Simulation of the future IPv4 world at RIPE meetings?
All, Perhaps we should begin preparing ourselves for the future IPv4 world by simulating various levels of IPv4 exhaustion at future RIPE meetings? I can imagine a few stages: 1. We can no longer give public IPv4 addresses to attendees. RFC 1918 for everyone, but with 1:1 mapping to public addresses. 2. The entire meeting gets NAT'ed to a single /24. 3. The entire meeting gets NAT'ed to a single IP address. Of course, this is the easy side. People are already accustomed to living behind NAT with their laptops. (They might be a little more annoyed when Google Maps won't work because there aren't enough ports to handle all the simultaneous open connections.) To be fair, we should also disable IPv4 for access to the meeting itself, as this is the first problem that new entrants to the Internet will have. But this is a huge burden on RIPE NCC staff and remote participants, so this will have to wait. :) -- Shane
start with 3. that is the real life scenario... Marc. Shane Kerr a écrit :
All,
Perhaps we should begin preparing ourselves for the future IPv4 world by simulating various levels of IPv4 exhaustion at future RIPE meetings?
I can imagine a few stages:
1. We can no longer give public IPv4 addresses to attendees. RFC 1918 for everyone, but with 1:1 mapping to public addresses. 2. The entire meeting gets NAT'ed to a single /24. 3. The entire meeting gets NAT'ed to a single IP address.
Of course, this is the easy side. People are already accustomed to living behind NAT with their laptops. (They might be a little more annoyed when Google Maps won't work because there aren't enough ports to handle all the simultaneous open connections.)
To be fair, we should also disable IPv4 for access to the meeting itself, as this is the first problem that new entrants to the Internet will have. But this is a huge burden on RIPE NCC staff and remote participants, so this will have to wait. :)
-- Shane
What a lovely idea! Stage 4: The entire meeting gets put behind a single IP address, and shares outgoing bandwidth with another meeting, also put behind a single IP address, which has another NAT gateway behind it. For that extra verisimillitude, NRM 2009/9/24 Shane Kerr <shane@time-travellers.org>
All,
Perhaps we should begin preparing ourselves for the future IPv4 world by simulating various levels of IPv4 exhaustion at future RIPE meetings?
I can imagine a few stages:
1. We can no longer give public IPv4 addresses to attendees. RFC 1918 for everyone, but with 1:1 mapping to public addresses. 2. The entire meeting gets NAT'ed to a single /24. 3. The entire meeting gets NAT'ed to a single IP address.
Of course, this is the easy side. People are already accustomed to living behind NAT with their laptops. (They might be a little more annoyed when Google Maps won't work because there aren't enough ports to handle all the simultaneous open connections.)
To be fair, we should also disable IPv4 for access to the meeting itself, as this is the first problem that new entrants to the Internet will have. But this is a huge burden on RIPE NCC staff and remote participants, so this will have to wait. :)
-- Shane
On Thursday 24 September 2009 16:33:04 Niall Murphy wrote:
What a lovely idea! Stage 4: The entire meeting gets put behind a single IP address, and shares outgoing bandwidth with another meeting, also put behind a single IP address, which has another NAT gateway behind it.
I know (and I guess a lot of others too) such setups now in the real world and in quite large scale :) It would be a really bad idea to replicate them, but the future could turn out to be quite ugly. Kostas
For that extra verisimillitude,
NRM
2009/9/24 Shane Kerr <shane@time-travellers.org>
All,
Perhaps we should begin preparing ourselves for the future IPv4 world by simulating various levels of IPv4 exhaustion at future RIPE meetings?
I can imagine a few stages:
1. We can no longer give public IPv4 addresses to attendees. RFC 1918 for everyone, but with 1:1 mapping to public addresses. 2. The entire meeting gets NAT'ed to a single /24. 3. The entire meeting gets NAT'ed to a single IP address.
Of course, this is the easy side. People are already accustomed to living behind NAT with their laptops. (They might be a little more annoyed when Google Maps won't work because there aren't enough ports to handle all the simultaneous open connections.)
To be fair, we should also disable IPv4 for access to the meeting itself, as this is the first problem that new entrants to the Internet will have. But this is a huge burden on RIPE NCC staff and remote participants, so this will have to wait. :)
-- Shane
On Thursday 24 September 2009 15:04:20 Shane Kerr wrote:
All,
Perhaps we should begin preparing ourselves for the future IPv4 world by simulating various levels of IPv4 exhaustion at future RIPE meetings?
I can imagine a few stages:
1. We can no longer give public IPv4 addresses to attendees. RFC 1918 for everyone, but with 1:1 mapping to public addresses. 2. The entire meeting gets NAT'ed to a single /24. 3. The entire meeting gets NAT'ed to a single IP address.
Of course, this is the easy side. People are already accustomed to living behind NAT with their laptops. (They might be a little more annoyed when Google Maps won't work because there aren't enough ports to handle all the simultaneous open connections.)
If a /24 is used for NAT, considering the size of RIPE meetings, I guess nobody will notice anything inconvenient.
To be fair, we should also disable IPv4 for access to the meeting itself, as this is the first problem that new entrants to the Internet will have. But this is a huge burden on RIPE NCC staff and remote participants, so this will have to wait. :)
It would be interesting to observe the frustration this will cause to the actual participants, apart from the work load and burden on the RIPE NCC staff :) Kostas
-- Shane
On 24 sep 2009, at 16:30, Kostas Zorbadelos wrote:
If a /24 is used for NAT, considering the size of RIPE meetings, I guess nobody will notice anything inconvenient.
It's a 1 in 3 mapping if you count heads, I guess devices is 1 on 5 :) If you think this won't raise any issues I guess the world in general doesn't have a problem, we can simply extend the IPv4 space by a multiple of 5 :P Even if open ports wouldn't be an issue, think of: - inbound connections (people using VOIP) - VPN to connect back home (meeting is still providing fixed IP for that purpose) - CPU load - traceability (Pentagon got hacked by somebody at RIPE-XX) Groet, MarcoH
Hi, On Thu, Sep 24, 2009 at 04:44:38PM +0200, Marco Hogewoning wrote:
Even if open ports wouldn't be an issue, think of:
- inbound connections (people using VOIP) - VPN to connect back home (meeting is still providing fixed IP for that purpose) - CPU load - traceability (Pentagon got hacked by somebody at RIPE-XX)
Which is the point, isn't it? "NAT BAD! IPv6 GOOD!". Gert Doering -- NetMaster -- Total number of prefixes smaller than registry allocations: 141055 SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279
Gert Doering wrote:
Hi,
On Thu, Sep 24, 2009 at 04:44:38PM +0200, Marco Hogewoning wrote:
Even if open ports wouldn't be an issue, think of:
- inbound connections (people using VOIP) - VPN to connect back home (meeting is still providing fixed IP for that purpose) - CPU load - traceability (Pentagon got hacked by somebody at RIPE-XX)
Which is the point, isn't it? "NAT BAD! IPv6 GOOD!".
Gert Doering -- NetMaster
Hm... this attitude is (I belive) registered to Jan Zorz... It's all he talks about... Then again, let's do it on a pre-set date and just flick the switch :) Ragnar Belial Us
On Thursday 24 September 2009 17:44:38 Marco Hogewoning wrote:
On 24 sep 2009, at 16:30, Kostas Zorbadelos wrote:
If a /24 is used for NAT, considering the size of RIPE meetings, I guess nobody will notice anything inconvenient.
It's a 1 in 3 mapping if you count heads, I guess devices is 1 on 5 :) If you think this won't raise any issues I guess the world in general doesn't have a problem, we can simply extend the IPv4 space by a multiple of 5 :P
I didn't say there are no issues, I said the people will not feel inconvenient.
Even if open ports wouldn't be an issue, think of:
- inbound connections (people using VOIP)
There are ugly ways to address this (eg ALG).
- VPN to connect back home (meeting is still providing fixed IP for that purpose)
I have used openVPN in a NAT environment without problems.
- CPU load - traceability (Pentagon got hacked by somebody at RIPE-XX)
:-D Don't get me wrong, I am a proponent of IPv6 and I hate NAT. But unfortunately all those ugly solutions keep IPv4 running, who knows for how long more. Regards, Kostas
Groet,
MarcoH
participants (7)
-
Gert Doering -
Kostas Zorbadelos -
Marc Blanchet -
Marco Hogewoning -
Niall Murphy -
Shane Kerr -
Us