Re: IPv6 fc00::/7 — Unique local addresses

Owen DeLong owen at delong.com
Thu Oct 21 08:33:59 UTC 2010


On Oct 20, 2010, at 9:30 PM, Graham Beneke wrote:

> On 21/10/2010 02:41, Owen DeLong wrote:
>> On Oct 20, 2010, at 5:21 PM, Jeroen van Aart wrote:
>>> Someone advised me to use GUA instead of ULA. But since for my purposes this is used for an IPv6 LAN would ULA not be the better choice?
>>> 
>> IMHO, no. There's no disadvantage to using GUA and I personally don't think ULA really serves a purpose. If you want to later connect this
>> LAN to the internet or something that connects to something that connects to something that connects to the internet or whatever, GUA provides
>> the following advantages:
>> 	+	Guaranteed uniqueness (not just statistically probable uniqueness)
>> 	+	You can route it if you later desire to
>> 
>> Since ULA offers no real advantages, I don't really see the point.
> 
> Someone insisted to me yesterday the RFC1918-like address space was the only way to provide a 'friendly' place for people to start their journey in playing with IPv6. I think that the idea of real routable IPs on a lab network daunts many people.
> 
They should get less daunted. You can always put a firewall with a deny all policy or an air-gap in front of it if you don't want to talk to the internet.

> I've been down the road with ULA a few years back and I have to agree with Owen - rather just do it on GUA.
> 
Thanks.

> I was adding IPv6 to a fairly large experimental network and started using ULA. The local NREN then invited me to peer with them but I couldn't announce my ULA to them. They are running a 'public Internet' network and have a backbone that will just filter them.
> 
Uh huh. Now, imagine if, instead of a small experimental deployment, you had a fortune 500 enterprise and instead of an NREN it was an ISP for whom you were a major customer... Any bets on which side of that equation gets the policy change?

> I think that the biggest thing that trips people up is that they think that they'll just fix-it-with-NAT to get onto the GUA Internet. Getting your own GUA from an RIR isn't tough - rather just do it.
> 
I completely agree.

Owen




More information about the NANOG mailing list