using "reserved" IPv6 space

• Previous message (by thread): using "reserved" IPv6 space
• Next message (by thread): using "reserved" IPv6 space
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Note that I meant using Link Locals for directly connected devices *(neighbors;
e.g. - routing protocol neighborship formation)*.
If they are not on-link with each other, Link Locals are a non-starter ...
ULAs would be a possible solution for a completely disconnected network.

Note that many are proponents of using Globals even in those situations,
with judicious filtering stopping any inboud/outbound traffic.
The benefit being that "it's never going to be connected " doesn't really,
always mean "it's never going to be connected" :).


*YMMV, as always!*
/TJ


On Fri, Jul 13, 2012 at 12:21 PM, -Hammer- <bhmccie at gmail.com> wrote:

>  I'm having similar thoughts and we are about to implement. Fortunately we
> are implementing in an isolated lab first for this exact reason. For us to
> figure things out first before attempting them elsewhere.
>
> I like the ULA approach. I'm not sure about link local being used as
> strategy for Internal services. I'm finally getting to the point where I'm
> looking past the vastness of the numbers and just focusing on subnets and
> masks and subnetting and whatnot.
>
> -Hammer-
>
> "I was a normal American nerd"
> -Jack Herer
>
>
>
> On 7/13/2012 11:11 AM, Tom Cooper wrote:
>
> On Fri, Jul 13, 2012 at 11:05 AM, TJ <trejrco at gmail.com> wrote:
>
>> On Fri, Jul 13, 2012 at 10:38 AM, -Hammer- <bhmccie at gmail.com> wrote:
>>
>> > OK. I'm pretty sure I'm gonna get some flak for this but I'll share this
>> > question and it's background anyway. Please be gentle.
>> >
>> > In the past, with IPv4, we have used reserved or "non-routable" space
>> > Internally in production for segments that won't be seen anywhere else.
>> > Examples? A sync VLAN for some FWs to share state. An IBGP link between
>> > routers that will never be seen or advertised. In those cases, we have
>> > often used 192.0.2.0/24. It's reserved and never used and even if it
>> did
>> > get used one day we aren't "routing" it internally. It's just on
>> segments
>> > where we need some L3 that will never be seen.
>> >
>> > On to IPv6
>> >
>> > I was considering taking the same approach. Maybe using 0100::/8 or
>> > 1000::/4 or A000::/3 as a space for this.
>> >
>>
>>
>>  Would using "just" Link Locals not be sufficient?
>> *(Failing that, as others noted, ULAs are the next "right" answer ... )*
>> *
>> *
>> /TJ
>>
>
> As an IPv6 newbie myself, I wonder how hosts handle link local, ULA and
> global addresses.
> For example, if you have some internal web traffic used for intranet use
> only, do you bind those servers to use only ULA addresses? This way your
> internal users with ULA addressing only have access to those servers? No
> need to give intranet-only servers a global address if they're not needed
> to be accessed globally.
>
> Is there a way for hosts to "prefer" or "attempt" to connect to a service
> by first trying a link-local scope, then a ULA and finally a global address
> if its off the AS?
> I really like the idea of ULA and think it makes much more sense than
> RFC1918 + NAT. I just don't have any deployment experience with it yet so
> I'm curious how the host would handle it.
>
> On the router side, I'm sure ULA and global routing just run as
> ships-in-the-night side-by-side anyways...right?
>
> --
> Thomas Cooper
>
>

• Previous message (by thread): using "reserved" IPv6 space
• Next message (by thread): using "reserved" IPv6 space
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]