Cool IPv6 Stuff
owen at delong.com
Mon Jun 4 16:05:51 UTC 2007
>> In fact, and call me crazy, but I can't help but wonder how many
>> out there will see IPv6 and its concept of "real IPs for all
>> internal and external!" and respond with "Hell No."
That's an education problem. There's no security gain from not
IPs on machines. Any belief that there is results from a lack of
>> Anyone got any numbers for that? I'm happy to admit I don't. :)
> Hence the discussion of site-local (dead), ula, ula-c etc.
Site-Local sort of provided that, but, as pointed out, dead.
ULA-random sort of provides it, except that ULA-random only provides
likely uniqueness and so really is the worst of both problems.
enough guarantee of collision to really prevent it from getting
there's not enough of a guarantee of uniqueness to make organizations
worried about such things comfortable with it.
ULA-C is just Provider-Independent Real addresses with a label stuck
on them that says "These aren't the droids you're looking for, move
Really, the only thing that distinguishes ULA-C from PI is mindset and
router configuration. The former is known to vary in unpredictable
The latter is known to vary with the application of $$$.
> However widespread use of private address space in ipv4 costs people
> huge amounts of money when you have to merge the business processes of
> two or more large enterprise networks.
Yep. Hence the v6 concept of real addresses everywhere. People seem to
have forgotten that private addresses and NAT were a hack designed to
cope with a situation that v6 is supposed to actually solve. I admit
not completely solve the problem (at least not yet), but, it solves
it that we shouldn't be clinging to the v4 hacks that got us by as we
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 2105 bytes
Desc: not available
More information about the NANOG