IPv6 Confusion

Nathan Ward nanog at daork.net
Tue Feb 17 22:12:32 CST 2009


On 18/02/2009, at 4:13 PM, Brandon Galbraith wrote:

> So we deploy v6 addresses to clients, and save the remaining v4
> addresses for servers. Problem solved?

I have been suggesting that for a long time.

However I am not suggesting IPv6-only to clients. See my other email  
on this from a minute or so ago.

The way I see things going in the medium term:
* IPv4 SP-NAT
* IPv6 native to clients


Clients with no DHCPv6 can get DNS resolvers etc, and they can get to  
IPv4 hosts through IPv4 NAT which they already understand, and does  
not require application changes. They can use the native IPv6 transit  
from their ISPs to get to other IPv6 hosts. I do not expect the other  
IPv6 hosts I mention to be IPv6-only - but chances are they will be  
behind IPv4 NAT. That doesn't matter of course, because we are  
reaching them on native IPv6.

I also recommend that you hold on to a /22 or something, and use that  
for customer assignment - but replicate it many times in your network.  
This way, your numbers assigned to customers will never conflict with  
their internal RFC1918 addressing, and their "deny RFC1918 to/from  
outside" automatic firewall things will not have any problems. Public  
IPv4 addresses behind NAT is quite common, so applications are used to  
dealing with it by now, for the most part - there are a few bugs with  
this and some implementations of 6to4 so I will write up a work around  
for this.

We now have a bunch of IPv4 addresses we can re-purpose for servers  
and things, because we require less IPv4 addresses to serve our end  
user customers base. We will not be able to put servers on IPv6-only  
for a long time - we will have legacy applications, client hosts, and  
access networks that do not support IPv6. IPv4 will be required for  
public servers until these client hosts are a smaller percentage than  
they are now.

Dirty trick - if you are an access-only provider, wait until the IPv4  
pools are depleted, and then push all your customers in to SP-NAT, and  
then sell your now unused addresses[1] to other providers who cannot  
make do with hosts behind IPv4 NAT (ie, colocation, business Internet  
services, etc.). Use this income to pay for your IPv6 rollout, so your  
customers can continue to do end-to-end stuff. I forget what Geoff's  
speculation of what an IP address would cost - I seem to recall around  
about $1M per /16, but I could be wrong.

--
Nathan Ward

[1] Yes I know that this is not allowed under current policy at any RIR.




More information about the NANOG mailing list