Re: IPv6 fc00::/7 — Unique local addresses

Owen DeLong owen at delong.com
Thu Oct 21 03:46:55 CDT 2010


On Oct 20, 2010, at 10:28 PM, Mark Andrews wrote:

> 
> In message <4CBFC1D0.60808 at apolix.co.za>, Graham Beneke writes:
>> On 21/10/2010 02:41, Owen DeLong wrote:
>>> On Oct 20, 2010, at 5:21 PM, Jeroen van Aart wrote:
>>>> Someone advised me to use GUA instead of ULA. But since for my purposes th
>> is is used for an IPv6 LAN would ULA not be the better choice?
>>>> 
>>> IMHO, no. There's no disadvantage to using GUA and I personally don't think
>> ULA really serves a purpose. If you want to later connect this
>>> LAN to the internet or something that connects to something that connects t
>> o something that connects to the internet or whatever, GUA provides
>>> the following advantages:
>>> 	+	Guaranteed uniqueness (not just statistically probable uniquene
>> ss)
>>> 	+	You can route it if you later desire to
>>> 
>>> Since ULA offers no real advantages, I don't really see the point.
>> 
>> Someone insisted to me yesterday the RFC1918-like address space was the 
>> only way to provide a 'friendly' place for people to start their journey 
>> in playing with IPv6. I think that the idea of real routable IPs on a 
>> lab network daunts many people.
>> 
>> I've been down the road with ULA a few years back and I have to agree 
>> with Owen - rather just do it on GUA.
> 
> Your throwing the baby out with the bath water here.
> 
> ULA, by itself, is a painful especially when you have global IPv4
> reachability as you end up with lots of timeouts.  This is similar
> to have a bad 6to4 upsteam link.  Just don't go there.
> 
> ULA + PA works and provides stable internal addresses when your
> upstream link in down the same way as RFC 1918 provides stable
> internal addressing for IPv4 when your upstream link is down.
> 
I keep hearing this and it never makes sense to me.

If your provider will assign you a static /48, then, you have stable
addresses when your provider link is down in GUA. Who needs ULA?

> You talk to the world using PA addresses, directly for IPv6 and
> indirectly via PNAT for IPv4.  These can change over time.
> 
Or, if you don't want your IPv6 addresses to change over time, you can
get a prefix from your friendly RIR.

> Similarly, ULA + 6to4 works well provided the 6to4 works when you
> are connected.  When your IPv4 connection is renumbered you have a
> new external addresses but the internal addresses stay the same.
> 
That's a big "provided that"...

One over which you have little or no control unless you are running
a 6to4 gateway of your own and can guarantee that nobody pretends
to be one that is topologically closer to any of your users.

>> I was adding IPv6 to a fairly large experimental network and started 
>> using ULA. The local NREN then invited me to peer with them but I 
>> couldn't announce my ULA to them. They are running a 'public Internet' 
>> network and have a backbone that will just filter them.
>> 
>> I think that the biggest thing that trips people up is that they think 
>> that they'll just fix-it-with-NAT to get onto the GUA Internet. Getting 
>> your own GUA from an RIR isn't tough - rather just do it.
> 
> If your big enough to get your own GUA and have the dollars to get
> it routed then do that.  If you are forced to use PA (think home
> networks) then having a ULA prefix as well is a good thing.
> 
home network: 2620:0:930::/48

Try again.

Owen





More information about the NANOG mailing list