using ULA for 'hidden' v6 devices?
gbonser at seven.com
Thu Jan 26 06:19:07 CST 2012
> It was a suggestion a previous homenet session, but the security aspect
> of homenet is lagging rather behind the current focus of routing and
> prefix delegation. The usefulness of the suggestion does depend on ULA
> filtering at borders, and defining the borders.
> I'm interested in views as one of the editors of the homenet
> architecture text.
I filter the entire space at the borders. Besides, if someone leaks the space, most people won't accept it, certainly any provider worth their salt won't. But one of the problems with ULA and the U part. With RFC 1918 everyone is using the same space. So let's say 10 million networks are using 10/8 and 10,000 of them are leaking bits of it. IF their providers accept their leaks and IF their providers' peers accept it, that leaves only 10,000 different places a 10/8 destined packet could go. In other words, 1918 becomes a maze of twisty caverns each one looking the same as the other. The chances of being able to target any specific network is pretty darned low. With ULA and v6, if it leaks and the addresses were chosen properly, the chances of targeting a specific network are much better. I rather like the notion of everyone using the same v6 space for internal stuff and maybe using nat64/dns64 to talk to each other over VPN. That way if the space leaks in only .1% of cases, the chances of a packet ending up at its intended destination is pretty much random and not guaranteed to end up in the same network an hour from now as it is now. If you want LA, fine, assign ONE /32 for that and everyone uses it. It's like having a million people named "Bob". If you should "Bob", there's no guarantee you will be answered by the Bob you intended and 5 minutes from now you might be answered by a completely different Bob.
In other words, you turn leakage into a feature. You make the fact that routes might leak add to the uncertainty by having everyone use the same nets. The more people that leak, the less likely you are to reach an intended destination. V6 ULA makes it MORE likely a leak will result in a security breach because it reduces the chances that two nets will leak the same routes.
More information about the NANOG