Obtaining IP Addresses


#1

My last go round as a WISP was 8-10 years ago. Back then, it was easy to get IP addresses. Now, from what I can tell, a new WISP can’t really get the addresses they need. So figured I’d post here to ask what people are doing. Can you still get from your provider? Large Scale NAT and Dual stack? Something else?

Getting the business plan together, and while the hardware and routing side I have covered, this one I need some help with.

Thanks!

Kevin


#2

You can still get IPv4 addresses from other carriers or auctions but ARIN is out of IPv4. Carrier-grade NAT (NAT444) dual stacked with IPv6 is a decent option. You should NOT have all of your customers behind a single address because you don’t want your entire network to suffer from someone getting DDOS attacked or spam listed from malware. Getting IPv6 addresses is easily done and dual stacking NAT + IPv6 is a good solution.

Sincerely,
Joshaven Potter
http://joshaven.com/


#3

Thanks Joshaven. So, I would need a dual stack capable CPE at the customer site. It appears that the Mimosa G2 doesn’t support this. Need more research, then. Perhaps also DS-Lite.

Kevin


#4

I believe that you don’t need the Mimosa CPE to support IPv6 and IPv4 (dual stack) if you are using it as a bridge between your router on one side and the customers Firewall/Wi-Fi Router on the other side. My primary experience with Mimosa is using the B5 and B11 backhauls so I cannot speak to the specifics of the support of the Mimosa CPE or Wi-Fi routers. I am sure that you can use a MikroTik managed home router or standard commercial home routers similar to a Linksys that can support IPv4 at the same time as IPv6 if both the Mimosa C5 & G2 does not support it.

Sincerely,
Joshaven Potter
http://joshaven.com


#5

Yep. I wasn’t clear, I think. By CPE I meant the customer wireless router, not the C5. Thanks!

Kevin


#6

You could get your AS Number, then get IPV4’s from APNIC and IPV6’s from ARIN
That will help you build a nice network.
Get couple of providers that allow BGP and announce your IP’s
The IP’s from APNIC has a very high anual maintenance fee compared with ARIN, so you could run dynamic and IPV6 for most customers and charge for static IPV4 to recover some fees.

leisser.com


#7

You can also purchase small block of /24 min at $9.00 to $15.00 x IP


#8

Who is your upstream provider and what capacity are you getting from them?

It has been my experience with upstream providers is that while they complain about IPV4 availability, if you purchase enough bandwidth, they will fulfill your requests if they are reasonable and you can prove usage. We have a blended upstream with fiber from four separate carriers. We started with two carriers and 50Mbps from each and each provided a /27 of IP’s so we started with 64 public IPs.

As we grew and added bandwidth and providers, we added additional IPs from our new upstrem upstream providers as well. Ultimately, we had them ( upstream providers ) sponsor us at ARIN to get our own block then peer with them BGP using our own IP space.

So depending on how many IPs you are looking for, this may be a good path…


#9

Paul,

The datacenter I’m talking to offers a blended service - it’s primarily HE outbound, though - and also offers a /26 with their colo space, 1Gb unmeterted connection bundle and justification for the IPs.

I like the idea of DS-Lite, but finding an AFTR capable router has been more difficult. The big boys and A10 sell them, but they are quite expensive from what I can tell.

Kevin


#10

Just wanted to follow up here as this topic is a little old, but the needs/discussion is not…

IPv4 is disappearing. No ifs ands or buts there. The “gray market” auction houses are selling IP space, but its not cheap and getting addresses from your upstream is also not cheap (those are typically rented and non-transferable making you “locked in” to your upstream provider). Wasting IPv4 addresses on something like radios (ie, L2 devices) is a huge and costly waste these days.

As a multi-homed ISP, I have virtually unlimited IPv6 addresses and almost zero IPv4 addresses. I can’t easily NAT from the Mimosa devices because…

  1. They don’t correctly use VLANs for management addresses meaning I can’t “hide” the traffic on the side.
  2. Its non-trivial to send dot1q traffic over the devices so that I can pick it up on the other side to split the traffic to different networks.
  3. With multiple exit points to my network, its also non-trivial for me to route ALL my management traffic to a single data center where I can NAT it from. This creates huge complications as I’d need to have a NAT in each and every data center that I use as a tower distribution point.

With IPv6 and Link-local addressing, I can basically put as many devices on an L2 network as I want. I can then use whatever router(s) are on the local L3 network as my “router-announcement” so that they can all basically pick up EUI-64 addresses and be globally happy… Or using DHCPv6 I can map the MACs to an address within the PrefixDesignator that they are plugged into. Between that and the DHCPv6 server, I don’t need to configure the devices at all. In fact, the beauty of an IPv6 network is that devices are “self configuring” and need little if any configuration in terms of IPs, NTP services, Routers, DNS servers, etc. The devices can even pull prefix designation (PD) from the local network and give the customer at the end of a C5 (or using a local router like an ASUS) the ability to pull down their own personal /64 (or even in our case a /60) to their home.

Manually doing IPv4 while running out of addresses as well as coming up with the ridiculous NAT networks is so… half decade ago. For those that know nothing about IPv6 or “hands free setup”, you should go do a little reading/research. It makes so many things easier/better and running a dual stack network is not impossible. (ours is currently dual stack IPv4/IPv6 down to the house).

Marcos