Re: Distributing site-wide RFC 3484 policy

[Tim Chown <tjc@ecs.soton.ac.uk>]

On Wed, Jul 25, 2007 at 08:38:52AM +0900, Jun-ichiro itojun Hagino wrote:
> > > 	so do you mean that your enterprise does not have external connectivity?
> > > 	how do you use Google from your enterprise, for instance?
> > 
> > Today, I fear it is often NATted. Obviously that is not the future.
> 
> 	and fortunately and/or unfortunately, recent protocols do not have
> 	problem with the presense of NAT, such as Skype :-P

Well, if everyone was behind NAT, and there were no public IP supernodes,
Skype would presumably have more problems?

Also, Skype would surely have been easier to develop originally without
having to consider NAT traversal in the system architecture.

> > I expect to see many enterprises use ULA for internal traffic
> > and PA or PI for Google. But I was actually thinking about VPNs between
> > business partners, which create "fingers" of reachability for small
> > subsets of address space that are shared by pairs of enterprises.
> > This can get very complex when many companies have mutual business
> > relationships. I can't even think how to draw it in ASCII art.
> 
> 	i wonder if the complexity and adminstration costs pays off...

BTW if you want to make ASCII art (RFC diagrams :) easier to draw, I 
found Email Effects very good.

-- 
Tim