nanog at daork.net
Tue Feb 17 22:12:32 CST 2009
On 18/02/2009, at 4:13 PM, Brandon Galbraith wrote:
> So we deploy v6 addresses to clients, and save the remaining v4
> addresses for servers. Problem solved?
I have been suggesting that for a long time.
However I am not suggesting IPv6-only to clients. See my other email
on this from a minute or so ago.
The way I see things going in the medium term:
* IPv4 SP-NAT
* IPv6 native to clients
Clients with no DHCPv6 can get DNS resolvers etc, and they can get to
IPv4 hosts through IPv4 NAT which they already understand, and does
not require application changes. They can use the native IPv6 transit
from their ISPs to get to other IPv6 hosts. I do not expect the other
IPv6 hosts I mention to be IPv6-only - but chances are they will be
behind IPv4 NAT. That doesn't matter of course, because we are
reaching them on native IPv6.
I also recommend that you hold on to a /22 or something, and use that
for customer assignment - but replicate it many times in your network.
This way, your numbers assigned to customers will never conflict with
their internal RFC1918 addressing, and their "deny RFC1918 to/from
outside" automatic firewall things will not have any problems. Public
IPv4 addresses behind NAT is quite common, so applications are used to
dealing with it by now, for the most part - there are a few bugs with
this and some implementations of 6to4 so I will write up a work around
We now have a bunch of IPv4 addresses we can re-purpose for servers
and things, because we require less IPv4 addresses to serve our end
user customers base. We will not be able to put servers on IPv6-only
for a long time - we will have legacy applications, client hosts, and
access networks that do not support IPv6. IPv4 will be required for
public servers until these client hosts are a smaller percentage than
they are now.
Dirty trick - if you are an access-only provider, wait until the IPv4
pools are depleted, and then push all your customers in to SP-NAT, and
then sell your now unused addresses to other providers who cannot
make do with hosts behind IPv4 NAT (ie, colocation, business Internet
services, etc.). Use this income to pay for your IPv6 rollout, so your
customers can continue to do end-to-end stuff. I forget what Geoff's
speculation of what an IP address would cost - I seem to recall around
about $1M per /16, but I could be wrong.
 Yes I know that this is not allowed under current policy at any RIR.
More information about the NANOG