On 12/5/11 07:51 , Pete Resnick wrote:
On 12/4/11 9:04 AM, Hadriel Kaplan wrote:
For RFC 1918 space, the problem with picking it isn't so much that the ISP
can't pick one that consumer NATs don't use - it's that they can't pick one
that no Enterprise on a *different* ISP uses. For example, assume my
employer used 10.64.0.0/10 (they probably do somewhere), and connected to
ISP-A. I connect to ISP-B using a 3GPP laptop-card, and get the same
10.64.0.0/10 address space. I now cannot use a VPN to my employer, because
of the resulting conflict in the routing table in my laptop. But there's
nothing I nor my *ISP-B* can do about this, because my employer has been
using that address for a long time (legitimately) and is connected to
*ISP-A*.
Doesn't this same problem exist if I'm currently attached to a CPE NAT
that provides me with a 10.64.0.0/10 address and my VPN uses the same
space? Are you saying that VPN software does not already deal with this?
Some vpn clients will split the routing table to isolate vpn routes from
external routes which copes just fine with this case, much as does VRF
on a router.
pr
--
Pete Resnick <http://www.qualcomm.com/~presnick/>
Qualcomm Incorporated - Direct phone: (858)651-4478, Fax: (858)651-1102
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf