using "reserved" IPv6 space

TJ trejrco at
Fri Jul 13 18:47:26 UTC 2012

On Fri, Jul 13, 2012 at 1:56 PM, <Jean-Francois.TremblayING at>wrote:

> -Hammer- <bhmccie at> a écrit sur 13/07/2012 12:21:13 PM :
> > I like the ULA approach.
> Global and ULA are two approach, but there's a third one: GUA + ULA. We
> actually put a GUA on servers speaking publicly, a ULA on servers speaking
> in our domain only and *both* ULA and GUA on servers which talk both ways.
> Our datacenter firewalls are configured to enforce GUA-GUA and ULA-ULA
> connections only (just simple URPF over two interfaces).
> This setup works very well, surprisingly we've had very little source
> address selection problems so far (knock on wood). We're very happy that
> the separation between public and "private" networks is clear, it helps a
> lot with debugging and service separation.

Of the top of my head, the first problem you might hit there is
WRT multicast ...
*(ULA might "win" some source address selections that you want GUA to win)*

More information about the NANOG mailing list