[143277] in North American Network Operators' Group
Re: FTTH CPE landscape
daemon@ATHENA.MIT.EDU (Cutler James R)
Thu Aug 4 22:26:39 2011
From: Cutler James R <james.cutler@consultant.com>
Date: Thu, 4 Aug 2011 22:25:19 -0400
In-Reply-To: <E88C1EA0-2592-4B66-9539-ACFA833B0941@beanfield.com>
To: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--Apple-Mail=_B854D750-69CB-4A84-A1AE-FB586B5D96C0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=us-ascii
On Aug 4, 2011, at 7:08 PM, Dan Armstrong wrote:
>=20
> On 2011-08-04, at 6:43 PM, Owen DeLong <owen@delong.com> wrote:
>=20
>>=20
>> On Aug 4, 2011, at 2:55 PM, Dan White wrote:
>>=20
>>> On 04/08/11 14:32 -0700, Owen DeLong wrote:
>>>>=20
>>>> On Aug 4, 2011, at 2:08 PM, Jay Ashworth wrote:
>>>>=20
>>>>> ----- Original Message -----
>>>>>> From: "Owen DeLong" <owen@delong.com>
>>>>>=20
>>>>>> On Aug 4, 2011, at 8:35 AM, Jay Ashworth wrote:
>>>>>>=20
>>>>>>>> - Generic consumer grade NAT/Firewall
>>>>>>>=20
>>>>>>> Hobby horse: please make sure it support bridge mode? Those of =
us who
>>>>>>> want to put our own routers on the wire will hate you otherwise.
>>>>>>=20
>>>>>> Why? As long as it can be a transparent router, why would it need =
to
>>>>>> be a bridge?
>>>>>=20
>>>>> Ask a Verizon FiOS customer who wants to run IPv4 VPNs.
>>>>>=20
>>>>> He didn't say IPv6 only, right?
>>>>>=20
>>>>> I have a couple of customers who can't get bridge mode on =
residence FiOS
>>>>> service, and therefore can't run their own routers to terminate =
IPsec.
>>>>>=20
>>>> If they could get routed static IPv4 rather than bridge, why =
wouldn't they
>>>> be able to terminate IPSec VPNs? Note I did say TRANSPARENT router.
>>>> That would mean no NAT and routed static IPv4.
>>>=20
>>> For residential use, for users currently requesting one public =
address,
>>> that's a waste of a /30 block (sans routing tricks requiring higher =
end
>>> customer equipment). Multiply that by the number of residential =
customers
>>> you have and that's bordering on mismanagement of your address =
space.
>>>=20
>> You say waste, I say perfectly valid use.
>>=20
>>> If you're dealing with business customers, then your usage versus =
wasted
>>> ratio is much higher and less of a concern, but what's the point? =
Are you
>>> trying to cut down on a large broadcast domain?
>>>=20
>> Why is it less of a waste to allocate a /30 to a business using a =
single public
>> IP than it is to a residence? This makes no sense to me.
>>=20
>> I simply prefer the additional troubleshooting and other capabilities =
given
>> to me in a routed environment in most cases.
>>=20
>> Owen
>>=20
>=20
> Realistically, how many home Internet consumers terminate IPSec VPNs? =20=
>=20
> It seems kind of silly to engineer a network around a tiny fraction of =
less than 1% of the population, doesn't it?
>=20
>=20
It seems kind of silly to engineer a network against a tiny fraction of =
less than 1% of the population, doesn't it?
James R. Cutler
james.cutler@consultant.com
--Apple-Mail=_B854D750-69CB-4A84-A1AE-FB586B5D96C0
Content-Disposition: attachment;
filename=smime.p7s
Content-Type: application/pkcs7-signature;
name=smime.p7s
Content-Transfer-Encoding: base64
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIDyzCCA8cw
ggKvoAMCAQICAQEwCwYJKoZIhvcNAQEFMH4xHTAbBgNVBAMMFEN1dGxlciBKYW1lcyBSdXNsaW5n
MREwDwYDVQQIDAhNaWNoaWdhbjELMAkGA1UEBhMCVVMxETAPBgNVBAcMCFBseW1vdXRoMSowKAYJ
KoZIhvcNAQkBFhtqYW1lcy5jdXRsZXJAY29uc3VsdGFudC5jb20wHhcNMTEwNjIzMDIxNDU3WhcN
MTIwNjIyMDIxNDU3WjB+MR0wGwYDVQQDDBRDdXRsZXIgSmFtZXMgUnVzbGluZzERMA8GA1UECAwI
TWljaGlnYW4xCzAJBgNVBAYTAlVTMREwDwYDVQQHDAhQbHltb3V0aDEqMCgGCSqGSIb3DQEJARYb
amFtZXMuY3V0bGVyQGNvbnN1bHRhbnQuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoRktpXe7zkPcdgQ621UqiJLJuDAoBEEqbrit+OyXyLVjbTb0apBVTZdjN8zREWP/+Lgt61CR
HdCcnC8/0aT4NAinX2psBj6BkAYrkBiOrc4QvoSkIdWKx34KBM3k+KHSCcaUm4eK5EeWcb30vpLv
0s3baAkShAZShCCTgA3j10Vm7eVkn8uSNmVETKt8YIYnEZSuF2xazKkZWFMnoolQek8QqprUv8xT
a5mIBZMxWY/LjDkOzH503oxnwMOFKTlm45gHoh9U6mSYWnqae8BVzifTAByB62soaBtpTgG/+7RR
Wy6+qlTd8dFwK+GhSmBbmaIP4kQN1BW0OozHLeM0vwIDAQABo1IwUDAOBgNVHQ8BAf8EBAMCAf4w
FgYDVR0lAQH/BAwwCgYIKwYBBQUHAwQwJgYDVR0RBB8wHYEbamFtZXMuY3V0bGVyQGNvbnN1bHRh
bnQuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQAjUrPcVlX+rMPuwHbn6W1c/9egpnnGYgdmVV1Eywfm
KU+eahlncEzZPYsql1toNFSGbBEz3qkaLJI+q5hZOcKN/etGA89Qo9hwQ81xQ1n5z9ZouzwLMa89
iGl3qbVRIkAs9B+xv7+eQNu/jPGtoZIAe/5sxzkqvabroIkYfClG/25n62vZKIEAaAxRHPQKUQZk
FM8tvQV47GzvsCtp4R78uN+3TFbd0hSdPxMQp+lIYhgEwSoSewBsYr9WL2adUb7We91XY7kzjG/Y
djhcQ82bYcv1TwFLtEi0sxa8zlhXP9x+Dxl1NTfLtaplBXBtsjQqfnPzMJQuWpuM2QtQlopcMYID
PDCCAzgCAQEwgYMwfjEdMBsGA1UEAwwUQ3V0bGVyIEphbWVzIFJ1c2xpbmcxETAPBgNVBAgMCE1p
Y2hpZ2FuMQswCQYDVQQGEwJVUzERMA8GA1UEBwwIUGx5bW91dGgxKjAoBgkqhkiG9w0BCQEWG2ph
bWVzLmN1dGxlckBjb25zdWx0YW50LmNvbQIBATAJBgUrDgMCGgUAoIIBjTAYBgkqhkiG9w0BCQMx
CwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0xMTA4MDUwMjI1MTlaMCMGCSqGSIb3DQEJBDEW
BBRRZPKx1pHNAzzIbOl1N6VZkgTcwDCBlAYJKwYBBAGCNxAEMYGGMIGDMH4xHTAbBgNVBAMMFEN1
dGxlciBKYW1lcyBSdXNsaW5nMREwDwYDVQQIDAhNaWNoaWdhbjELMAkGA1UEBhMCVVMxETAPBgNV
BAcMCFBseW1vdXRoMSowKAYJKoZIhvcNAQkBFhtqYW1lcy5jdXRsZXJAY29uc3VsdGFudC5jb20C
AQEwgZYGCyqGSIb3DQEJEAILMYGGoIGDMH4xHTAbBgNVBAMMFEN1dGxlciBKYW1lcyBSdXNsaW5n
MREwDwYDVQQIDAhNaWNoaWdhbjELMAkGA1UEBhMCVVMxETAPBgNVBAcMCFBseW1vdXRoMSowKAYJ
KoZIhvcNAQkBFhtqYW1lcy5jdXRsZXJAY29uc3VsdGFudC5jb20CAQEwDQYJKoZIhvcNAQEBBQAE
ggEAKGdtHjJx8pwTZmJ5XQdedRZWHOLaErS/qv3ihtiPKBVo30n6jjvV5jAuq1VpAl/VFXlICBcV
vj8D46amXDdjeH9e4kTCNUjvSeg74xGjE9SjoHND2cajaeEPkY3ggusoExaNoSaqkXxRdr2DeNp7
JvSuH+hgyOqzVME0LdXD4PX4zFDfw+dyUlGS5oB+tOoPkA3UOWsW/iEQUM0on67WJkMf5IQQm0YQ
9TRM9BECxshSH+uS6wIOQOHaxJ6K0UT7R3eaXk2s0Uynv5Kr+1AOHs2aiYGzmzaLfQDz35C3CmZ6
UvjOHf77h+z45m0Nz1fIU3Mo4gDwnLCXGn1nDSeQAwAAAAAAAA==
--Apple-Mail=_B854D750-69CB-4A84-A1AE-FB586B5D96C0--
