IPv6 Default Allocation - What size allocation are you giving out

Baldur Norddahl baldur.norddahl at gmail.com
Thu Oct 9 22:04:46 UTC 2014


On 9 October 2014 23:18, Roland Dobbins <rdobbins at arbor.net> wrote:

>
> On Oct 10, 2014, at 4:13 AM, Baldur Norddahl <baldur.norddahl at gmail.com>
> wrote:
>
> > My colleges wanted to completely drop using public IP addressing in the
> infrastructure.
>
> Your colleagues are wrong.  Again, see RFC6752.
>

Yes, for using private IP addressing RFC 6752 applies and it is why we are
not doing it. But you seem to completely fail to understand that RFC 6752
does not apply to the proposed solution. NONE of the problems listed in RFC
6752 are a problem with using unnumbered interfaces. Traceroute works. ICMP
works. There are no private IP addresses that gets filtered.

> I am wondering if all the nay sayers would not agree that is it better to
> have a single public loopback address shared between all my interfaces,
> than to go with private addressing completely?
>
> This is a false dichotomy.
>
> > Because frankly, that is the alternative.
>
> It isn't the only alternative.  The *optimal* alternative is to use
> publicly-routable link addresses, and then protect your infrastructure
> using iACLs, GTSM, CoPP, et. al.
>
>
I will as soon as you send me the check to buy addresses for all my links.
I got a few.

But it appears you do not realize that we ARE using public IPs for our
infrastructure. And we ARE using ACLs for protecting it. We are not using
addresses for LINKS, neither public nor private. And it is not for security
but to conserve expensive address space.

The thing is that we will only use ONE public address for a router. And the
router will be using that address for traceroute, ICMP et al. And therefore
RFC 6752 does not apply.

What started this thread was the simple observation that you can do the
same with IPv6. In that case I am doing it because it is simpler to do the
same thing on both protocols. And frankly I am not seeing the disadvantages
put fourth so far as being anything worth taking extra management work for.

What I am mostly getting from the responses here are not much useful, other
than a lot of people screaming he his doing something different so he must
be an idiot :-(. Well aside from Bill, which is apparently doing the same
thing for the same reason (cost).

Regards,

Baldur


More information about the NANOG mailing list