[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CPEs
On Jan 9, 2008, at 09:08, Bound, Jim wrote:
[ Iljitsch van Beijnum wrote: ]
[ Jim Bound wrote: ]
[ Iljitsch van Beijnum wrote: ]
7. Is the model where there is a CPE with modem functionality
but not router functionality a reasonable one?
I don't think so and this should be transparent to v6ops mission
for this thread is my input.
Reason for the question: if ISPs insist on CPEs with modem and
router functionality integrated, we can skip some issues (RAs from
ISP to customer) but that means the ISP - CPE interface becomes
more important because if it doesn't work right the user is left
without recourse.
True but I still think that is transparent to the modem and this is
really how are RAs/RSs going to work for a home environment.
Important question is this work or model to be only for the home
CPE end and not other target markets for IPv6 deployment?
I'm okay with a model that says CPE for the residential and small-
office markets have different requirements than CPE for middle and
large enterprise sites.
13. How many devices are allowed to connect to a CPE(m)?
Absolutely none of the IETF's business. Sorry this is a product
feature set for the vendors.
It's more an ISP issue. If ISPs want this to be exactly one,
vendors can build in logic that avoids problems when a user tries
to connect multiple devices anyway.
Yep but still not the IETFs business.
I suspect IETF ought to give some consideration to what might happen
if ISP's deploy such logic and 3rd parties begin offering solutions
to "connect" multiple devices that present to the ISP as if they are
the single device for which they are billed for service.
19. How do users authorize third-party devices (ranging from gas
meters to set top boxes) use of their broadband connection?
Sorry not the IETF's business.
True. But the answer is important for us: if it's "put them in a
separate subnet" this means the CPE model must support multiple
subnets.
Here I must disagree. There is a difference between IP config for
example multiple subnets and then securing devices. I don't
believe many now agree securing devices based on IP subnet is
optimal or secure other than using the IP config to locate the
devices. One view against doing this is if the one subnet is
compromised then all those 3rd party devices are compromised. Also
this breaks entirely the view of distributed networking across IP
subnets for the advantages a subnet provides and that would be
unavailable to those devices.
This question has a very simple answer for the "simple CPE security
model" side of the discussion.
Users authorize 3rd-party devices to consume their broadband resource
by allowing them to receive router advertisements— typically by
plugging in the ethernet cable or joining the wireless access network.
I think it would be wise to recommend that those 3rd-party devices,
which can operate without access to the global Internet, should be
configured by default not to assign global scope interface addresses
upon receiving router advertisements (i.e. assign only link-local
addresses to all interfaces and process router advertisements only to
learn about on-link prefixes).
I can think of some additional ways to support network segregation
inside residential and small-office sites, but I think we should
settle the easier disputes before moving on to the harder ones.
--
james woodyatt <jhw@apple.com>
member of technical staff, communications engineering
- References:
- CPEs
- From: Iljitsch van Beijnum <iljitsch@muada.com>
- RE: CPEs
- From: "Bound, Jim" <Jim.Bound@hp.com>
- Re: CPEs
- From: Iljitsch van Beijnum <iljitsch@muada.com>
- RE: CPEs
- From: "Bound, Jim" <Jim.Bound@hp.com>