IPv6 fc00::/7 — Unique local addresses

• Previous message (by thread): Re: IPv6 fc00::/7 — Unique local addresses
• Next message (by thread): IPv6 fc00::/7 — Unique local addresses
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 20 Oct 2010 19:07:57 -0500
James Hess <mysidia at gmail.com> wrote:

> On Wed, Oct 20, 2010 at 4:48 PM, Jeroen van Aart <jeroen at mompl.net> wrote:
> > <IPv6 newbie>
> 
> > these addresses, their address scope is global, i.e. they are expected to be
> > globally unique."
> 
> The ULA /48s are hoped to only be globally unique,  but this only has
> a good chance of happening
> if   all users  pick good random numbers as required,   which will
> often be 'hard to read'.
> should any two networks pick non-random numbers,  they could easily
> conflict,  breaking expectations.
> 

Do you realise that one of the reasons why the ID is random is to
discourage global routing of them, so they don't aggregate well?
They're for internal addressing. The only time some of your local ULA
address space would be seen externally to your network is via a backdoor
connection to e.g. a business partner via a VPN. ULAs should never and
are prohibited from appearing in the global route table. The probably
shouldn't also appear in a multilateral peering fabric.

To make it clear, as it seems to be quite misunderstood, you'd have
both ULA and global addressing in your network. For internal
destinations ULA addresses are used. For global destinations, global
addresses are used. ULAs serve the purpose of providing an internally
stable address space independent of your upstream transit
provider's global address space, assuming you have one. In IPv4, RFC1918
served this purpose, although not as well, as it couldn't be used
concurrently with a global address space (one of the differences
between IPv4 and IPv6 is proper, by-design, support for nodes having
multiple valid addresses), and also required NAT when interconnecting
two overlapping RFC1918 address domains. 


> My suspicion is that in the future it is going to happen routinely,
> esp.   if  ULA  becomes to  IPv6  what
> RFC1918 space is to IPv4,   with  most end user networks implementing
>  NAT66  to translate  "private"
> /48 ULAs   to their site's  "public"    /48    assignment from their ISP.
> 
> I can imagine generic $50  IPv6 broadband routers   getting
> distributed en-masse that hardcode  all bits 0
> ULA NAT66 by default, and expect the user to change the LAN IP subnet
> / NAT config  from the defaults,
> sometime while they're setting it up,  probably at the same time they
> change the admin password.
> 
> You know... the type of router a residential user plugs in, and they
> "just work",
> and if the user forgets to follow any setup or config directions,
> just pulls an IP via DHCP and
> sticks with some insecure defaults.
> 
> But it would still be a big improvement from what is available with V4.
> --
> -Jh
> 

• Previous message (by thread): Re: IPv6 fc00::/7 — Unique local addresses
• Next message (by thread): IPv6 fc00::/7 — Unique local addresses
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]