IPv6 allocation plan, security, and 6-to-4 conversion

Karsten Elfenbein karsten.elfenbein at gmail.com
Fri Jan 30 21:16:52 UTC 2015


I would not recommend to run any nat over protocol versions for
clients as you would need to break DNSsec.
The clients creating connections should run dual-stack or dual-stack lite.

The only useful thing for service providers would be to proxy/nat lets
say an incoming IPv6 connection to still only IPv4 servers/services.

2015-01-30 21:32 GMT+01:00 Eric Louie <elouie at techintegrity.com>:
> On Fri, Jan 30, 2015 at 8:29 AM, Justin M. Streiner <streiner at cluebyfour.org
>> wrote:
>> On Fri, 30 Jan 2015, Eric Louie wrote:
>>  It also sounds like the Internet (aka the upstream/Tier 1 carriers) don't
>>> want me to advertise anything longer than my /32 into BGPv6.  Is that
>>> true?
>>> (I'm getting that from the spamming comments made by others)  Am I
>>> supposed to be asking ARIN for a /32 for each region that I want to
>>> address?  (They turned down my request for an increase to a /28 last year)
>> Not true.  A peek at the global IPv6 routing table shows lots of prefixes
>> that are smaller than /32.  One of the hopes with larger allocations and
>> assignments was that there would be less bloat in the global IPv6 routing
>> table because networks would need to announce fewer prefixes.  How well
>> that will hold up in practice remains to be seen :)
>>  As far as the v6 to v4 translation is concerned, I'm looking at that for
>>> the future - for the time being, we will be dual-stacked.  However, if we
>>> move into a new area, based on our current IPv4 inventory, I don't really
>>> have enough to assign to each new customer, so I was looking for ways to
>>> allow those customers access to properties that are still IPv4 only.  Is
>>> there yet another way to do that?
>> If you assign a customer IPv6 space only, a translation mechanism is
>> needed to allow that customer to reach Internet destinations that only
>> speak IPv4 today.  There's no way around that.
>> jms
> What IPv6 to IPv4 translation mechanisms are available for networks with
> multiple ingress/egress points?

More information about the NANOG mailing list