[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
The Department of Work and Pensions, UK has an entire /8
On 20-Sep-12 20:51, George Herbert wrote:
> On Thu, Sep 20, 2012 at 5:13 PM, Stephen Sprunk <stephen at sprunk.org>
> wrote:
>> Actually, they're not any different, aside from scale. Some
>> private internets have hundreds to thousands of participants, and
>> they often use obscure protocols on obscure systems that were
>> killed off by their vendors (if the vendors even exist anymore) a
>> decade or more ago, and no source code or upgrade path is
>> available.
>>
>> The "enterprise" networking world is just as ugly as, if not
>> uglier than, the consumer one.
>
> I haven't worked much on the commercial private internets, but I did
> work for someone who connected on the back end into numerous telco
> cellphone IP data networks.
>
> For all of those who argue that these applications should use 1918
> space, I give you those networks, where at one point I counted
> literally 8 different 10.200.x/16 nets I could talk to at different
> partners (scarily enough, 2 of those were "the same company"...).
> And hundreds and hundreds of other space conflicts.
That's all? I consulted for one customer that had several (six?
eight?) instances of 10/8 within their own enterprise, simply because
they needed that many addresses. That doesn't include the dozens of
legacy /16s they used in their data centers--plus the hundreds of legacy
/24s they used in double-sided NAT configurations between them and
various business partners, COINs, etc.
Yet all that was exposed to the consumer internet was a couple of /24s
for their web servers, email servers and VPN concentrators.
> Yes, you can NAT all of that, but if you get network issues where
> you need to know the phone end address and do end to end debugging
> on stuff, there are no curse words strong enough in the English
> language.
That's the truth. To get from a credit card terminal to the bank
involved _at least_ three layers of NAT on our side, and I don't know
how many layers of NAT there were in total on the bank's side, but it
was at least two.
S
--
Stephen Sprunk "God does not play dice." --Albert Einstein
CCIE #3723 "God is an inveterate gambler, and He throws the
K5SSS dice at every possible opportunity." --Stephen Hawking
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2312 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20120921/01e37535/attachment.bin>
- References:
- The Department of Work and Pensions, UK has an entire /8
- From: eugen at leitl.org (Eugen Leitl)
- The Department of Work and Pensions, UK has an entire /8
- From: jeroen at unfix.org (Jeroen Massar)
- The Department of Work and Pensions, UK has an entire /8
- From: mysidia at gmail.com (Jimmy Hess)
- The Department of Work and Pensions, UK has an entire /8
- From: randy at psg.com (Randy Bush)
- The Department of Work and Pensions, UK has an entire /8
- From: eyeronic.design at gmail.com (Mike Hale)
- The Department of Work and Pensions, UK has an entire /8
- From: owen at delong.com (Owen DeLong)
- The Department of Work and Pensions, UK has an entire /8
- From: goemon at anime.net (goemon at anime.net)
- The Department of Work and Pensions, UK has an entire /8
- From: marka at isc.org (Mark Andrews)
- The Department of Work and Pensions, UK has an entire /8
- From: goemon at anime.net (goemon at anime.net)
- The Department of Work and Pensions, UK has an entire /8
- From: a.harrowell at gmail.com (Alex Harrowell)
- The Department of Work and Pensions, UK has an entire /8
- From: stephen at sprunk.org (Stephen Sprunk)
- The Department of Work and Pensions, UK has an entire /8
- From: george.herbert at gmail.com (George Herbert)