't help if the largest/fastest line cards available today are ma

Re: mh (RE: OMB: IPv6 by June 2008)

On Fri, Jul 08, 2005 at 10:24:22PM +0100, Sean Doran wrote: > On 7 Jul, 2005, at 21:10, Steven M. Bellovin wrote: > >Real firewalls pass inbound traffic because a > >state table entry exists. NATs do the same thing, with nasty > >side-effects. There is no added security from the header-mangling.

Re: mh (RE: OMB: IPv6 by June 2008)

On 8 Jul, 2005, at 18:34, Fred Baker wrote: A NAT, in that context, is a stateful firewall that changes the addresses, which means that the end station cannot use IPSEC to ensure that it is still talking with the same system on the outside. Only if you define IPSEC narrowly as AH in or

Re: OMB: IPv6 by June 2008

On Sat, Jul 09, 2005 at 12:08:08AM +0200, Andre Oppermann wrote: > On the other hand a large DFZ routing table would simply dampen its > growth by itself. If it gets to costly to multihome because of the > hardware requirements only few would be able to so. Ergo we have a > negative feedback sys

Re: mh (RE: OMB: IPv6 by June 2008)

On 8 Jul, 2005, at 18:34, Fred Baker wrote: A NAT, in that context, is a stateful firewall that changes the addresses, which means that the end station cannot use IPSEC to ensure that it is still talking with the same system on the outside. Only if you define IPSEC narrowly as AH in order

Re: OMB: IPv6 by June 2008

Brad Knowles wrote: At 10:30 AM -0700 2005-07-08, Matt Ghali wrote: You keep using the "entire internet" in your replies, when I was under the assumption that we were discussing the inter-provider DFZ. The only routers which could possibly be affected by the "prefix bloat problem" would

New IANA IPv6 allocation for APNIC (2400:2000::/19)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Greetings, This is to inform you that the IANA has allocated the following one (1) IPv6 /19 block to APNIC: ~ 2400:2000::/19APNIC For a full list of IANA IPv6 allocations please see:

Re: mh (RE: OMB: IPv6 by June 2008)

On 7 Jul, 2005, at 21:10, Steven M. Bellovin wrote: Real firewalls pass inbound traffic because a state table entry exists. NATs do the same thing, with nasty side-effects. There is no added security from the header-mangling. To which Len Bosak quipped a few years ago: "If you don't know

Re: mh (RE: OMB: IPv6 by June 2008)

Fred Baker wrote: [snip] A NAT, in that context, is a stateful firewall that changes the addresses, which means that the end station cannot use IPSEC to > ensure that it is still talking with the same system on the outside. [snip] No, you can't use AH, but yes, you can use IPsec through NAT. S

Re: mh (RE: OMB: IPv6 by June 2008)

Jay R. Ashworth wrote: On Fri, Jul 08, 2005 at 01:15:42PM -0400, David Andersen wrote: On Jul 8, 2005, at 12:49 PM, Jay R. Ashworth wrote: On Thu, Jul 07, 2005 at 01:31:57PM -0700, Crist Clark wrote: And if you still want "the protection of NAT," any stateful firewall will do it. That se

Re: mh (RE: OMB: IPv6 by June 2008)

On 8-jul-2005, at 19:34, Fred Baker wrote: A NAT, in that context, is a stateful firewall that changes the addresses, which means that the end station cannot use IPSEC to ensure that it is still talking with the same system on the outside. It is able to use TLS, SSH, etc as transport lay

Re: mh (RE: OMB: IPv6 by June 2008)

On Fri, Jul 08, 2005 at 01:15:42PM -0400, David Andersen wrote: > On Jul 8, 2005, at 12:49 PM, Jay R. Ashworth wrote: > > On Thu, Jul 07, 2005 at 01:31:57PM -0700, Crist Clark wrote: > >> And if you still want "the protection of NAT," any stateful firewall > >> will do it. > > > > That seems a com

Re: OMB: IPv6 by June 2008

At 10:30 AM -0700 2005-07-08, Matt Ghali wrote: You keep using the "entire internet" in your replies, when I was under the assumption that we were discussing the inter-provider DFZ. The only routers which could possibly be affected by the "prefix bloat problem" would be multi-homed and mos

Re: mh (RE: OMB: IPv6 by June 2008)

On Jul 8, 2005, at 9:49 AM, Jay R. Ashworth wrote: A machine behind a NAT box simply is not visible to the outside world, except for the protocols you tunnel to it, if any. This *has* to vastly reduce it's attack exposure. It is true that the exposure is reduced, just as it is with a statef

Re: OMB: IPv6 by June 2008

On Fri, 8 Jul 2005, Brad Knowles wrote: > It's cheap enough, even today. And we have not 1,000,000 routes yet. The please feel free to upgrade the entire Internet, and come back to us when you're done. You keep using the "entire internet" in your replies, when I was under t

Re: mh (RE: OMB: IPv6 by June 2008)

On Jul 8, 2005, at 12:49 PM, Jay R. Ashworth wrote: On Thu, Jul 07, 2005 at 01:31:57PM -0700, Crist Clark wrote: And if you still want "the protection of NAT," any stateful firewall will do it. That seems a common viewpoint. I believe the very existence of the Ping Of Death rebuts it. A m

Re: mh (RE: OMB: IPv6 by June 2008)

On Thu, Jul 07, 2005 at 01:31:57PM -0700, Crist Clark wrote: > And if you still want "the protection of NAT," any stateful firewall > will do it. That seems a common viewpoint. I believe the very existence of the Ping Of Death rebuts it. A machine behind a NAT box simply is not visible to the o

Re: icc to itu: fix the analog divide before venturing digital

On Fri, Jul 08, 2005 at 05:31:26AM -1000, Randy Bush wrote: > > The International Telecoms Union (ITU) has been told by the International > Chamber of Commerce (ICC) to focus more of its efforts on stimulating the > growth of fixed line voice telephony in developing countries. The Swiss-led > ICC

icc to itu: fix the analog divide before venturing digital

The International Telecoms Union (ITU) has been told by the International Chamber of Commerce (ICC) to focus more of its efforts on stimulating the growth of fixed line voice telephony in developing countries. The Swiss-led ICC, which represents global business interests, says that the ITU devotes

Re: OMB: IPv6 by June 2008

On the subject of how many entities should be multihomed. Any entitiy whose operations would be significantly impacted by the loss of their connectivity to the global internet. A personal example with names withheld to protect the guilty A distributor who took 85% of their orders over the

Re: ATT CDPD

On Fri, Jul 08, 2005 at 08:00:42AM -0400, Ronald W. Jean wrote: >Can anyone tell me the status of CDPD in the ATT network? Scheduled to die soon, if it hasn't already. I was a second-tier CDPD sub, via Earthlink, until about a year ago; they took a hit to move me to 1xRTT, because the underl

Re: OMB: IPv6 by June 2008

Rubbish. Many of the organizations that hold legacy /8s are Universities. If a .edu can pick up even a few million dollars from selling off a class A, they will. After all, they could simply sell chunks. $1 per IP address is the going rate, as I understand - not so much for "grey market" transac

Fw: ATT CDPD

Can anyone from the ATT/Cingular NOC contact me regarding CDPD.   Thanks... - Original Message - From: Ronald W. Jean To: [EMAIL PROTECTED] Sent: Friday, July 08, 2005 8:03 AM Subject: Fw: ATT CDPD   - Original Message - From: Ronald W. Jean To: nanog@merit.edu Sent:

Fw: ATT CDPD

  - Original Message - From: Ronald W. Jean To: nanog@merit.edu Sent: Friday, July 08, 2005 8:00 AM Subject: ATT CDPD Can anyone tell me the status of CDPD in the ATT network?   Thanks RonJ  

The Cidr Report

This report has been generated at Fri Jul 8 21:46:31 2005 AEST. The report analyses the BGP Routing Table of an AS4637 (Reach) router and generates a report on aggregation potential within the table. Check http://www.cidr-report.org/as4637 for a current version of this report. Recent Table Hist

ATT CDPD

Can anyone tell me the status of CDPD in the ATT network?   Thanks RonJ  

Re: OMB: IPv6 by June 2008

At 1:59 AM -0700 2005-07-08, Alexei Roudnev wrote: You do not need to - any router have only `1 - 10% of all routing table active, and it is always possible to optimize these alghoritms. If you've got proven solutions to all of the problems raised in RFC 3869, section 3.3, I'm sure we'd l

Re: OMB: IPv6 by June 2008

On 8-jul-2005, at 9:42, David Conrad wrote: There are some 45 - 50 /8s assigned to single organizations. Let's assume for simplicity that those can all be reclaimed. That's 4 years at a /8 a month. So far so good. Then there are 40 - 45 /8s in class B space. That means 256 times as much e

Re: OMB: IPv6 by June 2008

At 1:59 AM -0700 2005-07-08, Alexei Roudnev wrote: You do not need to - any router have only `1 - 10% of all routing table active, And do you have evidence to back up this claim? and it is always possible to optimize these alghoritms. Please feel free to do so.

Re: OMB: IPv6 by June 2008

You do not need to - any router have only `1 - 10% of all routing table active, and it is always possible to optimize these alghoritms. On the other hand - what's wrong with 4Gb on line card in big core router? It's cheap enough, even today. And we have not 1,000,000 routes yet. - Original

Re: OMB: IPv6 by June 2008

At 1:11 AM -0700 2005-07-08, Alexei Roudnev wrote: What is CPU power of today's core routers? What's memory? Compare with junk-yard server - 2 x 1.4Ggz CPU, 4 GB RAM, total price about $1.5K. Fair enough. Since they're trivially cheap, you get to pay for upgrading all the routers in the

Re: OMB: IPv6 by June 2008

> What is CPU power of today's core routers? What's memory? Compare with > junk-yard server - 2 x 1.4Ggz CPU, 4 GB RAM, total price about $1.5K. > > Routers have 3 - 10 times reserve _today_ . Then, you can always sacrify > reaction time a little. Reserves are tremendous in this area. > >>> Is i

Re: OMB: IPv6 by June 2008

Moreover, if you are not multihomned, you can be aggregated. If you became multihome - yes, you take a slot; how many entities in the world should be multihomed? - Original Message - From: "Kuhtz, Christian" <[EMAIL PROTECTED]> To: "David Conrad" <[EMAIL PROTECTED]>; "Alexei Roudnev" <[E

Re: OMB: IPv6 by June 2008

What is CPU power of today's core routers? What's memory? Compare with junk-yard server - 2 x 1.4Ggz CPU, 4 GB RAM, total price about $1.5K. Routers have 3 - 10 times reserve _today_ . Then, you can always sacrify reaction time a little. Reserves are tremendous in this area. - Original Messa

Re: OMB: IPv6 by June 2008

On Fri, 8 Jul 2005, Alexei Roudnev wrote: Who need this complexity? What's wrong with old good _routing rotocol_ approach? Memory? (do not joke, today 4 Gb RAM is not a problem, when it is for slow routing system). CPU (the same)? What else? TCAMs are expensive and complex. Convergence tim

Re: OMB: IPv6 by June 2008

At 12:51 AM -0700 2005-07-08, Alexei Roudnev wrote: Who need this complexity? What's wrong with old good _routing rotocol_ approach? Memory? (do not joke, today 4 Gb RAM is not a problem, when it is for slow routing system). CPU (the same)? What else? Can you put 4GB on every linecard on

Re: OMB: IPv6 by June 2008

Who need this complexity? What's wrong with old good _routing rotocol_ approach? Memory? (do not joke, today 4 Gb RAM is not a problem, when it is for slow routing system). CPU (the same)? What else? If it looked as a problem 10 years ago, it can not be relevant to today's realities. - Orig

Re: OMB: IPv6 by June 2008

On Jul 7, 2005, at 2:14 PM, Iljitsch van Beijnum wrote: Right again. And like prospecting for oil, at some point you're burning it up faster than you can prospect it. There are some 45 - 50 /8s assigned to single organizations. Let's assume for simplicity that those can all be reclaimed. Th

Re: OMB: IPv6 by June 2008

Jeroen Massar wrote: > >>2 - Replace network elements with IPv6 compatible network elements and S/W > > On a per-link basis, start with tunnels where needed, go native later on > or rather directly when possible. Most Cisco's can be upgraded to > support IPv6, JunOS supports it too, though they