Quick (maybe) question about licensing for Software editions of Astaro.
Firstly, I understand how Astaro counts active IP's for license purposes, and also some of the tricks posted here to reduce IP count for devices like printers.
Secondly, I understand that there are no perfect means of counting 'users' for licensing purposes from data the router sees so this will never be exact. Counting inboxes for email protection can't account for generic inboxes used by frontline employee's at retail outlets. MAC addresses are limited to local subnets. IP addresses can be shared behind SOHO routers, etc.
The question though is moving forward, how will Astaro continue to handle licensing in a mixed IPv4 & IPv6 environment? Currently a device with both v4 & v6 IP's will get counted double, something which I can see being a potential issue in future for some customers.
We've worked around it in our one software licensed office by fire-walling teredo, thereby forcing devices to use only the fe80:: range. In most offices we're using 120's so we're immune.
Thoughts?
I don't think a true user based license like Symantec or Microsoft uses is entirely the best way to go tho. I can forsee someone buying a 50 user license for Astaro and suddenly there's 75 users on the system. Sure it can be enforced with an audit but do we really want to go there?
I wonder if some sort of split counting system would be the best? A license is for 50 IP's and a warning gets sent out if either the v6 or v4 license limit is being reached. In a dual stack environment like we're going to have for the next while (I predict IPv4 will still be around when I retire in 20-30 years.) you'll need both v4 & v6.
Keeping separate IP counts would avoid the double counting problem, but still keep the connected equipment count within reason. On a 50 IP license I can see someone arguing that we're essentially handing out 50 free IP's because someone could tunnel half their office using IPv4 over IPv6, but I'd argue that if someone is going to that extent to avoid a licensing issue, their network is probably going to be a mess anyways. :)
Thoughts?
Firstly, I understand how Astaro counts active IP's for license purposes, and also some of the tricks posted here to reduce IP count for devices like printers.
Secondly, I understand that there are no perfect means of counting 'users' for licensing purposes from data the router sees so this will never be exact. Counting inboxes for email protection can't account for generic inboxes used by frontline employee's at retail outlets. MAC addresses are limited to local subnets. IP addresses can be shared behind SOHO routers, etc.
The question though is moving forward, how will Astaro continue to handle licensing in a mixed IPv4 & IPv6 environment? Currently a device with both v4 & v6 IP's will get counted double, something which I can see being a potential issue in future for some customers.
We've worked around it in our one software licensed office by fire-walling teredo, thereby forcing devices to use only the fe80:: range. In most offices we're using 120's so we're immune.
Thoughts?
I don't think a true user based license like Symantec or Microsoft uses is entirely the best way to go tho. I can forsee someone buying a 50 user license for Astaro and suddenly there's 75 users on the system. Sure it can be enforced with an audit but do we really want to go there?
I wonder if some sort of split counting system would be the best? A license is for 50 IP's and a warning gets sent out if either the v6 or v4 license limit is being reached. In a dual stack environment like we're going to have for the next while (I predict IPv4 will still be around when I retire in 20-30 years.) you'll need both v4 & v6.
Keeping separate IP counts would avoid the double counting problem, but still keep the connected equipment count within reason. On a 50 IP license I can see someone arguing that we're essentially handing out 50 free IP's because someone could tunnel half their office using IPv4 over IPv6, but I'd argue that if someone is going to that extent to avoid a licensing issue, their network is probably going to be a mess anyways. :)
Thoughts?