Re: [address-policy-wg] applicability of a request for 60000 IPv4 addresses/systems in one shot...
Dear Michael et al,
Have you investigated how much work would be needed to make the grid work over IPv6, or perhaps use an IPv6 VPN to connect sites but use IPv4 over the VPN to use the grid?
Others have done so (EUCHINAGRID project, afaik) and they only thing they came up to has been, at best, a patch that can provide private-IPv4 over IPv6. But, private we've got already, so that's not any progress.
Have you asked Athanassios Liakopoulos or Kostas Kalevras or Dimitrios Kalogeras to look at ways of solving your problem with the grid and IPv6?
Yes, with a majority of them I had already discussed. And we all agree that if there was IPv4 support in glite it would have been so much better. (Or, if we were grid middleware developers, which we are clearly not).
The bottom line is that experimental allocations are made for experiments that benefit the whole Internet, not just a few schools in one country.
I believe that understanding this as a school experiment is a bit flawed: Has anybody ever done a large VPN-for-VMs IPv4 adress space allocation? I have never heard of something like that (end2end) but perhaps it exists; and am well aware though of some -open/public- IPv6 tunneling solutions. Collecting knowledge from such an endeavour, were thousands of systems with end2end capability run contained in VMs, I believe is worthy for many, the more as multi-cores change the way we understand systems management. In the meantime, we had some more discussions and found out that making a request for public IPv4 address space is OK solely for Virtual Machines, even if the underlying machines already are on public IPv4 address space, as long as the request is indeed justified by real use - and documented. In other words, reserving experimental IPv4 address space is no longer our first option, since normal IPv4 address space appears to be doable. This is something for which we weren't sure earlier, if someone in this wg knows otherwise - in respect to the adress_policy - please let us know. I thank you, and also other recipients in this list, that took time to reply, some privately. Just to clarify what had been the issue, two extra answers:
* If these machines are already internet connected, then no *additional* IP could be needed
The >62000 machines are functioning within 1000s of NATs, in a 10.x.y.z scheme
* If these machines are not already internet connected then having an IP is the least of yoru worries - you have to think how you are going to *route* to them :)
That's done and works just fine already for many years. There you go. cheers, Fotis
Yes, with a majority of them I had already discussed. And we all agree that if there was IPv4 support in glite it would have been so much better. (Or, if we were grid middleware developers, which we are clearly not).
It's too bad that this one particular grid technology is not yet available using IPv6 but this is not the only way to build a grid. I think you are missing an opportunity to partner with developers and do something innovative that would benefit the larger community.
Has anybody ever done a large VPN-for-VMs IPv4 adress space allocation? I have never heard of something like that (end2end) but perhaps it exists; and am well aware though of some -open/public- IPv6 tunneling solutions.
Yes. <http://ws.arin.net/whois/?queryinput=N%20.%20AMAZON-EC2-2> <http://ws.arin.net/whois/?queryinput=N%20.%20AMAZON-EC2-3> <http://ws.arin.net/whois/?queryinput=N%20.%20AMAZON-EC2-4> The thing that worries me about giving any kind of special support to any sort of VM deployment is that it will cause the IPv4 address space to run out sooner. The consumption rate is no longer constrained to the number of CPU chips produced but now can grow faster which leads to a power law increase in demand.
In other words, reserving experimental IPv4 address space is no longer our first option, since normal IPv4 address space appears to be doable.
Good. It won't be too long before someone suggests changing policies to no longer accept virtual machines as a justification for address space. --Michael Dillon
Hi Michael, O/H michael.dillon@bt.com έγραψε: [...]
The thing that worries me about giving any kind of special support to any sort of VM deployment is that it will cause the IPv4 address space to run out sooner. The consumption rate is no longer constrained to the number of CPU chips produced but now can grow faster which leads to a power law increase in demand.
Yes, yes and no worries: The reason being that VM resources are much more "elastic" in their deployment and once/if they create an excaustion of address space, it will become possible to do a smoother migration to IPv6, rather than reaching a day-0 where you either get IPv6 or nothing at all. (because in the meantime any VM-based solutions will also improve, since the incentives will be so high and migration paths doable)
It won't be too long before someone suggests changing policies to no longer accept virtual machines as a justification for address space.
We all fully understand the implications. We wondered if there was already a previous explicit discussion about it (aparrently not, hm?), at policy level, exactly because of the reasons you mentioned above. But, I find the line of thinking that wants life on the Internet to be independent of its physical incarnation is genuinely forward-looking. cheers, Fotis
participants (2)
-
Fotis Georgatos
-
michael.dillon@bt.com