IPv6 allocation plan, security, and 6-to-4 conversion
karsten.elfenbein at gmail.com
Fri Jan 30 21:16:52 UTC 2015
I would not recommend to run any nat over protocol versions for
clients as you would need to break DNSsec.
The clients creating connections should run dual-stack or dual-stack lite.
The only useful thing for service providers would be to proxy/nat lets
say an incoming IPv6 connection to still only IPv4 servers/services.
2015-01-30 21:32 GMT+01:00 Eric Louie <elouie at techintegrity.com>:
> On Fri, Jan 30, 2015 at 8:29 AM, Justin M. Streiner <streiner at cluebyfour.org
>> On Fri, 30 Jan 2015, Eric Louie wrote:
>> It also sounds like the Internet (aka the upstream/Tier 1 carriers) don't
>>> want me to advertise anything longer than my /32 into BGPv6. Is that
>>> (I'm getting that from the spamming comments made by others) Am I
>>> supposed to be asking ARIN for a /32 for each region that I want to
>>> address? (They turned down my request for an increase to a /28 last year)
>> Not true. A peek at the global IPv6 routing table shows lots of prefixes
>> that are smaller than /32. One of the hopes with larger allocations and
>> assignments was that there would be less bloat in the global IPv6 routing
>> table because networks would need to announce fewer prefixes. How well
>> that will hold up in practice remains to be seen :)
>> As far as the v6 to v4 translation is concerned, I'm looking at that for
>>> the future - for the time being, we will be dual-stacked. However, if we
>>> move into a new area, based on our current IPv4 inventory, I don't really
>>> have enough to assign to each new customer, so I was looking for ways to
>>> allow those customers access to properties that are still IPv4 only. Is
>>> there yet another way to do that?
>> If you assign a customer IPv6 space only, a translation mechanism is
>> needed to allow that customer to reach Internet destinations that only
>> speak IPv4 today. There's no way around that.
> What IPv6 to IPv4 translation mechanisms are available for networks with
> multiple ingress/egress points?
More information about the NANOG