Re: A Splendid Example Of A Renumbering Disaster
"Andrew G. Malis" <agmalis@gmail.com> Mon, 26 November 2012 16:52 UTC
Return-Path: <agmalis@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 59FDF21F86C2 for <ietf@ietfa.amsl.com>; Mon, 26 Nov 2012 08:52:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.598
X-Spam-Level:
X-Spam-Status: No, score=-3.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4MKonaFjnRBA for <ietf@ietfa.amsl.com>; Mon, 26 Nov 2012 08:52:27 -0800 (PST)
Received: from mail-ia0-f172.google.com (mail-ia0-f172.google.com [209.85.210.172]) by ietfa.amsl.com (Postfix) with ESMTP id 5372921F843E for <ietf@ietf.org>; Mon, 26 Nov 2012 08:52:27 -0800 (PST)
Received: by mail-ia0-f172.google.com with SMTP id j26so8906613iaf.31 for <ietf@ietf.org>; Mon, 26 Nov 2012 08:52:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=AmYqtT0ct0FNZfXBJAohIJGY3q/a9I4k9YkAU35aFLU=; b=IJ4MqE1M7aAIIue5rq4OeejlCBvgzl65MEr7KBFros4vkkV1Dm1hy+QKdBIqBE5/kb kK6NVYF3ykziUgk7zFgVjjNGz7U9SGZFMIH7nLTjtXPp1n56t/EQ8ZX0PeTywHfscrqT Pif15vz5Bldka09EtPn7F6N+Y2U5P+P3DGdAgPCA7JKSmb7ZKfiXxLJNyOQm4Guxx7eM mqGCZUJOKolNASaina1AkaQEO5gPYeg9kE5Z/aM+j4hcMzUzn9m+K38d8d0lndtz+H8H DPWMmdekWOWimpNfoQ2cg1jve6EpEXDgIM4YqcYqnJHjHhkGr4S3Y0FBE34UIt1v7MeF NUow==
Received: by 10.50.151.238 with SMTP id ut14mr11993384igb.58.1353948746861; Mon, 26 Nov 2012 08:52:26 -0800 (PST)
MIME-Version: 1.0
Received: by 10.64.35.195 with HTTP; Mon, 26 Nov 2012 08:52:06 -0800 (PST)
In-Reply-To: <alpine.LFD.2.02.1211241129320.2810@bofh.nohats.ca>
References: <54E43A43-A9F3-4803-BAB9-B06F4EB0CB19@me.com> <alpine.LFD.2.02.1211241129320.2810@bofh.nohats.ca>
From: "Andrew G. Malis" <agmalis@gmail.com>
Date: Mon, 26 Nov 2012 11:52:06 -0500
Message-ID: <CAA=duU3cuFPhii9d4Gab74N_cxzPALZP0K1ENVsyfrj7P+2AdA@mail.gmail.com>
Subject: Re: A Splendid Example Of A Renumbering Disaster
To: Paul Wouters <paul@nohats.ca>
Content-Type: multipart/alternative; boundary="e89a8f3b9f7d19cd2104cf68c21f"
Cc: IETF Discussion <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Nov 2012 16:52:28 -0000
As LogMein says, even with the TMobile and Rogers use, it's extremely unlikely that their customers will need to communicate with any hosts in 25/8. That said, I absolutely agree that an IPv4 range devoted to VPNs would be great. I run a personal VPN to my home LAN, and I specifically use different ranges of RFC 1918 space for the addresses in my home and my VPN. Cheers, Andy On Sat, Nov 24, 2012 at 11:36 AM, Paul Wouters <paul@nohats.ca> wrote: > On Sat, 24 Nov 2012, Sabahattin Gucukoglu wrote: > > http://b.logme.in/2012/11/07/**changes-to-hamachi-on-**november-19th/<http://b.logme.in/2012/11/07/changes-to-hamachi-on-november-19th/> >> >> LogMeIn Hamachi is basically a NAT-traversing layer 2 VPN solution. They >> avoided conflicts with RFC 1918 space by hijacking IPv4 space in 5/8, now >> actively being allocated by LIRs in Europe. When that didn't work (see >> link above), they moved to 25/8, allocated to the UK MoD. While I'm almost >> sure that they haven't got it quite so wrong this time, following the >> comments says that the idea was not only a very bad one to start with, it's >> cost a lot of people a lot of grief that IPv6 was clearly going to mitigate >> in renumbering. Perhaps it is why they recommend it per default, if not >> for the number of applications that would be broken by it. >> > > Both TMobile in the US, and Rogers/Fido in Canada use 25/8. Our IPsec > client per default only allows incoming NAT-T for ranges in RFC1918, due > to security reasons (you don't want them hijacking google's ip range). So > we actually had to add 25/8 to the white list a few years ago. > > But, it would be nice to have an IPv4 range dedicated to VPN ranges, so > you can setup things like L2TP tunnels without fear of collision in the > RFC1918 space, although I guess technology has advanced enough to > implement proper segmentation and workarounds for this these days. > > Paul >
- A Splendid Example Of A Renumbering Disaster Sabahattin Gucukoglu
- Re: A Splendid Example Of A Renumbering Disaster David Conrad
- Re: A Splendid Example Of A Renumbering Disaster Christopher Morrow
- Re: A Splendid Example Of A Renumbering Disaster Brian E Carpenter
- Re: A Splendid Example Of A Renumbering Disaster Paul Wouters
- Re: A Splendid Example Of A Renumbering Disaster Andrew G. Malis
- Re: A Splendid Example Of A Renumbering Disaster Benson Schliesser
- Re: A Splendid Example Of A Renumbering Disaster Pete Resnick
- Re: A Splendid Example Of A Renumbering Disaster Cameron Byrne
- Re: A Splendid Example Of A Renumbering Disaster Pete Resnick
- Re: A Splendid Example Of A Renumbering Disaster Sabahattin Gucukoglu
- Re: A Splendid Example Of A Renumbering Disaster Paul Wouters