Hi, On Tue, Feb 02, 2010 at 09:43:48PM +0300, Dmitry Burkov wrote:
On 02.02.10 19:07, Gert Doering wrote:
(despite the religious aspects, there's a purely practical aspect - if you force RIPE attendees into RFC1918 space, you're going to kill VPN connects for those poor souls that have a home network in the *same* RFC1918 address range. Which will break almost all VPN clients out there.)
Gert, seems you dramatize the situation - there are more issues - to be honest. The situations can be more complex. But I don't see any specific differences with access to corporate intranets and
If we use 192.168.1.0/24 for the RIPE meeting, and your corporate network at home uses 192.168.1.0/24 as well, most VPN clients will NOT be able to build a working connection. Try it. Given the number of attendees, the chances for address collisions with at least one participant's home network can be assumed to be near 100%. We've been fighting with this issue for years now - people stay at hotels and want to connect to their home network, and that network happens to use the same RFC 1918 address block as the hotel. (Add to that the problems many N:1 NAT/PAT implementations have with multiple parallel IPSEC sessions). NAT and RFC1918 are fine tools for corporate environments that don't *want* any communication besides clearly defined exceptions. But that's not "useful Internet". Don't go there, just "because everbody else does". (*Especially* not for that stupid reason. We're not sheep.) Gert Doering -- NetMaster -- Total number of prefixes smaller than registry allocations: 144438 SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279