How to preempt rogue RAs?
Dan White
dwhite at olp.net
Thu Nov 4 21:48:00 CET 2010
On 04/11/10 13:37 -0700, Alan Batie wrote:
>On 10/31/10 3:05 AM, Mark Smith wrote:
>
>> Agree, VLANs are pretty cheap. Their sub-interfaces on the router's
>> also give you individual per-customer traffic monitoring and policy
>> enforcement points.
>
>They are a static configuration however, which makes them expensive.
>PPP is dynamic and still gives you the virtual circuit functionality
>needed to filter the flat lan. One of the telcos we provide service to
>switched from atm to ethernet dslams about a year ago and we're still
>trying to get some customers moved from bridged to avoid the resulting
>problems (partly caused by bugs in the dslams). They are doing a
>vlan/dslam which helps a little, but it was determined that
>vlan/customer just didn't scale (the customer count nears the limit of
>vlan ids also).
We're doing q-in-q to scale, with an eye towards MPLS l2transport (instead
of an outer VLAN) in the future.
That has worked reasonably well for us, and we believe puts us in a good
position to roll out v6 services, at least to xDSL customers who have
bridged modems.
Per customer configs haven't been too bad to preconfigure, where we can
script those configs up front, when we install systems or blades. Static
addressing and special configurations can consume some book keeping and
provisioning resources, but that's probably true of most networks.
--
Dan White
More information about the ipv6-ops
mailing list