Orcon want IP space back

Forums › 2degrees (including Slingshot, Orcon, Flip, Stuff Fibre, MyRepublic, 2talk and Vocus) › Orcon want IP space back

Zeon

3913 posts

Uber Geek

Trusted

#101093 24-Apr-2012 13:15

Hey guys,
Looks like Orcon is running a bit short on IPv4 space as they have asked us to tell them what we are doing with our space and want us to give some back!

We currently have quite a bit:

2x /26
2x /27
1x /28

Although all of this is being used. Unfortunately there's a lot wasted on subnet, router and broadcast addresses as we have broken it mainly into /30 and /29 subnets but that's just the way it is due to the nature of the services provided.

Haven't heard much from them about their IPv6 plans but apparently they won't be ready for some months (we do have some testing space with them).

TBH I've been waiting for PFsense stable to have IPv6 support but its been slow coming!

Anyone else had their ISP want space back? Lol Orcon were pretty liberal with it up until the end of last year: need another /26, fill out a form with some basic justification - don't even know if they read it.

Speedtest 2019-10-14

Ragnor

8196 posts

Uber Geek

Trusted

#614456 24-Apr-2012 17:07

Not yet but will be happening more often especially any ISP's or hosts that don't have huge legacy assignments.

Many commentators are predicting there will be ip v4 address trolls ie: companies sitting on assignments than reselling them out for more that the cost paid to the regional registry of having those addresses.

GoodSync

GoodSync. Easily back up and sync your files with GoodSync. Simple and secure file backup and synchronisation software will ensure that your files are never lost (affiliate link).

deadlyllama

1258 posts

Uber Geek

Trusted

#615251 26-Apr-2012 07:42

Zeon: Hey guys,
Although all of this is being used. Unfortunately there's a lot wasted on subnet, router and broadcast addresses as we have broken it mainly into /30 and /29 subnets but that's just the way it is due to the nature of the services provided.

Do you really need it to be split into /30s and /29s? You can use Proxy ARP to put your customers in the same e.g. /28, without them having to be on the same ethernet segment; then you only need one broadcast and one router address, and the other 14 addresses can all be used. Don Stokes' talk at NZNOG this year had some stuff about how to do this, although what they do is probably way more clever than what you'd need.

Zeon

3913 posts

Uber Geek

Trusted

#615324 26-Apr-2012 10:52

deadlyllama:
Zeon: Hey guys,
Although all of this is being used. Unfortunately there's a lot wasted on subnet, router and broadcast addresses as we have broken it mainly into /30 and /29 subnets but that's just the way it is due to the nature of the services provided.

Do you really need it to be split into /30s and /29s? You can use Proxy ARP to put your customers in the same e.g. /28, without them having to be on the same ethernet segment; then you only need one broadcast and one router address, and the other 14 addresses can all be used. Don Stokes' talk at NZNOG this year had some stuff about how to do this, although what they do is probably way more clever than what you'd need.

Ohh never thought about doing that. Hmm may give it a go but will be a bit annoying having to reconfigure gateways etc....

Speedtest 2019-10-14

Ragnor

8196 posts

Uber Geek

Trusted

#615451 26-Apr-2012 14:01

deadlyllama:. Don Stokes' talk at NZNOG this year had some stuff

Here is the video of the talk

http://www.r2.co.nz/20120126/don-s.htm

WhiteRabbit

24 posts

Geek

#624964 14-May-2012 16:27

You could just use private VLANs would be a lot simpler.....

insane

3210 posts

Uber Geek

ID Verified

Trusted

#624984 14-May-2012 17:08

Perhaps their GENIUS is selling really well and they need more for DSL users.. and APNIC won't given them anymore until they can say they are really using all of their current ones?

Ragnor

8196 posts

Uber Geek

Trusted

#624987 14-May-2012 17:18

WhiteRabbit: You could just use private VLANs would be a lot simpler.....

Zeon is involved in web hosting so probably not.

Don't you need a public ip address for SSL certificates to work for example?

WhiteRabbit

24 posts

Geek

#625085 14-May-2012 20:20

Ragnor:
WhiteRabbit: You could just use private VLANs would be a lot simpler.....

Zeon is involved in web hosting so probably not.

Don't you need a public ip address for SSL certificates to work for example?

Not private IP's, but Private VLANS. With a private vlan essentially what you can do is force all traffic to go via the gateway even traffic that goes from one host to another on the same subnet. It gives fully isolated hosts that are on the same subnet. It would mean renumbering and having a switch that supports it (all modern ciscos can) but you can get rid of all the subnets and have a single large subnet with all hosts on it.

http://en.wikipedia.org/wiki/Private_VLAN

kyhwana2

2563 posts

Uber Geek

#625105 14-May-2012 21:14

Ragnor:
WhiteRabbit: You could just use private VLANs would be a lot simpler.....

Zeon is involved in web hosting so probably not.

Don't you need a public ip address for SSL certificates to work for example?

Yes and no.

Once everyone has IPv6, no issues!
There's also SNI, except that doesn't work in IE on XP..

But you can get SSL certs that work on multiple domains, they just cost more :P

Move to IPv6 already! (Except Orcon don't even have IPv6 support for their residential/Genuis customers yet and from what someone posted on geekzone already, their DC IPv6 support is crap?)

Zeon

3913 posts

Uber Geek

Trusted

#625106 14-May-2012 21:18

kyhwana2:
Ragnor:
WhiteRabbit: You could just use private VLANs would be a lot simpler.....

Zeon is involved in web hosting so probably not.

Don't you need a public ip address for SSL certificates to work for example?

Yes and no.

Once everyone has IPv6, no issues!
There's also SNI, except that doesn't work in IE on XP..

But you can get SSL certs that work on multiple domains, they just cost more :P

Move to IPv6 already! (Except Orcon don't even have IPv6 support for their residential/Genuis customers yet and from what someone posted on geekzone already, their DC IPv6 support is crap?)

haha that was meeee. Na its much better now, got a range at my office too so can do some testing!

Speedtest 2019-10-14