|
| ▲ | throw0101a 5 hours ago | parent | next [-] |
| > everything fit's nicely in the 10.0.0.0/8 range Except during a merger/acquisition and both companies have 10.0.0.0/24 in their OSPF or IS-IS topology. |
|
| ▲ | t_tsonev 5 hours ago | parent | prev | next [-] |
| The problem with private address ranges is that everyone thinks they're available. In a large enough enterprise you're bound to have conflicts. They usually pop up at the most inconvenient time and suddenly you're cosplaying ARIN in your IT department. |
|
| ▲ | patmorgan23 an hour ago | parent | prev | next [-] |
| Unless you get to big. Or you merge with another company and have to combine your internal networks and oops, all the subnets are overlapping. Or you need to serve mobile clients who get better connectivity over v6. |
|
| ▲ | alphager 3 hours ago | parent | prev | next [-] |
| Grow large enough and you hit the limit pretty fast. NAT complicates things. |
| |
| ▲ | pixl97 3 hours ago | parent [-] | | The best one is async routing. You have a NAT, they have a NAT, you VPN together and think you have different IP address ranges, but unknown to the operator there's a little internal network with an overlap at the end of some slow line that is now getting flooded with internal traffic that's trying to go to a completely different network. |
|
|
| ▲ | baq 5 hours ago | parent | prev | next [-] |
| you haven't had to set up intercompany vpns I see |
| |
| ▲ | einpoklum 5 hours ago | parent [-] | | Indeed I have not. But I suspect most people, and most companies, have not either. I don't claim IPv6 isn't used anywhere, or even that it's not used a lot. | | |
| ▲ | pixl97 3 hours ago | parent [-] | | Pretty much every fortune 500 company does, which counts for millions of people on their networks every day. The troubleshooting calls for VPN routing vs internal LAN routing are fun endeavors of who is actually willing to take responsibility for things they don't understand. | | |
| ▲ | formerly_proven an hour ago | parent [-] | | Somehow still easier than v6. | | |
| ▲ | p_l 16 minutes ago | parent [-] | | I've spent half a year getting nowhere on a discussion involving VPN-ing parts of the company just to have connectivity for specific services where part of the problem was lots and lots of overlapping 10./8 allocations - partially because everyone setting a "VPC" or some local dc network was doing individual 10./8, often "in name of simplicity". With subnetting needs, possibly dealing with VPNs to other networks that might use 10./8, ISPs that might use 10./8 instead of CGNAT space (100.64./10), even the total incompetence of some contractors was not reducing how IPv4 was a problem. And that's before you hit the part where Microsoft products have been IPv6 First since ~2008 and there are entire feature sets that are very interesting to bigger companies (like well integrated always-on vpn for laptops) that require working v6 |
|
|
|
|
|
| ▲ | PunchyHamster 3 hours ago | parent | prev | next [-] |
| if both you and companies you have site to site vpn with have IPv6 there is no IP conflict or NAT to worry about.... and that's about end of the advantages |
|
| ▲ | arccy 5 hours ago | parent | prev [-] |
| one poorly made decision and oops you're out of 10/8 addresses if you've never run in to this, then sorry, you've not been in an enterprise, you're in a mom 'n pop shop cosplaying as enterprise. |
