Is the Internet Shutting Out Independent Players?

ikekrull asks: "After looking to see how I could set up my company's LAN to be multi-homed ^? , I found that it would be next-to-impossible for me to do this. 'Providerless' IP addresses are no longer allocated to anybody in this part of the world (New Zealand) by APNIC ^? , unless you meet requirements (financial and political) that are pretty much unmeetable by anyone but a large ISP. Does this put control of the entire internet further and further into the hands of large corporate players, and and is anyone particularly interested in changing this situation?"

"ISPs aren't advertizing routes for competing ISPs, and since IP blocks are heavily filtered upstream, this won't do much good anyway. The reasons for this are clear (Routing table growth was getting way out of hand), hence the introduction of CIDR ^? , and the allocation of IPs to ISPs, with a resulting lockout on availability of routable IP space to individuals or smaller groups.

With the availabilty of IPv6, and the cost of RAM, I find it somewhat hard to believe that either IP address blocks are scarce, or that the size of routing tables are unmanageable any more. This might have been true with an 8MB Cisco 10 years ago, but surely it would be a negligible cost to put 1-2GB of RAM on even a reasonably budget router at todays prices.

Obviously, IPV6 isn't really here yet, but i would like to think that when (if) it arrives, we will see a more open routing system.

Is anybody working on returning some kind of equal standing to 'the little guys' when it comes to internet routing infrastructure, and how a more 'open' system could work in practice on tomorrow's (or today's) internet?"

You can buy multi-homed connections.

[sulli]

At least in the states - my employer (AT&T) offers multi-homed and backup connections at T1 speed and above. (Routing is via BGP4.) You need to accept IPs from one ISP or another, so they're not really "yours," but it still works. I presume Aussie ISPs do the same thing, but I may be wrong.

Re:You can buy multi-homed connections.

[FatRatBastard]

You just called a Kiwi an Aussie... [gulp] its going to get mighty ugly ;)

Re:You can buy multi-homed connections.

[coko]

it is indeed difficult to obtain your own "private" block, but you can definetely become multi-homed using non-portable block(s) from one of your ISPs. Just make sure you notify all your upstream providers of the netblocks you have been assigned, that way they will not be filtered by BGP ACLs..

jorge

Re:You can buy multi-homed connections.

[barnaclebarnes]

Australia is New Zealands West Island. get it right. ;)

'Just how much can Koala Bear'

Re:You can buy multi-homed connections.

[Brainless]

The company I work for has IP's assigned from a few of the major US networks (CW, UUNet, etc) and we have BGP4 to allow any of the IP's assigned to us to use any of our backbones. This can cause problems with peering of backbone providers and has caused a few headaches here.

CW recently changed their structure so you can tell them how to advertise your networks to their peers. This resolves most of the problems we have had with multi-homing.

Keep in mind we are a fairly small network with under 100 routing/switching devices on our network. So to say it can not be done means it is time to hire a new network admin.

Re:You can buy multi-homed connections.

Somehow i think the `read rest of comment` link isnt going to get clicked on - time to get a life?

Re:You can buy multi-homed connections.

[Back to the living room, ROGERS gets the tape.]

ROGERS
Now when I eat peanut butter, I'll know about some of the people who helped to make it.

McFEELY
It takes people to make practically everything, doesn't it.

ROGERS
Yes, that's why so many people go to work.

McFEELY
I have my speedy delivery work, and you do you're television programs.

ROGERS
Yeah, that's right. Takes people to make all sorts of things.

McFEELY
Away, and at home, too. I uh, better get back to my speedy deliveries, I have more pickups and deliveries.

ROGERS
Good, would you mind taking that back to the library?

McFEELY
I'll do it, if you, will, sign right here on the dotted line for the pickup and delivery. [getting clipboard out of his sack]

ROGERS
[signing] Of course. I appreciate your work, Mr. McFeely.

McFEELY
An' I appreciate your business. You're one of the ones who pays Right Away, an' it certainly helps us!

ROGERS
[walking with McFEELY to door] Please give my best to Mrs. McFeely.

McFEELY
I'llll do that, we'll seeee you around the neighborhood.

ROGERS
Thank you again.

McFEELY
You're welcome! Speedy Delivery. [leaves with a wave]

ROGERS
Bye. [shuts door and turns to us, stopping at the bottom of the stairs] Isn't that interesting? Seeing how people make things like peanut butter? Of course most of it depends on growing the right kind of peanuts, an' finding the best ways of using them. Let's have some make-believe. [sits by trolley area]

[Trolley's theme music as Trolley comes out the wall and around the bend, stopping by ROGERS, tooting.]

ROGERS
(Hi Trolley.)
[to us] There's a factory in the Neighborhood of Make-Believe, that we often think about. Do you know who it is who manages that factory? Cornflake S. Pecially. An' do you know what he usually manufactures? Rocking Chairs, that he calls, "Rockits." Why don't we make-believe something about Corny and his factory today? As the trolley goes into the Neighborhood of Make-Believe.

Re:You can buy multi-homed connections.

Hey, full disclosure and all. It's on my web page anyway, anyone can figure it out. Flame away!

Re:You can buy multi-homed connections.

I guess it must be New Zealands West Island since it does have the largest population of New Zealanders. How about that Tri-Nations cup eh?

Re:You can buy multi-homed connections.

[Cramer]

Actually, it's slightly more complicated than that. The provider(s) will be announcing their CIDR block (/20 or larger) to their peers. If you get the backup provider to announce a /24 (or anything smaller than the CIDR block) that will become the default preferred path -- longest prefix rule. So, everyone involved has to announce your tiny segment. (I find it to be a major pain in the ***.)

ARIN is very clear on the matter. /24 is the smallest block of addresses for doing multi-homed BGP. However, only /20 and shorter can be expected to be globally routable -- Sprint will be the most likely problem.

Re:You can buy multi-homed connections.

[Xenex]

New Zealand: Because Australia needs a Canada too.

:P

Just make one up.

Here - 217.53.98.174 - doesn't seem to be responding; use that one.

Re:Just make one up.

[mauddib~]

Hey! Thats my IP!

Re:Just make one up.

[eMilkshake]

Neither does 192.168.10.73 -- in fact, you could have all of 192.168.10!

Re:Just make one up.

[Casca]

Better yet, while trying to prove to a manager that some of our NT (MCSE) admins don't have a clue, this was heard:

NT guy: "Somethings wrong with the network, I can't access my share drive."

LAN guy: "Can you ping your default gateway?"

NT guy: "What address is that?"

LAN guy: (mumbling something about bodily functions and low SAT scores) "Its 172.358.44.261"

NT guy: (remember, he passed Microsofts TCP/IP course) "Nope, it doesn't respond."

Re:Just make one up.

Yours is 130.89.203.50

Re:Just make one up.

[rikkards]

Even better use NetBeui then you don't need to worry about IP Addresses!

Re:Just make one up.

[Yorrike]

Either that or IPX.

uhm...

The person that wrote this has 0 clue of what's involed with routing. He needs to go read books before submitting stuff like this.

"just add a gig or two of ram to a cisco router"
hahahaha

Also, IPv4 is running out of IP's. Plain and simple. Therefore, these IP's need to be given to people that have a clue what to do with them and not piss them away. I work for a major webhosting company and we have to fight for our ips everytime we need more. It's getting harder and harder for us. Luckily we own our entire Class B now, but I know soon a time will come when we dont... heh

Research before whining to /.

Re:uhm...

[jayhawk88]

You mean routers won't take PC133? ;)

Re:uhm...

[GLX]

Actually, funny enough, the Cisco c3660 does... Just gotta make sure they're parity :-)

Quick, easy, dirt cheap way to add 256mb to those boxen :)

Re:uhm...

[samyool]

Let's not forget the tens of thousands of nodes running on private IP addresses, and proxying or NATing to get out to the big I.

I'd imagine that, if these nodes were figured into the numbers, we'd find that there are more hosts than addresses under the current IPv4 system.

One way of reducing the number of unused addresses in a range is by assigning ranges to ISPs rather than to individuals. Then, at least, a few more nodes can be milked out of IPv4 before it runs completely dry!

Re:uhm...

[ZoneGray]

I was hired once to supervise a Windows admin who used a private class B for everything... we were on 172.x.x.x addresses, which allowed for 16 Class B's. So we had a class B for our main office (70 nodes), a class B for the branch office (15 nodes) ... a class B for the colo (6 nodes)... a class B for each VP's home PC.... say what?

He was convinced that they'd be faster if we didn't subnet 'em.

Re:uhm...

[boog3r]

you are a webhosting company and you need a /16?

holy crap! have you guys ever heard of http1.1? the reason you have such a hard time getting ips is that arin wants to cut down on webhosting companies that do not use http1.1.

i have to agree with arin on that too, with correct dns handling, http1.1 is a very viable method for webhosting and reduces both need and use of ip addesses.

btw, ipv4 is not exactly running out of ips soon. the ips are still there. they are running out of _allocatable_blocks_ of ips. if you look at the lower networks (4.0.0.0/8 is one) the utilization of ips is horrendous. older companies and organizations have been camped on huge amounts of ip addresses for the last 10-15 years. if arin bit the bullet and forced these internet first-comers (and heavy wallets) to relinquish ip space we would see the 'ipv4 crisis' go away.

like you said, "Research before whining to /."

Re:uhm...

148.164.x.x Is availible...

Re:uhm...

[BeBoxer]

Well, the lookup part should be doable. It's entirely reasonable to keep a route for every single possible /24 route in an array. Not any fancy CEF lookup table or B-Tree or anything fancy. Just allocate an array for every single /24. There are only 16M of them! Let's say you need 64 bytes per route to keep the state you need (next hop, outbound interface, route source, timeout, etc.) and you are only using 1GB of RAM! 1GB of DDR RAM is worth less than the power cords for a high end router. In fact, I think it will be realistic to store host routes for all 2^32 addresses within a few years. Sure, 512GB or so seems like a lot of RAM today, but 512MB seemed like a lot only a few years ago.

Getting rid of the larger net blocks will make better use of available address space not worse. The addresses are not being 'pissed away'. From an allocation point of view, if I have a /24 it doesn't matter if I got it from ARIN or from my ISP. A /24 is being used either way. Any ISP that's going to last is going to sit a on significant portion of it's allocated addresses for future growth. I would argue that the waste involved in every major ISP keeping it's own 'reserved' pool is greater than the waste involved in having only ARIN keep a 'reserved' pool and allocate /24's out dynamically. Hell, you admit yourself you are sitting on a /16! How much of that is actually being used by cusomers, and how much is being 'pissed away'? It's just like older MacOS where each application had a fixed amount of memory allocated to it. It lead to huge amounts of waste as each app had to have memory allocated for the worst case scenario. This is like today where hugh fixed chunks are handed out to ISPs to manage. They are all going to sit on a bunch of unused space 'just in case'. On the other hand, any decent OS allocates memory out a page at a time on demand leading to better use. The same could be done with address space. Give each organization the /24's it needs. If they are not using them, yank them back.

Now, whether or not BGP can keep up with all the updates is a different story. But with the vast amounts of bandwidth between core routers and GHz processors cheaply available, I think a box could be built to handle it. Especially given that most routing is done by ASICs and the CPUs sit around at 2% utilization most of the time.

Re:uhm...

[AaronW]

PC133 RAM is only part of it. As a developer of routers I know of at least several methods for storing the routing tables in the data path.
High-end routers do not use DRAM due to its high latency. DRAM works well for localized access, but is terrible for random access. In this case, SRAM is used. Now for routers, it is likely that Content Addressable Memory will be used. The largest CAMs I am aware of are 9Mb (megaBITS) and the largest ZBT SRAMS currently available are 36Mb (4MB). Granted, multiple chips can be used, but only so many chips can be placed on a memory bus before loading becomes a factor. A 133MHz bus can only have so many chips connected to it.

A high-end router today should be able to store upwards of 1,000,000 routes. With IPv6 this becomes far more difficult due to the 128 bit length of the IP addresses.

Also note that a router does a longest match lookup. Some use a hash table and populate entries when there's a miss by using the slow path, but even that becomes difficult since you don't want too many collisions.

Re:uhm...

[AaronW]

A fast router typically will not use DRAM due to the high latency involved in the lookups. There's also more to it than just looking up the destination address and forwarding. There's also access control list (ACLs), multicast routing, and so on which do not work in your scenerio. Also, how long does it take to populate a class A route into the table? There's also overlapping routes and source routing as well.

I'm sorry, but routing is often not as simple as just looking up the destination address and forwarding the packet, especially when you're trying to do this to 10+ million packets/second.

I'm working on a product now that handles well over a million packets per second and has to perform some rather complex routing, besides handling many different encapsulations and mapping each source to a potentially different routing table (there can be multiple routing tables internally).

Re:uhm...

[GiMP]

I personally like Virtualhosts and http/1.1, of course my clients have a much different idea. We have server using thousands of ips, on for each webpage hosted on the machine. Why? because ignorant business owners (clients) want it.

These people go, "I'm sharing what with who?" and decide they need their own IP address. Whats even worse, IMHO are those who run shell boxen and need an IP address for every person because they want to have reverse dns on IRC.

At work, I must admit it is nice to have an IP address for each of my servers.. but really, I should setup NAT. Why should I waste IP address space for a laptop?

I really think hosting companies should tighen up on ip usage more. Of course, they offer them and people will keep buying them as long as their clients beg for them.. even if they don't really need it.

Re:uhm...

is it just me, or did you just say you think there are more than 4 billions hosts on the internet? that's almost one host for every person in the world.

Re:uhm...

[NoBeardPete]

Here's an example of the kind of ridiculousness that results from some institutions having lots of IP addresses. I'm a student at MIT, which has all of net 18. I've been the network administrator for my fraternity for a couple years, which uses all of 18.216.xxx.xxx. That's right, we've got some 64k IP addresses, of which maybe 60 are assigned, and 40 actually point to a running computer. That means %99.9 are being wasted.

Re:uhm...

[carlivar]

And to think that I thought MIT was full of smart people (the administration that is, not you).

Carl

Re:uhm...

[BeBoxer]

Good points, but I think they are doable. ACLs: not a problem since they are separate from the forwarding decision. Multicast is not a problem either. You have 64 bytes of state. You could easily keep a pointer to an OIL (as Cisco calls them) for a multicast route. Adding a class A would involve writing 4MB of memory to the table. I don't think the delay there would be show stopper. When you say overlapping routes, you probably mean accepting the same route from two different BGP peers? Well, usually only one would be put in the actual forwarding table. Again, with 64 bytes of state you could easily list two or three interfaces to round-robin if you want to do that. By source routing, you mean when the source supplies the route in the IP header? That doesn't use the routing table anyway so it's a moot point.

You mention latency to the DRAM as a possible problem, but sufficiently sized L1 or L2 SRAM caches should deal with this.

As to multiple routing tables, I assume you are talking about using them for policy based routing. Having multiple distinct tables is only one way of doing it. The access list could also be applied after the forwarding decision had been made. One possibility would be to have the access list choose one of several next hops which are all stored in the 64 bytes of space you set aside per route

I'm not saying that it would be trivial to build such a box, but I think it's entirely doable. The details of making it work well would be the same details you run into with any router design. Memory has become practially free. There isn't any reason not to leverage that fact. It's a standard tradeoff in CS that you can optimize for either memory or CPU and trade off one versus the other. Putting routes in a big array wastes memory, but saves time because lookups are O(1) instead of the O(n) or O(ln n) or whatever your favorite data structure is. There is every reason to believe that such a router should be faster than a traditional one which keeps routes in a more complex data structure.

Re:uhm...

[b0r1s]

someone should probably find a way to fix that ....

I work for the unix dept. at the claremont colleges (just outside of LA), 7 schools (averaging about 800 students each), on a single class B.

Re:uhm...

[psamuels]

I work for the unix dept. at the claremont colleges (just outside of LA), 7 schools (averaging about 800 students each), on a single class B.

134.173.*.*, yeah baby. I remember sittin' at Mudd back in '93 sort of feelin' sorry for all those latecomer colleges that had to make do with multiple class C's. (:

Re:uhm...

[davew]

Without debating the whys and wheres of the rest of your post, let me take issue with this statement:

Now, whether or not BGP can keep up with all the updates is a different story. But with the vast amounts of bandwidth between core routers and GHz processors cheaply available, I think a box could be built to handle it.

See, you've just fallen into the exponential trap. Take a look at this:

• Assertion: The biggest cost in internet routing is not the size of the routing table (==RAM).
• Assertion: The biggest cost in internet routing is the quantity of updates to the routing table (==CPU)
• Assertion: The rate of increase of updates to the routing table is greater than Moore's law

If these three statements are true - and I think they are easily verifiable - then...

• Conclusion: The rate of updates to the routing table is growing at a faster pace than CPUs can be built to keep up.

...and alternate methods must be found to solve the problem.

Dave

Re:uhm...

[Cramer]

s/parity/ECC

It'll run with "regular" (read: cheap ass crap) memory. I ran a 7206VXR with "Mighty RAM" for a few days (it's was an intentional joke.)

Cisco has finally realized custom memory modules aren't worth it. (Kingston will clone it anyway.)

Re:uhm...

[Cramer]

They would still be in the BGP table(s) -- which are far more costly (on the order of KB per entry instead of bytes) and BGP routing maint. on such huge tables would become a problem.

Re:uhm...

[bzbb]

Univeristy of Connecticut has 137.99.*.* netblock.
Most likely more then we need.

Re:uhm...

[samyool]

by the time you include infrastructure as well? I maintain my original position that it's pretty close.

You've got to pay to play

Having a multi-homed network is extremely stressful on the rest of the Internet, and you're going to have to pay for the privilege.

Yes, routers have gotten a lot more advanced, but if every Tom, Dick, and Harry wants to have their own APNIC-assigned IP block, it is going to cost a lot of money for the backbone providers and everybody else to accomodate the routing tables. Unless you're big enough to make a reasonably large dent in their bottom lines, they aren't going to care about making you happy because it's just too damn expensive. (And guess who would wind up paying for your pleasure? Every user of consumer-grade connections, that's who.)

You should be quite satisfied that you can even get high-speed connectivity (not to mention, connectivity from multiple providers at once) where you're at. Here in the USA, the most technologically advanced society in the world, it's difficult if not impossible to get *any* high speed service outside a major metropolitan area. Before my cable monopoly upgraded its network, I couldn't get any service at all that wasn't long distance dialup.

My advice to you: count your blessings, and find a different way to solve the problem.

Just my 2c.

~wally

Re:You've got to pay to play

[quietlysubversive]

viewed macroscopically, it is. deal.

Re:You've got to pay to play

[TelcontarX]

*LoL* the USA is the most technologically advanced society in the world?? USA is so far back on lots of areas they hardly qualify as a technological society at all. Sure there are lots of high-tech stuff going on at NASA, Pentagon, MIT, etc. but the SOCIETY is very low tech. In Norway about 80% of all youth aged 16-25 had their own cellphone in 1999. Can you find statistics showing the same numbers for the US ? In Norway you can also get high-speed internet connections almost everywhere, including very rural areas, but of course with a larger choice of services in the urban areas. Statistics from http://www.ssb.no/samfunnsspeilet/utg/200006/Fig6- 5.shtml

Re:You've got to pay to play

> Here in the USA, the most technologically advanced society in the world

USA über alles! Infinite Justice!

Re:You've got to pay to play

Good troll.

No compare land mass.

Consider the cost of setting up a cellphone network to provide continuous cross country coverage.

Consider the cost of setting up high speed access across country.

Just cause Norway is small, it is simple to get % wise much better cell coverage and use and better broadband on average.

Your argument did not refute his statement, whether or not it is correct.

Re:You've got to pay to play

[Suppafly]

norway is also a small enough country that the "rural" areas aren't nearly as far away from cities as the rural areas in the US...

Not to mention that you can get high speed internet anywhere in the US.. you just have to be willing to pay for a satelite.

Re:You've got to pay to play

You should be quite satisfied that you can even get high-speed connectivity (not to mention, connectivity from multiple providers at once) where you're at. Here in the USA, the most technologically advanced society in the world, it's difficult if not impossible to get *any* high speed service outside a major metropolitan area. Before my cable monopoly upgraded its network, I couldn't get any service at all that wasn't long distance dialup.

We're talking of real connections here, not personal high speed access. You can get ds1 and ds3 service just about anywhere in the country. I know I have personally worked on lots of pops that are in backwoods, USA.

-Belial

Re:You've got to pay to play

[skelley]

"Here in the USA, the most technologically advanced society in the world".

I think you mean Finland.

Re:You've got to pay to play

[TelcontarX]

Are you aware of that the north/south length of Norway is the same as the distance from the north of Denmark to the south of Italy?
And these statistics are almost equally valid for both Sweden and Finland as well. And when the distance limit of a service is reached, it doesn't really matter if it is 50km or 1000km away...

And compared to US cities we have at most one, maybe two or three real cities in Norway. So the northern tip of norway is just as far away from a city as many places in the US. Of course there is a cost to getting highspeed access in every valley, some places even satelites are not accessible due to terrain...

Re:You've got to pay to play

[Rogerborg]

• Before my cable monopoly upgraded its network, I couldn't get any service at all that wasn't long distance dialup. My advice to you: count your blessings, and find a different way to solve the problem.

Wait... do you think that your cable monopoly upgraded its network because:

• A: You sat on your arse and counted your blessings.
• B: You, or people like you, kept asking and expecting more from them.

No, I don't think counting your blessings is a particularly useful way of dealing with this issue long term. It's been my experience that whining and griping like a spoilt bitch is the only way to get action. The very same people who will berate you for doing that will be the first ones to jump onto the new services that you help to create through your demands.

Re:You've got to pay to play

How does having your kids with cellphones make you more technologically advanced? Anyone in the US can get a cellphone from a variety of providers, a lot of parents are just not stupid enough to get their teen a phone.

Our corporations comprise the greatest portion of the internet, and nearly all of the world's news and content comes from the US.

Our universities are the best in the world. MIT, Stanford, Cal Tech, etc are unequaled outside the US.

In the US you can get a residential highspeed internet connection just about anywhere, thanks to satellite.

The US SOCIETY has given more in the order of technology to the world than Norway, or any other country. Take your anti-americanism and shove it, its nothing but bullshit.

Re:You've got to pay to play

[Golias]

Are you aware of that the north/south length of Norway is the same as the distance from the north of Denmark to the south of Italy?

And yet it's still to small to park Ameica's cars on it.

The reason why most American's don't have cell phones is not lack of availability. We have dozens of digital network providers fighting for the chance to put a shiny new motorolla in our hands. It's because our land lines are so fantastically cheap to use (per minute charges: zero) that nobody wants to bother with the cost of a mobile phone unless they absolutely, positively need it... and most people don't.

Re:You've got to pay to play

[Frank+T.+Lofaro+Jr.]

Didn't Iceland have the highest Internet usage per capita?

Re:You've got to pay to play

[operagost]

USA is so far back on lots of areas they hardly qualify as a technological society at all.

I'm not sure how you got a +1 instead of a -1 Troll for this one. I mean really, you can't estimate the technological status of a country based on its broadband and wireless penetration. First off, most teenagers have had pagers here since the early 90's. With the quantity of payphones available, pagers were and are very useful. The penetration of wireless phones is still fairly low here because of the size of the country (much bigger than yours, with many areas of low population density) and because we actually picked up on wireless a little TOO EARLY. We're stuck with a huge analog base, and a half dozen incompatible digital systems. We don't have a heavily socialist government like yours where we can force corportations to settle on one standard. This brings me to broadband: yeah, same problems. The US government doesn't own the phone systems, and doesn't heavily regulate them, so they are dragging their feet as much as possible. The aforementioned low population density causes problems as well. A bad thing? Only if you prefer spending more time in cyberspace than meatspace.

Re:You've got to pay to play

[donutello]

Good troll.

The fact that Norway has a high percentage of cellphone users is not because of any technological advancement but rather the lack thereof.

The reason Norway and some other countries like Australia, etc have such high cellphone usages is because the land-based telephone systems in those countries SUCK. Here in the US, you're pretty much guaranteed a good connection wherever you live without having to wait in some queue to get it. Also, local calls are free. Calls to your ISP are free. You don't pay per minute just to use the internet via dialup.

There was no great compelling need for cellphones and high-speed internet in the US and that's why it's not there yet.

Also, the US had some of the earliest cellphone networks - which explains why we are stuck with older technology protocols on them.

Re:You've got to pay to play

[Walter+Bell]

Bad comparison. There's a big difference between AT&T Cable upgrading the network in my area to support internet access for thousands of customers (and compete with the Baby Bells, in most cases), and the entire rest of the internet upgrading its hardware to support a couple of people who want to be multi-homed on a shoestring.

Count the beneficiaries and you'll see why small entities won't ever be multi-homed. Same reason why so many of us Linux users are still @home customers, despite the fact that they block most of the useful inbound ports.

~wally

Re:You've got to pay to play

[Haeleth]

Presumably you have extensive experience with the Norwegian telephone network? And you have spent a considerable time working in an Australian call centre? You speak as though you do. I do so hope you aren't merely repeating bigoted rumours.

You might as well say that America's adoption of the automobile was because of a lack of technological advancement - you didn't have very sophisticated wagons. Oh, funny, I do think you'd probably beg to differ. How odd.

America has the world's most advanced military. Don't confuse that with other areas, in many of which you are backward. Sorry, but you are.

Re:You've got to pay to play

Take your American Nationalism and shove it. Nearly all the world's news comes from the US? Sure, but only because we're constantly laughing at your ridiculous politicians, and weeping at your stupid greed, your vanity, and your curious habit of murdering children in the third world. Nearly all the world's content? Bullshit. It may amaze you to learn that there are people making movies outside Hollywood, and that they're better at it. It may amaze you to learn that there are actually countries in the world that don't speak English. You probably weren't taught such things at your "schools".

Unequalled universitys? Hardly. Heard of Oxford, Cambridge, Imperial? They're older than your fucking country, and easily the equal of your universities - particularly considering that English universities are state-funded, instead of charging ludicrous fees.

All the US has given us is nuclear bombs. Switzerland gave you the Web. Japan gave you economical cars and cheap microprocessors. Linux is a European innovation.

I'm not surprised you posted as AC. Even you must know that your post is nonsense. I pity you.

Re:You've got to pay to play

I'm afraid that your universities are not *that* good, there are plenty of places right up there,
I know at least for Computer Science. Get your head out of your ass. Can you name someone of the well known universities outside the US, or are you Just Another Ignorant Yank?

Re:You've got to pay to play

[Deflatamouse!]

Well, when I go to a crowded place, every kid I see *has* a cell phone here in the U.S. The main reason is because 'it is cool' for them to have a cell phone. Guess if they don't, they will be considered 'antisocial'. But do they really need it? Not really.

Personally I do not own a cell phone, because most of the time, there's a phone where I am. At home... at work... or hanging out with my friends (they have cell phones). So I don't really need one myself...

Using the % of youth having cell phones as a measure of technological advancedment is pretty inaccurate. Perhaps the percentage is so high in your country because it lacked a real infrastructure...

Re:You've got to pay to play

[poot_rootbeer]

Having a multi-homed network is extremely
stressful on the rest of the Internet, and you're going to have to pay for the privilege.

Whatever happened to eliminating single points of failure? Did that philosophy die out with ARPAnet?

You should be quite satisfied that you can even get high-speed connectivity (not to mention,
connectivity from multiple providers at once) where you're at. Here in the USA, the most
technologically advanced society in the world, it's difficult if not impossible to get *any* high
speed service outside a major metropolitan area. Before my cable monopoly upgraded its network, I couldn't get any service at all that wasn't long distance dialup.

Well, that's residential internet access... if you've got the money to pay for commercial connectivity, you'll have more options.

Re:You've got to pay to play

[mj6798]

Land-based phone systems in European countries are technically excellent. Of course, European phone systems do charge by the minute. I don't see that as a disadvantage, however. Flat pricing models in the US cause all sorts of problems for phone companies and ISPs and they should never have been introduced. Flat pricing only makes sense if the cost of itemized billing is higher than the cost imposed even by heavy users of the system. Otherwise, light and average users subsidize heavy users.

The US, too, has a good wired phone network. But it was created by a large, deliberate monopoly that could design in some coherence. High speed Internet access and cell phone systems in the US, however, "SUCK", to use your words. That's not because the US got it first, but because market forces cause companies to rush to market with multiple incompatible systems prematurely.

Re:You've got to pay to play

[jhunsake]

We (the US) can kill you. You (Eurotrash?) can't kill us. Thus, we can win any argument if its important enough to us. Follow the logic, or do we have to stuff a 15,000lb bomb up your ass?

Re:You've got to pay to play

[mj6798]

Here in the USA, the most technologically advanced society in the world, it's difficult if not impossible to get *any* high speed service outside a major metropolitan area.

I'm not sure whether the first part of your sentence is an attempt at irony or reflects an actual belief. In the US, you can get the most high-tech gadgets if you are willing to pay for it and put in the effort. But US society on average is pretty low-tech and relies on pretty outmoded technology, in just about every area of life. In part that's because Americans can get away with it (if energy is cheap and homes are large, for example, you can live with inefficient and bulky appliances), in part it's because the government is reluctant to set high-tech standards.

The US free-market approach doesn't work for communications networks: the average and short-term market forces determine what you can get at any price. If your cable provider only wants to sell you MSN-tied-in asymmetric marketing-driven pseudo-Internet-access because that's what 95% of the US population is satisfied with, then that's the only thing you are going to get at any reasonable price.

Re:You've got to pay to play

[Trifthen]

Also, local calls are free.

Ahahaahahahah! Evidently you've never lived in Illinois, or known anyone who has ever done so in their entire lives. Illinois has a surprisingly backwards mishmash of private networks that each need a small fee to provide use of their lines. Due to this, every call you make, local or not, costs $0.05 at the bare minimum.

Even Iowa has a better phone system. How sad is that? Illinois also doesn't recycle or use Ethenol in their gasoline. That's just one example of how even a single state of the US can vastly differ from the rest. I won't even touch city government with a 100 meter poll. Each state is almost its own country loosely associated with a larger federal control for the sake of simplicity and cooperation between states. But just from one side of the Mississippi to the other, even if you only move three miles from Iowa to Illinois, and Sweet Baby Jesus the red tape that is required to complete said move is insane.

Insurance up $400 a year. State taxes down $600 a year. New drivers license, new registration, vastly different system handling both. Etc, etc, etc. All because I moved three freaking miles!

There are very few things you can say that actually apply the the US as a whole. The shitty antiquated adherance to state-based system ensures that. We're essentially a bunch of separate countries that believe in the Constitution and Bill of Rights with a few federal mandates thrown in for good measure. Aside from that, lots of federal level things are overridden, very few things are similar, and every state has a bunch of different old laws that no longer apply to current society.

Now, take a company, or a bunch of companies, that instead of spreading across one state (European country) tries to spread across multiple states with the goal of covering the entire God Damn continent (Europe.) The guy is right about us, but for the wrong reasons. There very well may be specific states that smack Holland around, but as a whole, we aren't really all that far from Europe as a whole. Except for one thing. Since they actually are separate countries, they have better concentration on desired goals than any of our individual states could muster. If the US wanted to do that, they have to first push it past the various branches of government and push it down to all the individual states as well. With things that can't be federally mandated, that's almost a pipe-dream. We're a slug. But we're a big slug on a skate-board. We'll get there... eventually.

Besides, it doesn't matter anyway. Japan kicks the rest of the world's ass as far as technology is concerned. Their country is about the size of California. They're nimble, small, and able to kick our sorry asses in almost every facet of innovation. They scrapped an entire cell-phone system in three years in favor of something better. We'd never put up with that here. Even their corporations change business focus before resorting to layoffs. (Note the company that changed from producing ice-breaking ships to indoor skiing and beaches using the technology they already had for making ice and creating waves.) Here, we slog around, and fire as many people as humanly possible as slaves to the stock market.

All I have to say is that the type of overhead you're dealing with (government, business, land size, etc.) can vastly affect the speed of saturation of new technologies. Countries with a focus like Japan or Holland will slap us around like you wouldn't believe because they just have an insanely smaller amount of uncooperative roadblocks along the way.

But you already said that. No compelling need. We're so individualistic, no part of the country has the kind of focus necessary for much forward movement. We seem to like lateral development better. We're a jack of all trades, master of none. That's probably how it will always be. There's nothing wrong with that, but it also means all of these smaller countries will kick our ass on something for a while before we get around to doing it too.

Live with it. ^_^

Re:You've got to pay to play

Even personal high speed access is widely available. I know people in bass-awkwards farming communities in the middle of nowhere that can get 3Mbps cable access.

Re:You've got to pay to play

[shag_and_scooby_too]

Look, whichever country is the supercoolest in whatever way is up to debate. It is just funny that people get all bent out of shape arguing about it when really they have nothing to do with it. I didn't invent cellphones, or computers, or nuclear weapons. Did any of you? Are we arguing based on reason, or because that was the country we were born into?

Re:You've got to pay to play

[Bobo+the+Space+Chimp]

> It's because our land lines are so fantastically cheap to use (per minute charges: zero)

An excellent point. I nations that have, or recently used to have, no-competition national PTT coercive monopolies, cell phones are the way to go.

Ironically, in 3rd world and developing countries, they are the way to go, too, because wiring up a bunch of towers is a heck of a lot cheaper than wiring up every single building.

Also, in the US, as cheap as land line phones are, cell phones are picking up steam, too. I heard a statistic somewhere (someone can correct) where something like 30% of US homes no longer even had a land line phone account anymore, relying solely on cheap cell phones. 7 cents a minute, anywhere in the US, is doing pretty well.

Re:You've got to pay to play

Dumbass.

Movies aren't content. They're entertainment. And if you want to go down that road, 80% of the worlds entertainment is produced by the US.

Where does your weather come from? You think you produce and compile the raw data there... Nope, your weather providers purchase from one of 3 US distributors.

The ONLY other country that produces major news information of any sort is the UK. They have the BBC and Reuters. The US does the rest with CNN, NBC, FOX, AP, etc.

The US gave you the internet, without which the web would never be. The US gave you Mosaic, the browser on which all others are built.

The US' universities are unequaled. Especially for technology. MIT, Stanford, UCB are better for technology than the places you mention. I'll see Oxford, Cambridge, and Imperial with Harvard, Yale and Princeton, and raise Brown, Cornell, and Columbia. The world comes to the US to be educated.

Linux is a UN*X clone. Hmmm... letsee... where was that developed.

If it wasn't for the US, you'd be living with 1940 technology, and speaking German...

Re:You've got to pay to play

> Didn't Iceland have the highest Internet usage per capita?

Not only that, but I heard that, since people bath together in natural steam baths all the time, naked, that it's rather common for 15 year old males to be introduced into the carnal delights by the middle-aged neighbor ladies after everyone else goes home and they find themselves curiously alone...

Re:You've got to pay to play

[-douggy]

"Our universities are the best in the world. MIT, Stanford, Cal Tech, etc are unequaled outside the US"??

Imperial College, Cambridge in the UK and a whole host of EU unis

Re:You've got to pay to play

[donutello]

Idiot. I live in the US, but I'm not American. Don't assume I am.

And yes, my opinions are based on fact - as observed by me as well as by my acquaintances. The marginal utility of a cellphone over a regular phone is minimal in the US - the marginal cost (i.e. per minute charges, etc.) is high. The same is not true in the countries I mention. Australia's problem is because of the size of the country and the low population density, it is hard to deploy land lines all over the country. Cellphones are a much better solution.

The US has a very developed highway and air travel system - and that is because the rail network mostly sucks.

Grow up and try to observe things objectively instead of as one great penis-waving contest.

Re:You've got to pay to play

What an amazingly dumb assumption. What kind of an idiot would assume that someone who lives in the US is an American. Its almost like me assuming your a person, but for all i know i could be taking to some kind of above average dog. I take this into account, because i am not an idiot.

Re:You've got to pay to play

[TelcontarX]

And still the US is the most technologically advanced society in the world... because they don't want to have cellphones?

My point still stands.

Re:You've got to pay to play

[TelcontarX]

In fact India produces several times as many movies as Hollywood does every year. So again the US is not in the lead (they just think they are).

Weather data is produced locally in Norway.

The US universities may be world class, but they are not the only ones. And the basic level of education straight out sucks. Did anyone say multiple choice tests?

Last I checked the web was invented in switzerland. (not to sure tho, but please verify me, I don't bother to right now)

I don't really think german would be that bad, in fact it was german scientists that invented both the nuclear bomb, and the rockets you use for space exploration...

Re:You've got to pay to play

[TelcontarX]

Then what would you use to estimate the technological status?

Norway invented and implemented the NMT cellphone system, it is still in use due to superior coverage in rural areas. GMT was implemented as well because of the advantages it had in urban areas. Pagers were also introduced but was no hit because cellphones took the marked just a year or two later. The reason why pagers are widespread in the US is you didn't get cellphones fast enought.

Population density in Norway isn't exacly high, just check your atlas. Broadband is only from this year been regulated by the government, and the major telcorp have been private since the early nineties. That is before both the internet and the cellphone revolution.

Re:You've got to pay to play

[TelcontarX]

Oooh.. nasty one. land based phone services in Norway FAR exceeds the US ones, I've been to the US so I know. You are not just pretty much guaranteed a good connection. You ARE guranteed a good connection to a digital phone central. All the old ones have been replaced. And we have no such things as zones anymore, all calls inside Norway have the same price. And the government is evaluation to disallow per minute fee's of internet access, so everyone will have flat rate internet.

There is no compelling needs for internet or cellphones in norway either, except that users want to have them. And about the "early" cellphone networks, see my other post about the norwegian NMT cell phone system, with better coverage than GMT, and still in use. And its a really old protocol.

Re:You've got to pay to play

[TelcontarX]

You aparanly don't know what you are talking about, Norway have far better infrastructure than the US when it comes to phonesystems and broadband coverage, as well as cell phone systems. I agree it is not a good measure, but its just an example, one of very very many. I'm not saying Norway is the most advanced country, that would in fact be titled to Japan or Finland, or someone else. All I know is that it is definatly not the US (because we for one are better).

Re:You've got to pay to play

[sysop]

And yes, my opinions are based on fact - as observed by me as well as by my acquaintances. Australia's problem is because of the size of the country and the low population density, it is hard to deploy land lines all over the country. Cellphones are a much better solution.

What are you basing this on? Did you make those facts up?

In the 80's Australia had the world's most advanced phone system. Even today there is better coverage with copper lines than there is with mobile phones. Cell phones (actually we got rid of cells years ago, its all GSM and some CDMA now) aren't a solution at all in most parts of the country, specifically because of the low population density.

Australians like Mobile phones because they're convenient, and they work well because that's what we've come to expect from our phone system. There used to even be advertising on Australian TV where an aussie Tourist in the US finds the mobile phone system there so appalling when compared to home.

Re:You've got to pay to play

[TelcontarX]

Unfortunalty yes you comprise the greatest portion, and even more unfortunatly you make most of the News... one sided coverage have never been a good thing. Truth always looses.

And no your universities are not the best. They are top class, but so are many universities in Europe as well.

Highspeed access is availible through most of the western world. Again not just the US.

The US society have given more because they are so large. Per person they have not given much at all. Add everything Europe have given, and you can compare on a real scale. Saying an eagle is better to fly than a sparrow because it produces more feathers is not a valid comparison I think you'll agree.

And no I'm not anti america. I'm just anti ignorant americans thinking they are the best no matter what, because I know its not the truth. (neither are we for that sake)

Re:You've got to pay to play

Dumbass.

You really think you can start that shit? Guess what happens? EVERYONE gets killed. You included.

How many more terrorist attacks will it take for you fucks to work it out? You talk like you think your the only country with a fsking nuke. You're just AIY. The "Eurotrash" nations have more self control than your gung-ho US-of-A. Your little country needs to grow up and get over itself.

Hey Moderators - Can you say "INTERNATIONAL COMMUNITY"? Mod these flamebait off-topic posts appropriately.

Re:You've got to pay to play

[bryan1945]

"Land-based phone systems in European countries are technically excellent."

Ha ha ha ha ha!

I've had coworkers tell me the various ways they have had to bribe the phone company just to get a connection for their client. And after that, it works maybe 60% of the time.

The US is the leader in tech- we invent it, our rich folk use it, and then we give it to the rest of the world. Ok, Europe beat us on cell phones, whoopee dee f'n doo! When you re-invent the lightbulb, telephone, computer, and car, give me a call, ok?

Re:You've got to pay to play

[SectoidRandom]

On the flip side of that, your (AFAIK) mobile's are expensive. Correct me if im wrong, but the reciever of calls even pays some of the mobile call right?

Here in Aus mobiles are everywhere, obviously. Myself, I use alot for both work and play, i pay $100/month + tax, and basically get unlimited* calls! Well okay it works out to be about 5hours calls on average per month, not including FreeTime, which is basically completely free calls after 8pm and all weekends!

That would be one reason why we have so many mobiles here..

Re:You've got to pay to play

[donutello]

Do you stay up at night worrying about the contradictions inside your little mind?

today there is better coverage with copper lines than there is with mobile phones. Cell phones aren't a solution at all in most parts

aussie Tourist in the US finds the mobile phone system there so appalling when compared to home.

So what is it? Do your cellphones kick ass or do they suck? Or are you saying that your cellphones suck but are still better than those in the US?

I've traveled around in Australia - and I'm not talking 1980s, I'm talking 2000s and your local telephone system sucks. I was pretty much stuck with a cellphone if I wanted to make any phone calls.

Re:You've got to pay to play

[muzeke]

This is the type of Nazist attitude I hate.

It puts minimal amount of stress on routers to multihome network x to network y and network z. More effort goes into filtering garbage/unnecessary broadcasts from the tier below you. If they're properly configured with just the right broadcasting frequency, it shoud cause minimal stress, if at all.

Multi-homing is not a luxury that you should be forced to pay extra for. It is an integral part in holding the Internet together. Just think about it, unless you can multi-home, you'll just be limited to AT&T, WorldCom, UUNet, or another umbrella.

Finally, I don't know where you live, but in California, you can pretty much get any flavor of frame relay (not DSL or cable!!) in anywhere in Bumfuck, USA. It doesn't matter whether you live next to a F/R CO or 10 miles away, you pay the same price and you should be guaranteed access.

Luxury? No, that's the law set by the CPUC to level the playing field of the Internet. And that's with tangible products.

If ARIN or some other IP allocation organization is being dicks to the have nots while kissing ass to the haves, then they shouldn't be. It wasn't meant to be that way.

If you think that people should pay for any of this and/or that poor should just be content not being able to get it, you're fucking brain dead.

Re:You've got to pay to play

[zelyan]

Okay, so since you're not American, I'm not really surprised you got it the wrong way around. See the US has a very developed highway and air travel system, yes, but that's not the result of a bad rail network, but the cause. Loosely.

See the Great Depression was broken up (sort of) by the New Deal and WWII, the two of which combined to force the US to build infrastructure, especially roads, bridges, etc. We also trained a lot of pilots and needed something to do with them. And people, discovering the ease of driving travel, liked the idea of commercial air travel. All of which resulted, eventually, in the bankrupting of various rail agencies until finally, the Government gave a charter to a small company called Amtrak and said "make it profitable or die." Which is unfortunately all too well remembered by the Congress. Right now they're discussing with Amtrak whether it will ever be profitable on anything other than the Northeast Corridor (Washington DC to Boston). If they can't convince them, Amtrak may well go under. Then there will be no more long-distance passenger rail in this country (except, probably, Washington DC to Boston, which will be bought by someone, cause it's profitable). And that will be sad--a three day train trip across the country isn't the fastest way to get there, but it sure is one of the prettiest. And the Crescent train from New York to New Orleans, while it could be more comfortable, is one of the most fun trips ever. Especially near Marti Gras.

So support Amtrak! And don't claim the rail network sucks. It's bad mostly because we don't love it and don't use it. Take, for example, that Northeast Corridor, which is actually fairly good (not quite the German ICE trains, but pretty good). All because we use those trains.

Jeff

Re:You've got to pay to play

[Cato]

I don't know where you got your 60% figure from, but it's complete rubbish. At least in the UK, landline phones have excellent voice quality and almost never fail - last time I had a problem was 15 years ago, and BT has to compensate you for an outage over a certain amount. Europe is a big place - your figure may apply to Greece or Portugal, perhaps, but even there it's probably an exaggeration.

Europeans as well as Americans invented the computer (e.g. Charles Babbage, Konrad Zuse and the Bletchley Park people), but please don't let the facts on this and other technologies disturb your prejudices.

Re:You've got to pay to play

[bryan1945]

Don't get your panties in a twist- UK is pretty much on top of Europe in terms of tech, and wasn't Turing a Brit? I was just using broad generalizations about Europe, I know that some of the contries have plumbing and such (this, too, is a joke).

As for the computer stuff, I was referring to Gates, Jobs, and whoever made the Amiga (I forget). They kinda set the standard for consumer comps.

Re:You've got to pay to play

Well, India is the #1 producer of films but most americans don't see them since they only speak 1 language and refuse to see subtitled movies.

Re:You've got to pay to play

[Suppafly]

my friend gets similar service in the US for $35 a month and gets text messaging and some web crap free too..

Re:You've got to pay to play

Hello -- I worked at a (formerly) US Cell Phone company that also had significant European operations.

Mobile phone service was being sold as a luxury service here because they can. A large group of people are more than happy with their unmetered, reliable landline service and have no need to buy mobile service, unlike in Europe where apparently the national telcos are crappy enough that people have to use mobile service as their primary channels. (That's what the company thought -- I personally don't know if it's true.) The goal is to maxmimize profits over maximizing service coverage.

Anyway, within the last year or two, for the most part US mobile service has been priced about the same as landline service. Younger people are already using it as their primary phone. In 2 more years, there won't be any difference in market penetation between the US and EU, I bet.

Besides, every retard knows how to dial a phone (mobile or landline) -- therefore it's a pretty crappy indicator of technology adoption. So stop patting yourself on the back.

Re:You've got to pay to play

Can you say NATO? When you Eurotrash want to pay for your defensive armies, just let us know.

Re:You've got to pay to play

[david_bonn]

You should be quite satisfied that you can even get high-speed connectivity (not to mention, connectivity from multiple providers at once) where you're at. Here in the USA, the most technologically advanced society in the world, it's difficult if not impossible to get *any* high speed service outside a major metropolitan area. Before my cable monopoly upgraded its network, I couldn't get any service at all that wasn't long distance dialup.

So I suppose wireless networks don't count? I play BBC world service and radio 1 over the internet for several hours per day. Other than that, I get two radio stations, one of which just went out of business.

Fast wireless internet is available in a lot of places if you aren't so enterprising that you'd do it yourself. And doing it yourself won't cost you two weeks pay.

I'm in the middle of darkest America --50 miles from the nearest Wal-Mart or Pizza Hut. If you want real culture -- a decent university, a topless bar, a Pottery Barn, or a punk rock club with genuine graffiti on the walls you need to drive for four times that distance. I can't get a land-line for a telephone, and cable television is something that happens to other people. But I've got excellent line-of-sight and can hit a wireless ethernet repeater 18 miles away.

As for the main topic, I suspect one of the reasons they make it so hard for people to get providerless IPs and advertise routes is that one idiot loose in a BGP configuration can cause mysterious loss-of-connectivity problems -- not just for themselves but for people all over the world. Some jerk at university in Columbia booted up a Cisco, entered some random network addresses because he hadn't gotten any yet, and a bunch of C&W customers in Seattle were cut off from about half of the Internet for several weeks (the problem is even harder to solve when someone at an ISP makes a mistake!). On the one hand, you can get paid a lot of money to figure out and fix those problems (and pay for wireless Internet and a unabomber-style shack in the mountains). On the other hand, most people would rather prevent those problems from happening in the first place. From personal experience, I believe that 90 percent of the people who muck around with routing protocols are grossly unqualified to do so -- and that includes me, I know I'm a damned fool. The hordes of people who think they would like to play with BGP are probably worse.

There has to be a better way. People want and need back-up internet connections (heck, last summer a forest fire and the resulting smoke and melted antenna on a distant hilltop knocked me off the net for three weeks). However, solving that problem with providerless IPs, an autonomous system number, and routing protocols is like swatting mosquitoes with a 4x4.

Just my opinion.

Re:You've got to pay to play

[sysop]

So what is it? Do your cellphones kick ass or do they suck? Or are you saying that your cellphones suck but are still better than those in the US?

Both.

Someone was suggesting that mobile phone use was higher in Australia than elsewhere because of bad landlines, which is not true.

The Mobile phone systems available are excellent where there is coverage (most metro areas and towns) but nonexistant outside those areas.

I've traveled around in Australia - and I'm not talking 1980s, I'm talking 2000s and your local telephone system sucks. I was pretty much stuck with a cellphone if I wanted to make any phone calls

Unless you're in the deep outback this sounds very uncommon, I'd be interested to know where you had that experience .. except for some new housing developments where they skimp on copper and multiplex lines..

Re:You've got to pay to play

[Golias]

Your point was never made.

Phone use is not an idicator of advanced technology. In 1920, maybe, but not today.

Re:You've got to pay to play

[Golias]

$100 a month, even Aussie dollars, is kind of expensive by US standards.

No, mobile phones cost slighly less per month than Satelite TV. However, since using a land line is practically free here, we would rather spend our money on seeing BBC World broadcasts and Buffy reruns on FX than on the ability to be annoyed by our boss everywhere we go.

Woah.

[SuiteSisterMary]

but surely it would be a negligible cost to put 1-2GB of RAM on even a reasonably budget router at todays prices.

Paper is cheap. I'm going to give you a list of 1 million names and phone numbers. Quick! Find Mr. Smith's phone number!

Re:Woah.

[SillyMe]

OK, give me a phone book of Toronto (or New York), and Mr Smith's full name, and street address.

I get the feeling I could find it in under a minute.

And I'm just a human.

Re:Woah.

[Binestar]

Course if my ping times were 60,000,000ms to anywhere I would be quite upset.

=)

Re:Woah.

How is this insightful?

With 1 GB RAM I think you can put a pretty simple hash in the routing table and search for a useful route in an extremely short amount of time. Better:

Paper is cheap. Here's a million names and numbers. Quick! Find the page with the big tab that says SMITH, the heading JOE, sorted by ZIP code and tell me Joe Smith's phone number at 123 x street in ZIP 99999

Re:Woah.

[SuiteSisterMary]

Now do it several thousand times a minute, while also doing inserts, updates, and deletes. It's not size, it's processing power. I'd take multi-processor routers before I'd take ones with gigs of RAM.

Re:Woah.

[JusticeShallBeDone]

This would be easily solved if routers worked on Content Adressable Memory, not Random Access Memory. Meaning the router would not look at a specific address in its table and ask if it contained the required data for all 2000000000 of its adresses, it would look for the specific data and then grab that associated address, instead of using a search algorithm. The difference being that searching for specific data is combinational logic and not sequential, and can be done in O(1) time instead of >= O(n) I know most air trafic control systems work using CAM (i need to find whether ANY plane is in this grid, i don't need to check every plane and ask if it is in this grid) So in that example, to find mr. smith, the router would just have to do ask the memory for mr. smith and the memory would say, i have a mr. smith in block "n", in ~one clock cycle

Re:Woah.

Database programmers solved these types of problems decades ago.

Re:Woah.

[operagost]

Just use a Pentium4. According to those commercials I keep seeing, apparently it's better than alien technology.

Re:Woah.

[SillyMe]

My point was that if I could choose the format of the pages, an algorithm for looking up the names would be very simple.

Of course optimizing for inserts, updates and deletes complicates things. (Doesn't everything?)

Re:Woah.

[Kizeh]

It would, wouldn't it? CAM is darn expensive, though, and has other performance bottlenecks. Furthermore, routing isn't just plain old lookup, it's a longest-prefix match. Not only do you have to find a match, you have to find the best match.

Re:Woah.

[TheCrazyFinn]

Most databases are exremely slow by router standards. show me a database that routinely handles 1000 queries a second on a 100Mb database with a sub 1ms response time.

Re:Woah.

[jrockway]

60,000ms :) 60 seconds * 1000 miliseconds / second = 60,000 ms.

Re:Woah.

[Cato]

Exactly. Another issue is the amount of routing updates that need to be pushed over network links (although BGP only sends the differences). Most importantly, nobody is going to massively upgrade (memory and CPU) all routers carrying full Internet routing tables every year or two, as if they were PCs - it's too disruptive and expensive.

IPv6 will not solve this problem, and it is a real issue that the IETF is concerned about - existing aggregation and filtering of routes will work for an estimated 5 years, which should give time to develop better approaches by then. See http://www.ietf.org/html.charters/ptomaine-charter .html for more.

You've hit the nail on the head !

[alphaque]

It's the scarcity of IP addresses (then) and the growth of the routing tables which forced the situation we are in today. You're not alone in New Zealand suffering from it, most of us in Asia outside of Japan are too.

These methods and models of doling out IP addresses leave some of our internet data centres hopelessly inadequate at providing something as trivial as fault-tolerant links thru two or more ISPs within the same country as each ISP would refuse to route blocks belonging to other ISPs.

However, I dont think that arguing the increased RAM capacities of routers being capable of storing the huge routing tables is the answer.

CIDR and its ilk was developed to partly address huge routing tables, but the key point it addresses is propogation of new route changes which need to be sent to more routers and thus generating more traffic instead of being confined to just the edge (in context) routers as used now.

If the propogation of new and changed routes could be addressed without generating additional traffic, and believe me when I say bandwidth isnt cheap in Asia, then I would agree with utilizing larger RAM in routers to store these tables.

Incidentally, I was a couple of minutes short of FP. :)

Re:You've hit the nail on the head !

[gmhowell]

>>Incidentally, I was a couple of minutes short of FP. :)

Yeah, and I'm only a few inches short of an 18 inch long unit. Doesn't help me score.

Close only counts in horseshoes, hand grenades, and thermonuclear devices.

Re:You've hit the nail on the head !

More memory??? For what?? Gig of RAM in a Cisco? WHICH MODEL?? Mine max out at about 512MB, 7500s mind you. The ENTIRE BGP routing table can be stored in 64MB of memory. We multi-home 2 DS3s and run them on 7200s with 256MB of memory. Memory isn't the issue, the address space is. It almost humors me to read some of these stories.

Re:You've hit the nail on the head !

[GLX]

The problem with the way CIDR is implemented is putting people in the situation where they're wasting huge amounts of address blocks. The company that I work for has an entire /16 (class B), yet all we use on our internet-facing networks is a couple of /24's... However, to maintain provider independance and not renumber our entire network, we have to keep the entire /16... We can't, for example, split it in half and give half to another company - ISP's like Verio and the like won't allow that because the network is a "Natural" class B and they won't allow any prefixes smaller than a /16 into their routing tables..

A few months ago I tried to split it in half between two sites of ours, and boy, was that ugly...

Re:You've hit the nail on the head !

Actually CIDR was introduced to try to solve the IP address shortages involved with address classes. But large routing tables was a byproduct. Route summeration was introduced to reduce the size of the routing tables and advertizements. my .02.

billy

I cant spell if my life depended on it. But I can route if my life depended on it.

I need a job too!!!

You should be happy

[snatchitup]

You don't want every Tom, Dick, & Harry setting up networks like Loose Cannons. And Domain names, Darn-It! There are no more left, except of course www.clownpenis.fart.

Re:You should be happy

[ethereal]

When I was searching recently, it appeared that many good domain names are available. If by "available" you mean have expired registration 1 or two years ago but are still listed as registered by NSI. Since the .com crash there are plenty of great names, if the registration system would just let you get them.

Re:You should be happy

Well, www.clownpenisfart.com is actually registered. Dommage. I really wanted that name
for my financial starup..

Re:You should be happy

We are talking about IP not domain names you retard.

Old routers?

[kneecap]

Even the in new Routers from Cisco you can't put 1 to 2 Gigabytes of RAM in them, most top out at 256 or 512MB. RAM for PC's might be cheap but most of the RAM for routers and such have not come down in price like the RAM for PC's.

Here in the US there is similar requirments, BackBone providers often filter routes at a /19 level. ARIN's minimum block size is /20 or for Multi-homed ISP's that qualify for a /21 also get a /20. But if you want you routes (and IP's) to be globaly distributed with no problems, then you need a /19 or bigger.

Re:Old routers?

[ElYayo]

Just use a PC with Zebra.

Money, yes, but not what you're thinking

[itwerx]

Let's pretend you're APNIC. Now let's pretend you've got 100 million geeks clamoring for IP's. How much of your resources do you spend on customer-service and hand-holding before you throw up your hands in despair and start setting some limits?
Perzackly.
Now, consider the fact the Joe and Jane Geek have to have a connection to use those nice shiny new IP addresses. And you soon see why we have the present hierarchy of telco's and ISP's.

Does anyone find this surprising?

[Xenopax]

Not be to be blunt or anything, but hasn't it occured to you that eventually we will end up with a few major ISPs? We watched for years as small ISPs struggled and went out of business, while the large players sucked up the business.

Nope, I sure as hell not suprised we're going down this road. All this new policy will do is speed up the natural selection of companies until a few monster ISPs (probably run by an existing monster like AOL/Time Warner/Nullsoft) run everything.

Re:Does anyone find this surprising?

you're obviously a democrat

Re:Does anyone find this surprising?

[johnos]

Just like there are no more independent convenience stores? or restaurants? or gas stations? of video stores?...

NAT?

[bartle]

An idea that I had been toying with was to buy 2 internet connections, say DSL and cable modem, then use NAT to use them both simultaniously. In a simple scenario, seems like it could be accomplished by picking up 2 of those cheap home gateways and setting up a non routeable network. Internally the machines would be set to use one of the gateways by default, if that connection went down you could switch to the other one. Externally multiple DNS records could be used to distribute the traffic among multiple ips, all of which point back at the non routable network.

Even though I concieved this idea for a low end home network, the basic idea should be applicable to a business that really wants a redundant connection. Just buy multiple connections from multiple sources, keep your machines in a non routeable network, then use some fancy equipment (a Cisco PIX for example) to make everything work. Bit of a kludge, but I think it's a viable solution.

Re:NAT?

[Junta]

Make it even better, use a full-fledged PC with three interfaces to serve as router (one address for each connection, and one internally). Though I don't know of any way to do it now, I would assume it could be a logical extension of NAT to NAT over two interfaces rather than one and use load balancing on outgoing traffic to figure out where to NAT the traffic through. If one went down, automatically put everything on the remaining connection. Higher throughput dynamically managed (more efficient than manual allocation) and failover, all without you needing to do a lot of manual work to keep things balanced and working right. All of this is assuming a non-routable private subnets, which is for many companies out there unacceptable...

Re:NAT?

[pillar]

I had a Sun Box doing that for my home for a while. 3 ethernet interfaces 1 to the DSL, one to the Cable modem, and 1 to the internal LAN. I ran IPF/IPNAT on it to do the NATing/firewalling adn used static routes to distribute traffic. It was klunky and kinda a hack to use static routes, and it was by no means "redundancy" but it worked like a charm.

Re:NAT?

[Junta]

I should've asked this in my comment, but does anyone know if there is a NAT implementation that allows you to specify more than one interface/address for a NAT rule?

Re:NAT?

[GiMP]

What you are looking for is speed, not multihoming. What you are talking about is having 2 ips, one for each connection... and then balancing the load across them.

Linux can do this, it has the ability to "shotgun" ethernet connections into a larger one.

However, this is not what this person wants. The problem is IP addresses and routing. In your configuration, if one of your connections die you use an IP address. If one of the connections in a multi-homed environment dies, you still want the traffic for the ips on the 2nd line to be routed to your network.

What this means is, you need cooperation by your ISPs if you wish to be multihomed. Sure, for a home-connection where you are just looking for speed, shotgunning your data is fine.. but it just isn't the solution this person needs.

Re:NAT?

[bartle]

What you are looking for is speed, not multihoming.

I'm looking for redundancy and I can't think of a better way to get this than using two completely different ISPs.

However, this is not what this person wants.

Perhaps, but the what the submitter wants is very difficult to achieve. Using dual IPs is less than ideal, but it allows outgoing traffic and incoming email to continue to flow without interruption.

What I most like about this solution is that you're not overly dependant on a single ISP for anything. Not only are you protected in case of a temporary failure, but you can dump an ISP overnight if they make some policy changes you don't like. While I realize this idea might not appeal to a monoolithic corporation, a smaller one might want to consider this level of control and redundancy.

Re:NAT?

[GiMP]

yes, but I am under the impression that this person wants to have >thousand ip addresses that stay up even if he loses a line. If your server is hosted at his data-center and he loses a line, you want the other line to pickup the slack... without losing your site because nobody is routing to your ip address.

I am assuming he doesn't want nat, but a redundant solution to keep his servers up.

Re:NAT?

[monkeydo]

You are missing a couple of imporatant things:

1. If you want other people to be able to access your network (you have lots of webservers) you need your IP addresses to remain constant regardless of who's network you are connecting through.

2. You want to be able to use _optimal_ routing inbound and outbound to the Internet. Your solution is very easy to implement, just two ISP connections with equal cost static default routes will let you load balance outbound traffic, but this decison is made without any upstream knowledge. If one of your ISP's has a failure elsewhere in their network and becomes partitioned from part of the Internet your router will have no way of knowing and you'll send half of your packets into a back hole. Oops. So much for redundancy. Even if both paths are up, one or the other will always be "better" to a certain destination, but you are making routing decisions at random. The same holds true for inbound. If you use round-robin DNS to balance queries you have the same problem of above in reverse.

Re:NAT?

[cduffy]

If I understand what you're asking correctly, that can be done on Linux.

Re:NAT?

[psychosis]

My (rather uninformed) guess would be to tie your external interfaces together (the linux kernel supports this) and make them one logical net pipe. then your internal just has one to talk to, and if one fails/becomes unreliable, the others are still there to pick up the slack...
I've not done this, but it seems reasonable, anyway.

Unfortunate futures...

[Cutriss]

Unfortunately, the very reasons you're eagerly awaiting IPv6 are probably the reasons that you won't ever see it, and you probably already know those reasons.

The Internet stopped being about information about five years ago (Or at least that wasn't the point anymore) and it's now all about eCommerce and BS like that. The very same companies that got on the Internet in the first place to deliver information are now delivering information only from their marketing departments, and not from engineers or researchers. Commerical interests have all but drowned out its original spirit, and are also partially the reason for the inception of Abilene (Internet2). Of course, it probably won't be long before that new promised land gets pillaged and raped. The Internet as we know it seems to be in an eternal state of loss of innocence, I'm afraid. I don't think the solution is to supplant or supercede the original 'net, but to just have a user-maintained network...kinda like what the network-area neighborhoods are designed to accomplish, except on a much grander scale. When the corporate interests don't exist, then the public can do with it as they see fit.

Re:Unfortunate futures...

[the_2nd_coming]

perhaps unis could all connect up to Internet 2, and make it just for information/education. then you can pay a uni a $20 connection fee so you can point yourself to their Internet 2 server farm and go!!

Re:Unfortunate futures...

[NineNine]

When the corporate interests don't exist, then the public can do with it as they see fit.


Corporations aren't part of the public?

Re:Unfortunate futures...

[lizrd]

Corporations aren't part of the public?

:s/Senator McCarthy/Slashdot
:s/Communist/Corporation

<Chic ken Little>It's big, bad, evil and trying to take over the world!!! We have to do something to stop it now!!!</Chicken Little>

Re:Unfortunate futures...

[donutello]

Geez. The reason the internet is about eCommerce and business and stuff like that is because that is what is paying for it. It's companies like Sprint and Teleglobe which have invested in creating the backbones and the pipes which keep the internet running.

These are not like the rivers and valleys which create themselves. The internet needs to be created and needs to be paid for. Yes, the government did get involved in it in the beginning but the large percentage of capital investment on the internet is by private interests.

Re:Unfortunate futures...

[konstant]

Please remove your rose colored glasses and back away slowly :) Like you, I was on the internet five years ago (and before). Unlike you, I do not recollect it so fondly. NNTP newsgroups were not appreciably more interesting or informative than they are today. In many cases, newsgroups only become valuable once they have been around long enough to develop a kind of "lore" and archive of all the discussions that have taken place in them over the years. This, necessarily, was absent or sparse back when the groups were newer. It may have been true that the spirit on the WWW was more collegial and the participants less concerned with personal benefit, but mainly the web was populated by dabblers who wanted to put up a scanned picture of their dorm room or girlfriend. "Valuable" sites were mainly collections of interesting links to the small number of pages that contained data of real use. And the simple fact that very few websites existed and that they were mainly the creations of students or professors in educational institutions (or porn) meant that the content of the web was limited. It was not possible in those days to perform a search for "half-hitch" and get back dozens of valuable, instructive hits about how to tie knots. The attitude of the web may have been different but the breadth was sorely lacking. In other words, the things you remember fondly are not only still present on the net, but improved in almost all cases! In addition, we have access now to commercial sites that simply didn't exist in those days. It may be that those sites speak more loudly than your favorite nook of the web, but they are at worst hogging the limelight. They are not pushing out the original spirit. Not by any means.

Re:Unfortunate futures...

I agree completely. I really get irritated by people who are constantly complaining about how "it was better back in the day"...you know, when children *actually listened*, when there was so much less violence, when the internet was pure and innocent, blah blah blah.

I've been on the net a good long time, and have found many vast improvements in the content. I'm always suprised at what I can find. The other day I needed to tie a tie (god forbid!), and thought "well, it'll be on the 'net somewhere", and alas! It was. I know I would have been unlikely to find that (or think of looking) in the mid 90's. I mean, I work with people who used ARPAnet for crying out loud, and even they mention from time to time how much better things are getting compared to how they were "back in the day".

All I remember from 5+ years ago was that a 14.4 connection was a good thing, lousy webpage design was the same/higher density as now and there were plenty of useless sites, just like now. Only now, we have a LOT more, and long with which comes more *useful* sites. That's what we want.

Re:Unfortunate futures...

[kubalaa]

I think part of the problem is that "corporate interests" translates into "anybody who wants to make money." The internet is like a heat engine for information; by moving it from one place to another, it literally makes money. Nothing will stop people from capitalizing on that.

Re:Unfortunate futures...

[Secret+Coward]

Five years ago would put is in late 1996. If you go back a few more years, to 1993-94, the original poster has some legitimate points. Before the World Wide Web, high speed modems, and commercial ISPs took off, usenet and gopher had far less noise.

Since internet users were mostly academic, usenet discussion tended to be more academic. Around 1995 or so, typical Joe users swamped the internet and began filling it with garbage. Many academics tired of the dribble and left. The signal to noise ratio went down like an IIS server.

My current ISP doesn't provide usenet, so I don't know if typical Joe users have abanded it in favor of WWW alternatives, but the mid-ninties were a bad time for usenet.

I do however, agree that as more people took to the internet, the number and diversity of quality sites increased. This has happened because people had the freedom and the ability to publish whatever they want. The original poster's concern is that corporations will influence the future of the internet in such a way that publishers will face an overwhelming barrier to entry.

IPv6 a problem for many routers

[yakfacts]

One real problem is that IPv6 is still not ready
for prime time.

There are many high-end routers that cannot deal
with IPv6 and will not be able to without a hardware upgrade, as they use ASICs to store tables of IP addresses and those ASICS expect four bytes.

Re:IPv6 a problem for many routers

[steelrecluse]

Juniper routers can all handle IPv6 fine. The latest release of JUNOS (5.1) includes support for this, and it runs on any M series router (Juniper router) without any hardware upgrades necessary. So when you say many high-end routers can't handle IPv6 you must be referring to Cisco :-)

Re:IPv6 a problem for many routers

Next one of you primates who uses the phrases "ready for primetime" to describe anything other than a television program is in line for a severe beating courtesy of my cluestick.

Re:IPv6 a problem for many routers

[eMilkshake]

Is it that IPv6 is not ready or that the routers aren't ready? I can be patient for the former, but not so much for the latter.

Re:IPv6 a problem for many routers

Guess who works for Juniper?
Check out this person's posting history.

Re:IPv6 a problem for many routers

[LinuxOnHal]

But when Cisco Routers power *most* of the internet, it is safe to say the internet is not ready for IPv6 primetime. It is coming, but it will be costly.

Peer to Peer

[horster]

yes, but I believe the solution rests with a layer on top of the internet - namely something like peer to peer systems of today where nodes can shift more easily, appear and disapear without hurting the overall network.

the real problem is with NAT (network address translation). How to two peers behind such a NAT firewall anounce their presence to each other and then communicate without the assistance of a 3rd peer with a proper IP address and place on the internet. if anyone knows the answer to this quiestion, I'd love to hear it!

really, how do you announce a service behind a firewall? that seems to be the question of the day.

Re:Peer to Peer

[the_2nd_coming]

make it so the NAT keeps an eye out for your service then when the service sends out its anouncement, the NAT can then propagate that out. to get into a NAT from the outside, you could set up a table of allowed service anouncments that can come through so when a NAT picks one up it can cross check it with its internal table of allowable service domains (probably done with some certificate) and then can let it through. the NAT admin would have to physicly maintain this but it can work. it will just take a bit of work to Improve NAT and cooperations on a protocol for Certificates etc.

Re:Peer to Peer

[horster]

that requires changing the firewall, not an option for many who want to quickly connect and disconnect - I'm talking about a pure behind the firewall, solution.

currently it looks like proxies are the only way, like I said, with the help of a third party.

Re:Peer to Peer

[the_2nd_coming]

well I am sure most new Hardware firewalls can be fixed by a ROM upgrade, a software firewall could concevably be fixed by adding a layer on top of the original table that looks out on both sides, it the right traffic is not there then it lets it through to the lower layer of the firewall. if it is traffic that the upper layer Identifies as somthing it should look at, then it does its thing and either lets it through or blocks it.

Re:Peer to Peer

[horster]

dude, your not getting it - haven't you ever worked in a company that is behind a firewall? you can't modify things that you don't have permission too!

of course. at home you can do port forwarding or whatever, but a nice p2p app shouldn't require the user to do all that.

Re:Peer to Peer

[the_2nd_coming]

hey, you just said is it possable, I showed how it is possable. if you had said " my company won't let us touch the firewall, how can I make a p2p service come through" that would have been totaly diffrent.

and BTW, if the P@P app was important enough for a company to use it, the company would do what it takes to make it work. as of right now, there is no P2P apps that would warent this form most companies.

why don't you read your quesions before you rip someones head off?

Re:Peer to Peer

[the_2nd_coming]

oh yeah and BTW, unless the other out side has ESP then the answer is ther is not way, not with out an upgrade to the way the system works.
that is all I said.

Re:Peer to Peer

[horster]

where do I say that it is possible to modify the firewall?

Re:Peer to Peer

[the_2nd_coming]

you never said you couldn't. I was "thinking out of the box." by not putting limitations on it the person answering your question has free riegn to think of all possabilities. it is not my responsability to place limits on my Ideas.

Re:Peer to Peer

[Enigma2175]

What's an intelligent statment? Does it have something to do with statistics?

Re:Time to get rid of jon katz

[recursiv]

Insightful? This story has absolutely nothing to do with Jon Katz.

Same with most Tier-1 providers

[13013dobbs]

This is true with most tier1 providers. Is this just an .au thing?

IPs for the elite?

[Thornbury]

It's true, you can't get portable IPs of your own anymore. The advent of CIDR and the segregation of netblocks were in an effort to reduce global routing tables.

Putting in 1-2Gb of memory in a router is still incredibly prohibitive. It just can't be done in the mainstream (common) routers.

You can still be multi-homed with netblocks from one ISP to be received by another. This happens this way in the US, and I'm sure it happens with APNIC and RIPE-issued blocks. You get the same effect, without all of the hassles of truly having your own blocks. At least we don't have the /19 barrier for advertising that used to be prevalent in larger ISPs. There is some give and take. The give on that is that the larger ISPs have gone to regional aggregates.

For instance, I don't want to have to pay for my addresses in the US now thanks to ARIN. (Don't get me started.) My ISP takes care of that. The justification process of getting addresses isn't fun, but it's a lot better than the Inquisition your provider has to go through. I'm not saying that economy is bad, but it's a fact of life with IPv4.

It's possible that controls will be loosened in an IPv6 world, but I don't think so. We've been down that path before. With tiny fragmented blocks of IPv6, we're creating a nightmare of routing tables the likes of which we've only imagined with IPv4. Aggregation is here to stay, and I beleive the days of the portable netblock are long gone.

Of course, if you can justify your need for your own blocks, you can go directly to your registry. If not, isn't it enough to have your networks SWIPed to you?

The days for "vanity" addresses are long gone. Maybe you should think up a clever .com domain name instead while you still can.

Re:IPs for the elite?

[figment]

Thank you. All the comments i am reading are confusing that PI-space is required to run BGP. That is not required, all you need are two semi-coooperative isps, one that's willing to punch holes in it's aggregate and the other that'll relay your advertisements.

Again, just as he said:
You can still be multi-homed with netblocks from one ISP to be received by another.

PI-space only makes it a bit easier in transition, but it doesn't make it anywhere near as impossible as the question implys.

Re:IPs for the elite?

[Cato]

Using one provider's address space within another provider's routing tables is a valid way to multi-home, but it doesn't really reduce pressure on core routing tables (one route carried in the BGP routing table instead of two, but the main routing table has the same number of routes).

IPv6 actually simplifies this issue a bit - particularly for single-homed sites, it's much easier to transfer to another provider's address space, since you can renumber a whole IPv6 network automatically. For single-homed sites, IPv6 aggregation will be as good as, or better than, IPv4's. Unfortunately, IPv6 doesn't solve the multi-homed site issue, since you still need the routers with full Internet routing tables to carry routes for all multi-homed sites.

more consideration of the fact not manners

I think the constoriums are worried that when countries go online like china that it will spark to much demand more than it can handle. I think they are trying to conserve and reserve as much as possible.

IPv6 may change this

[jjinux+at+yahoo]

I'm sure that the reason that this is so is because we're running out of IPv4 IP addresses. After all, ARPANET started out as a defense project--it was never expected that some private party in New Zealand would ever need his own set of IP addresses! It will also free the rest of us from the need to use NAT's. -jj

IPv6

[MosesJones]

WTF is it ? Solves all of these problems, increases security, increases reliability adds predictability to networking.

Its been trialed and used on long haul cables and backbones. Most decent OSes support it. IPv4 would still work over IPv6.

Isn't it time to flick the switch ?

Re:IPv6

One of these days, networking that doesn't require a lot of expensive infrastructure will happen (802.11?), and the internet will balkanize into a bunch of conflicting names and numbers authorities, namespaces, etc, and nobody will be able to tell anyone what to do. It will be beautiful. The anarchist dream will come true!

Re:IPv6

[NerveGas]

Actually, it's not that users won't upgrade until forced to, it's that the vendors won't. If your desktop had IPv6 support, your router vendor had IPv6 support available, and your upstream provider offered IPV6 addresses, how many people would actually say "No, I don't want to bother"?

steve

Re:IPv6

[LinuxOnHal]

That, or when the government switces over, we take away the Postal Service's Class A block, as well as the numberous B's and C's that other organisations own.

Re:IPv6

[Derek+S]

I've had to do quite a bit of work with IPv6 at my job, and I have to say that it is not nearly as simple as flicking a switch. Support is growing, but most implementations just aren't that mature (I'm working with FreeBSD/KAME, which is getting into decent shape). Aside from addressing, most of the other nifty features of IPv6 (IPsec, autoconfiguration, etc.) have already been backported to IPv4. And most organizations have gotten used to NAT as the way of the world, so the addressing problem keeps getting pushed farther off into the future.

That said, the main thing standing in the way of IPv6 adoption is that nobody knows anything about it. There's minimal incentive for most network admins to learn about it these days, and it's not going to catch on until a critical mass of users know what's going on. It's amazing to watch the eyes of technically advanced people glaze over when I give a presentation on my (really quite basic) IPv6 work.

Of course, that's the view from the US. From what I hear, Asia and the wireless world have a lot more to gain from adopting IPv6 addressing in the near future. So maybe the traditional networking world will be behind the curve on this one.

IPv6, coming to your neck of the woods around the same time as cost-efficient nuclear fusion.

Re:IPv6

[spauldo]

The US government already as a private internet, at least where the military is concerned. MILNET's only connected in a few places to the rest of the internet, and is designed to function just fine with those routers turned off. They recently held meetings on whether to shut off commercial access or not, and decided to keep it.

If you're talking about the secure network, well, I won't talk about how it works except to say that IPv6 wouldn't give it any benefits. The system they were using before that has been in service for almost 40 years, and after the new one is wholly in place they will want it to last another 40 years before they change it again. Hopefully the rest of the internet will be IPv6 40 years from now :)

Somebody tried selling me on a box that did that

[swb]

Someone tried selling me on a box that did that, except it would take several high speed connections (like 4 or 8 ethernet ports on the box, you supply the other end) and then via NAT and then intelligently load balance the traffic across those connections. I think it had the ability to transparently redirect traffic based on protocol to these presumably cheap broadband connections.

The idea was that instead of buying another expensive T1 because everyone's reloading Slashdot all the time, you buy cheapie DSL connectivity as needed and run your "unimportant" traffic out this box and the business-critical gets more of the T1.

It's a neat idea.

Market control is capitalism.

[jeff13]

Does this put control of the entire internet further and further into the hands of large corporate players,

Well duh, yes !

and and is anyone particularly interested in changing this situation?"

I hope so.

Re:Time to get rid of jon katz

[talesout]

True, but bashing Katz is always insightful. The true test of one's intelligence is in whether or not they agree with Katz.

Re:Time to get rid of jon katz

Just use the KatzFilter.

searches are expensive

[Agthorr]

Sure, you can STORE lots of routes in that much RAM, but how are you going to search that many routes to find the *right* one, in real-time, to route millions (or billions) of packets per second?

Use a WAN

[the_2nd_coming]

If I understand your needs correctly,
Why waist an entire set of IPs when you can NAT off your network and pay the local phone company o connect bothe sites over a leased line then you can have access to the 10.x.y.z reserved IPs. then you can have as big a network as yuou want. you could also put another NAT at the other end so as not to over load the first.

Cheap RAM?

[Sandman1971]

"But surely it would be a negligible cost to put 1-2GB of RAM on even a reasonably budget router at todays prices." This person is definately showing they have no clue what they're talking about. YOu can't just put cheap 100$ 512 SDRAM.... or there goes your Cisco warranty. 1 gig of CIsco RAM will cost tens of thousands of dollars. Most routers that can handle that much RAM are not 'reasonably priced', unless you consider hundreds of thousands reasonable (IE: 7500 with RSP8 card). It's a shame that ISPs and NAPs in New Zealand don't offer BGP advertisements for multihoming. I work for a NAP in North America, and advertising another provider's classes for multihoming purposes is not something unusual; it's common practice.

Re:Cheap RAM?

[MadAhab]

I've seen that comment a number of times but it doesn't address the idea that routers are built with relatively small amounts of a commodity resource.

Re:Cheap RAM?

1 gig of CIsco RAM will cost tens of thousands of dollars

Then I guess it's time for people to stop buying Cisco routers.

Re:Cheap RAM?

[TheCrazyFinn]

But it's not stock SDRAM in it, usually it's some odd variant of Parity ECC RAM. And the things only take 256Mb or 512Mb at most (My little 1605-R doesn't even get near that) The Crazy Finn

Re:Cheap RAM?

[MadAhab]

Right. Which has a lot more to do with corporate pricing policy - how to soak your customers or how to get rewardwed for the value you provide, depending on your attitudes - than it does with any technological reason.

So the question remains.

Why go multihomed?

[Colin]

I'm not sure why you want to go multihomed, with all the attendant problems that it brings. If this is a corporate connection, that's not got services (other than mail) being provided to the outside world, then I don't really see the point. I think you can provide the redundancy in other ways - here are some ideas, using 2 ISPs (and PA IP addresses allocated by each of them).

Put a mail server on each connection (or map an IP address from each connection through your firewall to the mail server). MX records will do your load balancing and redundancy for you.

Use NAT/PAT for users to connect to the Internet. If one conenction goes down, remove the internal routing to that connection - all your sessions will now go out of the other connection. I find that this is quicker than waiting for BGP to reroute connections via a backup/alternate path. It also gives you more flexibility in internal network numbering, and to move ISPs.

Host services with colocation providers - not internally. Colo service providers have already solved most of the service provision problems, and are well connected to the Internet - I don't think it's worth trying to do this in house.

Re:be careful, moderators...

you probably don't.

Sounds a bit silly

[rnicey]

Are you really sure that competing ISPs over there are not advertising others routes?

I've just had some first-hand experience of this with Worldcom, ESpire and AT&T. Worldcom were more than happy to allocate us a 'class C' so we could run BGP without getting filtered upstream. (This appears to be the smallest block that gets routed these days.)

Each and every one of these ISPs sold us dedicated connections boasting how many peering arrangements they had with each other and when it came time to route, no problem.

Maybe that's the cutthroat ISP biz in the US, I'm quite surprised that it's not the case in NZ.

The size of routing tables is quite big. In fact you generally require the entire use of a T1 just to manage the updates of a full table. That's why it's typically ISPs that do this kind of thing.

One other solution they all put forward was to purchase connectivity from each of them and let them do the BGP over the lines. I thought this was quite cooperative of them, to send your traffic via another provider if their link went down.

Hmmm.

Why do you have to 'own' the IPs?

[Phizzy]

How many computers do you have on this lan? Why do you think you need to 'own' the IP addresses? First off, you don't even need to own ANY ip addressed to do multihoming. You could NAT all of you LAN boxes up into the single /30 advertisement that your ISP(s) are going to give you for the serial interface on your router, and then have the ISP advertise that out to the 'net, and voila, you have multihoming. When one provider goes down, you can use your IGP to route across the other, OR, if you wanted to go a litte more high-class, you could buy a large router, and take full BGP tables from both providers, and differentiate intelligently based on the preferences sent on the routes. Now, if you don't want to do NAT, and there are a whole slew of good reasons you wouldn't, why are you hung up on ownership of these IP addresses? Why won't you let the IP-allocation process work like it's supposed to? If APNIC had to allocate IPs to every small business in the region it's responsible for, it would take 3 years to get IPs from them. Buy a block of IPs from your ISP(s), and if you transition to another ISP, re-number your network. Or, if you don't wanna go the cheap way, you CAN buy portable IP space from providers. Many of them buy whole Class As just for this purpose, it's just that you're going to have to pay more for these IPs than you would otherwise, as you should, since the ISP's netblocks can become non-contiguous if you leave. As far as your questions about IPv6 and router memory, the internet routing table is well up above 100k routes already, and there are many routers out there that are already having problems dealing with tables of this size. Many Cisco boxes will die in the near future if not upgraded, as their old routing engines run out of memory, and despite the fact that PC memory is cheap, router memory often is not. Especially when you have to install it on the tens of thousands of routers any decently sized ISP will have. IPv6 isn't really even a factor yet.. and when it is, many routers are going to need heavy upgrading (software, hardware, etc) to deal with it, which is why so many ISPs aren't rushing out to do it. So buy some portable IP space, get yourself multihomed, and go buy a good BGP book.

//Phizzy

Re:Why do you have to 'own' the IPs?

[TilJ]

Doesn't address failover for incoming traffic. Neither do DNS tricks or other such kludgery: this is a layer 3 problem. The solution is to use IP as it was intended -- true end to end connectivity and routing issues handled by, of all things, routing protocols.

BGP with aggressive route aggregation works well. Something better running on top of IPv6 would go a long ways towards getting rid of the convulated "solutions" that a lot of organizations are setting up.

Blatant karma plug: http://www.nanog.org/ -- anyone interested in these sorts of routing issues should join the mailing list and lurk

Spagetti Wilson and the Ancient Troll

[bushboy]

Give me a break - isn't this why 'virtual' hosting was introduced ?

Next thing you'll be saying you want your own strip of highway to put outside your house, linking your ass to every asshole in history.

Incorrect assumptions, answers

[uslinux.net]

First of all, RAM on a router is not the issue anymore. The issue is bandwidth. If your router has to maintain 100,000,000 routers instead of 100,000, you have a 1,000 fold increase in routing table updates in network bandwidth.

Second, IPv6 will solve this, at least for a while. Despite IPv6 having enough addresses for all the particles in the universe, I'm sure we'll run out again in a few years :-)

Finally, how many companies actually need their own IPs? Small ISPs just get their IP range from a larger player, who is providing them with bandwidth. Under normal circumstances, a mom & pop ISP doesn't need an OC-192 - they're probably happy with a T-3. It's cheaper for them to sublet a fraction of a big player's bandwidth then to go at it alone.

Re:Incorrect assumptions, answers

[steelrecluse]

"First of all, RAM on a router is not the issue anymore. The issue is bandwidth. If your router has to maintain 100,000,000 routers instead of 100,000, you have a 1,000 fold increase in routing table updates in network bandwidth. "

Not sure what makes you think not. We're certainly not running RIP in the core so there are no regular updates, just incremental updates. Yes, when two BGP peers first come online the entire routing table has to be transferred so that is an issue, but after that only changes are sent.

Main issues you'll see are memory and route-lookup times.

Re:Incorrect assumptions, answers

[jroysdon]

RAM is still very much an issue. Every single router for a decent provider has to carry a full BGP table. That's 128mb, minimum. Which, yes, you can get RAM cheap, but not Cisco-approved RAM (and, yes, Cisco now only supports Cisco-approved RAM if you call into TAC).

BGP4 route tables are transmitted once when a router comes online. So long as things are stable and links aren't flapping, the routes aren't retransmitted.

Re:Incorrect assumptions, answers

[brainboyz]

Second, IPv6 will solve this, at least for a while. Despite IPv6 having enough addresses for all the particles in the universe, I'm sure we'll run out again in a few years :-)

But I wanna access the 67,523,972nd muon the to the left of the exact center of the sun! You people and using IPs to access your toys, tsk tsk. Yay for particle level IP access!

Re:Just make one up

Use it or lose it for IP addresses - I like this idea a lot.

Re:Time to get rid of jon katz

[gazbo]

No, but the usual crappy Katz bashing has been replaced by a more directed assault on his journalistic integrity (or lack of) Did you read that Afghanistan article? If you had you would realise just why Katz needs to be slapped.

Really, that story was made up bollocks from the start.

Oh, I'm not denying that the post should be marked off-topic, but you really should read the Catz article in question (sorry, no link) and then you'll realise why somebody gave it Insightful. And the Troll mod was totally unjustified.

I'm off to dig up the ZX Spectrum I left buried and install the SETI client while cracking MD5 hashes. Oh, sorry, I thought I lived in Afghanistan for a moment.

Moderators: This post is off-topic, not troll, flamebait, or overrated. Please moderate accordingly.

Become a government agency

[alen]

In my experience working for the US government I have never seen them use a private IP range. They would have Class B subnets and use only a fraction of the available IP's. The rest are pretty much wasted. So if you can't beat them, join them. Become a government agency and you'll have all the IP's you could want.

Re:Become a government agency

[Wells2k]

Sure, become a government agency. Then you can become just like airport security workers! Efficiency can go straight down the tubes, your customers will complain on deaf ears day in and day out, but you will be paid just the same from taxpayer dollars...

Re:Become a government agency

[David+at+Eeyore]

In my experience with a large Australian Government organisation that specialises in making loud and unfriendly noises at people ill-disposed towards Oz, we moved to total replacement of 'real' IP address schemes with non routable 10. net addresses some time ago for all addresses inside our firewalls, as a result of government policy. It may be the same in the US and even NZ!

Routers, Upgradability, Etc.

[Jordy]

Oh so many answers, so little time.

First of all, one should note that IPv6, while supported in newer versions of Cisco IOS, has the slight problem that in BFRs, the hardware accelerated routing hardware has four times more work to do to look up a 128 bit IP address making performance somewhat of a problem. Add to the fact that a lot of the routers out there simply can not be upgraded past 128 MB of RAM and you run into a slight problem when you go to make your $150k router IPv6 capable.

Then there is the little problem of client operating systems and the "migration" to IPv6. As there are only a handful of people on this planet who use IPv6 exclusively, routers will have to support both until all the client software of the world moves over. Now, it is bad enough getting full IPv4 BGP updates, but getting them *AND* IPv6 updates?

Of course, next comes all the little hardware out there. From the terminal servers people dial up to, to the layer 4 load balancers, there is a lot of hardware that doesn't support IPv6.

So, as a large network service provider, one would have to justify the costs associated with IPv6 against the benefits. The benefits are pretty slim right now unfortunately. Ideas like a single roaming IP (pipe dream if you ask me), mandatory multicast/anycast support, fixed sized headers and IP level security are all fine and dandy, but when you are talking about replacing (or at least suplementing) millions of dollars in infrastructure to allow a handful of people to use IPv6 for years until the REST of the world follows, it starts becoming hard to justify.

Don't get me wrong, IPv6 has some lovely attributes, but until Cisco enables IPv6 by default on all the hardware they make, everyone upgrades their copies of Windows and MacOS to support it and all of a sudden the terminal servers of the world (remember dialup still exists) all start learning how to route IPv6 packets, it is an uphill battle.

So the question really becomes, how long will it all take? IPv6 really needs a killer application to the general public aware that they *need* it and ask their providers to provide it. Once enough demand is generated, ISPs will start asking their upstreams for it and the ball will start rolling.

The same problems have plagued multicast for some time and still, very few providers support it and even fewer have customers who use it.

Of course, that's just my opinion, I could be wrong.

Re:Routers, Upgradability, Etc.

[steelrecluse]

Already stated earlier but Juniper routers all support IPv6 as of the newest software release (JUNOS 5.1).

There are a few customers using it and it'll see more use as time goes by.

Cisco 2500 series router and PIX 506 firewall

[zerofoo]

I am a the network admin for a small school. We have a Cisco 2500 series router with a T1 interface and ISDN BRI. Using a "floating static" route, our 2500 series router dials out on the ISDN circuit if our T1 fails. This isn't really multi-homed since we are dialing into the same ISP and recieving the same IP block we usually get. It does, however, provide us with an emergency (slow) connection if our T1 goes down. The PIX 506 firewall provides NAT/PAT services. This setup works quite well.

-ted

Multi-Homed in a CIDR world

[paulbort]

Here's how we solved the multi-home problem despite CIDR. We wanted to make a web service (Citrix ALE) available over our T-1, or over our DSL (from a different provider) if the T-1 fails. The solution was to get a cheap Web hosting service that will use our (already registered) domain name to host a couple of static pages that point to our servers by IP address. One set of pages points to the address we got from the T-1 provider, the other points to the DSL address.

When Big Brother thinks the main connection is down, we ftp over the backup connection to the off-site web host, make the other set of pages the default, and our users now come in on the other circuit. We change the Alternate Address on the Citrix servers, and we're back in business.

just like every new media source

[geekoid]

Gutenbergs press, governments tried to control it, and use it for control.
radio, controlled by governments, ran by business, almost no small player.Those small player that our left are being pushed out by regulations backed by corporations.
TV is controlled mush like Radio.
all these mediums are used to tell you what to think, eat, read.
why should the Internet be any different?

People who want to control, and power, don't go into Politics anymore, its too heavily watched. They become corporate players.

multihoming defined

[mdouglas]

for those of you who are confused about the nature of multihoming :

multihoming involves connecting to 2 or more isps and BGP publishing your ip space through both of them. this (ideally) involves having your own ARIN assigned ip space & AS number.

the point of multihoming is to address redunancy for inbound as well as outbound connections. you can use 2 isps + nat + creative outbound routing to handle outbound traffic, but that does nothing for a potential web server you're trying give multiple inbound paths to.

read the multihoming faq :
http://www.netaxs.com/~freedman/multi.html

Re:multihoming defined

This is just a hastily thrown together post to get karma.

A truly informative post would not explain one term (multihoming) by introducing 3 more (BGP, ARIN, AS number) that someone who doesn't know what multihoming is will necessarily understand.

Re:multihoming defined

[jroysdon]

You AC trolling twit. He provided an excellent link to a FAQ of written by one of the top internet backbone architects (Freedman is on of the top brains for Akamai's routing infrastructure, and an investor/advisor for Havenco). Anyone who doesn't know the terms or how to do this should just look into that (which is where the original poster should have gone).

Re:multihoming defined

You jroysdon trolling twit. The FAQ doesn't define the terms either. Freedman may be a top brain at routing, but she can't write a FAQ to save her life.

IPv6

[dAzED1]

one of these days, IP6 will happen...

then there won't be issues like this anymore.

crack pipe and pot.. again?!

This is a TROLL message, not a FUNNY one, Mr. (stoned) moderator

Re:crack pipe and pot.. again?!

It is a FUNNY TROLL, butthead AC. Get it together.

duh!

Same with mom-and-pop providers. No small players left.
That's the price to pay when you involve big money.
Duh!

Re:George Harrison, Beatle, dead at 58

Truly an American icon.

Except, wasn't he originally from Britain?

Large players *do* and *must* run the internet

[Anonymous+Brave+Guy]

Does this put control of the entire internet further and further into the hands of large corporate players, and and is anyone particularly interested in changing this situation?

Not really, and no I'm not.

The Internet already is, always has been, and must be, run by large players. You cannot have an interconnecting network that spans the world and has that many users without someone very big to put the infrastructure (hardware and software) in place, and to maintain it afterwards. The only people capable of doing that are major corporations, and a few very large not-so-commercial bodies (the academic community, for example).

I'm sorry, but if keeping things efficient and practical for these essential big players means you can't play with precious IP address space, then that's the price you're going to have to pay. There just isn't space for everyone to play with their own blocks of IPs any more, and there isn't time for everyone further up the chain to account for them even if the space was there.

Yes, it's unfortunate that some of these big players have a monopoly, which is rarely a good thing. Yes, it's unfortunate that little fish get eaten by big fish. But unless you have a better suggestion, there are only two choices: (a) leave the big fish alone, accept that for now there will be issues, and have an Internet, or (b) get on your high horse about monopoly abuse, civil liberties, and any other subject of pontification you can find, and kill the Internet. Me, I think that's a pretty easy choice.

ever hear of a binary tree?

ever hear of computer science?

Re:ever hear of a binary tree?

Stupid fuck. You must be a freshman.

Re:ever hear of a binary tree?

Stupid Fuck. You must be a drop out.

Re:ever hear of a binary tree?

Why do it in theta(lg n), when you can do it in theta(1)? Keep studying.

Re:Time to get rid of jon katz

here
...

This site is losing all credibility quickly.

Stories about people in Afganistan who dig up commodores and then download / watch divx movies have killed off every last shred of believability this haven for anti-ms zealots ever had.

It is time to get rid of katz

Re:I'm not here, this isn't happening

If you don't know that it was orignially:

Mae Ling Mak, Naked and Petrified

You really don't belong here.

Thank you.

I'm working on it.

[NoMoreNicksLeft]

Right now, I'm still experimenting with liberating the DNS system. Give me another 12 months, and we'll see about the internet as a whole. I mean, lots of improvements we could make right from the start... ipv6 from scratch, etc.

*grin*

Actually, in a demented way, I'm quite serious.

Where all the IP's have gone...

[cowboy+junkie]

There's a good article at onlamp that talks about where all the IP's went and why things have gotten so stingy. A sad story about misallocation in the early days of the net (do companies like GE or Xerox really need 16 million addresses?)

Router memory prices...

[sterno]

The reason RAM for PC's is so amazingly cheap is based on two reasons that don't really apply to things like Cisco routers. The first is that the supply is huge and the demand has been relatively low. The second is that because of the vastness of the PC market, the components are more readily made in bulk and thus can be made for cheaper. If you look at RAM for just about anything else, the price for what you get has fallen a little over time but has stayed pretty consistent. That is, if it cost you $200 to have an adequate amount of RAM before, it still costs you $200 to have an adequate amount of RAM.

Now, I'm not a network engineer, but another factor to possibly consider is the specifications required for router memory. Does it require a higher level of performance, error correction, etc, than the average PC? If it does, then that will also raise the cost.

What are the security implications of this?

[smittyoneeach]

...'Providerless' IP addresses...

...sound like open season for the DOS attack of the week. That's Denial of Service, not Disk Operating System.

Security and usability are two ideas in continuous tension. While providereless addresses would probably be a great thing for the Responsible Majority, the threat of Just One Jackass (JOJ) seems a little high here.

Re:What are the security implications of this?

[LinuxOnHal]

How are providerless IP addresses more vulnerable, or even easier to launch a DoS attack from? It should not matter in a peer-to-peer internet environment who owns the addresses. If I owned my own block of addresses, and they did not belong to any provider in particular, why are they more vulnerable, if they were still even globally accessable?

Re:What are the security implications of this?

[smittyoneeach]

Sure, an IPv4 address is a 32-bit binary number, and provider information is contained nowhere therein.

My question has more to do with security management. If IP addresses are owned by someone, it at least SEEMS that there might be more chance of controlling nefarious activity.

Granted, the determined thug is simply going to find a means of corrupting an ISP anyway, so any perceived improvement in security by eliminating providerless IP addresses is exactly that.

It's not hard to multi-home.

[NetJunkie]

I'm moving my company over to a pair of T-1s multihomed right now. We're doing it through Bellsouth and having the T-1s go to seperate POPs and our router will run BGP. Sure, we still rely on Bellsouth but it's very unlikely ALL of Bellsouth will go down at once. Doing this between major telcos would be a real issue I don't think we can afford.

The dual-homing aspect of this didn't cost us any extra. We're just paying for two seperate T-1s. To do this you need a somewhat sizeable router. They suggest a Cisco 3640 with 128MB, which is exactly what I'm implementing.

No, you can't do this at home, but why would you? It's not that unreasonable for a business. We're looking at like $2K-2.5K/month for everything and a one time charge for the router unless we lease it.

Re:It's not hard to multi-home.

[jroysdon]

Multi-homing refers to being connected to two independant providers. You've got redudant links to the same provider.

Re:It's not hard to multi-home.

[Blowit]

It is NOT highly unlikeless it will go down. If a MAN goes down, it does not matter which POP you have it in, both links will be dead in the water. To be safe, you need Multihoming between 2 separate infrastructures.

The Best Combination is to have one going to:
- The Local ISP over Telco Wire Provider over MAN #1.
- The Local ISP over Independant/non-subcontracted Copper or Cable Wire Provider who does not connect to the first local ISP locally and is connected to MAN #2 or another MAN/WAN provider from the first one.

This way, you can have higher availability since it would be completely independant circuits throughout the whole city.

Oversimplified (& a better way)

[apilosov]

This was an extremely oversimplified view, more like "I think I need to have bar want to do foo, but I'm clueless what anything else".

There are many issues at work:
a) Assignment of PI (Provider-Independent) addresses:
Back in '94, as an end user, you were able to get a netblock directly from ARIN. Then, this block could be advertised (by BGP4) by your upstream[s], and thus you got connectivity. The problem here lays that these IP addresses were nonaggregatable and led to exponential growth in routing table size. (see http://www.telstra.net/ops/bgptable.html up to 1994). Thus, CIDR was born, and hierarchical assignment became the rule. Your upstream (call it foo) gets the IPs from their upstream (call it bar), and the whole internet sees needs only one routing table entry to reach all of bar's customers.

b) ingress filtering (filtering of traffic from customers to make sure only the source IP that are assigned to them are used). Yes, most ISPs do ingress filtering now, and it is now considered a BCP (best current practice) to do this (there's an RFC on that). Again, this is for a damn good reason: Without filtering, DoS attacks cannot be traced to their source, if one is spoofing the source addresses. With filtering, at least you know that the source IP address is likely to be the one attack is launched from (or one of 0wned machines attacking you).

Its well known that ingress filtering makes multihoming harder, as your upstream has to open up their ingress filter for the IPs that are assigned to you by entities OTHER than your upstream (say, your other upstream).

Since apparently you intend to advertise your network via BGP4, all ISPs who will talk BGP4 to you will have no problem relaxing their ingress filters. If all you have is a DSL line, you'll have fat chance of getting your upstream to talk BGP4 in the first place. See below for strategies to do this without BGP.

c) Even if you managed to get your upstreams to turn off ingress filtering and advertise your network via BGP4, you still may run into problems because many ISPs do not listen to network announcements less than /20 (Sprint and Verio are two notable cases). (Thus, if you have an IP range IP_A from ISP A and IP range IP_B from ISP B, and both ISPs advertise both ranges, you can still run into problems when one of htem goes down). Fortunately, lately, the wind started to change, and I think sprint already relaxed their requirement to /24.

Bottom line is: if you want to have your "own" IP address range, you must advertise it via BGP4. If you can get your upstream to do that, you can get them to relax their ingress filters, thus your original complaint is silly.

Now, if all you have is two DSL lines and no cooperation with your upstream you can do the following (sometimes called DNS-based multihoming), _for inbound traffic_:

You set up two nameservers (A and B), one on each of the IP ranges that you have (range_a and range_b). Make all of the entries given out by nameservers have TTL of 5 minutes.

Make each nameserver have a DIFFERENT zone, containing only IP addresses on that range. (Ex, nameserver A will have an entry for www pointing to an IP from range_a, nameserver B will point to an IP from range_b.(both nameservers can actually run on same machine, bound to different interfaces).

Then, whenever someone tries to reach www.yourdomain.com, they'll hit one of the nameservers. If the one they hit first is down, they'll hit the other one, and get an IP address from the _working_ network. Voila, you are still reachable when one connection goes down.

Then, if you don't want your servers to actually have two IP addresses (one on each net), you can do some trickery with iptables/ipchains to redirect traffic to a single IP (probably on private network).

For the outbound traffic: All you have to do is to NAT your traffic to the correct interface/IP range (the one that's currently working). That is not very hard to do with a bit of shell scripting.

Actually, things are a bit more complicated because of this: Your machine (main firewall or whatever) that contains all these interfaces, normally has one routing table. Choosing of the correct interface is done by lookup of DESTINATION IP. Now, assume a packet comes over to IP_B. You _must_ make sure that it will go out BACK on interface B (if you send a return packet with an IP_B source address over ISP_A, it'll discard it because of ingress filtering). This is hard: again, remember, routing does not depend on your _source_ address, it depends only on destination address.

So, how do you solve it?
Luckily, Linux has policy routing, which allows you to have multiple routing tables and choose between them based on some criteria, in your case, it will be source IP. You'll set up two routing tables, one with default route pointing to ISP A, one to ISP B, and a rule saying "If a packet has a source on IP_A, use routing table A, if not, use routing table B"

(see iproute2 documentation for details)

Well, I think I should write a HOWTO on that...I glossed over quite a lot of details here.

Re:Oversimplified (& a better way)

[amchugh]

Awesome. I think Slashdot should start a comment hall of fame, and throw this one in there.

Re:Oversimplified (& a better way)

[Cato]

Interesting bit on DNS multi-homing - should work OK in general but some ISPs automatically increase low DNS TTLs, which might make the failover time a lot worse. See the BIND book from O'Reilly for details.

Re:Peer to Peer -- services behind firewalls

[FlippyTheSkillsaw]

I've given that idea quite a bit of thought, actually. You have 100 machines on a private network, using one internet ip to get what they need.

That's the idea of NAT. You get stuff with it rather than put stuff.

So, if you want to make a setup where you can provide services from behind firewalls, which would essentially reduce the required number of IPs by an exponential amount, you'd need a redirector. It would be very easy to rip up a socks style proxy to allow binding of external ports. It would also be easy to make an rpc style reference chart on a static port on the external ip.

You follow?

Machine 78 on the private network wants to open a web server. It registers that it wants an open port and that the service will be http.

When that machine was turned on and is located behind a firewall, the dns is updated to direct everyone there.

The web server on the outside poke at that machine and find that their target is sitting on port 40382 and opens the http connection.

Another possibility is to build the domain name in the requests, like in http. With such a service, you can have as many domains hosted on a server as you want, because it includes the domain in the request.

The first example is much more flexible, but also uses extra ports, which could be used up pretty quickly.

Whatever it is, it doesn't really matter, because the majority of clients are windows and microsoft wouldn't ever let that happen without putting its dirty finger in the pie.

However, most people are thinking like this and want to bleed as much as they can out of the current setup until they hit an iron wall and can't bleed any more.

Router Memory II

[NetJunkie]

Router memory is cheap, UNLESS you buy it from Cisco. Viking and Kingston both make excellent memory for Cisco routers at a *MUCH* cheaper cost than Cisco. It's not like Cisco memory is anything amazing, it's just OEM memory.

Re:Router Memory II

Any Cisco network device with non-Cisco memory isn't covered under SmartNET.

But I doubt that they'd simply refuse to service a SmartNET customer, considering the price of SmartNET.

Re:Router Memory II

[mac.newbold]

The most important thing that I haven't seen mentioned directly yet is that the RAM for a router isn't even the same type of stuff as for your PC. RAMs aren't all the same, the only necessary common factor is that they are Random Access Memories.

Routers (and other high-speed devices, even the Pentium4) use SRAM (Static RAM), which is much faster, but also much more expensive (for several reasons) than PC RAM. Plain old cheap-as-dirt PC RAM is SDRAM (Synchronous Dynamic RAM), and it is slower, but good enough for most applications, and much cheaper.

The other problem with adding much more memory to routers is that it isn't just the size of the memory that matters, its the bandwidth of the pipe between the processor and the RAM. Even if I had 40GB of RAM in my router, I could only use about 256MB-1GB of it, because it would take so long to read the rest of it. The packet would already be gone by the time I found where I was supposed to send it.

Mac

Re:Router Memory II

[drinkypoo]

It's not like Cisco memory is anything amazing, it's just OEM memory.

I don't know about these days, but most Cisco products I've seen have taken standard 72 pin FPM SIMMs, or 30 pin in the really old stuff. Some of them even say so in documentation on CCO.

Re:Just make one up

[obcityan]

should be the same way for domain registrations :o)

Can't void warranty!

[NetJunkie]

I hear this sometimes. Cisco can *NOT* void your warranty by using 3rd party RAM. It's part of the Magnuson-Moss Act. As long as the memory meets Cisco specs you are allowed to use it. Cisco won't warranty it. If the memory fries and takes the router with it, Cisco won't warranty th router then..but they can't just void your warranty simply because you used it.

Many people that modify their cars know this act. Dealers like to claim a warranty is void when a performance part is put on a car. But as this act states, if the part didn't cause the failure you CAN NOT void the warranty claim.

Re:Can't void warranty!

[figment]

Warranty != technical support. While it may not void the actual equipment warranty, if you call up the TAC with a smartNet-voided router, they have the right to not help you. (Though honestly in my experience they're still more than happy to).

Actually there is a bigger problem...

Yes IPv4 space is running low.

But a bigger problem is closer on the horizon. AS numbers, which are used to uniquely identify large sections of the Internet in BGP are running low. Once these run out, the IPv4 limitation doesn't matter because you won't be able to route to the new IPs anyway.

I think they are trying to fix this with confederated BGP and forcing major ISPs into using internal-only AS numbers (similar to 10/8, 172.16/18 192.168/16 IP addresses) but I think it is causing more headaches than IPv4 is.

Re:Actually there is a bigger problem...

What a load of crap!

My employer just recently got its own AS number, and it's in the 23,000 range. There's a max of about 65,000 AS numbers (less internal-use reserved ASNs). Not exactly a crisis right now..

Re:Actually there is a bigger problem...

[TheCrazyFinn]

Nope, max is 35,565 all the rest are internal.

More Memory Does NOT equal better routing...

It's not an issue of route table size. With the route aggregation that takes place these days, 512M is more than enough RAM for route tables. Here's the BGP summary info from one of my routers that gets "full" BGP routes from one of my upstream providers:

This particular router happens to be advertising only a 22 bit summary to it's BGP neighbors, so that's it's not being used as a transit device by any of the three different ISP's to which it's connected.

103595 network entries and 103629 paths using 13779359 bytes of memory
18103 BGP path attribute entries using 943332 bytes of memory
15624 BGP AS-PATH entries using 404444 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP activity 12591567/28215562 prefixes, 16206716/16103087 paths, scan interval
15 secs

As you can see, even 128M is more than enough for route tables using a basic BGP configuration such as the one on this router.

However, route table size can be an issue, especially with slower routers. A router can only hold a packet in queue for so long before it has to drop the packet from the queue. During this packet hold time, the router must find the destination address in the packet, match that against the longest prefix in the routing table, apply any policy routing decisions, decide which interface to forward the packet to, then forward the packet out of the router to the next hop.

Obviously, the longer this process takes, the fewer packets make it through the router in any given time period, decreasing overall performance.

Re:More Memory Does NOT equal better routing...

Ah, you're only getting ONE copy of the BGP table, huh? Guess what? Backbones routers get a full route table from EACH and every one of their peers, and they add up. Add in all the memory needed for storing actual packets while it forwards them, and now you have the problem...(Well, one of them, anyway)

heirarcy in routing -- n^2 vs nlog(n)

[davburns]

The brutal truth is that, if the internet were connected as an arbritary directed graph, routing would be impractical, and growth could not have been sustained (and could not be sustained now). A heirarcical internet can be routed with N routers holding log(N) routes, but if everybody has independant (unagregatable) addreses, N routers must each track N routes. I suspect this would also imply quadradic flap rates as well.

The simplest way of building heirarcy into the network is to have provider-dependant addressing, which can be aggregated by the provider. For local regions, you can advertise your prefix through multiple providers, but expect that to also be aggregated when it hits the first expensive (eg, trans-oceanic) link.

I understand that the IPv6 group looked at geography-based heirarcical routing. I'm not sure why this was dropped (although one could guess), but it had two interesting side effects: First, it put small providers on more even ground than big providers; and second, it also made the senders of traffic pay for the long-haul / backbone bandwidth (as opposed to traffic usually finding the backbone closest to the reciever of the traffic).

Colocation is the solution

Here's my solution:

- Get a box or a rack in a good datacenter with mutlihomed connections. (AT&T has datacenter all over the world)
- Get all the ips you need. It's way easier getting ips for your colo uses. They take care of routing through several network.
- Get 2 or more consumer grade connection to the internet
- Make ppp or vpn connections to the coloed boxes
- Route packets from coloed boxes to your local network
- Voila you got multi-homed local network for your business.

Now this waste some bandwith, but it sometimes can be cheaper this way. It's funny how a cable modem link, a adsl and a microwave link can be 10 time cheaper than a t1 and provide more bandwith and more reliability.

Re:Colocation is the solution

[NerveGas]

>It's funny how a cable modem link, a adsl and a microwave link can be 10 time cheaper than a t1 and provide more bandwith and more reliability.<

You're saying that DSL, cable, or microwave can compare to a t1 in reliability? Only if your t1 provider is seriously incompetant, or your broadband provider has some magic pixie-dust.

We pay $400 for a point-to-point t1 from our colo center to our office. A guaranteed 1.544 mbps, and it's very rare that the round-trip latency even hits 5 ms over the link. You simply can't get cable, dsl, or microwave service that will GUARANTEE you a connection like that, even if you do spend over $400 per month on it.

steve

Re:Colocation is the solution

The whole concept is to get SEVERAL DIFFERENT consumer grade broadband connections using DIFFERENT technologies and networks. Odds that your adsl, cable and microwave providers fail at the same time are much lower than the odds of something fucking up with your T1. I heard lots of horror stories about T1 fucking up and telco dragging their feet blaming everybody else. You dont want to deal with a single provider for your MULTIHOMED bandiwth solution, dont you?

Why multiple Nics?

[scseth]

All you need is two, one set for the external IP address and the other set as internal, then run NAT and DHCP on the internal network. Put the internal over to a hub or wireles access point for multiple internal connections. You can still config NAT or IPFW to access internal boxes from outside. With a DSL or Cable Modem provider, you only use 1 IP addy, plus you have firewalled your network. Linux works well but I prefer FreeBSD.

supply, demand

[stiefvater]

wait, let me get this straight: a finite resource that's in high demand has become scarce?!

HOLY COW! alert the news! UFOs must be involved.

-k

Yep. For example...

[Wntrmute]

older companies and organizations have been camped on huge amounts of ip addresses for the last 10-15 years. if arin bit the bullet and forced these internet first-comers (and heavy wallets) to relinquish ip space we would see the 'ipv4 crisis' go away.

I'll say...

arachne:ckloote {101} whois -a 40.0.0.0
Eli Lilly and Company (NET-LILLY-NET)
Lilly Corporate Center
Indianapolis, Indiana 46285
US

Netname: LILLY-NET
Netblock: 40.0.0.0 - 40.255.255.255

Coordinator:
Eli Lilly and Company (ZE16-ARIN) hostmaster@lilly.com
317-277-7000

Domain System inverse mapping provided by:

DNS1I.XH1.LILLY.COM 40.255.22.1
NS1.IQUEST.NET 198.70.36.70
AUTH40.NS.UU.NET 198.6.1.18
AUTH62.NS.UU.NET 198.6.1.19

Record last updated on 17-Jul-2001.
Database last updated on 29-Nov-2001 19:56:47 EDT.

Yeah, Eli-Lilly is a big company, but please tell me why they need their own class A? They don't, but they managed to get it back in the early days, and won't give it up. I'm sure there are many more cases like this.

Re:Yep. For example...

[ceesco]

Actually, since Unisys does IT for Lilly, ARIN might have better chances using GIFs royalty-free than getting the 40.x.x.x netblock back.

Re:Yep. For example...

[Gid1]

HP has 15.x.y.z as well, along with a number of smaller class 'B's and some class 'C's.

Considering HP hype their 'citizenship': ("To honor our obligations to society by being an economic, intellectual and social asset to each nation and each community in which we operate."), and the fact that they're already proxied and firewalled to buggery, I think they really should consider giving net 15 back.

Re:I'm not here, this isn't happening

So faulty, have you stopped pretending that your account was taken over? Yes, my original AC post suggesting that you were walter bell was a troll just to see if you would come out of the shadows again. And it worked! HA!

By the way, I miss K5. I always enjoy your often bizarre but interesting diaries. And lastly, just for a lark, guess who I am?

Re:Just make one up

[elvum]

In a word, Freenet. :-)

OS X Multihoming

[WiseWeasel]

I just wanted to voice my support for MacOS X when it comes to multihoming. It automatically detects the fastest connection available from the different ones set up in the Network System Pref. This is great when an Airport (802.11b) network becomes available, or one of your providers goes down at any time. It will even trigger a dialup connection if the broadband goes down, or switch broadband providers if you're lucky enough to have several. This truly works very well, and for laptop owners, it's a crucial capability.

APNIC: The Number 1 Region for Spam Domains

[Nova+Express]

Is it just my inbox, or does the spam (mostly foreign language) originating from APNIC-area domains outweigh all the other spam being created combined?

With the exception of @home (are they finally dead yet?), it seems that all the major spam domains are now located in Asia, including:

Kornet.net

Dreamx.net/cjdream.net/thrunet.net

Chinanet.net

Hinet.net (though they MIGHT be improving; I haven't seen anything in my box in almost a week)

Moreover, it always seems to be impossible to reach someone in these domains (we're talking 50 or more LARTs to every valid contact address I can find), and sometimes the contact addresses in APNIC's database have been invalid for weeks, if not months.

Anyone else have these problems?

The old days.

[Wntrmute]

The senior admin for an ISP I used to work for owned his own class C. Said he got it back in the day when just anyone could go to ARIN and ask. All he had to demonstrait was that he had the competancy to set it up properly.

IPv6 won't change the false scarcity

[David+Muir+Sharnoff]

IPv6 could allow easy access to multihoming. (Actually, IPv6 could actually solve a problem but doesn't do that either).

There are organizations (ARIN in North America) that handle IP alloations. Their policies have been created with one stated goal: keep the number of routes down so that routers don't blow up. With IPv6, they seem to be following the same policies.

How do you keep the number of routes low? You make it really hard to get IP addresses. That's what they do and they do it fairly well. Personally, I'm not convinced that keeping the number of routes down actually helps anyone. The routers that carry full routing tables are all large and expensive and if they don't have the capacity for much larger routing tables already then it's because the router manufacturers knew that the number of routes was being kept low.

IPv6 could change all this. With 128 bits of address, one could allow real multi-homing without making huge routing tables. This could be accomplished by splitting of multiple sections of the IP address as Service Provider IDs (SPID). An actuall address would the contain multiple SPIDs and an end user address. To have a full routing table, you would need routes to all the service providers and to all of your own customers. Just an idea.

Re:uhm... (NOT A TROLL)

THIS IS NOT A TROLL. THIS GUY IS RIGHT. SHOW ME HOW TO FIT 2 GIGS OF RAM ON A CISCO ROUTER BEFORE YOU LABEL THIS A TROLL.

THE ONLY TROLL INVOLVED IN THIS POST IS THE MODERATOR.

Anonymous Chief Network Architect for a major ISP...

Not that simple...

[jbroom]

I'm Tech Director for a Caribbean ISP, so I know the problems in getting bandwidth AND multihoming.

To be multihomed correctly you will generally need:

-a decent router that can do BGP.
-more than one connection to providers who will talk BGP with you.
-your own AS number and an allocated block of IP addresses

The expensive part is not really "paying the fees" of (ARIN, RIPE, APNIC), or complying with their conditions, but in fact having someone tech enough that also understands the POLITICS (yes POLITICS) involved in running BGP, and the ongoing cost of keeping your network in fact running in this type of situation.

You are just looking at the tip of the iceberg and saying "wow that's expensive JUST for a block of IP's", which on the surface might look correct, however:
-just about anyone can say "gimme a block please" (cheap).
-checking on who can actually utilise them or not is expensive.

Memory in routers is easily scalable (it isn't but lets pretend it is), but the problem is not lack of memory, but actually wading through all those blocks of IP addresses.
Most of the main tier 1 providers have serious filters in place to avoid filling their routing tables up with junk due to mistakes or due to people who just haven't made a transit deal with them, so even if you were "given" a block of addresses, it wouldn't always be that easy for you to get it routed.

My advice: as you are "small" (compared to a Tier 1 provider), my guess is that there are ISPs down there that will do a better job than you for getting redundancy. Spend a bit more money on linking up to one of these, and backup your link to them somehow, and trust THEM for your link instead of trying to do it yourself. It will probably cost you just about the same, but your uptime will probably be HIGHER, because when you do BGP yourself, you are adding in extra weak spots that you may at this moment not be thinking of (your internal routing policies and how they get propagated, the people you will need to make sure this runs, etc...).

Just my own opinion. Add salt.

Re:Not that simple...

[MikeBabcock]

In north america, you have to prove that you need at least half of a /19 to buy your own IP block for your AS to route.

Most internet BGP4 routers are now configured to ignore routes smaller than /19 anyway (stupid people can't upgrade to better routers).

Re:Not that simple...

[jroysdon]

To "prove" you need the hosts, you just come up with a BS network diagram and list of hosts. It's not hard, it's just an ethical problem.

ISPs ignore smaller than /19 out of classic Class A and B address space. Since Class C space is by its very nature /24 blocks, they cannot filter that without cutting off a large portion of the internet. Since 63/8 and 64/8 were given back, those also are not filtered beyond /24 for any clueful ISP.

The bulk of the IPs you'll get are from classic Class C space, 63/8, or 64/8. Providers know this, and if you tell them you want blocks to multi-home with, they'll assign them from one of those ranges.

Re:Not that simple...

[MikeBabcock]

You may think otherwise, but /24 BGP4 advertisements are for the most part ignored by large ISPs. They'll route the data to you through whoever is advertised for your /19 upstream (and they may not be upstream from you).

Re:Not that simple...

[Thundar]

I can think of two Tier 1 providers (C&W and Sprint) who will deaggregate your /24 routes from their /19 if you ask nicely.

IPv6

[PineHall]

Routers will not be upgraded to IPv6 until people are forced to. We want more IP addresses and the US government wants a secure (private) internet. To me the answer is for the US government to switch over to IPv6 because it is more secure. It would force the upgrades, and perhaps the US government would save some money and drop the idea of building their own private network for all their computers. This would get the process of the switchover started.

Re:Somebody tried selling me on a box that did tha

[rainwalker]

Cool...where is this device? I would love one...

Multihoming

[Haywood68]

No need, most of the features provided by ISP multihoming can be provided by a linux box with balance http://sourceforge.net/projects/balance/

Re:I'm not here, this isn't happening

I don't believe you, but that's okay. Why? you say "the moderators are just out to get me" which would actually be "the moderators are just out to get him" if he were someone other than you. Plus, if you were not the faulty dreamer, you would be less likely to respond to my Walter Bell troll posting.

If in fact you are telling the truth it would be impossible to tell because faulty_dreamer is so schizophrenic as it was. No, I'm not Walter Bell, I'm not a good enough KWhore. I've currently only got a Karma of 11... though an older account has around 25 last I checked.

Parent post sucks

[^BR]

First off, you don't even need to own ANY ip addressed to do multihoming. You could NAT all of you LAN boxes up into the single /30 advertisement that your ISP(s) are going to give you for the serial interface on your router

Yeah, and you'll enjoy full IP so much. There's more to the Internet than just Web, plenty of protocols can't be NATted easily, ftp and H323 (Netmeeting) come to mind.

What you are promoting is not Internet access, it's AOL for everyone. NAT is the problem, not the solution.

Many Cisco boxes will die in the near future if not upgraded, as their old routing engines run out of memory, and despite the fact that PC memory is cheap, router memory often is not. Especially when you have to install it on the tens of thousands of routers any decently sized ISP will have.

Yeah, like router obsolescence is not made even faster by bandwidth requirement increase than by routing table growth.

And show me an ISP with tens of thousands of border routers. You know than you run BGP only or border routers little wanabee ? You run OSPF inside your network and don't encounter the same set of problems at all.

I really hope that everyone will have the right to get its own IPv6 block.

Ah, the joys of being on a class A...

[sirwired]

When I did router support for IBM's (now defunct) Network Hardware Division, I had my very own /24 just for my office, which had all of a dozen boxes in it... Even though that isn't my job anymore, there are definately no address restrictions here...

Life is so very fine,
when your corp. is class A number nine.

SirWired

Please mod this up

mod this up, it's a good cheap solution for multi-homing.

Retardedness with IPv6

[Jeff+Knox]

Has everyone not done the math with IPv6 and MAC addresses. IPv6 is a 128bit address space. MAC addresses are only 48bit. Which means unless MAC specs are updated as well, that 80Bit of address space is utterly useless. Which means an extra 80Bit of overhead on every packet that goes out. Kind of lame. IPv6 should be 48Bit, that is more than sufficient. I mean, this isnt linear growth, a 48bit address is enough for more then 281,474,976,710,656 IPs according to my calcs. 281 Trillion something, i dont think we are going to run out of that any time soon. You could give every object in the world an IP address probably. This is 65536 times as many IP address as you could have with IPv4. So for IPv6 to be any more then 48Bit is completely lame and a waste of packet space.

Re:Retardedness with IPv6

[Kizeh]

In fact they aren't wasted, they're needed. MAC addresses have no hierarchy, and as a result aren't routable. You need a hierarchical address space to do routing. IPv6 essentially separates this routing address space (your wasted bits) from the host portion (MAC bits). Everyone wins: hosts can have a unique address while still being visible on several networks at once, they can move from network to network without really renumbering and so forth.

Re:Retardedness with IPv6

[NerveGas]

You're making two erroneous assumptions: That Ethernet is the only type of network, and that every MAC address will have a unique IP address. Between the number of other networking types and IP aliasing, the number of IP addresses needed can indeed exceed the number of ethernet addresses used.

steve

Re:Retardedness with IPv6

Yeah, and 640K should be enough for anybody.

Re:Retardedness with IPv6

[Jeff+Knox]

Just saying that a 48Bit address space would be plenty. its 65536x more addresses then we have currently. I dont think we will be running out for a very long time. 281 trillion I think has plenty of room for growth.

Wrong - Filtering

Most filter, but when they do its pretty intelligent -ie If arin is giving out /20s in a certain CIDR block, they will allow /20s to enter into their route table. Some (Verio is the famous example) filter such that if you are in historical class A space, you can only announce a /8 or they won't accept it.
Furthermore, most large ISPs will allow you to announce competitors blocks if you get both sides to agree. Its political, but its doable.

Routing tables are STILL and issue

Still even today provides have problems on the backbone with routing tables. its better but still problematic

Multihoming.

[Restil]

While I agree that the providerless ip blocks make routing tables more complex, you can still multihome without them. This is the easy way...

Get yourself a domain name. Simple enough. Get yourself two internet connections, with two separate banks of IP addresses (however many you need). Now, you have two separate networks, but with linux boxen, you can alias both those networks over the same physical hardware on all your machines. Simply configure a primary outgoing gateway machine to forward half its packets to one router and half the packets to another, this will loadbalance your upstream.

For the two nameserver IP addresses you provider your registrar, give one IP on one network, and the other IP address on the other. This will ensure that half the incoming connections will come in on each of the two networks. If one of your providers goes down, all your incoming connections will default to the working network.

-Restil

We haven't mastered this "sell fone" technology

[roystgnr]

Sure we haven't. Getting a cell phone here with unlimited local calling time costs about 6 work-hours (at McDonalds' cook wages, after taxes). If there's lower cell phone penetration in the US, it's not for lack of opportunity, and certainly not for lack of technology. Mobile phones aren't rocket science.

What is "rocket science", on the other hand, is (wait for it...) rocket science! Put anyone in orbit lately?

Of course, that's straying from the consumer technology you seem to care about. How about these computers you're writing on? Which of these sentences sounds ridiculous: "My computer has no Norwegian parts.", or "My computer has no American parts."

Nice troll, though. I'd feel bad about responding, but it looks like you hooked a lot of people besides me.

Re:We haven't mastered this "sell fone" technology

[quartz]

Which of these sentences sounds ridiculous: "My computer has no Norwegian parts.", or "My computer has no American parts."

Um, my computer has no American parts. In fact, none of my computers have American parts. They're either made in China or Taiwan or Singapore or some other place in Asia. And we should derive from this, what? That China is the world's most technologically advanced country? Well, that sounds all good and well, but my American flag is also made in China. Are the Chinese the world's most patriot Americans?

Re:We haven't mastered this "sell fone" technology

[bonzoesc]

Are the Chinese the world's most patriot Americans?

Doubtful.

Re:We haven't mastered this "sell fone" technology

[roystgnr]

In fact, none of my computers have American parts.

Really? What kind of CPU does it have? Perhaps we just have different definitions of "American". When a CPU is designed in the United States and fabricated in Germany (for one possible example), I consider this to be an "American" CPU.

Re:We haven't mastered this "sell fone" technology

[SectoidRandom]

True, but although its designed by an American company, in America, most of the parts are from Japan, and the rest is fabricated in Korea. To use another example.

Thats why no matter where its designed you wont see a "Made in the USA" sticker on it! :)

Provider Independant IP Space not requiered

[jroysdon]

As nice as it is to have Provider Independant IP Space, as you've found out it's virtually impossible to get without paying through the nose (you can just BS how many hosts you have, if you want to fork over the cash to pay US$2,500/year for a /20 block from ARIN here in the USA). Then there are less clueful orginizations that don't even know they have some, because the current IT staff didn't get along with their predecesor (for instance this block I found for my own local City).

However, it's not required to multihome. Really what you require to multihome is an Autonomous System Number (ASN) and a /24 block from either traditional Class C space, or the 63/8 or 64/8 Class A blocks that were returned a bit ago. No one with a clue should be filtering a /24 from either location.

The biggest downside to using your upstream providers IP space is that it pins you to a single ISP as you must use their IP space, and leaving them requires renumbering (but can be done without downtime within a reasonable transition timeframe of a few days). What we did was pick the largest ISP out there (UUNET), and then one of the top 10 (Sprint) and use both IP space (although we could have chosen to only use UUNET's). We use both provider's IP space on any important box (email, mainly) so that if we were to disconnect from one ISP (not likely), we only have to remove their IPs from our DNS, and the other IPS's IPs are already there and live (plus it gets around odd local routing problems outside of our control, where one remote site can reach one ISP but not the other).

We announce both blocks out both ISPs (to announce UUNET's blocks out Sprint and have them come back the shortest route, we had to get UUNET to "punch a hole" in their larger block and announce the smaller block we had so that both UUNET and Sprint would be announcing equally specific blocks for us... same is true of Sprint announcing their own assignment to us more specifically so they'll route to Sprint or UUNET, as if we only announcing the smaller block out UUNET, then all traffic would go that way unless our UUNET connection was down).

Anyway, not to write a HOW-TO (see Halibi's Internet Routing Architectures ISBN: 157870233X), but that's how to do it.

You don't need a huge router to be multihomed. Even a 2501 would work (as you just take default routes announcements from both ISPs, with the point being to advertise out your own blocks). If you want to take full routes from two ISPs, a 2650 with 128mb of RAM will work fine. If you want to take defaults + ISP-direct-customers, a 2610 with 64mb of RAM will work (it handles ISP-direct-customers from Sprint and UUNET just fine for us).

Lastly, never forget that site redundancy is just as important as internet redundancy. If a backhoe takes out the fiber or copper pairs going to your neck of the woods, more than likely it'll be both ISPs.

Normally I'd never mention my certs, but here they're relevent:
I'm a CCNP (next step past CCNA) and CCDP (next step past CCDA). I've been working for an IT Consulting/Integrater firm for 4 years (help desk positions 3 years before), and we also have our own little ISP on the side. I've worked with all the top 10 ISPs (and plenty of the Tier2/Tier3 folks), and set up a couple hundred of multihomed sites, so I'm not just quoting what I read in a book somewhere.

Yes, you are correct.

[mindstrm]

It IS hurting the Internet... most definately.

If we look back at the way things used to work...

Firstly, there was enough address space to go around.
Because of that, IP addresses were not a commodity. You didn't hoard them; you didn't have to, you could get them if you needed them without too much hassle.

And you did NOT have to be networked to anyone else to get IP addresses assigned to you; it was more like the assignment of MAC addresses... the whole concept was that you had unique address space, period, so if you wanted to internetwork one day, you could.

This has now gone out the window, becuase the Internet is the product unto itself... Things may be restored with IPV6, but I doubt it.. big business will carry the current policies over into the new address space, or at least, try to.

We attempted to do multi-homing in Europe... now, it IS possible to do, but it's hard to find information about how to do it. The IP assignment authority won't hand out a netblock to you.. no, you need the cooperation of your neighboring AS#'s to do it... but you can get an AS# assigned and some space allocated. THey just make it obscure.

Re:Yes, you are correct.

[jroysdon]

It's really not that hard to find info. Get Halabi's Internet Routing Architectures book to start with the fundamentals. Then find LISTSERVs for your local IPSs. They're out there, you just have to look. Here are some generic vendor-specific Provider lists: http://puck.nether.net/lists/

To start with, I'd connect with UUNET, as they're everywhere worldwide, easy to work with, and very professional. Once you've been through the process one time, you can work your way through less helpful ISPs.

That's not it though.

[mindstrm]

I don't know about APNIC in particular.. but in general, it's getting harder and harder to get provider-independent IP space, and more importantly, the AS# to go with it, unless you are a big, huge provider yourself.

So.. what about some company that wants to set up a datacenter online. They NEED multi-homing, but they don't need thousands of addresses... they are basically shut out of the system. It's getting basically impossible for a small network to multi-home on the internet.

Scarcity? no.

[Penguinoflight]

Many people are still talking about the "Scarcity" of IP addresses. A ip address is a 32bit number. Using the full range of the internet (255.255.255.255), you get 255*255*255*255 (4228250624) FOUR BILLION of course, the internet doesn't include 10.0.255.255, of 192.168.255.255, etc, but you still get about four billion. There are not 4 billion people using computers on the internet.

IMO, this is why IPv6 didn't catch on, we aren't near the technical limit. The backbone administrators just got lazy, and unorganized.

Re:Scarcity? no.

That's dumb.

You left out:
- network addresses & broadcast addresses (1 each needed for every individual net)
- routers, gateways, etc, as in all those other things that _aren't_ people but that need IP addresses anyway
- people with more than 1 computer (gasp!)
- server farms, public internet cafes, etc etc, where the ratio of people to computers is most definitely _not_ 1:1.

The Internet is not a whole bunch of instances of 1 enduser sitting in front of 1 PC. This may be hard to understand, but trust me.

Re:Scarcity? no.

[PixelJuice]

... and let's not forget that most people have at least one machine at home and at least one at work or at school. As an example, I use twelve IP addresses at home, four in my office and about sixty for servers.

I agree with you, Carl doesn't know what he's talking about.

barriers to entry

[mj6798]

There was some period of time when routing tables were a problem. And, in a sense, it still is: there are lots of tiny networks (including huge numbers of two-address networks for DSL); if all of them got class C addresses, we'd probably run out of space.

But another reason is that there is no incentive for changing the status quo. Letting the routers handle large tables means more work and more downtime and for what? Increased competition and less customer loyalty. It's not surprising that the people who could open it up don't have much interest in doing so. And I wouldn't expect that to change with IPv6.

Screw IPv4

[Liquid(TJ)]

It's time to stop goofing off and finalize / implement IPv6. The world is sick of having to deal with this crap.

Re:Somebody tried selling me on a box that did tha

[rainwalker]

Never mind...found it. Pretty neat, 2 WAN ports for DSL/Cable plus 8 port switch, for $399. Check it out http://www.nexland.com/product_spec/Nexland_Pro800 turbo_Data.pdf

Providerless IPs not availble? This is normal.

[puzzled]

A quick look today shows that:

c2650_1#show ip bgp summ

144.228.242.180 4 1239 290068 5592 841986 0 0 3d21h 103572

The last number indicates 103k of CIDR blocks are advertised from a major player - in this case its a peering connection to Sprint AS 1239.

There are quite a few more actually in use - many of them are aggregated at the borders of large ISPs.

This table overflowed the 64 meg mark a couple of years ago and its in danger of overflowing 128 meg before long.

I'd like to slap down the assertion that 'dram is cheap'. If you're an ISP running a Cisco 7206+NPE 150 with two DS3s, an ATM DS3 for DSL, and 24 T1 customers it is going to cost you a small fortune to upgrade that box to a 7206VXR to get away from the 128 meg limit on the NPE150.

Its been a long, long time since 'portable' IPs were issued and even if you get your hands on some and you manage to convince your top level providers to advertise the routes they're likely to get shot down all over the net by various aggressive filter policies.

IPv6 is even scarier - go read

http://www.ietf.org/rfc/rfc2772.txt

and understand what it means - if you get an IPv6 allocation you *can not* multihome even though there is BGP support for IPv6. This makes you, poor customer, the personal property of the carrier you first connect to and you'll *never* get rid of them, unless you're willing to renumber your whole network.

Re:uhm... APNIC new multihome policy

Actually, APNIC will assign nets for multihomed customers (soon, if not already), the issue was approved at the last meeting. The only thing is, there is no guarantee about the routability of the net. You can pony up for the ASN; you can register the net; you can pay for more than one connection, and you can announce yourself to your upstreams, however, there is no gaurantee that the whole world will listen to you.

http://www.apnic.net/news/index.html#meeting_upd at e

Multihoming assignment address request form - text only (online version by 1 February 2002).

I dunno...

[cjsnell]

Be careful. You probably don't want to mess with the Egyptians unless you want Omar, Mamoud and Abad looking for ya (see below). :)

cjs@mauritius [552] 15:40:01 [~]-> whois -h whois.ripe.net 217.53.98.174

% This is the RIPE Whois server.
% The objects are in RPSL format.
% Please visit http://www.ripe.net/rpsl for more information.
% Rights restricted by copyright.
% See http://www.ripe.net/ripencc/pub-services/db/copyri ght.html

inetnum: 217.52.0.0 - 217.55.255.255
netname: EG-NILEONLINE-20001016
descr: Nile Online
descr: Provider Local Internet Registry
country: EG
admin-c: IAM13-RIPE
tech-c: IAM13-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-lower: M-OSAM
changed: hostmaster@ripe.net 20001016
source: RIPE

route: 217.52.0.0/14
descr: Nile Online
descr: For any abuse complain contact abuse@nile-online.com
origin: AS15475
notify: afahmy@nile-online.com
notify: abadreldin@nile-online.com
notify: omar@nile-online.com
mnt-by: O-MAHMOUD
changed: omar@nile-online.com 20001026
changed: omar@nile-online.com 20010118
source: RIPE

role: IP Address Management
address: 15 Mohamed Hafez St.,
address: Mohandessin
address: Giza
address: Egypt
phone: +202 7611153
phone: +202 7611123
fax-no: +202 3607656
e-mail: ipadmin@nile-online.com
admin-c: AF5451-RIPE
tech-c: AB5631-RIPE
tech-c: OM2093-RIPE
nic-hdl: IAM13-RIPE
notify: ipadmin@nile-online.com
notify: abadreldin@nile-online.com
notify: omar@nile-online.com
changed: omar@nile-online.com 20010808
source: RIPE

Just like toyota

Toyota manufactures a lot of there cars in the states and canada. but it's still a not an american car.

That's not what multi homes means at all

[Nailer]

`Multi homed' is much less specific than haviung more than one upstream provider. Its having any box which is accessible by more than one address - which might by the case if you've got 2 upstream providers, but is also the case on almost every IP based firewall, web servers with IP based virtual domains, or anything else where somebodies got multiple networking interfaces and or multiple addresses for those interfaces.

This `upstream provider' stuff is crap.

Re:That's not what multi homes means at all

[Cramer]

And "peer" has multiple meaning as well. We're talking about routing here, not servers. If you cannot keep that distinction in your head, please go away.

And no, it is not the case on "almost every IP based firewall". A multi-homed server can pick which interface for the transmition of a packet. Any interface will do (the OS will pick one unless you specify otherwise.) This is completely untrue for a firewall -- packets must go to the correct interface or it won't work.

Re:That's not what multi homes means at all

[Nailer]

And no, it is not the case on "almost every IP based firewall". A multi-homed server can pick which interface for the transmition of a packet. Any interface will do (the OS will pick one unless you specify otherwise.) This is completely untrue for a firewall -- packets must go to the correct interface or it won't work.

Yes it is for the common definition of multihomed. As I said above, in my opinion (and everyinbe else I've come into contact with who's used the term) anything with more than one interface or virtual interface is multihomed. Nothing more. Not `and the interfaces both route towards the same definition'. Obviously packets have to go to the correct interface. If you can't understand that, and can't have a chat with a stanger without being rude, then get fucked you weak little anal pissant. :D

If you cannot keep that distinction in your head, please go away.

Re:That's not what multi homes means at all

"and everyone else I've come into contact with"

Ahum...has the term "frame of reference" ever filtered into your thick skull?

If the only people you talk to are server ppl, multi-homed will mean a box with 2 NICs. If you use the same term with a real estate agent, they'll probably think it's your unique term for a guy with a summer home.

So, stop arguing your bullshit and understand that in the global routing world, "multi-homed" refers to some form of multiple paths to the network, often through multiple unique peers. The point that was being made is that you can sometimes achieve the same (if not even better, due to convergence) for some customers by having redundant paths to a single upstream.

Re:That's not what multi homes means at all

[Cramer]

Oh, and learn to quote the original text in some fashion so people know it's a quote and not your words.

Multihoming?

Seems like a dumb solution to the problem of redundancy. The purpose is to allow communication between two points even if one of two routes fail. The multihoming solution says that you give the endpoints each a single address, and let all the routers figure everything out on the fly. Seems a lot smarter to just have two sets of IP addresses, and negotiate which IP address to use at the connection startup (possibly through round robin DNS). Sure, you might drop a connection and have to bring it back up again, but this can easily be handled by the app layer.

One question.

[ebyrob]

Why would a corporate network need routeable IP addresses?

It would seem a small block of static IP's (some pooled some not) for machines needing to be accesible from the outside world is all that should be necessary. In fact, externally routeable IP's just let the rest of the world know what you're running, so you'd think from a security standpoint unrouteable(at least externally) IP's for most machines would work out pretty well.

Of course, IPv6 will release many of the pressures to subnet, if it ever comes about, but even with unlimited address space there are good reasons to have non-routeable subnets.

The short version: Only servers need externally routeable IP's, and those can even share at times.

ipv6 won't help multihoming

[cotu]

Multihoming will cause BGP route advertisements to go
exponential, and it's an exponential growth that Moore's
law cannot keep up with. This is very worrisome. The
reason is because multihoming breaks heirarchical
addressing assumptions, especially the assumptions that
the last round of CIDR bandaids made. I don't know why
people keep bringing up IPv6. Its design wasn't intended
to deal with route table growth, and while some people
think it may be somewhat helpful since it will start with
CIDR from the get-go, it still expects a heirarchical
provider address space.

This is very old news though, and the source of lots of
flamage on the v6-haters list, including a lot of people
who think the IESG completely fucked up by solving
the wrong problem (address depletion vs. route explosion).

please rtfm TY

[Akatosh]

Do you have two upstreams? Will they both allow you to speak bgp4 with them? You can multihome! Congrads, anyone can do it, with a shity 2500 series cisco router, and no ip space allocated to you but that single class C UUNet loaned you. You didn't research this at all I think.

comment hall of fame

[psyclone]

hmm.. comment hall of fame (or flame) might be a good idea. the option to include a comment should probably be up to the moderators, but it would still be pretty cool.

IPv6

[redcliffe]

That's why we need IPv6 NOW!!!!! Join the crusade - Organise a one million geek march on the capitol demanding IPv6 NOW!!! :-)

Can something similar be done with Multi DNSes?

[Durrik]

I was looking at something similar with using two linux boxes as NATing firewalls and acting as DNS servers. I wonder if this would work for multi-homing with two providers.

What I was thinking on doing was having the two linux boxes setup the same way, having their primary default routes to the connected providers, and a secondary route as the internal address of the other firewall.

So that if their primary default route went down, they'd automatically switch to the other firewall and send all outgoing requests back through the internal network to the other firewall.

These two firewalls would be on completely different subnets and different providers. I wanted to set up my domain name to have the primary DNS on one firewall and the secondary DNS on the second firewall. The IP addresses for DNS lookups on the first firewall would match the IPs provided by the first Provider, and the second DNS for the IPs on the second firewall.

This is where my knowledge goes out the window. I think you can set the expire time for cashing name servers as low as 10 minutes. So the lookups should switch across for name address translation should happen automatically, after ten minutes when the primary link dies.

This doesn't help much with load balancing unfortuantely, though I suppose you could throttle back the DNS (so it doesn't respond) if the primary link is too loaded, or even have it set up to use the IP addresses from the second provider when the link gets saturated.

I don't think you need any support from the ISPs for this, and it should allow you the redundant links.

Pretend problems and real solutions

[thogard]

Several people have explained why the route tables are so big but they could be reduced if groups like APNIC started allocating shared space. They also allocate IP addresses for Australia and here we only have a few big ISPs. So the next time telstra wants more address space, APNIC should allocate them a block that is allocated to both them and another ISP such as Optus or Connect. This would keep the routing tables smaler and allow large ISP's to provide dual homeing to their customers but its not in their best ineterest to do so and its not going to happen unless the APNIC forces them to.

Using this kind of setup to post this comment

[Kythorn]

I have a cable and a DSL connection, and I'm currently using just the manner of setup you're talking about. All of my machines have an internal IP address, as do the LAN interfaces of my two gateway NAT devices. Traffic is load balanced across the two gateways, weighted by destination network and protocol. (No sense using my DSL to get news from an outsourced provider when I have one two hops away on my cable that provides much higher throughput).

I have to admit that it's mostly a cheap hack, but honestly I'm pretty happy with it, and the biggest cost was the time it took to educate my sorry ass to the point I could get it to do what I wanted.

Multihoming with Radware

[inverted1]

The best solution I found is a product called "Linkproof" from Radware (no, I don't work for them).

Yes, it cost a bit, but it will let you have multiple links, balanced across multiple firewalls if you like. Best part is that it can load balance outbound AND inbound traffic evenly across links. All of this without BGP, your own IP address space, etc.

elitist asshole

the internet is based on freedom and equality.
why dont you just go burn jews in an oven?

priviledge smiviledge

the whole point of a peer to peer network is that everyone
is a peer. people like you are going to destroy
the internet and cast us back into the 80s with 50 different
proprietary networks, all 'teired' by 'cluefullness' as though
we hadnt learned anything from the past 20,000 years of history

FREEDOM
EQUALITY
DUH

Re:priviledge smiviledge

[grahammm]

Peer to peer is the important term. This seems to be exactly what the corporates (and possibly also governments) want to avoid. They want the client server model, where the comsumers can only access material which they provide.

Re:George Harrison, Beatle, dead at 58

Yeah, but he liked the US so much he died here.

personal IPv6 blocks

[signingis]

Are personal IP blocks going to be doled out for individuals with IPv6? Or will they be available from a government organization? This could be a new land rush.

No Clue about Routing

Sorry, but you have no clue what you are talking about. No this isn't meant as a flame.

You do not need PI space to be multihomed, you need your own AS. The RRs don't hand out PI space anymore because believe it or not, the IP space we have is getting more and more crowded and IPv6 isn't going to be in the mainstream for the next half dozen years.

And yes, routing tables ARE a problem and no cisco has 1-2 GB of ram. Maybe there are but no-one could afford them. ;) Try something in the range of 32-64 MB max for most machines.

I suggest you buy a couple books on the issue and read the documents provided by your local registry. Attend one of their meetings: They cost a bunch (at least here in europe) but it's a GREAT way to meet people and ask questions. Plus, believe it or not: The registries may be a bit bureaucratic but the people working at RIPE for example are all totally cool folks.

Re:That's not what multi homed means at all

[Nailer]

Oh grow up you troll. Since when are server people (especially in the Unix world) not routing people?

Childish little anonymous troll.

Your sig

[Xenophon+Fenderson,]

Frank T. Lofaro Jr. writes:

Never forget, never forgive

We must forgive at some point, else we run the risk of becoming exactly like our Enemy.

Finding a Name in a Million

[juanco]

Given enough RAM, finding a string in a set of strings is a function of the length of the string (or better), and not of the number of strings in the set. For IP addresses, it can be done in constant time.

For how to do it, see any algorithms 101 book.

Re:Finding a Name in a Million

[SuiteSisterMary]

Exactly. And the problem isn't how many strings, it's how many requests in a given amount of time. And once again, it's not only finding strings, it's also inserts, updates and deletes. That mucks things up quite a bit.

Re:Finding a Name in a Million

[juanco]

Exactly. And the problem isn't how many strings, it's how many requests in a given amount of time.

The number of requests is not increased by having more routes to independent IPs.

And once again, it's not only finding strings, it's also inserts, updates and deletes.

Constant time. All of them.

Re:Finding a Name in a Million

[SuiteSisterMary]

Well, you'd better email Cisco and tell them you've got their problems figured out. They'll be glad to hear from you.

Re:That's not what multi homed means at all

[Cramer]

As far as I've seen "since the begining of time". Server people work with servers not routers. A Solaris box running routed does not make one a router person.

I can point out a half dozen "server people" at work who are next to useless in the arena of routing. (They are even less useful at switching.) However, they are more than proficient at their "server people" jobs.

Re:That's not what multi homed means at all

[Nailer]

You've used an obscure and uncommon definition of multihomed. You've excused yourself by trying to make another arbitrary distinction between the servers which route, and routers (which, er...serve routes).

Good luck to you with that :D