Re: AWS Elastic IP architecture

> On Jun 4, 2015, at 6:16 PM, Christopher Morrow > wrote: > > On Thu, Jun 4, 2015 at 5:11 AM, Owen DeLong wrote: >> I’d argue that SSH is several thousand, not a few hundred. In any case, I >> suppose you can make the argument that only a few people are trying to >> access their home network

Re: AWS Elastic IP architecture

> On Jun 4, 2015, at 6:10 PM, Christopher Morrow > wrote: > > On Thu, Jun 4, 2015 at 5:16 AM, Owen DeLong wrote: >> >>> On Jun 3, 2015, at 9:24 PM, Christopher Morrow >>> wrote: >> >>> let's skip all NAT discussions on this topic from here on out, yes? >> >> Only if you can promise me 100

Re: AWS Elastic IP architecture

On 06/04/2015 01:16 PM, Christopher Morrow wrote: > On Thu, Jun 4, 2015 at 5:11 AM, Owen DeLong wrote: >> I’d argue that SSH is several thousand, not a few hundred. In any case, I >> suppose you can make the argument that only a few people are trying to >> access their home network resources rem

Re: AWS Elastic IP architecture

In message , Philip Dorr writes: > On Thu, Jun 4, 2015 at 12:16 PM, Christopher Morrow > wrote: > > On Thu, Jun 4, 2015 at 5:11 AM, Owen DeLong wrote: > >> I=E2=80=99d argue that SSH is several thousand, not a few hundred. In an= > y case, I suppose you can make the argument that only a few peo

Re: AWS Elastic IP architecture

On Thu, Jun 4, 2015 at 12:16 PM, Christopher Morrow wrote: > On Thu, Jun 4, 2015 at 5:11 AM, Owen DeLong wrote: >> I’d argue that SSH is several thousand, not a few hundred. In any case, I >> suppose you can make the argument that only a few people are trying to >> access their home network res

Re: AWS Elastic IP architecture

On Thu, Jun 4, 2015 at 1:44 PM, Måns Nilsson wrote: > You have successfully demonstrated that users will need some locating > service. More so with the cure-all IPv6; because remembering hex is hard > for People(tm). but it's not just hex. Even today you (if given a bare ipv4 address) would need

Re: AWS Elastic IP architecture

Subject: Re: AWS Elastic IP architecture Date: Thu, Jun 04, 2015 at 01:16:03PM -0400 Quoting Christopher Morrow (morrowc.li...@gmail.com): > On Thu, Jun 4, 2015 at 5:11 AM, Owen DeLong wrote: > > I’d argue that SSH is several thousand, not a few hundred. In any case, I > > suppo

Re: AWS Elastic IP architecture

On Thu, Jun 4, 2015 at 5:11 AM, Owen DeLong wrote: > I’d argue that SSH is several thousand, not a few hundred. In any case, I > suppose you can make the argument that only a few people are trying to access > their home network resources remotely other than via some sort of > proxy/rendezvous s

Re: AWS Elastic IP architecture

On Thu, Jun 4, 2015 at 5:16 AM, Owen DeLong wrote: > >> On Jun 3, 2015, at 9:24 PM, Christopher Morrow >> wrote: > >> let's skip all NAT discussions on this topic from here on out, yes? > > Only if you can promise me 100% that the NAT in question will not break > anything. :) people don't seem

Re: AWS Elastic IP architecture

> On Jun 3, 2015, at 9:24 PM, Christopher Morrow > wrote: > > On Wed, Jun 3, 2015 at 7:56 AM, Owen DeLong wrote: >> For example, let’s say you have 20 machines for whom you want to allow >> inbound SSH access. In the IPv4 world, with NAT, you have to configure an >> individual port mapping f

Re: AWS Elastic IP architecture

>>> >>> IPv4 with NAT, standard NAT/firewall traversal techniques are used so that >>> things inside your house are reachable as necessary. Almost nobody >>> configures their firewall to open up anything. >> >> HuH? >> >> How do I SSH into my host behind my home NAT firewall without configurat

Re: AWS Elastic IP architecture

we are starting to waste packets arguing over some private intellectual property On Wed, Jun 3, 2015 at 3:24 PM, Christopher Morrow wrote: > On Wed, Jun 3, 2015 at 7:56 AM, Owen DeLong wrote: > > For example, let’s say you have 20 machines for whom you want to allow > inbound SSH access. In the

Re: AWS Elastic IP architecture

On Wed, Jun 3, 2015 at 7:56 AM, Owen DeLong wrote: > For example, let’s say you have 20 machines for whom you want to allow > inbound SSH access. In the IPv4 world, with NAT, you have to configure an > individual port mapping for each machine and you have to either configure all > of the SSH cl

RE: AWS Elastic IP architecture

, June 03, 2015 11:12 AM To: Matthew Kaufman Cc: nanog@nanog.org Subject: Re: AWS Elastic IP architecture On Tue, 02 Jun 2015 09:35:11 -0700, Matthew Kaufman said: > Ah, the "IPv6 subnets are so big you can't find the hosts" myth. > > Let's see... to find which hosts are

Re: AWS Elastic IP architecture

On Mon, 01 Jun 2015 21:25:52 -0700, Tony Hain said: > Try https://snapchat.com and see if you ever get an IPv6 connection... Obviously some gremlins got busy when they got called out on NANOG... % wget https://www.snapchat.com --2015-06-03 13:13:00-- https://www.snapchat.com/ Resolving www.snap

Re: AWS Elastic IP architecture

On Wed 2015-Jun-03 13:11:34 -0400, valdis.kletni...@vt.edu wrote: On Tue, 02 Jun 2015 09:35:11 -0700, Matthew Kaufman said: Ah, the "IPv6 subnets are so big you can't find the hosts" myth. Let's see... to find which hosts are active in IPv6 I can: - run a popular web service that people con

Re: AWS Elastic IP architecture

On Tue, 02 Jun 2015 09:35:11 -0700, Matthew Kaufman said: > Ah, the "IPv6 subnets are so big you can't find the hosts" myth. > > Let's see... to find which hosts are active in IPv6 I can: > - run a popular web service that people connect to, revealing their addresses If your vulnerable laser print

Re: AWS Elastic IP architecture

On 6/3/2015 4:56 AM, Owen DeLong wrote: On Jun 2, 2015, at 4:08 PM, Matthew Kaufman > wrote: On 6/2/15 2:35 AM, Owen DeLong wrote: On Jun 2, 2015, at 5:49 AM, Matthew Kaufman > wrote: On 6/1/2015 6:32 PM, Mark Andrews wrote: In message

Re: AWS Elastic IP architecture

> On Jun 2, 2015, at 4:08 PM, Matthew Kaufman wrote: > > > On 6/2/15 2:35 AM, Owen DeLong wrote: >>> On Jun 2, 2015, at 5:49 AM, Matthew Kaufman wrote: >>> >>> On 6/1/2015 6:32 PM, Mark Andrews wrote: In message , Christopher Morrow writes: > On Mon, Jun 1, 2015 at 9:02 PM

Re: AWS Elastic IP architecture

In message <556dc6fd.7040...@matthew.at>, Matthew Kaufman writes: > > On 6/1/15 10:12 PM, Mark Andrews wrote: > > In message <556d35df.8080...@matthew.at>, Matthew Kaufman writes: > >> On 6/1/2015 6:32 PM, Mark Andrews wrote: > >>> In message > >>> >> com > , Christopher Morrow writes: > >

Re: AWS Elastic IP architecture

Matthew, Good list - Windows doesn't run non-privacy addresses, so it won't work next time. - If you could guess address of router props to you - Before using SNMP you still need device address. - If you can install software on remote PC, when you probably have same result in IPv4 world. - If you

Re: AWS Elastic IP architecture

Ah, the "IPv6 subnets are so big you can't find the hosts" myth. Let's see... to find which hosts are active in IPv6 I can: - run a popular web service that people connect to, revealing their addresses - run a DNS server that lots of folks directly use (see Google) - use the back door login your r

Re: AWS Elastic IP architecture

On Tue, Jun 02, 2015 at 07:21:12PM +0300, Nikolay Shopik wrote: > Tell me how do you plan find printer in /64 subnet, scan it? > > On 02.06.2015 18:08, Matthew Kaufman wrote: > > > > I can't run my laser printer without a firewall in front of it, and I > > can't even guess how secure the controll

Re: AWS Elastic IP architecture

Tell me how do you plan find printer in /64 subnet, scan it? On 02.06.2015 18:08, Matthew Kaufman wrote: > > I can't run my laser printer without a firewall in front of it, and I > can't even guess how secure the controller in the septic system pump box > might be... so I don't risk it. And I *kn

Re: AWS Elastic IP architecture

On 6/2/15 2:35 AM, Owen DeLong wrote: On Jun 2, 2015, at 5:49 AM, Matthew Kaufman wrote: On 6/1/2015 6:32 PM, Mark Andrews wrote: In message , Christopher Morrow writes: On Mon, Jun 1, 2015 at 9:02 PM, Ca By wrote: On Monday, June 1, 2015, Mark Andrews wrote: In message , Christopher Mo

Re: AWS Elastic IP architecture

On 6/1/15 10:12 PM, Mark Andrews wrote: In message <556d35df.8080...@matthew.at>, Matthew Kaufman writes: On 6/1/2015 6:32 PM, Mark Andrews wrote: In message com , Christopher Morrow writes: On Mon, Jun 1, 2015 at 9:02 PM, Ca By wrote: On Monday, June 1, 2015, Mark Andrews wrote: In mess

Re: AWS Elastic IP architecture

> On Jun 2, 2015, at 5:49 AM, Matthew Kaufman wrote: > > On 6/1/2015 6:32 PM, Mark Andrews wrote: >> In message >> >> , Christopher Morrow writes: >>> On Mon, Jun 1, 2015 at 9:02 PM, Ca By wrote: On Monday, June 1, 2015, Mark Andrews wrote: > > In message > > , Ch

Re: AWS Elastic IP architecture

> On Jun 1, 2015, at 6:49 PM, Matthew Kaufman wrote: > > On 6/1/2015 12:06 AM, Owen DeLong wrote: >> ... Here’s the thing… In order to land IPv6 services without IPv6 support on >> the VM, you’re creating an environment where... > > Let's hypothetically say that it is much easier for the cloud

Re: AWS Elastic IP architecture

> On Jun 1, 2015, at 4:30 PM, Christopher Morrow > wrote: > > On Mon, Jun 1, 2015 at 3:06 AM, Owen DeLong > wrote: >> >>> On May 31, 2015, at 7:46 PM, Christopher Morrow >>> wrote: >>> >>> On Sun, May 31, 2015 at 9:07 PM, Owen DeLong wrote: As I said before: >

Re: AWS Elastic IP architecture

In message <556d35df.8080...@matthew.at>, Matthew Kaufman writes: > On 6/1/2015 6:32 PM, Mark Andrews wrote: > > In message com > >> , Christopher Morrow writes: > >> On Mon, Jun 1, 2015 at 9:02 PM, Ca By wrote: > >>> > >>> On Monday, June 1, 2015, Mark Andrews wrote: > > In message >

Re: AWS Elastic IP architecture

Cc: Hugo Slabbert; Matt Palmer; nanog list >> Subject: Re: AWS Elastic IP architecture >> >> On Mon, Jun 1, 2015 at 7:20 PM, Tony Hain wrote: >> > True, but it does represent a business decision to choose IPv6. The >> > relevant point here is that the "NE

Re: AWS Elastic IP architecture

On 6/1/2015 6:32 PM, Mark Andrews wrote: In message , Christopher Morrow writes: On Mon, Jun 1, 2015 at 9:02 PM, Ca By wrote: On Monday, June 1, 2015, Mark Andrews wrote: In message , Christopher Morrow writes: So... I don't really see any of the above arguments for v6 in a vm setup to r

Re: AWS Elastic IP architecture

On Mon 2015-Jun-01 13:20:57 -0400, Christopher Morrow wrote: On Mon, Jun 1, 2015 at 12:21 PM, Hugo Slabbert wrote: 2. Just do it properly the first time around. I would opt for #2. sure, so would everyone... but they didn't so... what gets you enough there to help customers and also doe

RE: AWS Elastic IP architecture

> -Original Message- > From: christopher.mor...@gmail.com > [mailto:christopher.mor...@gmail.com] On Behalf Of Christopher Morrow > Sent: Monday, June 01, 2015 5:10 PM > To: Tony Hain > Cc: Hugo Slabbert; Matt Palmer; nanog list > Subject: Re: AWS Elastic IP architec

Re: AWS Elastic IP architecture

On Mon, Jun 1, 2015 at 9:32 PM, Mark Andrews wrote: > > In message >, Christopher Morrow writes: >> On Mon, Jun 1, 2015 at 9:02 PM, Ca By wrote: >> > >> > >> > On Monday, June 1, 2015, Mark Andrews wrote: >> >> >> >> >> >> In message >> >> >> >> , Christopher Morrow writes: >> >> > So... I don'

Re: AWS Elastic IP architecture

In message , Christopher Morrow writes: > On Mon, Jun 1, 2015 at 9:02 PM, Ca By wrote: > > > > > > On Monday, June 1, 2015, Mark Andrews wrote: > >> > >> > >> In message > >> > >> , Christopher Morrow writes: > >> > So... I don't really see any of the above arguments for v6 in a vm > >> > setup

Re: AWS Elastic IP architecture

On Mon, Jun 1, 2015 at 9:02 PM, Ca By wrote: > > > On Monday, June 1, 2015, Mark Andrews wrote: >> >> >> In message >> >> , Christopher Morrow writes: >> > So... I don't really see any of the above arguments for v6 in a vm >> > setup to really hold water in the short term at least. I think for

Re: AWS Elastic IP architecture

On Monday, June 1, 2015, Mark Andrews wrote: > > In message rs4vsx5mfecpfue8b7vq+au2hcx...@mail.gmail.com > > , Christopher Morrow writes: > > So... I don't really see any of the above arguments for v6 in a vm > > setup to really hold water in the short term at least. I think for > > sure you'l

Re: AWS Elastic IP architecture

In message , Christopher Morrow writes: > So... I don't really see any of the above arguments for v6 in a vm > setup to really hold water in the short term at least. I think for > sure you'll want v6 for public services 'soon' (arguably like 10 yrs > ago so you'd get practice and operational exp

Re: AWS Elastic IP architecture

On Monday, June 1, 2015, Tony Hain wrote: > Hugo Slabbert wrote: > >>> snip > > > > On this given point, though: Facebook -ne generic hosting platform > > True, but it does represent a business decision to choose IPv6. The > relevant > point here is that the "NEXT" facebook/twitter/snapchat/...

Re: AWS Elastic IP architecture

On Mon, Jun 1, 2015 at 7:20 PM, Tony Hain wrote: > True, but it does represent a business decision to choose IPv6. The relevant > point here is that the "NEXT" facebook/twitter/snapchat/... is likely being > pushed by clueless investors into outsourcing their infrastructure to > AWS/Azure/Google-c

Re: AWS Elastic IP architecture

On Mon, Jun 1, 2015 at 6:36 PM, Matt Palmer wrote: > On Mon, Jun 01, 2015 at 11:30:00AM -0400, Christopher Morrow wrote: >> I don't get why >> 'ipv6 address on my vm' matters a whole bunch (*in a world where v4 is >> still available to you I mean), > > It simplifies infrastructure management consi

Re: RE: AWS Elastic IP architecture

Agree with everything in your post. -- Hugo - Original Message - From: Tony Hain Sent: 2015-06-01 - 16:20 To: 'Hugo Slabbert' , 'Matt Palmer' Subject: RE: AWS Elastic IP architecture > Hugo Slabbert wrote: >>>> snip >> >> On this gi

RE: AWS Elastic IP architecture

Hugo Slabbert wrote: >>> snip > > On this given point, though: Facebook -ne generic hosting platform True, but it does represent a business decision to choose IPv6. The relevant point here is that the "NEXT" facebook/twitter/snapchat/... is likely being pushed by clueless investors into outsourc

Re: AWS Elastic IP architecture

The question that Matthew Kaufman proposed was specifically asking about app architecture deployments, so what Facebook is choosing to do is entirely germane. I'd lean more on the "ipv6 evangelism" side of the discussion, but: Facebook controls the whole stack and can require buy-in from their

Re: AWS Elastic IP architecture

On Mon, Jun 01, 2015 at 11:30:00AM -0400, Christopher Morrow wrote: > I don't get why > 'ipv6 address on my vm' matters a whole bunch (*in a world where v4 is > still available to you I mean), It simplifies infrastructure management considerably. Having to balance between "how many subnets will I

Re: AWS Elastic IP architecture

On Mon, Jun 01, 2015 at 10:49:09AM -0700, Matthew Kaufman wrote: > On 6/1/2015 12:06 AM, Owen DeLong wrote: > >... Here’s the thing… In order to land IPv6 services without IPv6 support > >on the VM, you’re creating an environment where... > > Let's hypothetically say that it is much easier for the

Re: AWS Elastic IP architecture

The question that Matthew Kaufman proposed was specifically asking about app architecture deployments, so what Facebook is choosing to do is entirely germane. - Matt On Mon, Jun 01, 2015 at 02:43:27PM -0400, Todd Underwood wrote: > fb is not a 'cloud provider'. > > it's orthogonal to the questio

Re: AWS Elastic IP architecture

On 6/1/15, 1:49 PM, "Matthew Kaufman" wrote: >On 6/1/2015 12:06 AM, Owen DeLong wrote: >> ... Here¹s the thingŠ In order to land IPv6 services without IPv6 >> support on the VM, you¹re creating an environment where... > >Let's hypothetically say that it is much easier for the cloud provider >if

Re: AWS Elastic IP architecture

On 6/1/2015 12:12 PM, Christopher Morrow wrote: On Mon, Jun 1, 2015 at 1:49 PM, Matthew Kaufman wrote: 1) An all-IPv6 network inside, so the hosts can all talk to each other over IPv6 without using (potentially overlapping copies of) RFC1918 space... this point keeps coming up... I don't see

Re: AWS Elastic IP architecture

On Mon, Jun 1, 2015 at 1:49 PM, Matthew Kaufman wrote: > 1) An all-IPv6 network inside, so the hosts can all talk to each other over > IPv6 without using (potentially overlapping copies of) RFC1918 space... this point keeps coming up... I don't see that 'overlapping ipv4' matters at all here. it

Re: AWS Elastic IP architecture

Original I asked because was in the process of thinking out loud what options are there for disaster recovery. I could do anycast BGP, advertise out say a /24 of "elastic IP" and internally have that block running inside our data center interconnect dmvpn tunnels. We do have WAN OPT so it probably

Re: AWS Elastic IP architecture

fb is not a 'cloud provider'. it's orthogonal to the question. t On Mon, Jun 1, 2015 at 2:36 PM, Ca By wrote: > On Mon, Jun 1, 2015 at 10:49 AM, Matthew Kaufman > wrote: > > > On 6/1/2015 12:06 AM, Owen DeLong wrote: > > > >> ... Here’s the thing… In order to land IPv6 services without IPv6 >

Re: AWS Elastic IP architecture

On Mon, Jun 1, 2015 at 10:49 AM, Matthew Kaufman wrote: > On 6/1/2015 12:06 AM, Owen DeLong wrote: > >> ... Here’s the thing… In order to land IPv6 services without IPv6 support >> on the VM, you’re creating an environment where... >> > > Let's hypothetically say that it is much easier for the cl

Re: AWS Elastic IP architecture

On 6/1/2015 12:06 AM, Owen DeLong wrote: ... Here’s the thing… In order to land IPv6 services without IPv6 support on the VM, you’re creating an environment where... Let's hypothetically say that it is much easier for the cloud provider if they provide just a single choice within their network

Re: AWS Elastic IP architecture

On Mon, Jun 1, 2015 at 12:21 PM, Hugo Slabbert wrote: > 2. Just do it properly the first time around. > > I would opt for #2. sure, so would everyone... but they didn't so... what gets you enough there to help customers and also doesn't required a forklift of your running operation?

RE: AWS Elastic IP architecture

>>> snip > > What I read in your line of comments to Owen is that the service only does > a header swap once and expects the application on the VM to compensate. > In that case there is an impact on the cost of deployment and overall utility. > > 'compensate' ? do you mean 'get some extra informa

Re: AWS Elastic IP architecture

-Jun-01 11:52:15 -0400, Christopher Morrow wrote: On Mon, Jun 1, 2015 at 11:41 AM, Tony Hain wrote: -Original Message- From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Christopher Morrow Sent: Monday, June 01, 2015 7:24 AM To: Matt Palmer Cc: nanog list Subject: Re: AWS E

Re: AWS Elastic IP architecture

On Mon, Jun 1, 2015 at 11:41 AM, Tony Hain wrote: > > >> -Original Message- >> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of >> Christopher Morrow >> Sent: Monday, June 01, 2015 7:24 AM >> To: Matt Palmer >> Cc: nanog list >> S

RE: AWS Elastic IP architecture

> -Original Message- > From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of > Christopher Morrow > Sent: Monday, June 01, 2015 7:24 AM > To: Matt Palmer > Cc: nanog list > Subject: Re: AWS Elastic IP architecture > > On Mon, Jun 1, 2015 at 1:19 AM, Matt

Re: AWS Elastic IP architecture

On Mon, Jun 1, 2015 at 3:06 AM, Owen DeLong wrote: > >> On May 31, 2015, at 7:46 PM, Christopher Morrow >> wrote: >> >> On Sun, May 31, 2015 at 9:07 PM, Owen DeLong wrote: >>> As I said before: >>> >>> Host Virtual (vr.org ) >>> Softlayer (softlayer.com )

Re: AWS Elastic IP architecture

On Mon, Jun 1, 2015 at 1:19 AM, Matt Palmer wrote: > On Sun, May 31, 2015 at 10:46:02PM -0400, Christopher Morrow wrote: >> So... ok. What does it mean, for a customer of a cloud service, to be >> ipv6 enabled? > > IPv6 feature-parity with IPv4. > > My must-haves, sorted in order of importance (mo

Re: AWS Elastic IP architecture

> On May 31, 2015, at 7:46 PM, Christopher Morrow > wrote: > > On Sun, May 31, 2015 at 9:07 PM, Owen DeLong wrote: >> As I said before: >> >> Host Virtual (vr.org ) >> Softlayer (softlayer.com ) >> Linode (Linode.com ) >> >> All have

Re: AWS Elastic IP architecture

On Sun, May 31, 2015 at 10:46:02PM -0400, Christopher Morrow wrote: > So... ok. What does it mean, for a customer of a cloud service, to be > ipv6 enabled? IPv6 feature-parity with IPv4. My must-haves, sorted in order of importance (most to least): > o Is it most important to be able to terminat

Re: AWS Elastic IP architecture

On Sun, May 31, 2015 at 9:07 PM, Owen DeLong wrote: > As I said before: > > Host Virtual (vr.org ) > Softlayer (softlayer.com ) > Linode (Linode.com ) > > All have full dual-stack support. >> At the risk of feeding the troll... >> >> Th

Re: AWS Elastic IP architecture

As I said before: Host Virtual (vr.org ) Softlayer (softlayer.com ) Linode (Linode.com ) All have full dual-stack support. I’m sure there are others. Owen > On May 31, 2015, at 2:49 PM, George, Wes wrote: > > > On 5/31/15, 3:11 PM,

Re: AWS Elastic IP architecture

On 5/31/2015 11:57 AM, Owen DeLong wrote: People who are building applications and considering hosting their applications in the cloud should seriously consider whether this limitation in AWS matters to them. It doesn't, because everyone "on the Internet" can reach IPv4-hosted services. IMH

Re: AWS Elastic IP architecture

On 5/31/15, 3:11 PM, "Owen DeLong" wrote: >if they said “We have a plan, and it will take X amount of time”, I would >respect that. > >If they said “We have a plan and we’re not sure how long it will take”, I >would continue to poke >them about sooner is better than later and having a target dat

Re: AWS Elastic IP architecture

> On May 31, 2015, at 11:36 AM, Blair Trosper wrote: > > AWS built their network first...before IPv6 "popped", so you can appreciate > the huge task > they have of retrofitting all their products to support it. Sure, and if they said “We have a plan, and it will take X amount of time”, I woul

Re: AWS Elastic IP architecture

> On May 31, 2015, at 11:29 AM, Matthew Kaufman wrote: > > Since your network has IPv6, I fail to see the issue. > > Nobody is anywhere near being able to go single-stack on IPv6, so AWS is just > another network your customers will continue to reach over v4. So what? Sigh… The point is that

Re: AWS Elastic IP architecture

AWS built their network first...before IPv6 "popped", so you can appreciate the huge task they have of retrofitting all their products to support it. I don't envy the task, but they have said publicly and privately that it's a priority. But it's also a massive undertaking, and you can't expect th

Re: AWS Elastic IP architecture

Since your network has IPv6, I fail to see the issue. Nobody is anywhere near being able to go single-stack on IPv6, so AWS is just another network your customers will continue to reach over v4. So what? Heck, if v6 support from a cloud hosting company is so important, I see a great business op

Re: AWS Elastic IP architecture

Sigh… IPv6 has huge utility. AWS’ implementation of IPv6 is brain-dead and mostly useless for most applications. I think if you will review my track record over the last 5+ years, you will plainly see that I am fully aware of the utility and need for IPv6. http://lmgtfy.com?q=owen+delong+ipv6

Re: AWS Elastic IP architecture

Disagree, and so does AWS. IPv6 has a huge utility: being a universal, inter-region management network (a network that unites traffic between regions on public and private netblocks). Plus, at least the CDN and ELBs should be dual-stack, since more and more ISPs are turning on IPv6. On Sun, Ma

Re: AWS Elastic IP architecture

I wasn’t being specific about VPC vs. Classic. The support for IPv6 in Classic is extremely limited and basically useless for 99+% of applications. I would argue that there is, therefore, effectively no meaningful support for IPv6 in AWS, period. What you describe below seems to me that it wou

Re: AWS Elastic IP architecture

Point of clarification: AWS customer IP subnets can overlap, but customer VPCs that encompass overlapping subnets cannot peer with each other. In other words, the standard arguments in favor of address uniqueness still apply. TV On May 31, 2015 7:23:37 AM EDT, Andras Toth wrote: >Congratulati

Re: AWS Elastic IP architecture

Congratulations for missing the point Matt, when I sent my email (which by the way went for moderation) there wasn't a discussion about Classic vs VPC yet. The discussion was "no ipv6 in AWS" which is not true as I mentioned in my previous email. I did not state it works everywhere, but it does wor

Re: AWS Elastic IP architecture

On Sun, May 31, 2015 at 01:38:05AM +1000, Andras Toth wrote: > Perhaps if that energy which was spent on raging, instead was spent on > a Google search, then all those words would've been unnecessary. > > Official documentation: > http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGui

Re: AWS Elastic IP architecture

Perhaps if that energy which was spent on raging, instead was spent on a Google search, then all those words would've been unnecessary. As it turns out that IPv6 is already available on ELBs since 2011: https://aws.amazon.com/blogs/aws/elastic-load-balancing-ipv6-zone-apex-support-additional-secur

Re: AWS Elastic IP architecture

> On May 30, 2015, at 8:38 AM, Andras Toth wrote: > > Perhaps if that energy which was spent on raging, instead was spent on > a Google search, then all those words would've been unnecessary. > > As it turns out that IPv6 is already available on ELBs since 2011: > https://aws.amazon.com/blogs/a

Re: AWS Elastic IP architecture

Oh, and the only thing dual stack about EC2 Classic was ELBs (elastic load balancers). Instances had no means of IPv6 communication except via an ELB. That is the FULL extent of IPv6 implementation on AWS at present...and most people do not have EC2 classic. On Sat, May 30, 2015 at 4:20 PM, Blai

Re: AWS Elastic IP architecture

Only EC2 classic has dual stack anything. VPC load balancers (and, indeed, everything about VPC) is IPv4 only. And EC2 classic is being phased out, so dualstack is sort of dying on AWS. However, I do have some solid information that they're scrambling to retrofit, but seeing as how we know AWS op

Re: AWS Elastic IP architecture

> > > Amazon doesn't even offer a v4/v6 LoadBalancer service right? (I had > thought they did, but I guess I'm mis-remembering) They sort of do, but it’s utterly incompatible with all of their modern capabilities. You have to use some pretty antiquated VM provisioning and such to use it if I u

Re: AWS Elastic IP architecture

On Sat, May 30, 2015 at 11:38 AM, Andras Toth wrote: > Perhaps if that energy which was spent on raging, instead was spent on > a Google search, then all those words would've been unnecessary. > > As it turns out that IPv6 is already available on ELBs since 2011: > https://aws.amazon.com/blogs/aws

Re: AWS Elastic IP architecture

On Fri, May 29, 2015 at 9:45 PM, Owen DeLong wrote: > >> On May 29, 2015, at 6:14 PM, Christopher Morrow >> wrote: >> >> i love that you are always combative, it makes for great tv. >> >> On Fri, May 29, 2015 at 9:04 PM, Owen DeLong wrote: >>> On May 29, 2015, at 8:23 AM, Christopher Morro

Re: AWS Elastic IP architecture

They could do 6rd by just flipping a switch on one of their routers. Granted it is not native IPv6 but maybe better than nothing. Regards Baldur

Re: AWS Elastic IP architecture

> On May 29, 2015, at 6:14 PM, Christopher Morrow > wrote: > > i love that you are always combative, it makes for great tv. > > On Fri, May 29, 2015 at 9:04 PM, Owen DeLong wrote: >> >>> On May 29, 2015, at 8:23 AM, Christopher Morrow >>> wrote: >>> >>> On Fri, May 29, 2015 at 3:45 AM, Ow

Re: AWS Elastic IP architecture

> On May 29, 2015, at 8:27 AM, Christopher Morrow > wrote: > > On Fri, May 29, 2015 at 4:22 AM, Owen DeLong wrote: >> Why do you assume some encap/decap process somewhere in this process? > > why do you think they have a single 10/8 deployment per location and > not per customer? if it' sper

Re: AWS Elastic IP architecture

i love that you are always combative, it makes for great tv. On Fri, May 29, 2015 at 9:04 PM, Owen DeLong wrote: > >> On May 29, 2015, at 8:23 AM, Christopher Morrow >> wrote: >> >> On Fri, May 29, 2015 at 3:45 AM, Owen DeLong wrote: >>> Yeah, if it were LISP, they could probably handle IPv6.

Re: AWS Elastic IP architecture

> On May 29, 2015, at 8:23 AM, Christopher Morrow > wrote: > > On Fri, May 29, 2015 at 3:45 AM, Owen DeLong wrote: >> Yeah, if it were LISP, they could probably handle IPv6. > > why can't they do v6 with any other encap? That’s not my point. > the encap really doesn't matter at all to the u

Re: AWS Elastic IP architecture

On Fri, May 29, 2015 at 4:22 AM, Owen DeLong wrote: > Why do you assume some encap/decap process somewhere in this process? why do you think they have a single 10/8 deployment per location and not per customer? if it' sper customer, they have to provide some encap (I'd think) to avoid lots and lo

Re: AWS Elastic IP architecture

On Fri, May 29, 2015 at 3:45 AM, Owen DeLong wrote: > Yeah, if it were LISP, they could probably handle IPv6. why can't they do v6 with any other encap? the encap really doesn't matter at all to the underlying ip protocol used, or shouldn't... you decide at the entrance to the 'virtual network' t

Re: AWS Elastic IP architecture

> On May 28, 2015, at 10:03 AM, Christopher Morrow > wrote: > > On Thu, May 28, 2015 at 11:59 AM, Michael Helmeste wrote: >>> -Original Message- >>> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Christopher >>> Morrow >&

Re: AWS Elastic IP architecture

> On May 28, 2015, at 8:00 AM, Ca By wrote: > > On Thu, May 28, 2015 at 7:34 AM, Luan Nguyen wrote: > >> Hi folks, >> Anyone knows what is used for the AWS Elastic IP? is it LISP? >> >> > AWS does not really talk about things like this, but i highly doubt it is > LISP. Yeah, if it were LISP

Re: AWS Elastic IP architecture

At re:Invent they started releasing a surprising amount of detail on how they designed the VPC networking (both layering/encapsulation itself and distributing routing data). Like Michael mentioned, they really stuff as much as possible into software on the VM hosts. That presentation is https://www

Re: AWS Elastic IP architecture

On Thu, May 28, 2015 at 2:39 PM, Michael Helmeste wrote: > and spending a few gigabytes of RAM for every /23 it's not clear to me that you need ram at all for this... there are multiple dimensions to the scaling problem I was aiming at, this is but one of them. anyway, unless an EC2/aws/etc pers

RE: AWS Elastic IP architecture

> -Original Message- > From: christopher.mor...@gmail.com > Subject: Re: AWS Elastic IP architecture > > [...] > > All that is happening is that they have some NAT device somewhere > > (maybe even just a redundant pair of VMs?) that has a block of public >

Re: AWS Elastic IP architecture

I can tell you that EC2 Classic and VPC EIPs come from separate netblocks...if that gives you any hints whatsoever. There's no crossover between the two platforms in IP space. On Thu, May 28, 2015 at 12:08 PM, Christopher Morrow < morrowc.li...@gmail.com> wrote: > On Thu, May 28, 2015 at 11:44 A

Re: AWS Elastic IP architecture

On Thu, May 28, 2015 at 11:44 AM, Luan Nguyen (CBU) wrote: > What I am trying to get at is yeah, you still need the l2 extension > encapsulation, but on top you need something for disaster recovery, machines > mobility between data centers, sort of like Vshield Edge using NAT – you can probably w

Re: AWS Elastic IP architecture

On Thu, May 28, 2015 at 11:59 AM, Michael Helmeste wrote: >> -Original Message- >> From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Christopher >> Morrow >> Subject: Re: AWS Elastic IP architecture >> [...] >> i sort of doesn't

  1   2   >