Date: Wed, 14 Mar 2001 00:31:35 -0800 From: "Ted Mittelstaedt" <tedm@toybox.placo.com> To: "Garrett Wollman" <wollman@khavrinen.lcs.mit.edu> Cc: <FreeBSD-Questions@FreeBSD.ORG> Subject: RE: Racoon Problem & Cisco Tunnel Message-ID: <006801c0ac61$2e1f9200$1401a8c0@tedm.placo.com> In-Reply-To: <200103131728.MAA74100@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
>-----Original Message----- >From: owner-freebsd-questions@FreeBSD.ORG >[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Garrett Wollman >Sent: Tuesday, March 13, 2001 9:29 AM >To: Ted Mittelstaedt >Cc: FreeBSD-Questions@FreeBSD.ORG >Subject: RE: Racoon Problem & Cisco Tunnel > > ><<On Tue, 13 Mar 2001 09:17:56 -0800, "Ted Mittelstaedt" ><tedm@toybox.placo.com> said: > >> As a matter of fact, Cisco is steadily losing ground in the SOHO routing >> market. > >Which is really irrelevant, since the SOHO market is not where people >will experience the drawbacks of NAT which could potentially drive >them to IPv6. I would expect those installations to be the very >*last* to convert, long after large companies with more urgent network >design issues arising from NAT have done so. > What large company needs more than 16 million IP numbers available in the 10.X.X.X RFC 1918 range? No, don't answer that, I'm just baiting you. :-) But, I am also using it to point out that a large number of these "urgent network design issues" as you call them are really _interconnection_ problems _between_ companies. For example, BigCO#1 running 10.X has a serious problem interconnecting to BigCO#2 who is also running 10.X numbers. Now, you and I know what Cisco's answer to these sorts of problems are - feed 'em more NAT. As in, double NATTing on a Cisco router between both companies. Pretty ugly solution of course, but it does work. We have been able to avoid these situations with the BigCO<->SmallCO interconnections because we merely renumber SmallCo out of BigCo's private range. Most big companies seem to like using 10.X numbers and it's easy to put the smaller company into 192.168.X. Thus, the routing between them is normal, and even if you do use NAT in the interconnection, it's the more _normal_ many-to-one or many-to-many not the double-NAT stuff. But, as you say, yes, it's a serious problem with interconnecting two large organizations that are both privately numbered. I guess my answer to that is, well, those big organizations have the deep pockets to make double-natting work, and if it doesen't work for their particular protocol, well then they go back to Cisco and force Cisco to make it work. I think it's pretty rediculous to make everyone else change just because a handful of Fortune 100 companies have problems interconnecting to each other. Fortunately, so far the IPv6 vs IPv4 deployment argument has been kept fairly low key, and as most big companies haven't even made the buyoff on IPv6 at the current time, it's still merely an issue of a bunch of networking engineers out there attempting to propagandize the big companies into signing onto the IPv6 bandwagon. I suppose that eventually they will do it, and we will have many large commercial organizations that convert over. But, I maintain that at that point, the IPv6 people are going to hit a roadblock that will be much harder to pass. Sure, if you can get the Fortune 100 to switch to IPv6 your going to be able to get NetGear and LinkSys and the rest of those folks to add IPv6 support into their microcode. But, by then there's going to be millions of the current models of those devices deployed, and as I attempted to say in my other post, getting those small organizations to switch over is going to be far more difficult. And if you can't get them converted, then the ISP's that they all plug into won't convert either, and the IPv6 deployment project will start to resemble a huge catfight. In fact all this has got me thinking - we have feed contracts coming up for renewal, I think I'll insert a clause mandating that Internet access must be presented in IPv4 for as long as the contract term. I'll see if we get any engineer screams from the feed suppliers, that will give me a good indication of what their feelings are, and it's always fun to throw in a few monkey wrenches. Ted Mittelstaedt tedm@toybox.placo.com Author of: The FreeBSD Corporate Networker's Guide Book website: http://www.freebsd-corp-net-guide.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?006801c0ac61$2e1f9200$1401a8c0>