AWS Elastic IP architecture

• Previous message (by thread): AWS Elastic IP architecture
• Next message (by thread): AWS Elastic IP architecture
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jun 1, 2015 at 6:36 PM, Matt Palmer <mpalmer at hezmatt.org> wrote:
> On Mon, Jun 01, 2015 at 11:30:00AM -0400, Christopher Morrow wrote:
>> I don't get why
>> 'ipv6 address on my vm' matters a whole bunch (*in a world where v4 is
>> still available to you I mean),
>
> It simplifies infrastructure management considerably.  Having to balance
> between "how many subnets will I ever need?" vs "how many machines could I
> end up with in a subnet?" is something I never thought would become
> annoying, until I had the opportunity to not worry about it...  then it was
> frustrating to have to go back to it.  Not having to use a VPN/NAT/jump box
> to hit all my infrastructure seems like a small benefit, but it saves having
> to maintain a VPN/jump box (and all its attendant annoyances).  Oh, yeah,
> never having to faff around with split-horizon DNS management... "Family Guy
> Tooth Fairy" on YouTube.  <grin>

sure, most of that you have to worry about if you're building your own
cloud thingy... but in that case, why not just do the 'right thing' as
you see fit (which you seem to have done, yay!).

If you're just using aws/ec2/gce/whatever... all of that is taken care
of for you, so there's nothing to setup and what ip address the vm has
just isn't relevant. Whether or not they use ipv6 isn't relevant
really either, honestly (for the management and even interprocess
comms).

> In short, there's a whole pile of dodgy hacks we deploy almost without
> thinking about it, because "that's just how things are done", to work around
> limitations in IPv4 deployments.  Having IPv6 everywhere *within* the
> infrastructure makes all of those hacks disappear, and like most things we
> "just do because we have to", you don't realise how much of a PITA they were
> until they're gone.

so... the 'dodgy hacks' only really matter if you have to keep them
running (keep a nat box and a bastion and ...) if that's all done for
you by the chosen provider then, none of these arguments hold.

your bit about subnet sizing and numbering also glosses over a slew of
'where did machine X go?' (naming) problems. which, incidentally you
avoid with: "dhcp address and name" in the v6 world.

So... I don't really see any of the above arguments for v6 in a vm
setup to really hold water in the short term at least.  I think for
sure you'll want v6 for public services 'soon' (arguably like 10 yrs
ago so you'd get practice and operational experience and ...) but for
the rest sure it's 'nice', and 'cute', but really not required for
operations (unless you have v6 only customers)

-chris

>
> --
> And Jesus said unto them, "And whom do you say that I am?"  They replied,
> "You are the eschatological manifestation of the ground of our being, the
> ontological foundation of the context of our very selfhood revealed." And
> Jesus replied, "What?"  -- Seen on the 'net
>

• Previous message (by thread): AWS Elastic IP architecture
• Next message (by thread): AWS Elastic IP architecture
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]