[AusNOG] APNIC Slashes Costs for New Members

Michael Andreas Schipp MSchipp at a10networks.com
Sat Mar 2 18:02:13 EST 2013


>I didn't say that, and I don't think CGN works (compared to a single NAT with a public IPv4 address) and I don't think it is cheap (both additional costs of the CGN devices or additional resource utilisation >in your existing devices, or the support calls when applications that formerly worked don't). But CGN is eventually going to be inevitable, and the resulting pain is going to be the consequence the >industry has to accept for ignoring both the well known and long known problem of IPv4 addresses running out

Mark, note that the RFC https://tools.ietf.org/html/rfc6598 you provided is almost 2 years old. (21 months)  I suggest to you or anyone else that is interested in CGN to check with your preferred vendor as to what steps have be made in correcting/fixing/patching some of the concerns raised in RFC6598.

However to this day some of the issues raised by RFC6598 are still valid, just not all anymore.

Thank you,
 
Michael A Schipp
Regional SE Manager ANZ
A10 Networks

Direct: 0402 907 928
Email: mschipp at a10networks.com
WEB:     www.a10networks.com
Twitter: @maschipp

-----Original Message-----
From: ausnog-bounces at lists.ausnog.net [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Mark Smith
Sent: Saturday, 2 March 2013 9:39 AM
To: Jared Hirst
Cc: ausnog at lists.ausnog.net
Subject: Re: [AusNOG] APNIC Slashes Costs for New Members





----- Original Message -----
> From: Jared Hirst <jared.hirst at serversaustralia.com.au>
> To: Mark Smith <markzzzsmith at yahoo.com.au>
> Cc: Joshua D'Alton <joshua at railgun.com.au>; "ausnog at lists.ausnog.net" 
> <ausnog at lists.ausnog.net>
> Sent: Saturday, 2 March 2013 8:17 AM
> Subject: Re: [AusNOG] APNIC Slashes Costs for New Members
> 
>T hat's nice, I'm a hosting provider I deal with eye ballers not big  
>companies like face book and you tube, and whilst you mentioned before  
>that all large carriers here support it, getting it supported and  
>having it down to the end CPE is a different story.


Well I'm a bit out of touch, but I think I know a fair bit of the getting it to and the CPE itself story:

http://www.users.on.net/~markachy/resi_ipv6_cpe.pdf


> I've had nothing
> but issues when trying to get support or get people behind us in 
> deploying v6.

This sounds a bit like you're waiting for other people's permission, and therefore not even doing the things that you could do. If you're providing customers with IPv6 connectivity, assuming Mark N's AAAA problems aren't a local issue, why isn't your website IPv6 enabled? What other services do you have that could be IPv6 enabled? I think you'd be in a stronger position to complain about lack of IPv6 deployment when you've done everything you can possibly do.


> Especially with the carriers I mentioned before, if you have worked 
> for a big business and had help and support that's great, but I'm 
> giving you an inside look from a small business, and frankly they 
> don't care when it comes to a 'hard thing to support' because they 
> probably won't get any media coverage out of us deploying the v6...you 
> get my drift?
> 

IPv6 is "concrete foundations" technology, and just like the people who live in the building won't care about the foundations unless the building falls over, don't expect people to care about IPv6 until they can't access an IPv6 only website. The opportunity for media coverage, if that is important to you, has passed.

> I'm not just whinging to waste my time, I have a genuine concern that 
> we will not and cannot be v6 ready by the time v4 is depleted, simple.
> 

We already are not ready and won't be. I believe IPv4 CGN/LSN is inevitable in parallel with IPv6. 4 million public addresses were burned to make deploying CGN more successful, despite the possibility of an ISP using a duplicate of their own public address space to solve the problem:

https://tools.ietf.org/html/rfc6598


As a Telstra representative was one of the authors of that RFC, that suggests that the (probable) largest holder of IPv4 address space in Australia thinks they're going to have to deploy CGN.

> I'm in hosting, and not ONCE have I even seen a company or control 
> panel or really anything work well with v6, we make it work for the 
> most part but it really isn't widely supported by anything or anyone 
> we use.
> 

So if you're paying for those products, and/or paying for support of those products, lodge a bug report, and insist that it is fixed, or find an alternative product that does work. If people don't know there is a problem, how do they know they need to spend time fixing it? Apathy doesn't get problems solved.

> CGN works and is cheap? As michael said you can do it (proven working) 
> on an A10 device, so don't have a go at me saying I don't know what I 
> am doing and I should just shut up and move to v6.
> 

I didn't say that, and I don't think CGN works (compared to a single NAT with a public IPv4 address) and I don't think it is cheap (both additional costs of the CGN devices or additional resource utilisation in your existing devices, or the support calls when applications that formerly worked don't). But CGN is eventually going to be inevitable, and the resulting pain is going to be the consequence the industry has to accept for ignoring both the well known and long known problem of IPv4 addresses running out

> Anyway going to enjoy my Saturday now and not have any future concerns

> about the v4 depletion as there is none according to everyone that has 
> had a go at me! So clearly I am the wrong one and was totally thinking 
> out of line about the lack of space. Sorry!
> 

Some of the people who've been discussing this topic have been aware of the coming problem for more than a decade, and perhaps closer to 15 years, if not longer. The concerns you have are pretty much in the realm of rearranging deck chairs on the Titanic. It is time to just accept that IPv4 addresses are going to run out no matter what is done, and that making them or keeping the more expensive is not going to delay the inevitable for any useful amount of time. Making them cheaper for a select population who may need them more than the rest of us, because they're in a position of either having none or 1024, isn't going to have much of an effect.

> Regards,
> 
> Jared Hirst
> Servers Australia Pty Ltd
> Phone: 1300 788 862
> Direct: (02) 4307 4205
> E-mail: jared.hirst at serversaustralia.com.au
> 
> On 02/03/2013, at 7:24 AM, Mark Smith <markzzzsmith at yahoo.com.au> wrote:
> 
>> 
>>>  ________________________________
>>>  From: Jared Hirst <jared.hirst at serversaustralia.com.au>
>>>  To: Joshua D'Alton <joshua at railgun.com.au>
>>>  Cc: "ausnog at lists.ausnog.net" <ausnog at lists.ausnog.net>
>>>  Sent: Friday, 1 March 2013 10:51 PM
>>>  Subject: Re: [AusNOG] APNIC Slashes Costs for New Members
>>> 
>>> 
>>>  Exactly, I'm agreeing with Mark saying ipv6 is the best option, but
> because no one is going v6 we need to be strict and be cautious of 
> what v4 we have left right?
>> 
>>  You keep repeating that no one is going IPv6. Google, Facebook, 
>> Akamai and
> Yahoo are not "no one". Did you miss June 6 last year?
>> 
>>  http://www.worldipv6launch.org/
>> 
>> 
>> 
>>  There is still a lot of deployment to be done, but major content 
>> providers,
> some major CPE vendors and major ISPs have got on board.
>> 
>>  Eric Vyncke @ Cisco has developed the following website to show IPv6
> deployment.
>> 
>>  http://www.vyncke.org/ipv6status/
>> 
>> 
>>>  Regards,
>>> 
>>> 
>>>  Jared Hirst
>>>  Servers Australia Pty Ltd
>>>  Phone: 1300 788 862
>>>  Direct: (02) 4307 4205
>>>  E-mail: jared.hirst at serversaustralia.com.au
>>> 
>>>  On 01/03/2013, at 10:46 PM, Joshua D'Alton
> <joshua at railgun.com.au> wrote:
>>> 
>>> 
>>>  The more prolinged a crash the worse it is. history teaches us that.
>>>>  if we had listened to industry leaders like mark 20 years ago wed
> have opv6 already. instead we let politicians essentially decide 
> things for us through shear force of numbers.
>>>>  and that is why we have SNI that doesnt work, server providers 
>>>> like
> jared trying to help, but a situation like this where collective bad 
> decision making has led us to prolong the crash in a vain attempt to 
> prevent the impossible.
>>>>  sent from android
>>>>  On Mar 1, 2013 10:03 PM, "Jared Hirst" 
> <jared.hirst at serversaustralia.com.au> wrote:
>>>> 
>>>>  Agreed, but why speed the process up!
>>>>> 
>>>>>  Regards,
>>>>> 
>>>>> 
>>>>>  Jared Hirst
>>>>>  Servers Australia Pty Ltd
>>>>>  Phone: 1300 788 862
>>>>>  Direct: (02) 4307 4205
>>>>>  E-mail: jared.hirst at serversaustralia.com.au
>>>>> 
>>>>>  On 01/03/2013, at 9:46 PM, Damian Guppy
> <the.damo at gmail.com> wrote:
>>>>> 
>>>>> 
>>>>>  No offence, but at this point following the policies you talk
> about would still be akin to bailing out the titanic with a hand pump, 
> the move to IPv6 is needed, and the sooner the better. The whole "we 
> are running out of IP's" thing has been going on for over 20 years 
> now, it needs to end some where.
>>>>>> 
>>>>>> 
>>>>>>  --Damian
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>>  On Fri, Mar 1, 2013 at 6:36 PM, Jared Hirst
> <jared.hirst at serversaustralia.com.au> wrote:
>>>>>> 
>>>>>>  Ok no worries. I don't agree with you at all and we
> will leave it at that.
>>>>>>> 
>>>>>>>  If anyone else wants to speak up then do. If not ill
> shut up and never
>>>>>>>  question APNIC policies again.
>>>>>>> 
>>>>>>>  Your attitude of 'restricting and policing
> IP's' won't change a thing
>>>>>>>  is the exact reason we are in this position.
>>>>>>> 
>>>>>>>  If people were conservative with space, use carrier
> grade NAT and
>>>>>>>  actually assigned IP's as per policy them you and I
> would not be
>>>>>>>  having this conversation, end of story. There would be
> ample space
>>>>>>>  available IF people followed policies.
>>>>>>> 
>>>>>>>  Call it what you like but people not following policy
> as got us in
>>>>>>>  this position.
>>>>>>> 
>>>>>>> 
>>>>>>>  Regards,
>>>>>>> 
>>>>>>>  Jared Hirst
>>>>>>>  Servers Australia Pty Ltd
>>>>>>>  Phone: 1300 788 862
>>>>>>>  Direct: (02) 4307 4205
>>>>>>>  E-mail: jared.hirst at serversaustralia.com.au
>>>>>>> 
>>>>>>> 
>>>>>>>  On 01/03/2013, at 9:12 PM, Mark Newton
> <newton at atdot.dotat.org> wrote:
>>>>>>> 
>>>>>>>> 
>>>>>>>>  On 01/03/2013, at 8:16 PM, Jared Hirst
> <jared.hirst at serversaustralia.com.au> wrote:
>>>>>>>> 
>>>>>>>>>  They have a policy for recovering un used
> address from what I was told
>>>>>>>>>  by them, they just don't have the resources
> to action it.
>>>>>>>> 
>>>>>>>>  There's also almost exactly zero point in
> actioning it.  The cost/benefit
>>>>>>>>  equation has a pretty small denominator and a very
> large numerator.
>>>>>>>> 
>>>>>>>>>  Don't have a stab at me, I'm speaking
> what most are probably thinking.
>>>>>>>> 
>>>>>>>>  That's the thing -- I don't think you are.
> Otherwise the policy would
>>>>>>>>  be different.
>>>>>>>> 
>>>>>>>>>  Yes I should go to the policy meetings and I
> will, and I will speak on
>>>>>>>>>  behalf of around 30 providers that have
> directly emailed me saying
>>>>>>>>>  they agree... However from what I was told
> there IS a policy to stop
>>>>>>>>>  this, but no one actions it.
>>>>>>>> 
>>>>>>>>  Well, all their policies are on their website.  If
> you want to turn yourself
>>>>>>>>  into the policy police, start naming and shaming
> and see how far it goes.
>>>>>>>> 
>>>>>>>>  <popcorn>
>>>>>>>> 
>>>>>>>>>  If you don't think people use loop holes to
> get IP's for no reason
>>>>>>>>>  then you need to come and work for a hosting
> company for a day and see
>>>>>>>>>  the shit people say to get an IP, second
> opinions are approved for no
>>>>>>>>>  reason and IP's are handed out like they
> are not limited. No wonder we
>>>>>>>>>  have a world wide shortage.
>>>>>>>> 
>>>>>>>>  It isn't supposed to be hard.
>>>>>>>> 
>>>>>>>>  We have a world-wide shortage because we have an
> address space good
>>>>>>>>  for 4 billion addresses plus change, and we have
> more than 4 billion
>>>>>>>>  devices wanting to use it.
>>>>>>>> 
>>>>>>>>  Put up all the administrative barriers you like,
> and there still won't
>>>>>>>>  be enough IPv4.
>>>>>>>> 
>>>>>>>>  Having said that, under the "last /8" 
> policy the remaining store of
>>>>>>>>  IPv4 addresses in the APNIC region is, for all
> intents and purposes,
>>>>>>>>  unlimited -- in the sense that there are 16384
> allocatable /22's, and
>>>>>>>>  less than 16384 APNIC members, and a rule that says
> only one /22 can
>>>>>>>>  be allocated to each member.  As long as APNIC
> continues to have less
>>>>>>>>  than 16384 members between now and when IPv6 is
> mainstream (which seems
>>>>>>>>  likely, even for pessimistic estimates of that time
> horizon), the remaining
>>>>>>>>  addresses are, for all intents and purposes,
> unlimited.
>>>>>>>> 
>>>>>>>>  So, with that policy in place, we have no further
> need to put barriers
>>>>>>>>  in the way of allocations.
>>>>>>>> 
>>>>>>>> 
>>>>>>>>>  The fact people can now get a /22 with minimal
> justification and cost
>>>>>>>>>  is my argument,
>>>>>>>> 
>>>>>>>>  They've -always- been able to get a /22 with
> minimal justification.
>>>>>>>> 
>>>>>>>>  The only thing that's changed is the price.
>>>>>>>> 
>>>>>>>>  Now:  When Gerry Harvey complains about reduced
> prices enabling new
>>>>>>>>  market entrants, we all laugh and call it
> "rent seeking," and say it's
>>>>>>>>  a sign that his industry has given up on
> innovation.
>>>>>>>> 
>>>>>>>>>  it's now making it easy to source and hold
> on to for
>>>>>>>>>  selling and making a profit for later.
>>>>>>>> 
>>>>>>>>  Great! More of that, please.  Perhaps they'll
> inflate the IPv4 price
>>>>>>>>  bubble so much that migrating to IPv6 has less cost
> attached to it than
>>>>>>>>  acquiring IPv4, then we'll start to see some
> real progress.
>>>>>>>> 
>>>>>>>>>  I agree there are some people  that really do need them and I 
>>>>>>>>> FULLY support
> them IF they have a REAL
>>>>>>>>>  justification.
>>>>>>>> 
>>>>>>>>  Your problem is that you're using your
> subjective judgment of their
>>>>>>>>  justification to decide if it's
> "real", instead of applying the criteria
>>>>>>>>  that's in the actual APNIC policy.
>>>>>>>> 
>>>>>>>>  APNIC doesn't do that.  They follow what their
> members have directed them
>>>>>>>>  to follow.  There is consequently a mismatch
> between their behaviour and
>>>>>>>>  your expectations.
>>>>>>>> 
>>>>>>>>  It's important to recognize that your
> expectations are the problem
>>>>>>>>  here.  Most past that and we're done!
>>>>>>>> 
>>>>>>>>>  (In fact i have helped many customers of mine
> move off
>>>>>>>>>  my space to their own allocation) A
> justification of 'we have ssl's'
>>>>>>>>>  is not longer valid in my opinion, you can use
> SNI or something
>>>>>>>>>  similar to overcome the need for a IP for a
> SSL, however people still
>>>>>>>>>  seem to use this excuse to gain IP space, I see
> it everyday in
>>>>>>>>>  hosting.
>>>>>>>> 
>>>>>>>>  It's not supposed to be hard.  They're not
> "making excuses" to gain
>>>>>>>>  space;  it's actually -your- policies
> they're trying to find loopholes
>>>>>>>>  in to carry out the business you're supposed to
> be enabling, not APNIC's
>>>>>>>>  policies.
>>>>>>>> 
>>>>>>>>>  Obviously in your world of ISP land it's a
> lot different. But MANY in
>>>>>>>>>  hosting are seeing this horrible trend.
>>>>>>>> 
>>>>>>>>  Why is it "horrible"?
>>>>>>>> 
>>>>>>>>>  I'm now going to enjoy my beer and Friday
> night and will look forward
>>>>>>>>>  to attending the next APNIC policy meeting
>>>>>>>> 
>>>>>>>>  Excellent!  Here it is:
> http://conference.apnic.net/36
>>>>>>>> 
>>>>>>>>>  armed with example
>>>>>>>>>  companies hoarding IP's that have knowingly
> ripped off the application
>>>>>>>>>  policy.
>>>>>>>> 
>>>>>>>>  Where "ripped off" seems to be the same
> as "complied with."
>>>>>>>> 
>>>>>>>>  Unless you're accusing APNIC of incompetently
> executing the policies,
>>>>>>>>  and thereby granting address space to people who
> shouldn't have it.
>>>>>>>> 
>>>>>>>>  Is that what you're doing?
>>>>>>>> 
>>>>>>>>>  Remember I support the genuine people that need
> IP's
>>>>>>>> 
>>>>>>>>  Yep, by *YOUR* interpretation of their
> "need."
>>>>>>>> 
>>>>>>>>  Other people see needs differently, and they vote
> at APNIC meetings too.
>>>>>>>> 
>>>>>>>>   - mark
>>>>>>>  _______________________________________________
>>>>>>>  AusNOG mailing list
>>>>>>>  AusNOG at lists.ausnog.net
>>>>>>>  http://lists.ausnog.net/mailman/listinfo/ausnog
>>>>>  _______________________________________________
>>>>>  AusNOG mailing list
>>>>>  AusNOG at lists.ausnog.net
>>>>>  http://lists.ausnog.net/mailman/listinfo/ausnog
>>>  _______________________________________________
>>>  AusNOG mailing list
>>>  AusNOG at lists.ausnog.net
>>>  http://lists.ausnog.net/mailman/listinfo/ausnog
>>> 
>>> 
>>> 
> 
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog



More information about the AusNOG mailing list