[143271] in North American Network Operators' Group
Re: FTTH CPE landscape
daemon@ATHENA.MIT.EDU (Owen DeLong)
Thu Aug 4 18:46:15 2011
From: Owen DeLong <owen@delong.com>
In-Reply-To: <20110804215535.GA4756@dan.olp.net>
Date: Thu, 4 Aug 2011 15:43:58 -0700
To: Dan White <dwhite@olp.net>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--Apple-Mail=_A489B07B-2A71-4EE9-B1BA-A55B95362BA8
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=iso-8859-1
On Aug 4, 2011, at 2:55 PM, Dan White wrote:
> On 04/08/11 14:32 -0700, Owen DeLong wrote:
>>=20
>> On Aug 4, 2011, at 2:08 PM, Jay Ashworth wrote:
>>=20
>>> ----- Original Message -----
>>>> From: "Owen DeLong" <owen@delong.com>
>>>=20
>>>> On Aug 4, 2011, at 8:35 AM, Jay Ashworth wrote:
>>>>=20
>>>>>> - Generic consumer grade NAT/Firewall
>>>>>=20
>>>>> Hobby horse: please make sure it support bridge mode? Those of us =
who
>>>>> want to put our own routers on the wire will hate you otherwise.
>>>>=20
>>>> Why? As long as it can be a transparent router, why would it need =
to
>>>> be a bridge?
>>>=20
>>> Ask a Verizon FiOS customer who wants to run IPv4 VPNs.
>>>=20
>>> He didn't say IPv6 only, right?
>>>=20
>>> I have a couple of customers who can't get bridge mode on residence =
FiOS
>>> service, and therefore can't run their own routers to terminate =
IPsec.
>>>=20
>> If they could get routed static IPv4 rather than bridge, why wouldn't =
they
>> be able to terminate IPSec VPNs? Note I did say TRANSPARENT router.
>> That would mean no NAT and routed static IPv4.
>=20
> For residential use, for users currently requesting one public =
address,
> that's a waste of a /30 block (sans routing tricks requiring higher =
end
> customer equipment). Multiply that by the number of residential =
customers
> you have and that's bordering on mismanagement of your address space.
>=20
You say waste, I say perfectly valid use.
> If you're dealing with business customers, then your usage versus =
wasted
> ratio is much higher and less of a concern, but what's the point? Are =
you
> trying to cut down on a large broadcast domain?
>=20
Why is it less of a waste to allocate a /30 to a business using a single =
public
IP than it is to a residence? This makes no sense to me.
I simply prefer the additional troubleshooting and other capabilities =
given
to me in a routed environment in most cases.
Owen
--Apple-Mail=_A489B07B-2A71-4EE9-B1BA-A55B95362BA8
Content-Disposition: attachment;
filename=smime.p7s
Content-Type: application/pkcs7-signature;
name=smime.p7s
Content-Transfer-Encoding: base64
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIERDCCBEAw
ggOpoAMCAQICARQwDQYJKoZIhvcNAQEFBQAwgaYxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTER
MA8GA1UEBxMIU2FuIEpvc2UxGjAYBgNVBAoTEURlTG9uZyBDb25zdWx0aW5nMSUwIwYDVQQLExxE
ZUxvbmcgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MRYwFAYDVQQDEw1jYS5kZWxvbmcuY29tMRwwGgYJ
KoZIhvcNAQkBFg1jYUBkZWxvbmcuY29tMB4XDTA2MTIxNjE2MzcxN1oXDTE2MTIxMzE2MzcxN1ow
fTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRowGAYDVQQKExFEZUxvbmcgQ29uc3VsdGluZzEP
MA0GA1UECxMGUGVyc29uMRQwEgYDVQQDEwtPd2VuIERlTG9uZzEeMBwGCSqGSIb3DQEJARYPb3dl
bkBkZWxvbmcuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7H7JBEUaAy56E6qY
0JoHKfI+6QT7hYjnc1JezeZOA5XxK7QERkx8rdcND47xeNXjw06ZMjfhrcGkxM+1PEatBxC1Aax1
V95fKtw0DkNMKRgH138E6mZhwuWsvcA1bhxJQQc++SumEX5Uyr5dX4jYy2WgmaLKc8TD/N5G+/zb
Rc1sLrznovNvv7daKfDFlufRkPnLpeG0gx/HIFa4csMNYH2rdLt2xUBAt4TSy3fjEbp0HFVRJI4G
QRHbMmb6tBMnT9vpUZrwMHydqHHTiGr2A8PgdQeQLNEknKynVFTjJIXhBUSINhCl2HtQA+TKv+gu
EF9HrIybZSDlhGym0JUgKwIDAQABo4IBIDCCARwwCQYDVR0TBAIwADAdBgNVHQ4EFgQUzaaV8BC8
UhxaWk6IQTpqK9mLnSgwgdMGA1UdIwSByzCByIAU15gTZIxt8E1K2l0KkjrRFpdc5eyhgaykgakw
gaYxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTERMA8GA1UEBxMIU2FuIEpvc2UxGjAYBgNVBAoT
EURlTG9uZyBDb25zdWx0aW5nMSUwIwYDVQQLExxEZUxvbmcgQ2VydGlmaWNhdGUgQXV0aG9yaXR5
MRYwFAYDVQQDEw1jYS5kZWxvbmcuY29tMRwwGgYJKoZIhvcNAQkBFg1jYUBkZWxvbmcuY29tggEA
MBoGA1UdEQQTMBGBD293ZW5AZGVsb25nLmNvbTANBgkqhkiG9w0BAQUFAAOBgQCWRsD48eQfaNKH
K2lohMTD9voszp/GuoWTyi6RckNxW0b0V0gv7ZGH1BUmgq2Jt7SjIis7vTY3FCZUDcR9e7fpBXJL
/euk2pPEBSHbCWAYO+uFeZ17UHz0WtInBB7Yo2EHUrkf4jeJDL7rHOG5YOVQzoV1+vdFkmQvPCPX
zPyYyzGCA7cwggOzAgEBMIGsMIGmMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExETAPBgNVBAcT
CFNhbiBKb3NlMRowGAYDVQQKExFEZUxvbmcgQ29uc3VsdGluZzElMCMGA1UECxMcRGVMb25nIENl
cnRpZmljYXRlIEF1dGhvcml0eTEWMBQGA1UEAxMNY2EuZGVsb25nLmNvbTEcMBoGCSqGSIb3DQEJ
ARYNY2FAZGVsb25nLmNvbQIBFDAJBgUrDgMCGgUAoIIB3zAYBgkqhkiG9w0BCQMxCwYJKoZIhvcN
AQcBMBwGCSqGSIb3DQEJBTEPFw0xMTA4MDQyMjQzNThaMCMGCSqGSIb3DQEJBDEWBBS5CuXd6OW2
OwLm4RPf4h8R+xsnxjCBvQYJKwYBBAGCNxAEMYGvMIGsMIGmMQswCQYDVQQGEwJVUzELMAkGA1UE
CBMCQ0ExETAPBgNVBAcTCFNhbiBKb3NlMRowGAYDVQQKExFEZUxvbmcgQ29uc3VsdGluZzElMCMG
A1UECxMcRGVMb25nIENlcnRpZmljYXRlIEF1dGhvcml0eTEWMBQGA1UEAxMNY2EuZGVsb25nLmNv
bTEcMBoGCSqGSIb3DQEJARYNY2FAZGVsb25nLmNvbQIBFDCBvwYLKoZIhvcNAQkQAgsxga+ggaww
gaYxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTERMA8GA1UEBxMIU2FuIEpvc2UxGjAYBgNVBAoT
EURlTG9uZyBDb25zdWx0aW5nMSUwIwYDVQQLExxEZUxvbmcgQ2VydGlmaWNhdGUgQXV0aG9yaXR5
MRYwFAYDVQQDEw1jYS5kZWxvbmcuY29tMRwwGgYJKoZIhvcNAQkBFg1jYUBkZWxvbmcuY29tAgEU
MA0GCSqGSIb3DQEBAQUABIIBAGulaWVoMeCm/ghiFiGZyko8ZMlxGeYV0n+NIoAGJMOX92Nm162M
NuQx0yygMulv2LxHuQyMUEOk6k1ahb9AnNoI2xiwWMoTNrh63Mv12jzTMk4vDPSOmXEuN+T+eE1A
0vDz3wmKRa86VJ/MREpI9NVVdWPEU8X2VqxBO6olfKIhjqzypDdyyR1N32XMKMbS/EMapOvwAhdl
mF26hSTxDK2LTCp1Jd+7gPgdSCwnLwBxJyjCqmwnkWDi5d7UPXdBYM4p3wkinwUrtta0L8g8qWjr
r64p+1ITelR5SYMzi94RkhmwYfZLYRkUwXo3IzsaHvjA3RvufSqAgsYncGPufHQAAAAAAAA=
--Apple-Mail=_A489B07B-2A71-4EE9-B1BA-A55B95362BA8--
