Simon Arlott wrote:
>
> You're making the assumption that IPv4 assigns one IP per network, which we
> know isn't true...
Actually it's getting there... and that might be what drives ipv6
adoption. We don't seem to be running out of ipv4 addresses anywhere
near as fast as was predicted (estimates vary between 65% and 80% of
space used depending on who you ask, but the figures aren't changing as
space is being reclaimed as fast as it's being used).
However what NAT has done has created a culture of 1 IP address == 1
network, and that's starting to permeate business too - just the other
day I was asking about setting up a router. They could understand I
wanted a bare unfirewalled port, the understood I was putting a router
onto it, but I just couldn't get the person I was talking to to
understand I wanted more than one IP address - for them 1 IP == 1 port..
they were just saying I could ask for another port if I wanted to put
another machine on there ('no, that's why we have a router').
Eventually I gave up and resigned myself to the murky world of NAT port
forwarding to get stuff done. They just *expected* that when I said
router I meant NAT router.
Now in that case there's a clear business case for ipv6. In practice
I've found ipv6 to be far more reliable and simple to setup than IPSEC
to achieve this kind of connectivity (provided you don't need the
security, which we don't.. we have ssh for admin and smtp/tls for mail
anyway). I can load my standard cisco config, change a couple of ip
addresses and go to my boss and say 'it works, you can ping6 all the
servers and I can see all your servers' and he'll be happy. I could do
similar with IPSEC but it'd take twice as long and keep dropping out
(ipsec doesn't like high latency links.. keeps timing out).
Tony
_______________________________________________
timekeepers mailing list
[email protected]
https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
