This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[ipv6-wg] RIPE-501 and IPSEC on CPEs
- Previous message (by thread): [ipv6-wg] RIPE-501 and IPSEC on CPEs
- Next message (by thread): [ipv6-wg] RIPE-501 and IPSEC on CPEs
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
S.P.Zeidler
spz at serpens.de
Sat Jul 23 12:29:13 CEST 2011
Hi, Thus wrote Ahmed Abu-Abed (ahmed at tamkien.com): > >Arguing that practically nobody would want their CPE to do IPSEC because > >everybody does host based IPSEC would be a better approach, but I would > >offer that that's going to be patently untrue if you look at company users > >and not private-person-residential users. > > Many company users have a VPN client setup on their PC which should > not need IPSEC on the CPE to work. So a company with two locations solves "the people at one location need to be able to access resources at the other location" by having the single PCs open a VPN connection .. where to exactly? So a company with several hundred locations with a local LAN each has several dozen PCs from each location open VPNs to a concentrator (instead of having the CPE open one connection for the entire LAN) and no useful way to get from location A to location B, nor even a useful way for central IT to get at the machines in the single locations? Neither of these scenarios is even remotely rare. The very first sentence of RIPE-501 v2 is: "To ensure the smooth and cost-efficient uptake of IPv6 across their networks, it is important that governments and large enterprises specify requirements for IPv6 compatibility when seeking tenders for Information and Communication Technology (ICT) equipment and support." "governments and large enterprises" not "John&Mary Smith, private residence" Throwing out a bog standard requirement for companies of almost any size because a family household will likely not need it in their CPE strikes me as missing the point. By a mile. regards, spz -- spz at serpens.de (S.P.Zeidler)
- Previous message (by thread): [ipv6-wg] RIPE-501 and IPSEC on CPEs
- Next message (by thread): [ipv6-wg] RIPE-501 and IPSEC on CPEs
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ ipv6-wg Archives ]